Docker 치트 시트

컨테이너, 이미지, 볼륨, 네트워크, Docker Compose에 관한 필수 Docker 명령어.

63개 명령

ContainersRun a container in detached (background) mode

docker run -d IMAGE

docker run -d nginx

ContainersRun a container interactively with a shell

docker run -it IMAGE bash

docker run -it ubuntu bash

ContainersName the container and map a host port to container port

docker run --name NAME -p HOST:CTR IMAGE

docker run --name web -p 8080:80 nginx

ContainersSet an environment variable in the container

docker run -e KEY=VALUE IMAGE

docker run -e NODE_ENV=production node:18 node app.js

ContainersBind-mount a host directory into the container

docker run -v /host/path:/ctr/path IMAGE

docker run -v $(pwd)/data:/app/data myapp

ContainersAutomatically remove container when it exits

docker run --rm IMAGE

docker run --rm alpine echo 'hello'

ContainersList running containers

docker ps

docker ps

ContainersList all containers (including stopped)

docker ps -a

docker ps -a

ContainersGracefully stop a running container (SIGTERM)

docker stop CONTAINER

docker stop web

ContainersStart a stopped container

docker start CONTAINER

docker start web

ContainersStop then start a container

docker restart CONTAINER

docker restart web

ContainersRemove a stopped container

docker rm CONTAINER

docker rm web

ContainersForce-remove a running container

docker rm -f CONTAINER

docker rm -f web

ContainersOpen an interactive shell in a running container

docker exec -it CONTAINER bash

docker exec -it web bash

ContainersStream logs from a container

docker logs -f CONTAINER

docker logs -f web

ContainersReturn detailed JSON info about a container

docker inspect CONTAINER

docker inspect web

ContainersDisplay live resource usage statistics

docker stats

docker stats

ImagesDownload an image from a registry

docker pull IMAGE:TAG

docker pull postgres:16

ImagesList all local images

docker images

docker images

ImagesBuild an image from a Dockerfile in the current directory

docker build -t NAME:TAG .

docker build -t myapp:latest .

ImagesBuild using a specific Dockerfile path

docker build -f PATH/Dockerfile .

docker build -f docker/Dockerfile.prod -t myapp:prod .

ImagesTag a local image with a new name/tag

docker tag SOURCE TARGET

docker tag myapp:latest registry.io/user/myapp:v1.0

ImagesPush an image to a registry

docker push IMAGE

docker push registry.io/user/myapp:v1.0

ImagesRemove a local image

docker rmi IMAGE

docker rmi myapp:latest

ImagesRemove dangling (untagged) images

docker image prune

docker image prune

ImagesRemove all unused images (not just dangling)

docker image prune -a

docker image prune -a

VolumesCreate a named volume

docker volume create NAME

docker volume create pgdata

VolumesList volumes

docker volume ls

docker volume ls

VolumesInspect a volume

docker volume inspect NAME

docker volume inspect pgdata

VolumesRemove a volume

docker volume rm NAME

docker volume rm pgdata

VolumesMount a named volume into a container

docker run -v VOLUME:/ctr/path IMAGE

docker run -v pgdata:/var/lib/postgresql/data postgres:16

NetworksCreate a user-defined bridge network

docker network create NAME

docker network create mynet

NetworksList networks

docker network ls

docker network ls

NetworksConnect a running container to a network

docker network connect NET CONTAINER

docker network connect mynet web

NetworksRun a container on a specific network

docker run --network NET IMAGE

docker run --network mynet --name api myapp

NetworksRemove a network

docker network rm NAME

docker network rm mynet

ComposeCreate and start all services in background

docker compose up -d

docker compose up -d

ComposeStop and remove containers and networks

docker compose down

docker compose down

ComposeAlso remove volumes

docker compose down -v

docker compose down -v

ComposeList containers managed by Compose

docker compose ps

docker compose ps

ComposeStream logs from a service

docker compose logs -f SERVICE

docker compose logs -f api

ComposeOpen a shell in a running Compose service

docker compose exec SERVICE bash

docker compose exec api bash

ComposeBuild or rebuild services

docker compose build

docker compose build

ComposePull latest images for all services

docker compose pull

docker compose pull

ComposeRestart a specific service

docker compose restart SERVICE

docker compose restart api

ComposeUse a specific compose file

docker compose -f FILE up -d

docker compose -f docker-compose.prod.yml up -d

DockerfileSet the base image for the build

FROM BASE:TAG

FROM node:18-alpine

DockerfileSet the working directory for subsequent instructions

WORKDIR /path

WORKDIR /app

DockerfileCopy files from build context into the image

COPY src dest

COPY package*.json ./
COPY . .

DockerfileExecute a shell command during build

RUN command

RUN npm ci --only=production

DockerfileSet environment variables baked into the image

ENV KEY=VALUE

ENV NODE_ENV=production PORT=3000

DockerfileDefine a build-time variable (not in final image)

ARG NAME=default

ARG APP_VERSION
RUN echo $APP_VERSION

DockerfileDocument the port the container will listen on

EXPOSE PORT

EXPOSE 3000

DockerfileDefault command to run (exec form preferred)

CMD ["executable", "arg"]

CMD ["node", "server.js"]

DockerfileContainer entry point (CMD args are appended)

ENTRYPOINT ["executable"]

ENTRYPOINT ["docker-entrypoint.sh"]

DockerfileCreate a mount point for external volumes

VOLUME ["/data"]

VOLUME ["/var/lib/mysql"]

DockerfileSet the user for RUN/CMD/ENTRYPOINT instructions

USER name

USER node

CleanupRemove stopped containers, dangling images, unused networks, build cache

docker system prune

docker system prune

CleanupAlso remove all unused images (not just dangling)

docker system prune -a

docker system prune -a

CleanupShow Docker disk usage

docker system df

docker system df

CleanupRemove all stopped containers

docker container prune

docker container prune

CleanupDisplay system-wide Docker information

docker info

docker info

CleanupShow Docker client and daemon version

docker version

docker version

최소한의 프로덕션 Dockerfile

# Stage 1: build
FROM node:18-alpine AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci
COPY . .
RUN npm run build

# Stage 2: runtime
FROM node:18-alpine AS runner
WORKDIR /app
ENV NODE_ENV=production
COPY --from=builder /app/dist ./dist
COPY --from=builder /app/node_modules ./node_modules
EXPOSE 3000
USER node
CMD ["node", "dist/server.js"]

멀티 스테이지 빌드는 다음 항목만 복사하여 최종 이미지를 작게 유지합니다: 프로덕션 아티팩트. USER node 명령은 보안 향상을 위해 root로 실행하는 것을 방지합니다.

docker-compose.yml 예시

services:
  api:
    build: .
    ports:
      - "3000:3000"
    environment:
      DATABASE_URL: postgres://user:pass@db:5432/mydb
    depends_on:
      db:
        condition: service_healthy

  db:
    image: postgres:16-alpine
    volumes:
      - pgdata:/var/lib/postgresql/data
    environment:
      POSTGRES_USER: user
      POSTGRES_PASSWORD: pass
      POSTGRES_DB: mydb
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U user"]
      interval: 5s
      retries: 5

volumes:
  pgdata:

자주 묻는 질문

docker run과 docker start의 차이점은 무엇인가요?

docker run은 이미지에서 새 컨테이너를 생성하고 시작합니다. docker start는 기존의 중지된 컨테이너를 재시작합니다. 컨테이너를 처음 생성하거나 새로운 컨테이너를 원할 때는 docker run을 사용하세요. 이전에 중지된 컨테이너를 기존 상태로 재개하려면 docker start를 사용하세요.

중지된 모든 컨테이너와 사용하지 않는 이미지를 제거하려면 어떻게 하나요?

docker system prune을 사용하면 중지된 모든 컨테이너, 댕글링 이미지, 사용하지 않는 네트워크, 빌드 캐시를 제거할 수 있습니다. -a 플래그를 추가하면 사용하지 않는 이미지도 제거됩니다. docker container prune은 컨테이너만, docker image prune은 이미지만 대상으로 합니다.

Dockerfile에서 COPY와 ADD의 차이점은 무엇인가요?

COPY는 빌드 컨텍스트에서 이미지로 파일을 단순히 복사합니다. ADD는 동일한 작업을 수행하지만 URL 소스와 압축 아카이브(.tar, .tar.gz, .tar.bz2)의 자동 압축 해제도 지원합니다. 모범 사례: ADD의 추가 기능이 특별히 필요하지 않으면 COPY를 사용하세요. COPY가 더 투명합니다.

컨테이너 데이터를 수명 주기 이후에도 유지하려면 어떻게 하나요?

Docker가 관리하는 영구 명명된 스토리지를 위해 Docker 볼륨(docker volume create myvol, 그런 다음 docker run에 -v myvol:/data)을 사용하세요. 특정 호스트 디렉토리를 마운트하려면 바인드 마운트(-v /호스트/경로:/컨테이너/경로)를 사용하세요. 볼륨은 Docker에 의해 완전히 관리되고 이식 가능하므로 프로덕션에 권장됩니다.

최소한의 프로덕션 Dockerfile

# Stage 1: build
FROM node:18-alpine AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci
COPY . .
RUN npm run build

# Stage 2: runtime
FROM node:18-alpine AS runner
WORKDIR /app
ENV NODE_ENV=production
COPY --from=builder /app/dist ./dist
COPY --from=builder /app/node_modules ./node_modules
EXPOSE 3000
USER node
CMD ["node", "dist/server.js"]

docker-compose.yml 예시

services:
  api:
    build: .
    ports:
      - "3000:3000"
    environment:
      DATABASE_URL: postgres://user:pass@db:5432/mydb
    depends_on:
      db:
        condition: service_healthy

  db:
    image: postgres:16-alpine
    volumes:
      - pgdata:/var/lib/postgresql/data
    environment:
      POSTGRES_USER: user
      POSTGRES_PASSWORD: pass
      POSTGRES_DB: mydb
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U user"]
      interval: 5s
      retries: 5

volumes:
  pgdata:

자주 묻는 질문

Docker 치트 시트

최소한의 프로덕션 Dockerfile

docker-compose.yml 예시

자주 묻는 질문

docker run과 docker start의 차이점은 무엇인가요?

중지된 모든 컨테이너와 사용하지 않는 이미지를 제거하려면 어떻게 하나요?

Dockerfile에서 COPY와 ADD의 차이점은 무엇인가요?

컨테이너 데이터를 수명 주기 이후에도 유지하려면 어떻게 하나요?

DevOps references

Docker 치트 시트

최소한의 프로덕션 Dockerfile

docker-compose.yml 예시

자주 묻는 질문

docker run과 docker start의 차이점은 무엇인가요?

중지된 모든 컨테이너와 사용하지 않는 이미지를 제거하려면 어떻게 하나요?

Dockerfile에서 COPY와 ADD의 차이점은 무엇인가요?

컨테이너 데이터를 수명 주기 이후에도 유지하려면 어떻게 하나요?