docker container run

Create and run a new container from an image

Usage

docker container run [OPTIONS] IMAGE [COMMAND] [ARG...]

Description

See docker run for more information.

Options

OptionShortDefaultDescription
--add-hostAdd a custom host-to-IP mapping (host:ip)
--annotationAPI 1.43+ Add an annotation to the container (passed through to the OCI runtime)
--attach-aAttach to STDIN, STDOUT or STDERR
--blkio-weightBlock IO (relative weight), between 10 and 1000, or 0 to disable (default 0)
--blkio-weight-deviceBlock IO weight (relative device weight)
--cap-addAdd Linux capabilities
--cap-dropDrop Linux capabilities
--cgroup-parentOptional parent cgroup for the container
--cgroupnsAPI 1.41+ Cgroup namespace to use (host|private) 'host': Run the container in the Docker host's cgroup namespace 'private': Run the container in its own private cgroup namespace '': Use the cgroup namespace as configured by the default-cgroupns-mode option on the daemon (default)
--cidfileWrite the container ID to the file
--cpu-countCPU count (Windows only)
--cpu-percentCPU percent (Windows only)
--cpu-periodLimit CPU CFS (Completely Fair Scheduler) period
--cpu-quotaLimit CPU CFS (Completely Fair Scheduler) quota
--cpu-rt-periodAPI 1.25+ Limit CPU real-time period in microseconds
--cpu-rt-runtimeAPI 1.25+ Limit CPU real-time runtime in microseconds
--cpu-shares-cCPU shares (relative weight)
--cpusAPI 1.25+ Number of CPUs
--cpuset-cpusCPUs in which to allow execution (0-3, 0,1)
--cpuset-memsMEMs in which to allow execution (0-3, 0,1)
--detach-dRun container in background and print container ID
--detach-keysOverride the key sequence for detaching a container
--deviceAdd a host device to the container
--device-cgroup-ruleAdd a rule to the cgroup allowed devices list
--device-read-bpsLimit read rate (bytes per second) from a device
--device-read-iopsLimit read rate (IO per second) from a device
--device-write-bpsLimit write rate (bytes per second) to a device
--device-write-iopsLimit write rate (IO per second) to a device
--disable-content-trusttrueSkip image verification
--dnsSet custom DNS servers
--dns-optSet DNS options
--dns-optionSet DNS options
--dns-searchSet custom DNS search domains
--domainnameContainer NIS domain name
--entrypointOverwrite the default ENTRYPOINT of the image
--env-eSet environment variables
--env-fileRead in a file of environment variables
--exposeExpose a port or a range of ports
--gpusAPI 1.40+ GPU devices to add to the container ('all' to pass all GPUs)
--group-addAdd additional groups to join
--health-cmdCommand to run to check health
--health-intervalTime between running the check (ms|s|m|h) (default 0s)
--health-retriesConsecutive failures needed to report unhealthy
--health-start-periodAPI 1.29+ Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s)
--health-timeoutMaximum time to allow one check to run (ms|s|m|h) (default 0s)
--helpPrint usage
--hostname-hContainer host name
--initAPI 1.25+ Run an init inside the container that forwards signals and reaps processes
--interactive-iKeep STDIN open even if not attached
--io-maxbandwidthMaximum IO bandwidth limit for the system drive (Windows only)
--io-maxiopsMaximum IOps limit for the system drive (Windows only)
--ipIPv4 address (e.g., 172.30.100.104)
--ip6IPv6 address (e.g., 2001:db8::33)
--ipcIPC mode to use
--isolationContainer isolation technology
--kernel-memoryKernel memory limit
--label-lSet meta data on a container
--label-fileRead in a line delimited file of labels
--linkAdd link to another container
--link-local-ipContainer IPv4/IPv6 link-local addresses
--log-driverLogging driver for the container
--log-optLog driver options
--mac-addressContainer MAC address (e.g., 92:d0:c6:0a:29:33)
--memory-mMemory limit
--memory-reservationMemory soft limit
--memory-swapSwap limit equal to memory plus swap: '-1' to enable unlimited swap
--memory-swappiness-1Tune container memory swappiness (0 to 100)
--mountAttach a filesystem mount to the container
--nameAssign a name to the container
--netConnect a container to a network
--net-aliasAdd network-scoped alias for the container
--networkConnect a container to a network
--network-aliasAdd network-scoped alias for the container
--no-healthcheckDisable any container-specified HEALTHCHECK
--oom-kill-disableDisable OOM Killer
--oom-score-adjTune host's OOM preferences (-1000 to 1000)
--pidPID namespace to use
--pids-limitTune container pids limit (set -1 for unlimited)
--platformAPI 1.32+ Set platform if server is multi-platform capable
--privilegedGive extended privileges to this container
--publish-pPublish a container's port(s) to the host
--publish-all-PPublish all exposed ports to random ports
--pullmissingPull image before running (always, missing, never)
--quiet-qSuppress the pull output
--read-onlyMount the container's root filesystem as read only
--restartnoRestart policy to apply when a container exits
--rmAutomatically remove the container when it exits
--runtimeRuntime to use for this container
--security-optSecurity Options
--shm-sizeSize of /dev/shm
--sig-proxytrueProxy received signals to the process
--stop-signalSignal to stop the container
--stop-timeoutAPI 1.25+ Timeout (in seconds) to stop a container
--storage-optStorage driver options for the container
--sysctlSysctl options
--tmpfsMount a tmpfs directory
--tty-tAllocate a pseudo-TTY
--ulimitUlimit options
--user-uUsername or UID (format: <name|uid>[:<group|gid>])
--usernsUser namespace to use
--utsUTS namespace to use
--volume-vBind mount a volume
--volume-driverOptional volume driver for the container
--volumes-fromMount volumes from the specified container(s)
--workdir-wWorking directory inside the container