github.com/chenchun/docker@v1.3.2-0.20150629222414-20467faf132b/man/docker-create.1.md (about) 1 % DOCKER(1) Docker User Manuals 2 % Docker Community 3 % JUNE 2014 4 # NAME 5 docker-create - Create a new container 6 7 # SYNOPSIS 8 **docker create** 9 [**-a**|**--attach**[=*[]*]] 10 [**--add-host**[=*[]*]] 11 [**--blkio-weight**[=*[BLKIO-WEIGHT]*]] 12 [**-c**|**--cpu-shares**[=*0*]] 13 [**--cap-add**[=*[]*]] 14 [**--cap-drop**[=*[]*]] 15 [**--cidfile**[=*CIDFILE*]] 16 [**--cpu-period**[=*0*]] 17 [**--cpuset-cpus**[=*CPUSET-CPUS*]] 18 [**--cpuset-mems**[=*CPUSET-MEMS*]] 19 [**--cpu-quota**[=*0*]] 20 [**--device**[=*[]*]] 21 [**--dns-search**[=*[]*]] 22 [**--dns**[=*[]*]] 23 [**-e**|**--env**[=*[]*]] 24 [**--entrypoint**[=*ENTRYPOINT*]] 25 [**--env-file**[=*[]*]] 26 [**--expose**[=*[]*]] 27 [**-h**|**--hostname**[=*HOSTNAME*]] 28 [**--help**] 29 [**-i**|**--interactive**[=*false*]] 30 [**--ipc**[=*IPC*]] 31 [**-l**|**--label**[=*[]*]] 32 [**--label-file**[=*[]*]] 33 [**--link**[=*[]*]] 34 [**--lxc-conf**[=*[]*]] 35 [**--log-driver**[=*[]*]] 36 [**--log-opt**[=*[]*]] 37 [**-m**|**--memory**[=*MEMORY*]] 38 [**--memory-swap**[=*MEMORY-SWAP*]] 39 [**--mac-address**[=*MAC-ADDRESS*]] 40 [**--name**[=*NAME*]] 41 [**--net**[=*"bridge"*]] 42 [**--oom-kill-disable**[=*false*]] 43 [**-P**|**--publish-all**[=*false*]] 44 [**-p**|**--publish**[=*[]*]] 45 [**--pid**[=*[]*]] 46 [**--uts**[=*[]*]] 47 [**--privileged**[=*false*]] 48 [**--read-only**[=*false*]] 49 [**--restart**[=*RESTART*]] 50 [**--security-opt**[=*[]*]] 51 [**-t**|**--tty**[=*false*]] 52 [**-u**|**--user**[=*USER*]] 53 [**-v**|**--volume**[=*[]*]] 54 [**--volumes-from**[=*[]*]] 55 [**-w**|**--workdir**[=*WORKDIR*]] 56 [**--cgroup-parent**[=*CGROUP-PATH*]] 57 IMAGE [COMMAND] [ARG...] 58 59 # DESCRIPTION 60 61 Creates a writeable container layer over the specified image and prepares it for 62 running the specified command. The container ID is then printed to STDOUT. This 63 is similar to **docker run -d** except the container is never started. You can 64 then use the **docker start <container_id>** command to start the container at 65 any point. 66 67 The initial status of the container created with **docker create** is 'created'. 68 69 # OPTIONS 70 **-a**, **--attach**=[] 71 Attach to STDIN, STDOUT or STDERR. 72 73 **--add-host**=[] 74 Add a custom host-to-IP mapping (host:ip) 75 76 **--blkio-weight**=0 77 Block IO weight (relative weight) accepts a weight value between 10 and 1000. 78 79 **-c**, **--cpu-shares**=0 80 CPU shares (relative weight) 81 82 **--cap-add**=[] 83 Add Linux capabilities 84 85 **--cap-drop**=[] 86 Drop Linux capabilities 87 88 **--cidfile**="" 89 Write the container ID to the file 90 91 **--cgroup-parent**="" 92 Path to cgroups under which the cgroup for the container will be created. If the path is not absolute, the path is considered to be relative to the cgroups path of the init process. Cgroups will be created if they do not already exist. 93 94 **--cpu-period**=0 95 Limit the CPU CFS (Completely Fair Scheduler) period 96 97 **--cpuset-cpus**="" 98 CPUs in which to allow execution (0-3, 0,1) 99 100 **--cpuset-mems**="" 101 Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effective on NUMA systems. 102 103 If you have four memory nodes on your system (0-3), use `--cpuset-mems=0,1` 104 then processes in your Docker container will only use memory from the first 105 two memory nodes. 106 107 **-cpu-quota**=0 108 Limit the CPU CFS (Completely Fair Scheduler) quota 109 110 **--device**=[] 111 Add a host device to the container (e.g. --device=/dev/sdc:/dev/xvdc:rwm) 112 113 **--dns-search**=[] 114 Set custom DNS search domains (Use --dns-search=. if you don't wish to set the search domain) 115 116 **--dns**=[] 117 Set custom DNS servers 118 119 **-e**, **--env**=[] 120 Set environment variables 121 122 **--entrypoint**="" 123 Overwrite the default ENTRYPOINT of the image 124 125 **--env-file**=[] 126 Read in a line delimited file of environment variables 127 128 **--expose**=[] 129 Expose a port or a range of ports (e.g. --expose=3300-3310) from the container without publishing it to your host 130 131 **-h**, **--hostname**="" 132 Container host name 133 134 **--help** 135 Print usage statement 136 137 **-i**, **--interactive**=*true*|*false* 138 Keep STDIN open even if not attached. The default is *false*. 139 140 **--ipc**="" 141 Default is to create a private IPC namespace (POSIX SysV IPC) for the container 142 'container:<name|id>': reuses another container shared memory, semaphores and message queues 143 'host': use the host shared memory,semaphores and message queues inside the container. Note: the host mode gives the container full access to local shared memory and is therefore considered insecure. 144 145 **-l**, **--label**=[] 146 Adds metadata to a container (e.g., --label=com.example.key=value) 147 148 **--label-file**=[] 149 Read labels from a file. Delimit each label with an EOL. 150 151 **--link**=[] 152 Add link to another container in the form of <name or id>:alias or just 153 <name or id> in which case the alias will match the name. 154 155 **--lxc-conf**=[] 156 (lxc exec-driver only) Add custom lxc options --lxc-conf="lxc.cgroup.cpuset.cpus = 0,1" 157 158 **--log-driver**="|*json-file*|*syslog*|*journald*|*gelf*|*fluentd*|*none*" 159 Logging driver for container. Default is defined by daemon `--log-driver` flag. 160 **Warning**: `docker logs` command works only for `json-file` logging driver. 161 162 **--log-opt**=[] 163 Logging driver specific options. 164 165 **-m**, **--memory**="" 166 Memory limit (format: <number><optional unit>, where unit = b, k, m or g) 167 168 Allows you to constrain the memory available to a container. If the host 169 supports swap memory, then the **-m** memory setting can be larger than physical 170 RAM. If a limit of 0 is specified (not using **-m**), the container's memory is 171 not limited. The actual limit may be rounded up to a multiple of the operating 172 system's page size (the value would be very large, that's millions of trillions). 173 174 **--memory-swap**="" 175 Total memory limit (memory + swap) 176 177 Set `-1` to disable swap (format: <number><optional unit>, where unit = b, k, m or g). 178 This value should always larger than **-m**, so you should always use this with **-m**. 179 180 **--mac-address**="" 181 Container MAC address (e.g. 92:d0:c6:0a:29:33) 182 183 **--name**="" 184 Assign a name to the container 185 186 **--net**="bridge" 187 Set the Network mode for the container 188 'bridge': creates a new network stack for the container on the docker bridge 189 'none': no networking for this container 190 'container:<name|id>': reuses another container network stack 191 'host': use the host network stack inside the container. Note: the host mode gives the container full access to local system services such as D-bus and is therefore considered insecure. 192 193 **--oom-kill-disable**=*true*|*false* 194 Whether to disable OOM Killer for the container or not. 195 196 **-P**, **--publish-all**=*true*|*false* 197 Publish all exposed ports to random ports on the host interfaces. The default is *false*. 198 199 **-p**, **--publish**=[] 200 Publish a container's port, or a range of ports, to the host 201 format: ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort | containerPort 202 Both hostPort and containerPort can be specified as a range of ports. 203 When specifying ranges for both, the number of container ports in the range must match the number of host ports in the range. (e.g., `-p 1234-1236:1234-1236/tcp`) 204 (use 'docker port' to see the actual mapping) 205 206 **--pid**=host 207 Set the PID mode for the container 208 **host**: use the host's PID namespace inside the container. 209 Note: the host mode gives the container full access to local PID and is therefore considered insecure. 210 211 **--uts**=host 212 Set the UTS mode for the container 213 **host**: use the host's UTS namespace inside the container. 214 Note: the host mode gives the container access to changing the host's hostname and is therefore considered insecure. 215 216 **--privileged**=*true*|*false* 217 Give extended privileges to this container. The default is *false*. 218 219 **--read-only**=*true*|*false* 220 Mount the container's root filesystem as read only. 221 222 **--restart**="no" 223 Restart policy to apply when a container exits (no, on-failure[:max-retry], always) 224 225 **--security-opt**=[] 226 Security Options 227 228 **-t**, **--tty**=*true*|*false* 229 Allocate a pseudo-TTY. The default is *false*. 230 231 **-u**, **--user**="" 232 Username or UID 233 234 **-v**, **--volume**=[] 235 Bind mount a volume (e.g., from the host: -v /host:/container, from Docker: -v /container) 236 237 **--volumes-from**=[] 238 Mount volumes from the specified container(s) 239 240 **-w**, **--workdir**="" 241 Working directory inside the container 242 243 # HISTORY 244 August 2014, updated by Sven Dowideit <SvenDowideit@home.org.au> 245 September 2014, updated by Sven Dowideit <SvenDowideit@home.org.au> 246 November 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>