github.com/mheon/docker@v0.11.2-0.20150922122814-44f47903a831/man/docker-create.1.md (about) 1 % DOCKER(1) Docker User Manuals 2 % Docker Community 3 % JUNE 2014 4 # NAME 5 docker-create - Create a new container 6 7 # SYNOPSIS 8 **docker create** 9 [**-a**|**--attach**[=*[]*]] 10 [**--add-host**[=*[]*]] 11 [**--blkio-weight**[=*[BLKIO-WEIGHT]*]] 12 [**-c**|**--cpu-shares**[=*0*]] 13 [**--cap-add**[=*[]*]] 14 [**--cap-drop**[=*[]*]] 15 [**--cgroup-parent**[=*CGROUP-PATH*]] 16 [**--cidfile**[=*CIDFILE*]] 17 [**--cpu-period**[=*0*]] 18 [**--cpu-quota**[=*0*]] 19 [**--cpuset-cpus**[=*CPUSET-CPUS*]] 20 [**--cpuset-mems**[=*CPUSET-MEMS*]] 21 [**--device**[=*[]*]] 22 [**--dns**[=*[]*]] 23 [**--dns-search**[=*[]*]] 24 [**--dns-opt**[=*[]*]] 25 [**-e**|**--env**[=*[]*]] 26 [**--entrypoint**[=*ENTRYPOINT*]] 27 [**--env-file**[=*[]*]] 28 [**--expose**[=*[]*]] 29 [**--group-add**[=*[]*]] 30 [**-h**|**--hostname**[=*HOSTNAME*]] 31 [**--help**] 32 [**-i**|**--interactive**[=*false*]] 33 [**--ipc**[=*IPC*]] 34 [**--kernel-memory**[=*KERNEL-MEMORY*]] 35 [**-l**|**--label**[=*[]*]] 36 [**--label-file**[=*[]*]] 37 [**--link**[=*[]*]] 38 [**--log-driver**[=*[]*]] 39 [**--log-opt**[=*[]*]] 40 [**--lxc-conf**[=*[]*]] 41 [**-m**|**--memory**[=*MEMORY*]] 42 [**--mac-address**[=*MAC-ADDRESS*]] 43 [**--memory-swap**[=*MEMORY-SWAP*]] 44 [**--memory-swappiness**[=*MEMORY-SWAPPINESS*]] 45 [**--name**[=*NAME*]] 46 [**--net**[=*"bridge"*]] 47 [**--oom-kill-disable**[=*false*]] 48 [**-P**|**--publish-all**[=*false*]] 49 [**-p**|**--publish**[=*[]*]] 50 [**--pid**[=*[]*]] 51 [**--privileged**[=*false*]] 52 [**--read-only**[=*false*]] 53 [**--restart**[=*RESTART*]] 54 [**--security-opt**[=*[]*]] 55 [**--stop-signal**[=*SIGNAL*]] 56 [**-t**|**--tty**[=*false*]] 57 [**-u**|**--user**[=*USER*]] 58 [**--ulimit**[=*[]*]] 59 [**--uts**[=*[]*]] 60 [**-v**|**--volume**[=*[]*]] 61 [**--volumes-from**[=*[]*]] 62 [**-w**|**--workdir**[=*WORKDIR*]] 63 IMAGE [COMMAND] [ARG...] 64 65 # DESCRIPTION 66 67 Creates a writeable container layer over the specified image and prepares it for 68 running the specified command. The container ID is then printed to STDOUT. This 69 is similar to **docker run -d** except the container is never started. You can 70 then use the **docker start <container_id>** command to start the container at 71 any point. 72 73 The initial status of the container created with **docker create** is 'created'. 74 75 # OPTIONS 76 **-a**, **--attach**=[] 77 Attach to STDIN, STDOUT or STDERR. 78 79 **--add-host**=[] 80 Add a custom host-to-IP mapping (host:ip) 81 82 **--blkio-weight**=0 83 Block IO weight (relative weight) accepts a weight value between 10 and 1000. 84 85 **-c**, **--cpu-shares**=0 86 CPU shares (relative weight) 87 88 **--cap-add**=[] 89 Add Linux capabilities 90 91 **--cap-drop**=[] 92 Drop Linux capabilities 93 94 **--cgroup-parent**="" 95 Path to cgroups under which the cgroup for the container will be created. If the path is not absolute, the path is considered to be relative to the cgroups path of the init process. Cgroups will be created if they do not already exist. 96 97 **--cidfile**="" 98 Write the container ID to the file 99 100 **--cpu-period**=0 101 Limit the CPU CFS (Completely Fair Scheduler) period 102 103 **--cpuset-cpus**="" 104 CPUs in which to allow execution (0-3, 0,1) 105 106 **--cpuset-mems**="" 107 Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effective on NUMA systems. 108 109 If you have four memory nodes on your system (0-3), use `--cpuset-mems=0,1` 110 then processes in your Docker container will only use memory from the first 111 two memory nodes. 112 113 **--cpu-quota**=0 114 Limit the CPU CFS (Completely Fair Scheduler) quota 115 116 **--device**=[] 117 Add a host device to the container (e.g. --device=/dev/sdc:/dev/xvdc:rwm) 118 119 **--dns**=[] 120 Set custom DNS servers 121 122 **--dns-opt**=[] 123 Set custom DNS options 124 125 **--dns-search**=[] 126 Set custom DNS search domains (Use --dns-search=. if you don't wish to set the search domain) 127 128 **-e**, **--env**=[] 129 Set environment variables 130 131 **--entrypoint**="" 132 Overwrite the default ENTRYPOINT of the image 133 134 **--env-file**=[] 135 Read in a line-delimited file of environment variables 136 137 **--expose**=[] 138 Expose a port or a range of ports (e.g. --expose=3300-3310) from the container without publishing it to your host 139 140 **--group-add**=[] 141 Add additional groups to run as 142 143 **-h**, **--hostname**="" 144 Container host name 145 146 **--help** 147 Print usage statement 148 149 **-i**, **--interactive**=*true*|*false* 150 Keep STDIN open even if not attached. The default is *false*. 151 152 **--ipc**="" 153 Default is to create a private IPC namespace (POSIX SysV IPC) for the container 154 'container:<name|id>': reuses another container shared memory, semaphores and message queues 155 'host': use the host shared memory,semaphores and message queues inside the container. Note: the host mode gives the container full access to local shared memory and is therefore considered insecure. 156 157 **--kernel-memory**="" 158 Kernel memory limit (format: `<number>[<unit>]`, where unit = b, k, m or g) 159 160 Constrains the kernel memory available to a container. If a limit of 0 161 is specified (not using `--kernel-memory`), the container's kernel memory 162 is not limited. If you specify a limit, it may be rounded up to a multiple 163 of the operating system's page size and the value can be very large, 164 millions of trillions. 165 166 **-l**, **--label**=[] 167 Adds metadata to a container (e.g., --label=com.example.key=value) 168 169 **--label-file**=[] 170 Read labels from a file. Delimit each label with an EOL. 171 172 **--link**=[] 173 Add link to another container in the form of <name or id>:alias or just 174 <name or id> in which case the alias will match the name. 175 176 **--log-driver**="|*json-file*|*syslog*|*journald*|*gelf*|*fluentd*|*awslogs*|*none*" 177 Logging driver for container. Default is defined by daemon `--log-driver` flag. 178 **Warning**: the `docker logs` command works only for the `json-file` and 179 `journald` logging drivers. 180 181 **--log-opt**=[] 182 Logging driver specific options. 183 184 **--lxc-conf**=[] 185 (lxc exec-driver only) Add custom lxc options --lxc-conf="lxc.cgroup.cpuset.cpus = 0,1" 186 187 **-m**, **--memory**="" 188 Memory limit (format: <number>[<unit>], where unit = b, k, m or g) 189 190 Allows you to constrain the memory available to a container. If the host 191 supports swap memory, then the **-m** memory setting can be larger than physical 192 RAM. If a limit of 0 is specified (not using **-m**), the container's memory is 193 not limited. The actual limit may be rounded up to a multiple of the operating 194 system's page size (the value would be very large, that's millions of trillions). 195 196 **--mac-address**="" 197 Container MAC address (e.g. 92:d0:c6:0a:29:33) 198 199 **--memory-swap**="" 200 Total memory limit (memory + swap) 201 202 Set `-1` to disable swap (format: <number>[<unit>], where unit = b, k, m or g). 203 This value should always larger than **-m**, so you should always use this with **-m**. 204 205 **--memory-swappiness**="" 206 Tune a container's memory swappiness behavior. Accepts an integer between 0 and 100. 207 208 **--name**="" 209 Assign a name to the container 210 211 **--net**="bridge" 212 Set the Network mode for the container 213 'bridge': creates a new network stack for the container on the docker bridge 214 'none': no networking for this container 215 'container:<name|id>': reuses another container network stack 216 'host': use the host network stack inside the container. Note: the host mode gives the container full access to local system services such as D-bus and is therefore considered insecure. 217 218 **--oom-kill-disable**=*true*|*false* 219 Whether to disable OOM Killer for the container or not. 220 221 **-P**, **--publish-all**=*true*|*false* 222 Publish all exposed ports to random ports on the host interfaces. The default is *false*. 223 224 **-p**, **--publish**=[] 225 Publish a container's port, or a range of ports, to the host 226 format: ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort | containerPort 227 Both hostPort and containerPort can be specified as a range of ports. 228 When specifying ranges for both, the number of container ports in the range must match the number of host ports in the range. (e.g., `-p 1234-1236:1234-1236/tcp`) 229 (use 'docker port' to see the actual mapping) 230 231 **--pid**=host 232 Set the PID mode for the container 233 **host**: use the host's PID namespace inside the container. 234 Note: the host mode gives the container full access to local PID and is therefore considered insecure. 235 236 **--privileged**=*true*|*false* 237 Give extended privileges to this container. The default is *false*. 238 239 **--read-only**=*true*|*false* 240 Mount the container's root filesystem as read only. 241 242 **--restart**="no" 243 Restart policy to apply when a container exits (no, on-failure[:max-retry], always, unless-stopped). 244 245 **--security-opt**=[] 246 Security Options 247 248 **--stop-signal**=SIGTERM 249 Signal to stop a container. Default is SIGTERM. 250 251 **-t**, **--tty**=*true*|*false* 252 Allocate a pseudo-TTY. The default is *false*. 253 254 **-u**, **--user**="" 255 Username or UID 256 257 **--ulimit**=[] 258 Ulimit options 259 260 **--uts**=host 261 Set the UTS mode for the container 262 **host**: use the host's UTS namespace inside the container. 263 Note: the host mode gives the container access to changing the host's hostname and is therefore considered insecure. 264 265 **-v**, **--volume**=[] 266 Bind mount a volume (e.g., from the host: -v /host:/container, from Docker: -v /container) 267 268 **--volumes-from**=[] 269 Mount volumes from the specified container(s) 270 271 **-w**, **--workdir**="" 272 Working directory inside the container 273 274 # HISTORY 275 August 2014, updated by Sven Dowideit <SvenDowideit@home.org.au> 276 September 2014, updated by Sven Dowideit <SvenDowideit@home.org.au> 277 November 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>