Container Ops Commands

Commands for the entire container lifecycle: starting, stopping, debugging, inspecting, and cleaning up containers.

Running Containers

Common Patterns

# Detached service with port mapping
docker run -d --name api -p 8080:8080 my-api:1.0.0

# Interactive debug session (auto-removes on exit)
docker run --rm -it alpine:3.20 sh

# With environment variables
docker run -d --name app -e APP_ENV=prod -e LOG_LEVEL=info my-app:1.0.0

# With volume mount
docker run -d --name db -v db_data:/var/lib/postgresql/data postgres:16

# With resource limits
docker run -d --name api --memory=512m --cpus=1.0 my-api:1.0.0

# With restart policy
docker run -d --name api --restart unless-stopped my-api:1.0.0

# With custom network
docker run -d --name api --network app-net my-api:1.0.0

`docker run` Flag Reference

Flag	Example	Purpose
`-d`	`-d`	Run in background (detached)
`-it`	`-it`	Interactive with TTY (for shell access)
`--rm`	`--rm`	Auto-remove container on exit
`--name`	`--name api`	Assign a container name
`-p`	`-p 8080:80`	Publish port (host:container)
`-e`	`-e KEY=VAL`	Set environment variable
`-v`	`-v vol:/path`	Mount a volume
`--network`	`--network app-net`	Attach to a specific network
`--memory`	`--memory=512m`	Limit memory
`--cpus`	`--cpus=1.5`	Limit CPU cores
`--restart`	`--restart unless-stopped`	Restart policy
`--user`	`--user 1000:1000`	Run as specific UID:GID
`--read-only`	`--read-only`	Read-only root filesystem
`--cap-drop`	`--cap-drop ALL`	Drop Linux capabilities
`--env-file`	`--env-file .env`	Load env vars from file
`-w`	`-w /app`	Set working directory
`--entrypoint`	`--entrypoint sh`	Override entrypoint

Listing Containers

# Running containers only
docker ps

# All containers (including stopped)
docker ps -a

# Custom format
docker ps --format 'table {{.Names}}\t{{.Status}}\t{{.Image}}\t{{.Ports}}'

# Show container sizes
docker ps -s

# Filter by status
docker ps -f status=exited
docker ps -f status=running

# Filter by name
docker ps -f name=api

# Only container IDs
docker ps -q

Logs

# View all logs
docker logs my-app

# Last 100 lines
docker logs --tail=100 my-app

# Follow logs in real-time
docker logs -f my-app

# Follow with last 50 lines
docker logs -f --tail=50 my-app

# Logs from last 15 minutes
docker logs --since=15m my-app

# Logs with timestamps
docker logs --timestamps my-app

# Logs between two times
docker logs --since 2024-01-01T00:00:00 --until 2024-01-01T01:00:00 my-app

Executing Commands Inside Containers

# Open interactive shell
docker exec -it my-app sh
docker exec -it my-app bash    # If bash is available

# Run a single command
docker exec my-app ls -la /app

# Check environment variables
docker exec my-app env

# Check running processes
docker exec my-app ps aux

# Test network connectivity
docker exec my-app ping -c 3 db
docker exec my-app nslookup api

# Run as root (even if container uses non-root user)
docker exec -u root -it my-app sh

Stopping and Removing

# Graceful stop (SIGTERM, wait 10s, then SIGKILL)
docker stop my-app

# Graceful stop with custom timeout
docker stop -t 30 my-app

# Force kill immediately
docker kill my-app

# Remove a stopped container
docker rm my-app

# Force remove a running container
docker rm -f my-app

# Remove all stopped containers
docker container prune

# Stop and remove in one line
docker stop my-app && docker rm my-app

Inspecting Container State

General Inspection

# Full JSON metadata
docker inspect my-app

# Container status
docker inspect my-app --format '{{.State.Status}}'

# Container IP address
docker inspect my-app --format '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}'

Health and Restarts

# Health check status
docker inspect my-app --format '{{json .State.Health}}'

# Restart count (high count = crash loop)
docker inspect my-app --format '{{.RestartCount}}'

# Exit code (0 = clean, non-zero = error)
docker inspect my-app --format '{{.State.ExitCode}}'

# OOM killed check
docker inspect my-app --format '{{.State.OOMKilled}}'

# Error message
docker inspect my-app --format '{{.State.Error}}'

Configuration

# Environment variables
docker inspect my-app --format '{{json .Config.Env}}'

# Mounts
docker inspect my-app --format '{{json .Mounts}}'

# Network settings
docker inspect my-app --format '{{json .NetworkSettings.Networks}}'

# Port mappings
docker inspect my-app --format '{{json .NetworkSettings.Ports}}'

# User
docker inspect my-app --format '{{.Config.User}}'

# Capabilities
docker inspect my-app --format '{{json .HostConfig.CapDrop}}'

Resource Monitoring

# Live resource usage for all containers
docker stats

# One-shot (no streaming)
docker stats --no-stream

# Specific containers
docker stats my-app db redis

# Custom format
docker stats --format 'table {{.Name}}\t{{.CPUPerc}}\t{{.MemUsage}}'

# Show processes inside a container
docker top my-app

Copying Files

# Copy file from container to host
docker cp my-app:/app/config.json ./config.json

# Copy file from host to container
docker cp ./config.json my-app:/app/config.json

# Copy entire directory
docker cp my-app:/app/logs ./logs

Container Filesystem Changes

# Show what files changed inside the container
docker diff my-app
# A = added, C = changed, D = deleted

Pausing and Unpausing

# Freeze all processes in a container (SIGSTOP)
docker pause my-app

# Resume frozen container
docker unpause my-app

Useful for taking consistent backups or debugging.

Creating Containers Without Starting

# Create but don't start
docker create --name my-app -p 8080:80 nginx:alpine

# Start it later
docker start my-app

Container Quick Reference

Goal	Command
Run in background	`docker run -d --name NAME IMAGE`
Run interactive shell	`docker run --rm -it IMAGE sh`
List running	`docker ps`
List all	`docker ps -a`
View logs	`docker logs --tail=100 CONTAINER`
Follow logs	`docker logs -f CONTAINER`
Shell into container	`docker exec -it CONTAINER sh`
Run command inside	`docker exec CONTAINER CMD`
Inspect state	`docker inspect CONTAINER`
Check health	`docker inspect CONTAINER --format '{{json .State.Health}}'`
Check restarts	`docker inspect CONTAINER --format '{{.RestartCount}}'`
Check exit code	`docker inspect CONTAINER --format '{{.State.ExitCode}}'`
OOM check	`docker inspect CONTAINER --format '{{.State.OOMKilled}}'`
Resource usage	`docker stats`
Stop gracefully	`docker stop CONTAINER`
Force kill	`docker kill CONTAINER`
Remove	`docker rm CONTAINER`
Copy file out	`docker cp CONTAINER:SRC DEST`
Copy file in	`docker cp SRC CONTAINER:DEST`
Filesystem changes	`docker diff CONTAINER`
Pause/unpause	`docker pause CONTAINER` / `docker unpause CONTAINER`
Clean up stopped	`docker container prune`

What's Next

Continue to Network and Volume Commands.

Running Containers​

Common Patterns​

docker run Flag Reference​

Listing Containers​

Logs​

Executing Commands Inside Containers​

Stopping and Removing​

Inspecting Container State​

General Inspection​

Health and Restarts​

Configuration​

Resource Monitoring​

Copying Files​

Container Filesystem Changes​

Pausing and Unpausing​

Creating Containers Without Starting​

Container Quick Reference​

What's Next​

Running Containers

Common Patterns

`docker run` Flag Reference

Listing Containers

Logs

Executing Commands Inside Containers

Stopping and Removing

Inspecting Container State

General Inspection

Health and Restarts

Configuration

Resource Monitoring

Copying Files

Container Filesystem Changes

Pausing and Unpausing

Creating Containers Without Starting

Container Quick Reference

What's Next