Docker Cheat Sheet: Commands, Dockerfile Tips, and Best Practices

DevToolbox

Master Docker with this comprehensive cheat sheet. Learn container management, image building, networking, and Docker Compose — with a searchable reference.

Docker has transformed how we build, ship, and run applications. Instead of "it works on my machine," Docker gives you reproducible environments that run the same everywhere — from your laptop to production. But Docker has a lot of commands, and remembering the exact flags for that one thing you do occasionally can be frustrating.

This guide covers the most essential Docker commands, Dockerfile best practices, and Docker Compose patterns — organized by workflow so you can find what you need fast. For a searchable reference, check our interactive Docker Cheat Sheet.

Container Lifecycle

Running Containers

# Run a container
docker run nginx

# Run in the background (detached)
docker run -d nginx

# Run with a name
docker run -d --name web nginx

# Run with port mapping (host:container)
docker run -d -p 8080:80 nginx

# Run with environment variables
docker run -d -e MYSQL_ROOT_PASSWORD=secret mysql:8

# Run with a volume mount
docker run -d -v /host/path:/container/path nginx
docker run -d -v myvolume:/data postgres

# Run interactively with a shell
docker run -it ubuntu bash
docker run -it alpine sh

# Run and remove when stopped
docker run --rm -it python:3.12 python

# Run with resource limits
docker run -d --memory=512m --cpus=1.5 nginx

Managing Containers

# List running containers
docker ps

# List all containers (including stopped)
docker ps -a

# Stop a container
docker stop web

# Start a stopped container
docker start web

# Restart a container
docker restart web

# Remove a container
docker rm web

# Force remove a running container
docker rm -f web

# Remove all stopped containers
docker container prune

# View container logs
docker logs web
docker logs -f web          # follow (tail)
docker logs --tail 100 web  # last 100 lines

# Execute a command in a running container
docker exec -it web bash
docker exec web cat /etc/nginx/nginx.conf

# Inspect container details
docker inspect web

# View resource usage
docker stats
docker stats web

Images

# List local images
docker images

# Pull an image
docker pull nginx:latest
docker pull node:20-alpine

# Build an image from a Dockerfile
docker build -t myapp:latest .

# Build with a specific Dockerfile
docker build -f Dockerfile.prod -t myapp:prod .

# Build with build arguments
docker build --build-arg NODE_ENV=production -t myapp .

# Tag an image
docker tag myapp:latest registry.example.com/myapp:v1.0

# Push an image to a registry
docker push registry.example.com/myapp:v1.0

# Remove an image
docker rmi nginx:latest

# Remove all unused images
docker image prune -a

# View image history (layers)
docker history myapp:latest

Writing Efficient Dockerfiles

A Production-Ready Node.js Dockerfile

# Stage 1: Build
FROM node:20-alpine AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci --only=production
COPY . .
RUN npm run build

# Stage 2: Production
FROM node:20-alpine
WORKDIR /app
RUN addgroup -g 1001 -S nodejs && \
    adduser -S nextjs -u 1001
COPY --from=builder --chown=nextjs:nodejs /app/dist ./dist
COPY --from=builder --chown=nextjs:nodejs /app/node_modules ./node_modules
USER nextjs
EXPOSE 3000
CMD ["node", "dist/index.js"]

Dockerfile Best Practices

  • Use multi-stage builds to keep final images small. Build dependencies stay in the builder stage.
  • Order layers by change frequency. Put things that change rarely (OS packages) first and things that change often (source code) last. This maximizes cache hits.
  • Use .dockerignore to exclude node_modules,.git, build artifacts, and other unnecessary files.
  • Use Alpine-based images when possible. node:20-alpine is ~50MB vs ~350MB for node:20.
  • Don't run as root. Create a non-root user and use the USER directive.
  • Pin specific versions. Use node:20.12.0-alpine instead of node:latest for reproducible builds.
  • Combine RUN commands to reduce layers: RUN apt-get update && apt-get install -y curl && rm -rf /var/lib/apt/lists/*

Docker Compose

Docker Compose lets you define multi-container applications in a single YAML file:

# docker-compose.yml
services:
  app:
    build: .
    ports:
      - "3000:3000"
    environment:
      - DATABASE_URL=postgres://postgres:secret@db:5432/myapp
    depends_on:
      db:
        condition: service_healthy
    volumes:
      - ./src:/app/src  # hot reload in development

  db:
    image: postgres:16-alpine
    environment:
      POSTGRES_PASSWORD: secret
      POSTGRES_DB: myapp
    volumes:
      - pgdata:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U postgres"]
      interval: 5s
      timeout: 5s
      retries: 5

  redis:
    image: redis:7-alpine
    ports:
      - "6379:6379"

volumes:
  pgdata:

Docker Compose Commands

# Start all services
docker compose up

# Start in background
docker compose up -d

# Start and rebuild images
docker compose up -d --build

# Stop all services
docker compose down

# Stop and remove volumes (⚠️ deletes data)
docker compose down -v

# View logs
docker compose logs
docker compose logs -f app

# Scale a service
docker compose up -d --scale app=3

# Execute a command in a service
docker compose exec app bash

# View running services
docker compose ps

# Pull latest images
docker compose pull

Volumes and Networking

Volumes

# Create a named volume
docker volume create mydata

# List volumes
docker volume ls

# Inspect a volume
docker volume inspect mydata

# Remove a volume
docker volume rm mydata

# Remove all unused volumes
docker volume prune

Networking

# List networks
docker network ls

# Create a network
docker network create mynet

# Run a container on a specific network
docker run -d --network mynet --name api myapp

# Connect a running container to a network
docker network connect mynet web

# Inspect network (see connected containers)
docker network inspect mynet

Debugging and Troubleshooting

# View container logs
docker logs --tail 50 -f container_name

# Inspect a container's file system
docker exec -it container_name ls -la /app

# Copy files from container to host
docker cp container_name:/app/logs ./logs

# Copy files from host to container
docker cp ./config.json container_name:/app/config.json

# View real-time resource usage
docker stats --no-stream

# Inspect container's network
docker exec container_name cat /etc/hosts

# View container processes
docker top container_name

# Check why a container exited
docker inspect --format='{{.State.ExitCode}}' container_name
docker logs container_name 2>&1 | tail -20

Docker Cleanup

# Remove all stopped containers
docker container prune

# Remove unused images
docker image prune

# Remove all unused images (not just dangling)
docker image prune -a

# Remove unused volumes
docker volume prune

# Nuclear option: remove everything unused
docker system prune -a --volumes

# Check disk usage
docker system df

Interactive Docker Cheat Sheet

Our Docker Cheat Sheet has all these commands (and more) in a searchable, categorized format. Find any command by typing a keyword, and copy it to your clipboard with one click.

Working with Docker Compose YAML files? The YAML ↔ JSON Converter can help you debug configuration issues. Running Kubernetes? Check our Kubernetes Cheat Sheet too.

Summary

Docker is vast, but you only need a handful of commands for daily work: run, build, ps, logs, exec, and compose up/down. Write efficient Dockerfiles with multi-stage builds, use Docker Compose for multi-container setups, and clean up regularly to save disk space.

For a quick command lookup, the DevToolbox Docker Cheat Sheet is always available — searchable, copy-ready, and free.

🛠️ Related Tools

Docker Cheat SheetYAML/JSON ConverterKubernetes Guide
← Back to all articles