[Docker](https://www.docker.com) is a utility to pack, ship and run any application as a lightweight container. Another container engine is [Podman](Podman.md)
Docker runs processes in isolated containers. A container is a process which runs on a host. The host may be local or remote. When an operator executes docker run, the container process that runs is isolated in that it has its own file system, its own networking, and its own isolated process tree separate from the host.
| `--rm` | Automatically remove the container when it exits |
| `-p port` | Expose a port from container |
| `-v src:target` | Bind a volume to the container |
### `docker attach`
Use docker attach to attach your terminal's standard input, output, and error (or any combination of the three) to a running container using the container's ID or name. This allows you to view its ongoing output or to control it interactively, as though the commands were running directly in your terminal.
The docker cp utility copies the contents of SRC_PATH to the DEST_PATH. You can copy from the container's file system to the local machine or the reverse, from the local filesystem to the container. If - is specified for either the SRC_PATH or DEST_PATH, you can also stream a [tar](../applications/cli/tar.md) archive from STDIN or to STDOUT. The CONTAINER can be a running or stopped container. The SRC_PATH or DEST_PATH can be a file or directory.
```shell
docker cp ./some_file CONTAINER:/work
docker cp CONTAINER:/var/logs/ /tmp/app_logs
docker cp CONTAINER:/var/logs/app.log - | tar x -O | grep "ERROR"
| `-d, --detach` | Detached mode: run command in the background |
| `-e, --env KEY=VALUE` | Set [environment variables](../linux/Environment%20Variables.md) |
| `--env-file file` | Read in a file of [environment variables](../linux/Environment%20Variables.md) |
| `-i, --interactive` | Keep STDIN open even if not attached |
| `-t, --tty` | Allocate a pseudo-TTY |
| `-u, --user uid:guid` | Username or UID |
| `-w, --workdir` | Working directory inside the container |
### `docker kill`
The docker kill subcommand kills one or more containers. The main process inside the container is sent SIGKILL signal (default), or the signal that is specified with the --signal option. You can reference a container by its ID, ID-prefix, or name.
The docker build command builds Docker images from a [Dockerfile](Dockerfile.md) and a "context". A build's context is the set of files located in the specified PATH or URL.
```shell
docker build .
# Tag the image
docker build -t me/myimage:latest .
# Custom Dockerfile
docker build -f custom/Dockerfile .
```
### Working with Images
```shell
# List images
docker images
# Remove image
docker rmi image
# Tag image
docker tag SOURCE_IMAGE[:TAG] TARGET_IMAGE[:TAG]
```
### Load/Save images
You can save and load container images to/from [tar](../applications/cli/tar.md) archives.
```shell
# Save
docker save [-o, --output outfile] image
# Load
docker load [-i, --input infile]
```
### Sign into container registry
You can authenticate yourself with any container registry.
You can push and pull container images to and from a registry.
```shell
docker pull [OPTIONS] NAME[:TAG|@DIGEST]
docker push [OPTIONS] NAME[:TAG]
```
## Dockerfile
A `Dockerfile` is used for building container images. See [Dockerfile](Dockerfile.md).
## Docker Compose
Docker Compose helps you manage multiple containers which work together. It can spin up a whole fleet of containers in one go. See [Docker Compose](Docker%20Compose.md).
## Docker Swarm
Docker Swarm lets you group multiple hosts into a cluster for distributed container workloads. See [Docker Swarm](Docker%20Swarm.md).