github.com/45cali/docker@v1.11.1/docs/reference/commandline/create.md (about) 1 <!--[metadata]> 2 +++ 3 title = "create" 4 description = "The create command description and usage" 5 keywords = ["docker, create, container"] 6 [menu.main] 7 parent = "smn_cli" 8 +++ 9 <![end-metadata]--> 10 11 # create 12 13 Creates a new container. 14 15 Usage: docker create [OPTIONS] IMAGE [COMMAND] [ARG...] 16 17 Create a new container 18 19 -a, --attach=[] Attach to STDIN, STDOUT or STDERR 20 --add-host=[] Add a custom host-to-IP mapping (host:ip) 21 --blkio-weight=0 Block IO weight (relative weight) 22 --blkio-weight-device=[] Block IO weight (relative device weight, format: `DEVICE_NAME:WEIGHT`) 23 --cpu-shares=0 CPU shares (relative weight) 24 --cap-add=[] Add Linux capabilities 25 --cap-drop=[] Drop Linux capabilities 26 --cgroup-parent="" Optional parent cgroup for the container 27 --cidfile="" Write the container ID to the file 28 --cpu-period=0 Limit CPU CFS (Completely Fair Scheduler) period 29 --cpu-quota=0 Limit CPU CFS (Completely Fair Scheduler) quota 30 --cpuset-cpus="" CPUs in which to allow execution (0-3, 0,1) 31 --cpuset-mems="" Memory nodes (MEMs) in which to allow execution (0-3, 0,1) 32 --device=[] Add a host device to the container 33 --device-read-bps=[] Limit read rate (bytes per second) from a device (e.g., --device-read-bps=/dev/sda:1mb) 34 --device-read-iops=[] Limit read rate (IO per second) from a device (e.g., --device-read-iops=/dev/sda:1000) 35 --device-write-bps=[] Limit write rate (bytes per second) to a device (e.g., --device-write-bps=/dev/sda:1mb) 36 --device-write-iops=[] Limit write rate (IO per second) to a device (e.g., --device-write-iops=/dev/sda:1000) 37 --disable-content-trust=true Skip image verification 38 --dns=[] Set custom DNS servers 39 --dns-opt=[] Set custom DNS options 40 --dns-search=[] Set custom DNS search domains 41 -e, --env=[] Set environment variables 42 --entrypoint="" Overwrite the default ENTRYPOINT of the image 43 --env-file=[] Read in a file of environment variables 44 --expose=[] Expose a port or a range of ports 45 --group-add=[] Add additional groups to join 46 -h, --hostname="" Container host name 47 --help Print usage 48 -i, --interactive Keep STDIN open even if not attached 49 --ip="" Container IPv4 address (e.g. 172.30.100.104) 50 --ip6="" Container IPv6 address (e.g. 2001:db8::33) 51 --ipc="" IPC namespace to use 52 --isolation="" Container isolation technology 53 --kernel-memory="" Kernel memory limit 54 -l, --label=[] Set metadata on the container (e.g., --label=com.example.key=value) 55 --label-file=[] Read in a line delimited file of labels 56 --link=[] Add link to another container 57 --log-driver="" Logging driver for container 58 --log-opt=[] Log driver specific options 59 -m, --memory="" Memory limit 60 --mac-address="" Container MAC address (e.g. 92:d0:c6:0a:29:33) 61 --memory-reservation="" Memory soft limit 62 --memory-swap="" A positive integer equal to memory plus swap. Specify -1 to enable unlimited swap. 63 --memory-swappiness="" Tune a container's memory swappiness behavior. Accepts an integer between 0 and 100. 64 --name="" Assign a name to the container 65 --net="bridge" Connect a container to a network 66 'bridge': create a network stack on the default Docker bridge 67 'none': no networking 68 'container:<name|id>': reuse another container's network stack 69 'host': use the Docker host network stack 70 '<network-name>|<network-id>': connect to a user-defined network 71 --net-alias=[] Add network-scoped alias for the container 72 --oom-kill-disable Whether to disable OOM Killer for the container or not 73 --oom-score-adj=0 Tune the host's OOM preferences for containers (accepts -1000 to 1000) 74 -P, --publish-all Publish all exposed ports to random ports 75 -p, --publish=[] Publish a container's port(s) to the host 76 --pid="" PID namespace to use 77 --pids-limit=-1 Tune container pids limit (set -1 for unlimited), kernel >= 4.3 78 --privileged Give extended privileges to this container 79 --read-only Mount the container's root filesystem as read only 80 --restart="no" Restart policy (no, on-failure[:max-retry], always, unless-stopped) 81 --security-opt=[] Security options 82 --stop-signal="SIGTERM" Signal to stop a container 83 --shm-size=[] Size of `/dev/shm`. The format is `<number><unit>`. `number` must be greater than `0`. Unit is optional and can be `b` (bytes), `k` (kilobytes), `m` (megabytes), or `g` (gigabytes). If you omit the unit, the system uses bytes. If you omit the size entirely, the system uses `64m`. 84 -t, --tty Allocate a pseudo-TTY 85 -u, --user="" Username or UID 86 --userns="" Container user namespace 87 'host': Use the Docker host user namespace 88 '': Use the Docker daemon user namespace specified by `--userns-remap` option. 89 --ulimit=[] Ulimit options 90 --uts="" UTS namespace to use 91 -v, --volume=[host-src:]container-dest[:<options>] 92 Bind mount a volume. The comma-delimited 93 `options` are [rw|ro], [z|Z], 94 [[r]shared|[r]slave|[r]private], and 95 [nocopy]. The 'host-src' is an absolute path 96 or a name value. 97 --volume-driver="" Container's volume driver 98 --volumes-from=[] Mount volumes from the specified container(s) 99 -w, --workdir="" Working directory inside the container 100 101 The `docker create` command creates a writeable container layer over the 102 specified image and prepares it for running the specified command. The 103 container ID is then printed to `STDOUT`. This is similar to `docker run -d` 104 except the container is never started. You can then use the 105 `docker start <container_id>` command to start the container at any point. 106 107 This is useful when you want to set up a container configuration ahead of time 108 so that it is ready to start when you need it. The initial status of the 109 new container is `created`. 110 111 Please see the [run command](run.md) section and the [Docker run reference](../run.md) for more details. 112 113 ## Examples 114 115 $ docker create -t -i fedora bash 116 6d8af538ec541dd581ebc2a24153a28329acb5268abe5ef868c1f1a261221752 117 $ docker start -a -i 6d8af538ec5 118 bash-4.2# 119 120 As of v1.4.0 container volumes are initialized during the `docker create` phase 121 (i.e., `docker run` too). For example, this allows you to `create` the `data` 122 volume container, and then use it from another container: 123 124 $ docker create -v /data --name data ubuntu 125 240633dfbb98128fa77473d3d9018f6123b99c454b3251427ae190a7d951ad57 126 $ docker run --rm --volumes-from data ubuntu ls -la /data 127 total 8 128 drwxr-xr-x 2 root root 4096 Dec 5 04:10 . 129 drwxr-xr-x 48 root root 4096 Dec 5 04:11 .. 130 131 Similarly, `create` a host directory bind mounted volume container, which can 132 then be used from the subsequent container: 133 134 $ docker create -v /home/docker:/docker --name docker ubuntu 135 9aa88c08f319cd1e4515c3c46b0de7cc9aa75e878357b1e96f91e2c773029f03 136 $ docker run --rm --volumes-from docker ubuntu ls -la /docker 137 total 20 138 drwxr-sr-x 5 1000 staff 180 Dec 5 04:00 . 139 drwxr-xr-x 48 root root 4096 Dec 5 04:13 .. 140 -rw-rw-r-- 1 1000 staff 3833 Dec 5 04:01 .ash_history 141 -rw-r--r-- 1 1000 staff 446 Nov 28 11:51 .ashrc 142 -rw-r--r-- 1 1000 staff 25 Dec 5 04:00 .gitconfig 143 drwxr-sr-x 3 1000 staff 60 Dec 1 03:28 .local 144 -rw-r--r-- 1 1000 staff 920 Nov 28 11:51 .profile 145 drwx--S--- 2 1000 staff 460 Dec 5 00:51 .ssh 146 drwxr-xr-x 32 1000 staff 1140 Dec 5 04:01 docker 147 148 ### Specify isolation technology for container (--isolation) 149 150 This option is useful in situations where you are running Docker containers on 151 Windows. The `--isolation=<value>` option sets a container's isolation 152 technology. On Linux, the only supported is the `default` option which uses 153 Linux namespaces. On Microsoft Windows, you can specify these values: 154 155 156 | Value | Description | 157 |-----------|---------------------------------------------------------------------------------------------------------------------------------------------------------------| 158 | `default` | Use the value specified by the Docker daemon's `--exec-opt` . If the `daemon` does not specify an isolation technology, Microsoft Windows uses `process` as its default value. | 159 | `process` | Namespace isolation only. | 160 | `hyperv` | Hyper-V hypervisor partition-based isolation. | 161 162 Specifying the `--isolation` flag without a value is the same as setting `--isolation="default"`.