Docker - Run, Stop, and Remove Containers

Docker | Run, Stop, and Remove Containers

Notes
Run Containers
Stop Containers
Remove Containers
Pause Containers
Force Terminating Containers

Notes
See this page for more information:
https://docs.docker.com/engine/containers/run/
Run Containers
The 'docker container run' command has the following syntax:
```
$ docker container run [OPTIONS] IMAGE [COMMAND] [ARG...]
```
The command 'docker container run' is a convenient method that executes two commands: first it creates the container (docker container create) and then it starts it (docker container start) .

You can choose to run a container in the foreground (default) or background (option: -d). When running in the foreground, you can instruct Docker to start an interactive session and allocate a pseudo terminal (TTY) to interact with the container (option: -it).

There are three main scenarios:
- Run a container in the foreground using docker container run without any flags. In this mode, only the container's stdout and stderr are redirected to the local terminal. The terminal's stdin is not connected to the container.
- Run a container in foreground by using docker container run -it. In this case, Docker redirects the local terminal stdin to the container. The container's stdout and stderr is still redirected to the local terminal. In fact, only the -i (interactive) flag is required to keep stdin open and redirect it to the container. The -t (tty) flag allocates a pseudo-terminal, which enables full terminal capabilities such as colored output and cursor control. Without the pseudo-TTY, we get plain text I/O.
- The -d (detached) flag runs the container in the background (docker container run -d) and immediately returns the container ID.
You can use the three flags -d, -i, and -t to run a container in detached mode while keeping it interactive. This allows you to reattach to the container later using the docker attach command. To detach from the container you will need to use Ctrl+P followed by Ctrl+Q, otherwise Ctrl+C may terminate it.

Instead of using the -dit combination, it's preferable to start the container in the background with just the -d flag, and later use docker exec -it to start an interactive session. This allows multiple concurrent interactive sessions and avoids the limitations of docker attach.

Here's a summary when to use each option:
```
|---------------------------|-------------------------------------------------------------------|
| docker run                | foreground, no stdin (non-interactive containers)                 |
|---------------------------|-------------------------------------------------------------------|
| docker run -i             | foreground with terminal interaction (plain text I/O)             |
|---------------------------|-------------------------------------------------------------------|
| docker run -it            | foreground with terminal interaction (interactive shell sessions) |
|---------------------------|-------------------------------------------------------------------|
| docker run -d             | detached background container but interactive via exec            |
|---------------------------|-------------------------------------------------------------------|
| docker run -dit           | detached background container but interactive via attach          |
|---------------------------|-------------------------------------------------------------------|
```
Let's run the nginx image:
```
$ docker container run --rm -d nginx:latest
```
```
c8a35eab0aabf68335f88268c3ed0dd6cb77a30503db4e9ba5cdd8ca0cf8c1ab
```
The option '-d' (--detach) run the container in background and print its ID.

The option '--rm' instructs Docker to automatically remove the container when it exits.

Let's verify that nginx is up and running:
```
$ docker container ls
```
```
CONTAINER ID   IMAGE          COMMAND                  CREATED          STATUS          PORTS     NAMES
c8a35eab0aab   nginx:latest   "/docker-entrypoint.…"   25 seconds ago   Up 25 seconds   80/tcp    blissful_kar
```
You can notice that the name of the container "vibrant_mose" which is a random name generated by Docker.
To give a custom name to the container, you can use the option '--name'.

Note that the container's port (80) is not published to the Docker's host.
To publish an exposed container's port and map it to a host's port, you can use the option '-p HOST_PORT:CONTAINER_PORT'.
You can also use the option '-P' to publish all exposed ports to random ports in the Docker's host.

Let's use the two options ('-p', '--name') and run again the nginx image:
```
$ docker container run -d -p 8080:80 --name "nginx-latest" nginx:latest
```
```
e6c31a81c909695475a97a0cb851cea2befa2fbfe1340d8e760c50f06dd2fb5c
```
Let's verify that both the specified port (the container port 80 is mapped to the Docker host port 8080) and the name were used:
```
$ docker container ls
```
```
CONTAINER ID   IMAGE          COMMAND                  CREATED              STATUS              PORTS                  NAMES
e6c31a81c909   nginx:latest   "/docker-entrypoint.…"   30 seconds ago       Up 29 seconds       0.0.0.0:8080->80/tcp   nginx-latest
c8a35eab0aab   nginx:latest   "/docker-entrypoint.…"   About a minute ago   Up About a minute   80/tcp                 blissful_kar
```
You can use the option '--no-trunc' of the 'ps' command to print the full container ID and the command used to start the nginx process.
```
$ docker container ls --no-trunc
```
```
CONTAINER ID                                                       IMAGE          COMMAND                                          CREATED              STATUS              PORTS                  NAMES
e6c31a81c909695475a97a0cb851cea2befa2fbfe1340d8e760c50f06dd2fb5c   nginx:latest   "/docker-entrypoint.sh nginx -g 'daemon off;'"   56 seconds ago       Up 55 seconds       0.0.0.0:8080->80/tcp   nginx-latest
c8a35eab0aabf68335f88268c3ed0dd6cb77a30503db4e9ba5cdd8ca0cf8c1ab   nginx:latest   "/docker-entrypoint.sh nginx -g 'daemon off;'"   About a minute ago   Up About a minute   80/tcp                 blissful_kare
```
We can also run a container in an interactive mode by using the options -i and -t:
```
$ docker container run --rm -i -t ubuntu:latest /bin/bash
```
```
root@651d1a7e5cd7:/# exit
exit
$
```
The flag -i instructs docker to start an interactive session and connect the user's terminal with the container's stdin/stdout stream. It allows the user to send command to the container.

The flag -t instructs docker to allocate a pseudo terminal (TTY). It provides the user a terminal interface to execute commands interactively.

Notes:
- In the example above, the terminal prompt is different when we are running commands inside the container (root@651d1a7e5cd7:/#) from the prompt when we are running commands inside the Docker host ($).
- The prompt $ indicates that the containers execution completed and we returned to the host's terminal.
- The host and container prompts might look different for you depending on your configuration.
- Usually the container prompt inside the container takes this format CONTAINER_USER@CONTAINER_ID:/# or CONTAINER_USER@CONTAINER_HOST_NAME:/#.
- The /# at the end indicates you're in the root directory of the container (might look different for you, depending on the WORKDIR setting or where you navigate).
- If you're not the root user in the container, you might see $ instead of #.
- Some containers might have custom PS1 configurations that change this default format.
- The host prompt could be $ or a custom prompt depending on your shell configuration and user privileges.
We can also run a specific commands (foreground) in the container:
```
$ docker container run --rm ubuntu:latest id
```
```
uid=0(root) gid=0(root) groups=0(root)
$
```
```
$ docker container run --rm ubuntu:latest cat /etc/hosts
```
```
127.0.0.1     localhost
172.17.0.2    ffd0458ac5e8
$
```
We can use the pipe character (|) to connect the output of one command to another, but be aware that the piping will occur on the host, not within the container. To perform piped operations within the container, wrap the full command in quotes and use /bin/bash -c:
```
$ docker container run --rm ubuntu:latest /bin/bash -c "cat /etc/hosts | grep 127.0.0.1"
```
```
127.0.0.1    localhost
$
```
The same, if we want to run multiple commands inside the container:
```
$ docker container run --rm ubuntu:latest /bin/bash -c "id; cat /etc/hosts | grep 127.0.0.1"
```
```
uid=0(root) gid=0(root) groups=0(root)
127.0.0.1    localhost
$
```
Because we have used the flag --rm, the Ubuntu containers we created above will be automatically removed (deleted) by Docker when we explicitly exit/stop the container or the command/process running in the container completes or terminates.

By default, a container is not restarted when it exits. We can adjust this behavior, by using the option '--restart'. It accepts four values: no (default), always, unless-stopped, and on-failure:
- The first value (no) instructs Docker to not restart the container if it exits.
- The second value (always) instructs Docker to always restart the container whenever it exits.
- The third value (unless-stopped) instructs Docker to always restart the container whenever it exits, unless it's stopped.
- The last value (on-failure) instructs Docker to always restart the container whenever it exits with a nonzero exit code.
It's possible to use on-failure with a number to instruct Docker to restart the container the number of times specified (e.g., on-failure:2 instructs Docker to restart the container 2 times after which the container won't be restarted again).
Stop Containers
To stop a container we can use the command 'docker container stop'.
The command can accept either the container name, short ID or full ID.
It's also possible to use few characters of the container ID as long as it's unique.

Any of the following should work:
```
$ docker container stop nginx-latest
```
```
$ docker container stop e6
```
```
$ docker container stop e6c31a81c909
```
```
$ docker container stop e6c31a81c909695475a97a0cb851cea2befa2fbfe1340d8e760c50f06dd2fb5c
```
Let's verify that the container was stopped:
```
$ docker container ls -a
```
```
CONTAINER ID   IMAGE          COMMAND                  CREATED              STATUS                     PORTS     NAMES
e6c31a81c909   nginx:latest   "/docker-entrypoint.…"   About a minute ago   Exited (0) 7 seconds ago             nginx-latest
c8a35eab0aab   nginx:latest   "/docker-entrypoint.…"   2 minutes ago        Up 2 minutes               80/tcp    blissful_kare
```
Notes:
- The status of the stopped container is showing 'Exited (0) 7 seconds ago'.
- We used the option -a to list all the containers. Without this option the docker command docker container ls list running containers only.
- When you stop a container, all its temporary data is lost (memory, tmpfs).
If we want to start the container again we can use the start command (no need to create the container).
```
$ docker container start nginx-latest
```
Let's verify that the container was started:
```
$ docker container ls -a
```
```
CONTAINER ID   IMAGE          COMMAND                  CREATED         STATUS          PORTS                  NAMES
e6c31a81c909   nginx:latest   "/docker-entrypoint.…"   4 minutes ago   Up 25 seconds   0.0.0.0:8080->80/tcp   nginx-latest
c8a35eab0aab   nginx:latest   "/docker-entrypoint.…"   5 minutes ago   Up 5 minutes    80/tcp                 blissful_kare
```
The stop command sends a Unix signal SIGTERM to the the main process running in the container so it can terminate gracefully.
After waiting 10 seconds, Docker will send the Unix signal SIGKILL to force terminating the container.
It's possible to override this behavior by using the options --signal (specify the Unix signal to send to the container) and --timeout (specify the number of seconds to wait before Docker can kill the container).

Remove Containers

If we need to remove the container completely, we need to stop it first then remove it using the 'docker container rm' command:

$ docker container stop nginx-latest
$ docker container rm nginx-latest

Let's verify that the container was removed:

$ docker container ls -a

CONTAINER ID   IMAGE          COMMAND                  CREATED         STATUS         PORTS     NAMES
c8a35eab0aab   nginx:latest   "/docker-entrypoint.…"   8 minutes ago   Up 8 minutes   80/tcp    blissful_kare

When the container is removed, all its data is lost (port bindings, environment variables, labels, ...).

It's possible to use the option --force with the command docker container rm to force the removal of the container (Docker will send the Unix signal SIGKILL to the container).

The remaining container was started using the option '--rm', meaning if we stop it, Docker will remove it automatically:

$ docker container stop blissful_kare

Let's verify that the container was removed:

$ docker container ls -a

CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES

Instead of using the run command we can also use the create and start command to start a container.

Let's first create the container:

$ docker container create -p 8080:80 --name "nginx-latest" nginx:latest

6add1be3be97b2bf946416820d9434104a097a89edfa4b78b65399b15a0581b4

Let's verify that the container was created:

$ docker container ls -a

CONTAINER ID   IMAGE          COMMAND                  CREATED          STATUS    PORTS     NAMES
6add1be3be97   nginx:latest   "/docker-entrypoint.…"   58 seconds ago   Created             nginx-lates

Note that the status of the container is showing 'Created'.

To start the container:

$ docker container start nginx-latest

Let's verify that the container was started:

$ docker container ls -a

CONTAINER ID   IMAGE          COMMAND                  CREATED         STATUS        PORTS                  NAMES
6add1be3be97   nginx:latest   "/docker-entrypoint.…"   2 minutes ago   Up 1 second   0.0.0.0:8080->80/tcp   nginx-latest

Pause Containers
It's possible to pause a container (all its activity will be stopped) by using the command 'docker container pause':
```
$ docker container pause nginx-latest
```
Let's verify that the container was paused:
```
$ docker container ls -a
```
```
CONTAINER ID   IMAGE          COMMAND                  CREATED       STATUS                PORTS                  NAMES
6add1be3be97   nginx:latest   "/docker-entrypoint.…"   2 hours ago   Up 2 hours (Paused)   0.0.0.0:8080->80/tcp   nginx-latest
```
Note that the status of the container is showing 'Paused'.

To resume the container we can use the command 'docker container unpause':
:
```
$ docker container unpause nginx-latest
```
Let's verify that the container is running:
```
$ docker container ls -a
```
```
CONTAINER ID   IMAGE          COMMAND                  CREATED       STATUS       PORTS                  NAMES
6add1be3be97   nginx:latest   "/docker-entrypoint.…"   2 hours ago   Up 2 hours   0.0.0.0:8080->80/tcp   nginx-latest
```
Note that the created and status columns are still showing the same information because the container state didn't change while it was paused. Actually if we have waited longer time before resuming the container, that time would have been reflected in the created and status columns.

Force Terminating Containers

We can use the command docker container kill to force terminating container:

$ docker container kill nginx-latest

Let's verify that the container was killed:

$ docker container ls -a

CONTAINER ID   IMAGE          COMMAND                  CREATED        STATUS                        PORTS     NAMES
6add1be3be97   nginx:latest   "/docker-entrypoint.…"   11 hours ago   Exited (137) 54 seconds ago             nginx-latest

It's possible to use the option --signal with the command docker container kill to specify the Unix signal to send to the container.