MasterLabSystemsMasterLabSystems

// cheat sheet

Docker Cheat Sheet

The Docker commands you reach for every day — building and tagging images, running and inspecting containers, managing volumes and networks, writing Compose files, and cleaning up safely.

Quick Reference

  • docker build -t app:1.0 .
  • docker run -d --name app -p 8080:8080 app:1.0
  • docker compose up -d / docker compose logs -f
  • docker exec -it app sh — get a shell inside
  • docker system prune -af — free disk space

Learning Path

Recommended order

  1. 1.Beginner
  2. 2.Intermediate
  3. 3.Advanced

Prerequisites

  • Basic Linux shell
  • What a process and a port are

Skills you will learn

  • Image builds
  • Container lifecycle
  • Compose stacks
  • Network/volume management

Estimated time

1–2 hours hands-on.

Architecture Overview

Architecture

Containerised Application Stack

BUILDIMAGERUNTIMEDATAdocker builddocker runinternal netSource CodeDockerfileApp Imagemulti-stageApp Containerexposed :8080Postgres ContainerRedis Container
Dockerfile builds a minimal image; Compose runs the app alongside its database and cache on a shared network for local and CI parity.

Images

# Build, tag, and push
docker build -t ghcr.io/acme/orders:1.4.0 .
docker tag orders:1.4.0 orders:latest
docker push ghcr.io/acme/orders:1.4.0

# Inspect history & layers
docker history orders:1.4.0
docker image ls
docker image inspect orders:1.4.0

Containers

# Run, detach, expose
docker run -d --name orders \
  -p 8080:8080 -e SPRING_PROFILES_ACTIVE=prod \
  --restart unless-stopped orders:1.4.0

# Inspect
docker ps                       # running
docker ps -a                    # all
docker logs -f --tail 100 orders
docker exec -it orders sh
docker stop orders && docker rm orders

Volumes

docker volume create pgdata
docker run -d --name db \
  -v pgdata:/var/lib/postgresql/data \
  -e POSTGRES_PASSWORD=secret postgres:16

docker volume ls
docker volume inspect pgdata
docker volume rm pgdata

Networks

docker network create app-net
docker run -d --network app-net --name db postgres:16
docker run -d --network app-net --name orders \
  -e DB_HOST=db orders:1.4.0

docker network ls
docker network inspect app-net

Docker Compose

# docker-compose.yml
services:
  orders:
    build: .
    ports: ["8080:8080"]
    environment:
      DB_HOST: db
    depends_on: [db]
  db:
    image: postgres:16
    environment:
      POSTGRES_PASSWORD: secret
    volumes: ["pgdata:/var/lib/postgresql/data"]
volumes: { pgdata: {} }

# Commands
docker compose up -d --build
docker compose logs -f orders
docker compose down -v

Cleanup

docker container prune          # stopped containers
docker image prune -a            # dangling + unused images
docker volume prune              # unused volumes (be careful)
docker network prune             # unused networks
docker system prune -af --volumes # nuke everything unused

Common Mistakes

  • !Running as root inside the container — set USER in the Dockerfile.
  • !Mounting your entire repo into the container during builds (use .dockerignore).
  • !Forgetting to set a restart policy on production containers.
  • !Using `latest` tag in production manifests.

Production Tips

  • Multi-stage builds: separate `builder` (JDK / Node) from `runtime` (JRE / Distroless).
  • Add HEALTHCHECK so orchestrators reap zombies.
  • Pin base images by digest for reproducibility.
  • Run Trivy or `docker scout` in CI; fail on HIGH/CRITICAL CVEs.

Further Reading

// read next

Dockerize a Spring Boot Application

// read next

Deploy Spring Boot to Kubernetes

Frequently Asked Questions

How should I use this cheat sheet?

Skim once end-to-end, then keep it open in a pinned tab. Copy a snippet, adapt it to your project, and refer back when memory fails.

Is this cheat sheet up to date?

It's maintained against the latest stable releases in 2026 and revised when commands or APIs change meaningfully.