diff --git a/docs/sources/reference/commandline/cli.md b/docs/sources/reference/commandline/cli.md index fcc2862b3d..ec2ebf9a16 100644 --- a/docs/sources/reference/commandline/cli.md +++ b/docs/sources/reference/commandline/cli.md @@ -50,35 +50,38 @@ expect an integer, and they can only be specified once. ## daemon Usage of docker: + --api-enable-cors=false Enable CORS headers in the remote API + -b, --bridge="" Attach containers to a pre-existing network bridge + use 'none' to disable container networking + --bip="" Use this CIDR notation address for the network bridge's IP, not compatible with -b + -d, --daemon=false Enable daemon mode + -D, --debug=false Enable debug mode + --dns=[] Force docker to use specific DNS servers + --dns-search=[] Force Docker to use specific DNS search domains + -e, --exec-driver="native" Force the docker runtime to use a specific exec driver + -G, --group="docker" Group to assign the unix socket specified by -H when running in daemon mode + use '' (the empty string) to disable setting of a group + -g, --graph="/var/lib/docker" Path to use as the root of the docker runtime + -H, --host=[] The socket(s) to bind to in daemon mode + specified using one or more tcp://host:port, unix:///path/to/socket, fd://* or fd://socketfd. + --icc=true Enable inter-container communication + --ip="0.0.0.0" Default IP address to use when binding container ports + --ip-forward=true Enable net.ipv4.ip_forward + --iptables=true Enable Docker's addition of iptables rules + --mtu=0 Set the containers network MTU + if no value is provided: default to the default route MTU or 1500 if no default route is available + -p, --pidfile="/var/run/docker.pid" Path to use for daemon PID file + -r, --restart=true Restart previously running containers + -s, --storage-driver="" Force the docker runtime to use a specific storage driver + --selinux-enabled=false Enable selinux support + --tls=false Use TLS; implied by tls-verify flags + --tlscacert="/home/sven/.docker/ca.pem" Trust only remotes providing a certificate signed by the CA given here + --tlscert="/home/sven/.docker/cert.pem" Path to TLS certificate file + --tlskey="/home/sven/.docker/key.pem" Path to TLS key file + --tlsverify=false Use TLS and verify the remote (daemon: verify client, client: verify daemon) + -v, --version=false Print version information and quit - -D, --debug=false: Enable debug mode - -H, --host=[]: The socket(s) to bind to in daemon mode, specified using one or more tcp://host:port, unix:///path/to/socket, fd://* or fd://socketfd. - -G, --group="docker": Group to assign the unix socket specified by -H when running in daemon mode; use '' (the empty string) to disable setting of a group - --api-enable-cors=false: Enable CORS headers in the remote API - -b, --bridge="": Attach containers to a pre-existing network bridge; use 'none' to disable container networking - -bip="": Use this CIDR notation address for the network bridge᾿s IP, not compatible with -b - -d, --daemon=false: Enable daemon mode - --dns=[]: Force docker to use specific DNS servers - --dns-search=[]: Force Docker to use specific DNS search domains - --enable-selinux=false: Enable selinux support for running containers - -g, --graph="/var/lib/docker": Path to use as the root of the docker runtime - --icc=true: Enable inter-container communication - --ip="0.0.0.0": Default IP address to use when binding container ports - --ip-forward=true: Enable net.ipv4.ip_forward - --iptables=true: Enable Docker᾿s addition of iptables rules - -p, --pidfile="/var/run/docker.pid": Path to use for daemon PID file - -r, --restart=true: Restart previously running containers - -s, --storage-driver="": Force the docker runtime to use a specific storage driver - -e, --exec-driver="native": Force the docker runtime to use a specific exec driver - -v, --version=false: Print version information and quit - --tls=false: Use TLS; implied by tls-verify flags - --tlscacert="~/.docker/ca.pem": Trust only remotes providing a certificate signed by the CA given here - --tlscert="~/.docker/cert.pem": Path to TLS certificate file - --tlskey="~/.docker/key.pem": Path to TLS key file - --tlsverify=false: Use TLS and verify the remote (daemon: verify client, client: verify daemon) - --mtu=0: Set the containers network MTU; if no value is provided: default to the default route MTU or 1500 if no default route is available - - Options with [] may be specified multiple times. +Options with [] may be specified multiple times. The Docker daemon is the persistent process that manages containers. Docker uses the same binary for both the daemon and client. To run the @@ -126,12 +129,12 @@ like this: ## attach -Attach to a running container. + Usage: docker attach [OPTIONS] CONTAINER - Usage: docker attach CONTAINER + Attach to a running container - --no-stdin=false: Do not attach stdin - --sig-proxy=true: Proxify all received signal to the process (even in non-tty mode) + --no-stdin=false Do not attach stdin + --sig-proxy=true Proxify all received signal to the process (even in non-tty mode) The `attach` command will allow you to view or interact with any running container, detached (`-d`) @@ -185,15 +188,14 @@ To kill the container, use `docker kill`. ## build -Build a new container image from the source code at PATH - Usage: docker build [OPTIONS] PATH | URL | - - -t, --tag="": Repository name (and optionally a tag) to be applied - to the resulting image in case of success. - -q, --quiet=false: Suppress the verbose output generated by the containers. - --no-cache: Do not use the cache when building the image. - --rm=true: Remove intermediate containers after a successful build + Build a new container image from the source code at PATH + + --no-cache=false Do not use cache when building the image + -q, --quiet=false Suppress the verbose output generated by the containers + --rm=true Remove intermediate containers after a successful build + -t, --tag="" Repository name (and optionally a tag) to be applied to the resulting image in case of success Use this command to build Docker images from a Dockerfile and a "context". @@ -293,12 +295,12 @@ schema. ## commit -Create a new image from a container᾿s changes - Usage: docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]] - -m, --message="": Commit message - -a, --author="": Author (eg. "John Hannibal Smith " + Create a new image from a container's changes + + -a, --author="" Author (eg. "John Hannibal Smith " + -m, --message="" Commit message It can be useful to commit a container's file changes or settings into a new image. This allows you debug a container by running an interactive @@ -325,8 +327,7 @@ path. Paths are relative to the root of the filesystem. Usage: docker cp CONTAINER:PATH HOSTPATH - $ sudo docker cp 7bb0e258aefe:/etc/debian_version . - $ sudo docker cp blue_frog:/etc/hosts . + Copy files/folders from the PATH to the HOSTPATH ## diff @@ -334,6 +335,8 @@ List the changed files and directories in a container᾿s filesystem Usage: docker diff CONTAINER + Inspect changes on a container's filesystem + There are 3 events that are listed in the `diff`: 1. `A` - Add @@ -358,14 +361,12 @@ For example: ## events -Get real time events from the server + Usage: docker events [OPTIONS] - Usage: docker events + Get real time events from the server - --since="": Show all events created since timestamp - (either seconds since epoch, or date string as below) - --until="": Show events created before timestamp - (either seconds since epoch, or date string as below) + --since="" Show all events created since timestamp + --until="" Stream events until this timestamp ### Examples @@ -403,22 +404,22 @@ You'll need two shells for this example. ## export -Export the contents of a filesystem as a tar archive to STDOUT - Usage: docker export CONTAINER + Export the contents of a filesystem as a tar archive to STDOUT + For example: $ sudo docker export red_panda > latest.tar ## history -Show the history of an image - Usage: docker history [OPTIONS] IMAGE - --no-trunc=false: Don᾿t truncate output - -q, --quiet=false: Only show numeric IDs + Show the history of an image + + --no-trunc=false Don't truncate output + -q, --quiet=false Only show numeric IDs To see how the `docker:latest` image was built: @@ -433,13 +434,13 @@ To see how the `docker:latest` image was built: ## images -List images - Usage: docker images [OPTIONS] [NAME] - -a, --all=false: Show all images (by default filter out the intermediate image layers) - --no-trunc=false: Don᾿t truncate output - -q, --quiet=false: Only show numeric IDs + List images + + -a, --all=false Show all images (by default filter out the intermediate image layers) + --no-trunc=false Don't truncate output + -q, --quiet=false Only show numeric IDs The default `docker images` will show all top level images, their repository and tags, and their virtual size. @@ -481,8 +482,7 @@ by default. Usage: docker import URL|- [REPOSITORY[:TAG]] - Create an empty filesystem image and import the contents of the tarball - (.tar, .tar.gz, .tgz, .bzip, .tar.xz, .txz) into it, then optionally tag it. + Create an empty filesystem image and import the contents of the tarball (.tar, .tar.gz, .tgz, .bzip, .tar.xz, .txz) into it, then optionally tag it. URLs must start with `http` and point to a single file archive (.tar, .tar.gz, .tgz, .bzip, .tar.xz, or .txz) containing a @@ -515,10 +515,12 @@ tar, then the ownerships might not get preserved. ## info -Display system-wide information. - Usage: docker info + Display system-wide information + +For example: + $ sudo docker info Containers: 292 Images: 194 @@ -536,11 +538,11 @@ ensure we know how your setup is configured. ## inspect -Return low-level information on a container/image - Usage: docker inspect CONTAINER|IMAGE [CONTAINER|IMAGE...] - -f, --format="": Format the output using the given go template. + Return low-level information on a container/image + + -f, --format="" Format the output using the given go template. By default, this will render all results in a JSON array. If a format is specified, the given template will be executed for each result. @@ -590,11 +592,11 @@ contains complex json object, so to grab it as JSON, you use ## kill -Kill a running container (send SIGKILL, or specified signal) - Usage: docker kill [OPTIONS] CONTAINER [CONTAINER...] - -s, --signal="KILL": Signal to send to the container + Kill a running container (send SIGKILL, or specified signal) + + -s, --signal="KILL" Signal to send to the container The main process inside the container will be sent SIGKILL, or any signal specified with option `--signal`. @@ -610,11 +612,11 @@ signal specified with option `--signal`. ## load -Load an image from a tar archive on STDIN - Usage: docker load - -i, --input="": Read from a tar archive file, instead of STDIN + Load an image from a tar archive on STDIN + + -i, --input="" Read from a tar archive file, instead of STDIN Loads a tarred repository from a file or the standard input stream. Restores both images and tags. @@ -636,13 +638,13 @@ Restores both images and tags. ## login -Register or Login to the docker registry server - Usage: docker login [OPTIONS] [SERVER] - -e, --email="": Email - -p, --password="": Password - -u, --username="": Username + Register or Login to a docker registry server, if no server is specified "https://index.docker.io/v1/" is the default. + + -e, --email="" Email + -p, --password="" Password + -u, --username="" Username If you want to login to a private registry you can specify this by adding the server name. @@ -652,12 +654,12 @@ specify this by adding the server name. ## logs -Fetch the logs of a container + Usage: docker logs CONTAINER - Usage: docker logs [OPTIONS] CONTAINER + Fetch the logs of a container - -f, --follow=false: Follow log output - -t, --timestamps=false: Show timestamps + -f, --follow=false Follow log output + -t, --timestamps=false Show timestamps The `docker logs` command batch-retrieves all logs present at the time of execution. @@ -668,24 +670,24 @@ and stderr. ## port - Usage: docker port [OPTIONS] CONTAINER PRIVATE_PORT + Usage: docker port CONTAINER PRIVATE_PORT -Lookup the public-facing port which is NAT-ed to PRIVATE_PORT + Lookup the public-facing port which is NAT-ed to PRIVATE_PORT ## ps -List containers - Usage: docker ps [OPTIONS] - -a, --all=false: Show all containers. Only running containers are shown by default. - --before="": Show only container created before Id or Name, include non-running ones. - -l, --latest=false: Show only the latest created container, include non-running ones. - -n=-1: Show n last created containers, include non-running ones. - --no-trunc=false: Don᾿t truncate output - -q, --quiet=false: Only display numeric IDs - -s, --size=false: Display sizes, not to be used with -q - --since="": Show only containers created since Id or Name, include non-running ones. + List containers + + -a, --all=false Show all containers. Only running containers are shown by default. + --before="" Show only container created before Id or Name, include non-running ones. + -l, --latest=false Show only the latest created container, include non-running ones. + -n=-1 Show n last created containers, include non-running ones. + --no-trunc=false Don't truncate output + -q, --quiet=false Only display numeric IDs + -s, --size=false Display sizes + --since="" Show only containers created since Id or Name, include non-running ones. Running `docker ps` showing 2 linked containers. @@ -699,10 +701,10 @@ Running `docker ps` showing 2 linked containers. ## pull -Pull an image or a repository from the registry - Usage: docker pull NAME[:TAG] + Pull an image or a repository from the registry + Most of your images will be created on top of a base image from the [Docker.io](https://index.docker.io) registry. @@ -721,30 +723,30 @@ use `docker pull`: ## push -Push an image or a repository to the registry - Usage: docker push NAME[:TAG] + Push an image or a repository to the registry + Use `docker push` to share your images on public or private registries. ## restart -Restart a running container + Usage: docker restart [OPTIONS] CONTAINER [CONTAINER...] - Usage: docker restart [OPTIONS] NAME + Restart a running container - -t, --time=10: Number of seconds to try to stop for before killing the container. Once killed it will then be restarted. Default=10 + -t, --time=10 Number of seconds to try to stop for before killing the container. Once killed it will then be restarted. Default=10 ## rm -Remove one or more containers + Usage: docker rm [OPTIONS] CONTAINER [CONTAINER...] - Usage: docker rm [OPTIONS] CONTAINER + Remove one or more containers - -l, --link="": Remove the link instead of the actual container - -f, --force=false: Force removal of running container - -v, --volumes=false: Remove the volumes associated to the container + -f, --force=false Force removal of running container + -l, --link=false Remove the specified link and not the underlying container + -v, --volumes=false Remove the volumes associated to the container ### Known Issues (rm) @@ -776,12 +778,12 @@ delete them. Any running containers will not be deleted. ## rmi -Remove one or more images - Usage: docker rmi IMAGE [IMAGE...] - -f, --force=false: Force - --no-prune=false: Do not delete untagged parents + Remove one or more images + + -f, --force=false Force + --no-prune=false Do not delete untagged parents ### Removing tagged images @@ -813,44 +815,43 @@ removed before the image is removed. ## run -Run a command in a new container + Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...] - Usage: docker run [OPTIONS] IMAGE[:TAG] [COMMAND] [ARG...] + Run a command in a new container - -a, --attach=[] Attach to stdin, stdout or stderr. - -c, --cpu-shares=0 CPU shares (relative weight) - --cpuset="" CPUs in which to allow execution (0-3, 0,1) - --cidfile="" Write the container ID to the file - -d, --detach=false Detached mode: Run container in the background, print new container id - --dns=[] Set custom dns servers - --dns-search=[] Set custom dns search domains - -e, --env=[] Set environment variables - --entrypoint="" Overwrite the default entrypoint of the image - --env-file=[] Read in a line delimited file of ENV variables - --expose=[] Expose a port from the container without publishing it to your host - -h, --hostname="" Container host name - -i, --interactive=false Keep stdin open even if not attached - --link=[] Add link to another container (name:alias) - --lxc-conf=[] (lxc exec-driver only) Add custom lxc options --lxc-conf="lxc.cgroup.cpuset.cpus = 0,1" - -m, --memory="" Memory limit (format: , where unit = b, k, m or g) - --name="" Assign a name to the container - --net="bridge" Set the Network mode for the container - 'bridge': creates a new network stack for the container on the docker bridge - 'none': no networking for this container - 'container:': reuses another container network stack - 'host': use the host network stack inside the contaner - -p, --publish=[] Publish a container's port to the host - format: ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort - (use 'docker port' to see the actual mapping) - -P, --publish-all=false Publish all exposed ports to the host interfaces - --privileged=false Give extended privileges to this container - --rm=false Automatically remove the container when it exits (incompatible with -d) - --sig-proxy=true Proxify all received signal to the process (even in non-tty mode) - -t, --tty=false Allocate a pseudo-tty - -u, --user="" Username or UID - -v, --volume=[] Bind mount a volume (e.g. from the host: -v /host:/container, from docker: -v /container) - --volumes-from=[] Mount volumes from the specified container(s) - -w, --workdir="" Working directory inside the container + -a, --attach=[] Attach to stdin, stdout or stderr. + -c, --cpu-shares=0 CPU shares (relative weight) + --cidfile="" Write the container ID to the file + -d, --detach=false Detached mode: Run container in the background, print new container id + --dns=[] Set custom dns servers + --dns-search=[] Set custom dns search domains + -e, --env=[] Set environment variables + --entrypoint="" Overwrite the default entrypoint of the image + --env-file=[] Read in a line delimited file of ENV variables + --expose=[] Expose a port from the container without publishing it to your host + -h, --hostname="" Container host name + -i, --interactive=false Keep stdin open even if not attached + --link=[] Add link to another container (name:alias) + --lxc-conf=[] (lxc exec-driver only) Add custom lxc options --lxc-conf="lxc.cgroup.cpuset.cpus = 0,1" + -m, --memory="" Memory limit (format: , where unit = b, k, m or g) + --name="" Assign a name to the container + --net="bridge" Set the Network mode for the container + 'bridge': creates a new network stack for the container on the docker bridge + 'none': no networking for this container + 'container:': reuses another container network stack + 'host': use the host network stack inside the contaner + -p, --publish=[] Publish a container's port to the host + format: ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort + (use 'docker port' to see the actual mapping) + -P, --publish-all=false Publish all exposed ports to the host interfaces + --privileged=false Give extended privileges to this container + --rm=false Automatically remove the container when it exits (incompatible with -d) + --sig-proxy=true Proxify all received signal to the process (even in non-tty mode) + -t, --tty=false Allocate a pseudo-tty + -u, --user="" Username or UID + -v, --volume=[] Bind mount a volume (e.g. from the host: -v /host:/container, from docker: -v /container) + --volumes-from=[] Mount volumes from the specified container(s) + -w, --workdir="" Working directory inside the container The `docker run` command first `creates` a writeable container layer over the specified image, and then `starts` it using the specified command. That is, @@ -1061,11 +1062,11 @@ application change: ## save -Save an image to a tar archive (streamed to stdout by default) - Usage: docker save IMAGE - -o, --output="": Write to an file, instead of STDOUT + Save an image to a tar archive (streamed to stdout by default) + + -o, --output="" Write to an file, instead of STDOUT Produces a tarred repository to the standard output stream. Contains all parent layers, and all tags + versions, or specified repo:tag. @@ -1088,9 +1089,11 @@ Search [Docker.io](https://index.docker.io) for images Usage: docker search TERM - --no-trunc=false: Don᾿t truncate output - -s, --stars=0: Only displays with at least xxx stars - -t, --trusted=false: Only show trusted builds + Search the docker index for images + + --no-trunc=false Don't truncate output + -s, --stars=0 Only displays with at least xxx stars + -t, --trusted=false Only show trusted builds See [*Find Public Images on Docker.io*]( /use/workingwithrepository/#find-public-images-on-dockerio) for @@ -1098,31 +1101,31 @@ more details on finding shared images from the commandline. ## start -Start a stopped container + Usage: docker start CONTAINER [CONTAINER...] - Usage: docker start [OPTIONS] CONTAINER + Restart a stopped container - -a, --attach=false: Attach container᾿s stdout/stderr and forward all signals to the process - -i, --interactive=false: Attach container᾿s stdin + -a, --attach=false Attach container's stdout/stderr and forward all signals to the process + -i, --interactive=false Attach container's stdin ## stop -Stop a running container (Send SIGTERM, and then SIGKILL after grace period) - Usage: docker stop [OPTIONS] CONTAINER [CONTAINER...] - -t, --time=10: Number of seconds to wait for the container to stop before killing it. + Stop a running container (Send SIGTERM, and then SIGKILL after grace period) + + -t, --time=10 Number of seconds to wait for the container to stop before killing it. The main process inside the container will receive SIGTERM, and after a grace period, SIGKILL ## tag -Tag an image into a repository - Usage: docker tag [OPTIONS] IMAGE [REGISTRYHOST/][USERNAME/]NAME[:TAG] - -f, --force=false: Force + Tag an image into a repository + + -f, --force=false Force You can group your images together using names and tags, and then upload them to [*Share Images via Repositories*]( @@ -1132,15 +1135,19 @@ them to [*Share Images via Repositories*]( Usage: docker top CONTAINER [ps OPTIONS] -Lookup the running processes of a container + Lookup the running processes of a container ## version + Usage: docker version + + Show the docker version information. + Show the version of the Docker client, daemon, and latest released version. ## wait - Usage: docker wait [OPTIONS] NAME + Usage: docker wait CONTAINER [CONTAINER...] -Block until a container stops, then print its exit code. + Block until a container stops, then print its exit code.