Docker Images - The Commands

A quick overview of the commands we’ve seen in this chapter for working with Docker images.

We'll cover the following

The summary of Docker image commands

Let’s remind ourselves of some of the commands we’ve used.

  • docker pull is the command to download images from remote registries. It defaults to Docker Hub but works with other registries. The following command will pull the image tagged as latest from the alpine repository on Docker Hub: docker pull alpine:latest.

  • docker images lists all of the images in our Docker host’s local repository (image cache). We can add the --digests flag to see the SHA256 hashes.

  • docker inspect gives us a wealth of image-related metadata in a nicely formatted view.

  • docker manifest inspect lets us inspect the manifest list of images stored in registries. The following command will show the manifest list for the regctl image on GitHub Container Registry (GHCR): docker manifest inspect ghcr.io/regclient/regctl.

  • docker buildx is a Docker CLI plugin that works with Docker’s latest build engine features. We saw how to use the imagetools sub-command to query manifest-related data from images.

  • docker scout is a Docker CLI plugin that integrates with the Docker Scout backend to perform image vulnerability scanning. It scans images, provides reports on vulnerabilities, and even suggests remediation actions.

  • docker rmi is the command to delete images. It deletes all layer data stored in the local filesystem, and we cannot delete images associated with containers in the running (Up) or stopped (Exited) states.

Get hands-on with 1400+ tech skills courses.