Learning Docker Commands

Reference documentation

https://www.runoob.com/docker/docker-tutorial.html

Common Commands

Commonly used ones are marked in red, occasionally used ones are marked in green, and the rest you just need to be aware of.

|command|description|Here is the translation of the provided Simplified Chinese Markdown fragment into natural American English, following all specified rules.

Example| |:---|:---|:---| |docker run|Create and start a new container.|docker run -it ubuntu bash| |docker build|Create a new image using the specified Dockerfile.|docker build -t myimage .| |docker pull|Pull the image from the Docker repository.|docker pull ubuntu| |docker push|Push the local image to the Docker repository.|docker push myimage| |docker stop|Stop a running container.|docker stop container_id| |docker start|Start an existing container.|docker start container_id| |docker restart|Restart the container.|docker restart container_id| |docker ps|List the currently running containers.|docker ps| |docker rm|Delete one or more stopped containers.|docker rm container_id| |docker exec|Execute a command in a running container.|docker exec -it container_id bash| |docker logs|View the container's log output.|docker logs container_id| |docker images|List all local images.|docker images| |docker rmi|Delete one or more images.|docker rmi myimage| |docker network|Manage Docker networks.|docker network ls| |docker volume|Manage Docker data volumes.|docker volume ls| |docker-compose up|Start all services defined in docker-compose.yml.|docker-compose up| |docker-compose down|Stop and remove all services defined in docker-compose.yml along with their associated resources.|docker-compose down| |docker info|Display detailed information about the Docker system.|docker info| |docker stats|View the real-time resource usage (CPU, memory, etc.) of running containers.|docker stats| |docker inspect|View detailed information about containers or images (JSON format).|docker inspect container_id| |docker save|Save an image as a tar file.|docker save -o myimage.tar myimage| |docker load|Load the image from the tar file.|docker load -i myimage.tar| |docker tag|Add a tag to the image.|docker tag myimage myimage:v1| |docker buildx build|Use Buildx to build multi-architecture images.|docker buildx build -t myimage .| |docker buildx create|Create a new Buildx build instance.|docker buildx create --use| |docker buildx ls|List all available Buildx builder instances.|docker buildx ls| |docker buildx use|Set the current Buildx build instance.|docker buildx use mybuilder| |docker buildx bake|Use Bake files to build images in batch.|docker buildx bake -f bake.hcl| |docker buildx build --push|Build the image and push it to the image registry.|docker buildx build --push -t myimage .| |docker buildx build --platform|Build the image and generate support for multiple platforms.|docker buildx build --platform linux/amd64,linux/arm64 -t myimage .|

Parameters of the run command (very important)

• -d: Run the container in the background (Detached mode)
• -i: Keep standard input (STDIN) open
• -t: Allocate a pseudo-TTY (terminal)|Allow the container to run in the background and support interactive operations.| |--privileged|Grant the container full host privileges (access to devices, kernel modules, etc.)|Used for scenarios requiring direct hardware access (such as accessing USB devices), but carries security risks.| |--net=host|Share the host machine's network namespace (the container uses the host machine's IP and port).|Simplified network configuration, no NAT — this improves network efficiency and makes it easier to discover devices on the local network.| |--group-add audio--group-add video--group-add dialout|Add the container user to the host user groups:
• audio: audio device access
• video: video device access
• dialout: serial device access|Avoid permission issues (e.g., preventing inability to access the camera or microphone).| |-e DISPLAY=$DISPLAY-e XAUTHORITY=/home/tungchiahui/.Xauthority-e WAYLAND_DISPLAY-e XDG_RUNTIME_DIR-e QT_QPA_PLATFORM=xcb|Configure the graphical display environment:
• Bind the host display interface (X11 or Wayland)
• Set the GUI application rendering backend|Supports running graphical interface applications (such as OpenCV visualization) inside containers.| |-v /tmp/.X11-unix:/tmp/.X11-unix:rw-v /dev/dri:/dev/dri|Mount the host's graphics devices:
• X11 socket directory
• Direct Rendering Manager (DRI) device|Implement graphical display within the container.| |-v $HOME/.Xauthority:/home/tungchiahui/.Xauthority:ro|Mount the X11 authentication file (read-only)|Ensure the container has permission to connect to the host machine's display service.| |-v /run/user/1000/wayland-0-v /run/user/1000|Mount the directory related to the Wayland display protocol.|Supports graphics display using the Wayland protocol.| |--ulimit nofile=1024:524288|Method for setting the process's maximum number of open files (nofile), used to control the file handle limit during container or process runtime. --ulimit <limit type>=<soft limit>:<hard limit>|If the default limit is too small, a "too many open files" error may occur. Therefore, this value needs to be increased when running containers or starting system services. --ulimit nofile=4096:65536| |-v /home/tungchiahui:/home/tungchiahui|Mount the host user directory to the container's same-named path.|Enable file sharing between the host machine and containers (e.g., code, data persistence).| |-w /home/tungchiahui|Set the default working directory after the container starts.|Directly enter the project path to conveniently execute commands.| |tungchiahui/ros-opencv:jazzy-411-cuda128-cudnn971-noble|The image name specifies the image and tag, including:
• ROS 2 Jazzy
• OpenCV 4.11
• CUDA 12.8
• cuDNN 9.7.1|Provides a pre-configured deep learning and robotics development environment.|

The following command must be run as a regular user, not as root. Actually, it doesn't matter whether you add sudo or sudo -E.

The user has already been added to the docker group, so you can run it without sudo. Also, if you run sudo, your $HOME variable won't change either. What's more, if you add -E, then your $HOME is even less likely to change.

sudo docker run --name=ros_opencv_cuda \
--gpus all \
-e NVIDIA_DRIVER_CAPABILITIES=all \
-e DISPLAY=$DISPLAY \
-dit \
--privileged \
--net=host \
--group-add audio \
--group-add video \
--group-add dialout \
-e XAUTHORITY=$HOME/.Xauthority \
-e WAYLAND_DISPLAY=$WAYLAND_DISPLAY \
-e XDG_RUNTIME_DIR=$XDG_RUNTIME_DIR \
-e QT_QPA_PLATFORM=xcb \
-v /tmp/.X11-unix:/tmp/.X11-unix:rw \
-v /dev/dri:/dev/dri \
-v $HOME/.Xauthority:$HOME/.Xauthority:ro \
-v /run/user/$(id -u)/wayland-0:/run/user/$(id -u)/wayland-0 \
-v /run/user/$(id -u):/run/user/$(id -u) \
-v $HOME:$HOME \
-w $HOME \
tungchiahui/ros-opencv:humble-411-cuda128-cudnn970-jammy

Note:

1. NVIDIA_DRIVER_CAPABILITIES=all --gpus allPlease comment out if you don't have an NVIDIA graphics card.
2. --name Please name the container yourself.
3. For the last line, please find the corresponding mirror for the repository name and fill it in yourself.
4. ROS1 tends to consume excessive memory on Fedora distributions, so you need to add the following parameter. If you are not using Fedora and ROS1, do not add it.

--ulimit nofile=1024:524288 \

5. If you want to log into the container as the current user, you can add the following lines, but it is strongly not recommended.

--user $(id -u):$(id -g) \
-v /etc/passwd:/etc/passwd:ro \
-v /etc/group:/etc/group:ro \