Ultimate Docker Cheat Sheet

This Docker cheat sheet covers:

  • An example Dockerfile for a Python application,
  • Dockerfile instructions FROM, WORKDIR, COPY, ADD, RUN, ENV, ENTRYPOINT and CMD,
  • How to build Docker images,
  • How to run Docker containers,
  • How to run a container with an interactive shell on start,
  • How to run a container with a volume,
  • How to start an interactive shell in an already running container,
  • How to clean up containers and images.

Python Application Dockerfile

Below is an example Dockerfile for a Python application with Python dependencies in requirements.txt and the application in app.py:

Dockerfile
# Use Python 3.12 as the base image
FROM python:3.12

# Set the working directory
WORKDIR /app

# Copy the requirements file into the container at /app/
COPY requirements.txt /app/

# Install from requirements.txt
RUN pip install --no-cache-dir -r requirements.txt

# Copy the Python code into the container at /app/
COPY app.py /app/

# Set runtime environment variables
ENV RUNTIME_ENV_VAR=value

# Define the command to run the application
CMD ["python", "app.py"]

Explaining Dockerfile Instructions

This section explains common Dockerfile instructions.

FROM

Sets the base image for the Dockerfile.

Dockerfile
FROM ubuntu:latest
FROM python:3.10
FROM --platform=linux/amd64 public.ecr.aws/lambda/python:3.9

WORKDIR

Changes the current directory. Persists at run time.

Dockerfile
WORKDIR /app

COPY

Copies files or directories from the build context into the container during image build.

Dockerfile
# copy the file requirements.txt to /app/requirments.txt
COPY requirements.txt /app/

# copy the folder src to /app/src
COPY src /app/src

# copy the contents of src to /app/
COPY src /app/

ADD

Copies files, directories or remote file URLs from the build context into the container during image build.

Dockerfile
# add a file from a remote URL to the container
ADD https://raw.githubusercontent.com/ADGEfficiency/data-science-south-data/main/cities/cities.csv /app/data/

ADD is like COPY but with additional functionality of being able to copy files from URLs and automatically extract compressed files.

RUN

Executes commands within the container during image build.

Dockerfile
RUN apt-get update && apt-get upgrade -y
RUN pip install -r requirements.txt

ENV

Sets runtime environment variables within the container.

Dockerfile
ENV VARIABLE=value

ENTRYPOINT

The first half of the command that is executed when a container is run.

ENTRYPOINT and CMD together create the default shell command that is run when a container starts.

Often defaults to /bin/sh -c, which means the CMD will be executed a shell command using sh. The default command depends on the base image.

Dockerfile
ENTRYPOINT ["/bin/sh", "-c"]
ENTRYPOINT ["/bin/bash", "-c"]
ENTRYPOINT ["python"]

CMD

The second half of the command that is executed when a container is run. Not set by default.

Dockerfile
CMD ["./start.sh"]
CMD ["uvicorn", "app:app", "--host", "0.0.0.0", "--port", "80"]
CMD ["./src/main.py"]

ENTRYPOINT and CMD together create the default shell command that is run when a container starts.

Docker CLI Commands

Build Images with docker build

Build a Docker image with the current directory . as the build context:

shell-session
$ docker build -t app . -f ./Dockerfile --build-arg BUILD_VARIABLE=value
  • docker build: Builds a new image from a Dockerfile.
  • -t app: Tags the image as app.
  • .: Sets the current directory as the build context.
  • -f ./Dockerfile: Specifies the Dockerfile located at ./Dockerfile.
  • --build-arg BUILDTIME_ENV_VAR=value: Sets a build-time environment variable.

Run Containers with docker run

Run a Docker image with the default CMD set at image build time:

shell-session
$ docker run app -e RUNTIME_ENV_VAR=value
  • docker run: Runs a Docker container from an image.- app: Specifies the name/tag of the image to run.
  • -e RUNTIME_ENV_VAR=value: Sets a runtime environment variable.

Override the default CMD at run time:

shell-session
$ docker run -t test echo "hello world"
  • -t: Allocate a pseudo-tty.
  • echo "hello world": Overrides the default CMD with echo "hello world".

Interactive Shell on Container Start

Override the default CMD with an interactive Bash shell:

shell-session
$ docker run -it app /bin/bash
  • -t: Allocate a pseudo-tty.
  • -i: Keep STDIN open even if not attached.
  • echo "hello world": Overrides the default CMD with echo "hello world".

Run a Container with a Volume

Create & mount a volume called app-volume. The volume is mapped to /data inside the container:

shell-session
$ docker volume create app-volume
$ docker run -it -v app-volume:/data app
  • docker volume create app-volume: Creates a new volume named app-volume.
  • -v app-volume:/data: Mounts app-volume to /data in the container.

Mount the local folder ./code to /code inside the container:

shell-session
$ docker run -it -v $(pwd)/code:/code app
  • -v $(pwd)/code:/code: Maps the local ./code directory to /code in the container.

This allows local development of code without having to re-build the container.

Working with Running Containers

Show Running Containers

shell-session
$ docker container ls
CONTAINER ID   IMAGE        COMMAND                  CREATED          STATUS          PORTS     NAMES
003bb057fe66   why-docker   "uvicorn app:app --h…"   24 seconds ago   Up 23 seconds             nice_banzai

Interactive Shell in an Already Running Container

Uses the CONTAINER ID found using docker container ls:

shell-session
$ docker exec -it 003bb057fe66 /bin/bash
root@003bb057fe66:/app# ls -l
total 36
drwxr-xr-x 2 root root 4096 Jul 28 02:51 __pycache__
-rw-r--r-- 1 root root  425 Jul 28 00:02 api.Dockerfile
-rw-r--r-- 1 root root  106 Jul 27 23:58 app.py
-rw-r--r-- 1 root root  180 Jul 27 23:54 docker-compose.yml
-rw-r--r-- 1 root root  235 Jul 28 00:02 main.py
-rw-r--r-- 1 root root   16 Jul 28 00:02 requirements.txt
-rw-r--r-- 1 root root  152 Jul 28 00:01 script.Dockerfile
-rw-r--r-- 1 root root  633 Jul 27 23:58 single.Dockerfile
drwxr-xr-x 2 root root 4096 Jul 15 21:33 src
root@003bb057fe66:/app#

Show Processes Running in One Container

shell-session
$ docker container top 003bb057fe66
UID                 PID                 PPID                C                   STIME               TTY                 TIME                CMD
root                29442               29417               0                   02:51               ?                   00:00:00            /usr/local/bin/python /usr/local/bin/uvicorn app:app --host 0.0.0.0 --port 80
root                29502               29417               0                   02:52               ?                   00:00:00            /bin/bash

Clean Up Docker Images & Containers

Stop all running containers:

shell-session
$ docker stop $(docker ps -a -q)

Remove all containers:

shell-session
$ docker rm $(docker ps -a -q)

Remove all images:

shell-session
$ docker system prune -a

Thanks for reading!

If you enjoyed this blog post, make sure to check out our free 74 data science lessons across 21 courses.