
---

# 🏗️ 3. Images & Containers

### A) Lifecycle

* `docker pull <image>` — **Download** image from a registry (e.g., Docker Hub).
* `docker run [opts] <image>` — **Create + start** a new container from an image.
* `docker ps` — **List running** containers.
* `docker ps -a` — **List all** containers (running + stopped).
* `docker stop <container>` — **Gracefully stop** a running container.
* `docker rm <container>` — **Remove** a **stopped** container.
* `docker start|restart <container>` — **Start/Restart** an existing container.

**Example**

```bash
docker pull nginx
docker run -d --name web nginx
docker ps
docker stop web && docker rm web
```

---

### B) Inspect & Interact

* `docker logs <container>` — **Show stdout/stderr** logs.
* `docker logs -f <container>` — **Follow** logs (tail -f).
* `docker exec -it <container> sh|bash` — **Open shell / run command** inside a running container.
* `docker inspect <name|id>` — **Detailed JSON** info (env, mounts, IP, etc.).
* `docker top <container>` — **Processes** running inside container.
* `docker stats [name]` — **Live CPU/RAM/IO** usage.

**Example**

```bash
docker exec -it web sh
docker logs -f web
docker inspect web | less
```

---

### C) Modes & Common Flags

* `-d` — **Detached** (background service/APIs).
* `-it` — **Interactive TTY** (shell/debug).
* `--name <name>` — **Friendly name** for the container.

**Examples**

```bash
docker run -it ubuntu sh     # interactive shell
docker run -d --name api myimg  # background service
```

---

### D) Networking & Ports

* `-p HOST:CONTAINER` — **Map host port → container port**.
* `docker port <container>` — **Show** port mappings.
* `docker network create <net>` — **Create** user network.
* `docker run --network <net> ...` — **Attach** to network.

**Example**

```bash
docker run -d -p 8080:80 nginx     # visit http://localhost:8080
docker network create appnet
docker run -d --network appnet --name db postgres
```

---

### E) Storage (Volumes & Bind Mounts)

* `docker volume create <name>` — **Create** managed volume.
* `-v <volname>:/path/in/container` — **Mount volume** (persistent).
* `-v /host/path:/path/in/container` — **Bind mount** host folder.
* Add `:ro` to make **read-only**.

**Examples**

```bash
docker volume create appdata
docker run -d -v appdata:/var/lib/postgresql/data postgres

docker run -d -v "$(pwd)/site:/usr/share/nginx/html:ro" nginx
```

---

### F) Images (Build, Tag, Push, Prune)

* `docker images` — **List** images.
* `docker build -t <name>:tag .` — **Build** image from **Dockerfile** in current dir.
* `docker tag src dest` — **Retag** an image (e.g., for pushing).
* `docker push <repo>:tag` — **Upload** image to registry.
* `docker rmi <image>` — **Remove** image.
* `docker image prune` — **Remove dangling** (unused) layers.

**Examples**

```bash
docker build -t myapp:latest .
docker tag myapp:latest username/myapp:latest
docker push username/myapp:latest
```

---

### G) Copy Files (Host ↔ Container)

* `docker cp SRC DEST` — **Copy files** in/out of containers.

**Examples**

```bash
docker cp web:/etc/nginx/nginx.conf ./nginx.conf   # container → host
docker cp ./index.html web:/usr/share/nginx/html/  # host → container
```

---

### H) Env & Restart Policies

* `-e KEY=VAL` — **Set env var** inside container.
* `--env-file .env` — **Load many env vars** from file.
* `--restart unless-stopped|always|on-failure` — **Auto-restart** policy.

**Example**

```bash
docker run -d --restart unless-stopped -e POSTGRES_PASSWORD=pass postgres
```

---

### I) Cleanup (Safe Defaults)

* `docker rm -f <container>` — **Stop + remove** container.
* `docker system prune -f` — **Remove unused** containers/images/networks (keeps volumes).
* `docker system prune -a -f` — Also removes **unused images** (be careful).

---