github.com/shiroyuki/docker@v1.9.0/man/docker-create.1.md (about) 1 % DOCKER(1) Docker User Manuals 2 % Docker Community 3 % JUNE 2014 4 # NAME 5 docker-create - Create a new container 6 7 # SYNOPSIS 8 **docker create** 9 [**-a**|**--attach**[=*[]*]] 10 [**--add-host**[=*[]*]] 11 [**--blkio-weight**[=*[BLKIO-WEIGHT]*]] 12 [**--cpu-shares**[=*0*]] 13 [**--cap-add**[=*[]*]] 14 [**--cap-drop**[=*[]*]] 15 [**--cgroup-parent**[=*CGROUP-PATH*]] 16 [**--cidfile**[=*CIDFILE*]] 17 [**--cpu-period**[=*0*]] 18 [**--cpu-quota**[=*0*]] 19 [**--cpuset-cpus**[=*CPUSET-CPUS*]] 20 [**--cpuset-mems**[=*CPUSET-MEMS*]] 21 [**--device**[=*[]*]] 22 [**--dns**[=*[]*]] 23 [**--dns-search**[=*[]*]] 24 [**--dns-opt**[=*[]*]] 25 [**-e**|**--env**[=*[]*]] 26 [**--entrypoint**[=*ENTRYPOINT*]] 27 [**--env-file**[=*[]*]] 28 [**--expose**[=*[]*]] 29 [**--group-add**[=*[]*]] 30 [**-h**|**--hostname**[=*HOSTNAME*]] 31 [**--help**] 32 [**-i**|**--interactive**[=*false*]] 33 [**--ipc**[=*IPC*]] 34 [**--kernel-memory**[=*KERNEL-MEMORY*]] 35 [**-l**|**--label**[=*[]*]] 36 [**--label-file**[=*[]*]] 37 [**--link**[=*[]*]] 38 [**--log-driver**[=*[]*]] 39 [**--log-opt**[=*[]*]] 40 [**--lxc-conf**[=*[]*]] 41 [**-m**|**--memory**[=*MEMORY*]] 42 [**--mac-address**[=*MAC-ADDRESS*]] 43 [**--memory-reservation**[=*MEMORY-RESERVATION*]] 44 [**--memory-swap**[=*MEMORY-SWAP*]] 45 [**--memory-swappiness**[=*MEMORY-SWAPPINESS*]] 46 [**--name**[=*NAME*]] 47 [**--net**[=*"bridge"*]] 48 [**--oom-kill-disable**[=*false*]] 49 [**-P**|**--publish-all**[=*false*]] 50 [**-p**|**--publish**[=*[]*]] 51 [**--pid**[=*[]*]] 52 [**--privileged**[=*false*]] 53 [**--read-only**[=*false*]] 54 [**--restart**[=*RESTART*]] 55 [**--security-opt**[=*[]*]] 56 [**--stop-signal**[=*SIGNAL*]] 57 [**-t**|**--tty**[=*false*]] 58 [**-u**|**--user**[=*USER*]] 59 [**--ulimit**[=*[]*]] 60 [**--uts**[=*[]*]] 61 [**-v**|**--volume**[=*[]*]] 62 [**--volumes-from**[=*[]*]] 63 [**-w**|**--workdir**[=*WORKDIR*]] 64 IMAGE [COMMAND] [ARG...] 65 66 # DESCRIPTION 67 68 Creates a writeable container layer over the specified image and prepares it for 69 running the specified command. The container ID is then printed to STDOUT. This 70 is similar to **docker run -d** except the container is never started. You can 71 then use the **docker start <container_id>** command to start the container at 72 any point. 73 74 The initial status of the container created with **docker create** is 'created'. 75 76 # OPTIONS 77 **-a**, **--attach**=[] 78 Attach to STDIN, STDOUT or STDERR. 79 80 **--add-host**=[] 81 Add a custom host-to-IP mapping (host:ip) 82 83 **--blkio-weight**=0 84 Block IO weight (relative weight) accepts a weight value between 10 and 1000. 85 86 **--cpu-shares**=0 87 CPU shares (relative weight) 88 89 **--cap-add**=[] 90 Add Linux capabilities 91 92 **--cap-drop**=[] 93 Drop Linux capabilities 94 95 **--cgroup-parent**="" 96 Path to cgroups under which the cgroup for the container will be created. If the path is not absolute, the path is considered to be relative to the cgroups path of the init process. Cgroups will be created if they do not already exist. 97 98 **--cidfile**="" 99 Write the container ID to the file 100 101 **--cpu-period**=0 102 Limit the CPU CFS (Completely Fair Scheduler) period 103 104 **--cpuset-cpus**="" 105 CPUs in which to allow execution (0-3, 0,1) 106 107 **--cpuset-mems**="" 108 Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effective on NUMA systems. 109 110 If you have four memory nodes on your system (0-3), use `--cpuset-mems=0,1` 111 then processes in your Docker container will only use memory from the first 112 two memory nodes. 113 114 **--cpu-quota**=0 115 Limit the CPU CFS (Completely Fair Scheduler) quota 116 117 **--device**=[] 118 Add a host device to the container (e.g. --device=/dev/sdc:/dev/xvdc:rwm) 119 120 **--dns**=[] 121 Set custom DNS servers 122 123 **--dns-opt**=[] 124 Set custom DNS options 125 126 **--dns-search**=[] 127 Set custom DNS search domains (Use --dns-search=. if you don't wish to set the search domain) 128 129 **-e**, **--env**=[] 130 Set environment variables 131 132 **--entrypoint**="" 133 Overwrite the default ENTRYPOINT of the image 134 135 **--env-file**=[] 136 Read in a line-delimited file of environment variables 137 138 **--expose**=[] 139 Expose a port or a range of ports (e.g. --expose=3300-3310) from the container without publishing it to your host 140 141 **--group-add**=[] 142 Add additional groups to run as 143 144 **-h**, **--hostname**="" 145 Container host name 146 147 **--help** 148 Print usage statement 149 150 **-i**, **--interactive**=*true*|*false* 151 Keep STDIN open even if not attached. The default is *false*. 152 153 **--ipc**="" 154 Default is to create a private IPC namespace (POSIX SysV IPC) for the container 155 'container:<name|id>': reuses another container shared memory, semaphores and message queues 156 'host': use the host shared memory,semaphores and message queues inside the container. Note: the host mode gives the container full access to local shared memory and is therefore considered insecure. 157 158 **--kernel-memory**="" 159 Kernel memory limit (format: `<number>[<unit>]`, where unit = b, k, m or g) 160 161 Constrains the kernel memory available to a container. If a limit of 0 162 is specified (not using `--kernel-memory`), the container's kernel memory 163 is not limited. If you specify a limit, it may be rounded up to a multiple 164 of the operating system's page size and the value can be very large, 165 millions of trillions. 166 167 **-l**, **--label**=[] 168 Adds metadata to a container (e.g., --label=com.example.key=value) 169 170 **--label-file**=[] 171 Read labels from a file. Delimit each label with an EOL. 172 173 **--link**=[] 174 Add link to another container in the form of <name or id>:alias or just 175 <name or id> in which case the alias will match the name. 176 177 **--log-driver**="|*json-file*|*syslog*|*journald*|*gelf*|*fluentd*|*awslogs*|*none*" 178 Logging driver for container. Default is defined by daemon `--log-driver` flag. 179 **Warning**: the `docker logs` command works only for the `json-file` and 180 `journald` logging drivers. 181 182 **--log-opt**=[] 183 Logging driver specific options. 184 185 **--lxc-conf**=[] 186 (lxc exec-driver only) Add custom lxc options --lxc-conf="lxc.cgroup.cpuset.cpus = 0,1" 187 188 **-m**, **--memory**="" 189 Memory limit (format: <number>[<unit>], where unit = b, k, m or g) 190 191 Allows you to constrain the memory available to a container. If the host 192 supports swap memory, then the **-m** memory setting can be larger than physical 193 RAM. If a limit of 0 is specified (not using **-m**), the container's memory is 194 not limited. The actual limit may be rounded up to a multiple of the operating 195 system's page size (the value would be very large, that's millions of trillions). 196 197 **--mac-address**="" 198 Container MAC address (e.g. 92:d0:c6:0a:29:33) 199 200 **--memory-reservation**="" 201 Memory soft limit (format: <number>[<unit>], where unit = b, k, m or g) 202 203 After setting memory reservation, when the system detects memory contention 204 or low memory, containers are forced to restrict their consumption to their 205 reservation. So you should always set the value below **--memory**, otherwise the 206 hard limit will take precedence. By default, memory reservation will be the same 207 as memory limit. 208 209 **--memory-swap**="" 210 Total memory limit (memory + swap) 211 212 Set `-1` to disable swap (format: <number>[<unit>], where unit = b, k, m or g). 213 This value should always larger than **-m**, so you should always use this with **-m**. 214 215 **--memory-swappiness**="" 216 Tune a container's memory swappiness behavior. Accepts an integer between 0 and 100. 217 218 **--name**="" 219 Assign a name to the container 220 221 **--net**="bridge" 222 Set the Network mode for the container 223 'bridge': creates a new network stack for the container on the docker bridge 224 'none': no networking for this container 225 'container:<name|id>': reuses another container network stack 226 'host': use the host network stack inside the container. Note: the host mode gives the container full access to local system services such as D-bus and is therefore considered insecure. 227 228 **--oom-kill-disable**=*true*|*false* 229 Whether to disable OOM Killer for the container or not. 230 231 **-P**, **--publish-all**=*true*|*false* 232 Publish all exposed ports to random ports on the host interfaces. The default is *false*. 233 234 **-p**, **--publish**=[] 235 Publish a container's port, or a range of ports, to the host 236 format: ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort | containerPort 237 Both hostPort and containerPort can be specified as a range of ports. 238 When specifying ranges for both, the number of container ports in the range must match the number of host ports in the range. (e.g., `-p 1234-1236:1234-1236/tcp`) 239 (use 'docker port' to see the actual mapping) 240 241 **--pid**=host 242 Set the PID mode for the container 243 **host**: use the host's PID namespace inside the container. 244 Note: the host mode gives the container full access to local PID and is therefore considered insecure. 245 246 **--privileged**=*true*|*false* 247 Give extended privileges to this container. The default is *false*. 248 249 **--read-only**=*true*|*false* 250 Mount the container's root filesystem as read only. 251 252 **--restart**="no" 253 Restart policy to apply when a container exits (no, on-failure[:max-retry], always, unless-stopped). 254 255 **--security-opt**=[] 256 Security Options 257 258 **--stop-signal**=SIGTERM 259 Signal to stop a container. Default is SIGTERM. 260 261 **-t**, **--tty**=*true*|*false* 262 Allocate a pseudo-TTY. The default is *false*. 263 264 **-u**, **--user**="" 265 Username or UID 266 267 **--ulimit**=[] 268 Ulimit options 269 270 **--uts**=host 271 Set the UTS mode for the container 272 **host**: use the host's UTS namespace inside the container. 273 Note: the host mode gives the container access to changing the host's hostname and is therefore considered insecure. 274 275 **-v**, **--volume**=[] 276 Bind mount a volume (e.g., from the host: -v /host:/container, from Docker: -v /container) 277 278 **--volumes-from**=[] 279 Mount volumes from the specified container(s) 280 281 **-w**, **--workdir**="" 282 Working directory inside the container 283 284 # HISTORY 285 August 2014, updated by Sven Dowideit <SvenDowideit@home.org.au> 286 September 2014, updated by Sven Dowideit <SvenDowideit@home.org.au> 287 November 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>