Docker Config Reference (docker system / docker tag / docker top)
We go over numerous examples of using docker system / docker tag and docker top!
Docker System Command
The docker system command provides utilities for managing Docker's system-wide resources and information, including disk usage, pruning unused data, viewing events, and retrieving system details. It is particularly useful for maintenance, monitoring, and optimization in both single-host and Swarm environments.
docker system df
docker system df
This command displays a detailed breakdown of Docker's disk usage, categorizing consumption by images, containers, volumes, and build cache. It reports sizes in a human-readable format, enabling administrators to identify resource-heavy components and plan cleanup operations to reclaim storage space efficiently.
c@parrot 192.168.1.65 [~] $ docker system df
TYPE TOTAL ACTIVE SIZE RECLAIMABLE
Images 4 1 159.6MB 158.6MB (99%)
Containers 1 0 923.8kB 923.8kB (100%)
Local Volumes 1 0 0B 0B
Build Cache 27 0 54.11MB 13.73MB
docker system prune
docker system prune
This command removes all unused Docker objects, including stopped containers, dangling images, unused networks, and build cache, but prompts for confirmation. It helps in freeing significant disk space by eliminating orphaned resources, which is essential for maintaining system performance in long-running environments.
c@parrot 192.168.1.65 [~] $ docker system prune
WARNING! This will remove:
- all stopped containers
- all networks not used by at least one container
- all dangling images
- unused build cache
Are you sure you want to continue? [y/N] y
Deleted Containers:
691418f4aafc6a8426821d782a82c49da75a0e143c80850f7ec32193993e4088
Deleted Images:
deleted: sha256:6e37a4e83882e7bb40edc9bc58aaa08689b00ba7c2787e27e934a1a0b5475cc2
deleted: sha256:7a9dd99cd9088614fe6722c003a30ab1c9fbd9ad8b6261c2abdbfb779c97faa1
Deleted build cache objects:
2y6tzdbd5erp7owq59uic9j41
kel4fdrq7k4j4kkj83rptk8ko
v1abcoxqj3bzk4bvkejb5vko3
1xsh9arb3ui2ld56cyc1rtul8
hhmx0ltpaguir0k03275l2sax
1ep93n1qrcl6x3mxhety1za0j
8p5qswvw7tj97c52q2jviizzh
s9a2262s91s4iz6zoaivyx2vt
tpcijvpph5r5x82h72jlb32gv
q6aiy323d1f9dslaqapv8gdkc
pbm91bi6afap26flrucdbti51
8q2dyk4lbyr2br9c6kbmpl5vr
ibj95160wn7nfkr1mmwf5uw4z
w913cj58f5fp1rz20i7mo2jll
uvnu1zcy3sf4hgcro4df7xkrw
oygo9p3sanms2crtry520bwq5
gv3ujc8i49ydsoljimzfezi8h
Total reclaimed space: 15.65MB
docker system prune --all
With the --all flag, this command extends pruning to include all unused images (not just dangling ones), in addition to containers, networks, and volumes. It provides a more thorough cleanup, ideal for resetting development environments while requiring caution to avoid removing referenced resources.
docker system prune --volumes
This command specifically prunes unused volumes in addition to default objects like containers and images. It targets persistent storage cleanup, which is critical for preventing disk exhaustion in applications with high data turnover.
docker system info
docker system info
This command outputs comprehensive information about the Docker installation, including server version, operating system, kernel details, storage driver, and Swarm status. It serves as a diagnostic tool for verifying configurations, compatibility, and runtime environment specifics during troubleshooting or audits.
docker system info --format "{{json .}}"
With the --format flag using a JSON template, this command outputs system information in structured JSON format. It enables programmatic parsing for integration with monitoring tools or scripts, providing detailed, machine-readable data on Docker's configuration and status.
- Example output:
c@parrot 192.168.1.65 [~] $ docker system info
Client: Docker Engine - Community
Version: 29.1.3
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.30.1
Path: /usr/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v5.0.0
Path: /usr/libexec/docker/cli-plugins/docker-compose
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 2
Server Version: 29.1.3
Storage Driver: overlay2
Backing Filesystem: btrfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
CDI spec directories:
/etc/cdi
/var/run/cdi
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: dea7da592f5d1d2b7755e3a161be07f43fad8f75
runc version: v1.3.4-0-gd6d73eb8
init version: de40ad0
Security Options:
apparmor
seccomp
Profile: builtin
cgroupns
Kernel Version: 6.12.32-amd64
Operating System: Parrot Security 6.4 (lorikeet)
OSType: linux
Architecture: x86_64
CPUs: 16
Total Memory: 15.05GiB
Name: parrot
ID: 00aa35fd-7394-4707-80f6-f4912155e2e3
Docker Root Dir: /var/lib/docker
Debug Mode: false
Experimental: false
Insecure Registries:
::1/128
127.0.0.0/8
Live Restore Enabled: false
Firewall Backend: iptables
docker system events
docker system events
This command streams real-time events from the Docker daemon, such as container starts, stops, or image pulls, in a continuous log format. It facilitates monitoring system activity, which is valuable for logging integrations or detecting anomalies in operational workflows.
docker system df
docker system df --verbose
Using the --verbose flag, this command provides an extended disk usage report, including breakdowns per image, container, or volume. It offers granular insights into space allocation, assisting in pinpointing specific items for targeted removal or optimization.
c@parrot 192.168.1.65 [~] $ docker system df --verbose
Images space usage:
REPOSITORY TAG IMAGE ID CREATED SIZE SHARED SIZE UNIQUE SIZE CONTAINERS
ad_server latest e9452c8abf25 7 weeks ago 159MB 0B 158.6MB 0
hello-world latest 1b44b5a3e06a 4 months ago 10.1kB 0B 10.07kB 0
Containers space usage:
CONTAINER ID IMAGE COMMAND LOCAL VOLUMES SIZE CREATED STATUS NAMES
Local Volumes space usage:
VOLUME NAME LINKS SIZE
vol1 0 0B
Build cache usage: 39.38MB
CACHE ID CACHE TYPE SIZE CREATED LAST USED USAGE SHARED
1g4s9qg0lmay regular 0B 7 weeks ago 7 weeks ago 1 true
uxhti6suv0ur regular 0B 7 weeks ago 7 weeks ago 1 true
0qnyrxjyxoyx regular 0B 7 weeks ago 7 weeks ago 1 true
b0rvw3q0wlwk regular 0B 7 weeks ago 7 weeks ago 1 true
i5uu1vlc2d8l regular 0B 7 weeks ago 7 weeks ago 2 true
xx3tyx6f7fz2 regular 52B 7 weeks ago 7 weeks ago 1 true
dnhfvbk1s107 regular 11.2kB 7 weeks ago 7 weeks ago 1 true
g6mkeg6p690t regular 8.87kB 7 weeks ago 7 weeks ago 1 true
ypxpvyrk9i32 regular 482kB 7 weeks ago 7 weeks ago 7 true
cah09upq4kjb regular 38.9MB 7 weeks ago 7 weeks ago 3 true
docker system events
docker system events --filter type=container
This command streams events filtered to only container-related activities, such as create, start, or die events. It narrows monitoring to specific subsystems, enhancing efficiency in large-scale deployments where focused logging is required.
It should be noted that initially it will not show anything, as actions come into containers it will give detailed information. For instance we setup docker system events and then restarted a container - it produced the following:
c@parrot 192.168.1.65 [~] $ docker system events
2026-01-01T20:21:58.061772748-05:00 container kill 724c234b22d009a6751689cb80972c229170b6d76a2b09c9805fddaaa3a08449 (image=ubuntu, name=competent_torvalds, org.opencontainers.image.ref.name=ubuntu, org.opencontainers.image.version=24.04, signal=15)
2026-01-01T20:22:08.087168108-05:00 container kill 724c234b22d009a6751689cb80972c229170b6d76a2b09c9805fddaaa3a08449 (image=ubuntu, name=competent_torvalds, org.opencontainers.image.ref.name=ubuntu, org.opencontainers.image.version=24.04, signal=9)
2026-01-01T20:22:08.283703978-05:00 network disconnect e9a55d00c05a6388e1a1df6b2980a7f384dab9479344f099cd0a2c830190e34c (container=724c234b22d009a6751689cb80972c229170b6d76a2b09c9805fddaaa3a08449, name=bridge, type=bridge)
2026-01-01T20:22:08.284019875-05:00 container stop 724c234b22d009a6751689cb80972c229170b6d76a2b09c9805fddaaa3a08449 (image=ubuntu, name=competent_torvalds, org.opencontainers.image.ref.name=ubuntu, org.opencontainers.image.version=24.04)
2026-01-01T20:22:08.286276208-05:00 container die 724c234b22d009a6751689cb80972c229170b6d76a2b09c9805fddaaa3a08449 (execDuration=492, exitCode=137, image=ubuntu, name=competent_torvalds, org.opencontainers.image.ref.name=ubuntu, org.opencontainers.image.version=24.04)
2026-01-01T20:22:08.429126857-05:00 network connect e9a55d00c05a6388e1a1df6b2980a7f384dab9479344f099cd0a2c830190e34c (container=724c234b22d009a6751689cb80972c229170b6d76a2b09c9805fddaaa3a08449, name=bridge, type=bridge)
2026-01-01T20:22:08.440129847-05:00 container start 724c234b22d009a6751689cb80972c229170b6d76a2b09c9805fddaaa3a08449 (image=ubuntu, name=competent_torvalds, org.opencontainers.image.ref.name=ubuntu, org.opencontainers.image.version=24.04)
2026-01-01T20:22:08.440186140-05:00 container restart 724c234b22d009a6751689cb80972c229170b6d76a2b09c9805fddaaa3a08449 (image=ubuntu, name=competent_torvalds, org.opencontainers.image.ref.name=ubuntu, org.opencontainers.image.version=24.04)
docker tag
The docker tag command assigns a new reference (name and tag) to an existing image, allowing for versioning, repository organization, or preparation for pushing to registries. It does not create a new image but adds an alias, facilitating image management without duplication.
docker tag nginx:latest myrepo/nginx:v1.0
This command tags the existing "nginx:latest" image with a new reference "myrepo/nginx:v1.0". It prepares the image for pushing to a custom repository, enabling version-specific deployments while maintaining the original tag for reference.
We show an example here of how when we tag a image, it effectively adds a second reference to it:
c@parrot 192.168.1.65 [~] $ docker image ls
i Info → U In Use
IMAGE ID DISK USAGE CONTENT SIZE EXTRA
ad_server:latest e9452c8abf25 159MB 0B
hello-world:latest 1b44b5a3e06a 10.1kB 0B
c@parrot 192.168.1.65 [~] $ docker tag hello-world:latest bob:latest
c@parrot 192.168.1.65 [~] $ docker image ls
i Info → U In Use
IMAGE ID DISK USAGE CONTENT SIZE EXTRA
ad_server:latest e9452c8abf25 159MB 0B
bob:latest 1b44b5a3e06a 10.1kB 0B
hello-world:latest 1b44b5a3e06a 10.1kB 0B
docker tag ubuntu:20.04 ubuntu:focal
This command assigns an additional tag "ubuntu:focal" to the "ubuntu:20.04" image. It creates a human-readable alias for the LTS version, simplifying selection in build scripts or deployments without altering the image content.
docker tag mysql:8.0 registry.example.com/db/mysql:prod
This command tags "mysql:8.0" with "registry.example.com/db/mysql:prod" for a private registry. It organizes images for enterprise distribution, ensuring the production-ready database image is distinctly referenced.
docker tag golang:1.21 mygolang:dev
This command tags "golang:1.21" as "mygolang:dev". It customizes naming for development workflows, allowing easy switching between toolchains without pulling new images.
docker tag redis:latest redis:stable
This command adds the tag "redis:stable" to "redis:latest". It denotes a reliable version for caching services, supporting rollback strategies in production environments.
docker tag alpine:3.18 base/alpine:latest
This command tags "alpine:3.18" with "base/alpine:latest". It categorizes the lightweight base image under a namespace, facilitating organized use in multi-stage builds.
docker tag busybox busybox:test
This command tags the "busybox" image (default latest) as "busybox:test". It prepares a utility image for testing scenarios, allowing isolated experimentation without affecting the primary reference.
docker tag customimage:1.0 customimage:1.0.1
This command adds a patch tag "1.0.1" to "customimage:1.0". It supports semantic versioning for custom-built images, enabling precise updates in release cycles.
docker tag registry.example.com/app:dev registry.example.com/app:staging
This command tags a development image for staging in a private registry. It promotes images through environments, maintaining traceability in CI/CD pipelines.
docker tag hello-world example/hello:demo
This command tags "hello-world" as "example/hello:demo". It creates a demonstration reference for educational or verification purposes, without modifying the minimal test image.
Examples of the Docker Top Command
The docker top command displays the running processes within a specified container, similar to the Unix top utility but focused on container internals. It lists process IDs, users, CPU usage, memory, and commands, aiding in performance monitoring and debugging.
docker top mycontainer
This command lists the top processes in the running "mycontainer", showing PID, user, CPU, memory, and command details. It provides a snapshot of resource utilization, useful for identifying high-consumption processes
c@parrot 192.168.1.65 [~] $ docker image ls
i Info → U In Use
IMAGE ID DISK USAGE CONTENT SIZE EXTRA
ad_server:latest e9452c8abf25 159MB 0B
hello-world:latest 1b44b5a3e06a 10.1kB 0B
c@parrot 192.168.1.65 [~] $ docker tag hello-world:latest bob:latest
c@parrot 192.168.1.65 [~] $ docker image ls
i Info → U In Use
IMAGE ID DISK USAGE CONTENT SIZE EXTRA
ad_server:latest e9452c8abf25 159MB 0B
bob:latest 1b44b5a3e06a 10.1kB 0B
hello-world:latest 1b44b5a3e06a 10.1kB 0B
docker top dbcontainer aux
This command runs top with the "aux" ps option in "dbcontainer", displaying processes sorted by memory usage. It helps diagnose memory leaks or intensive queries in database containers.
For an example we have a ubuntu container that is 'tail -f /dev/null' to keep itself alive, when we inspect it we get:
c@parrot 192.168.1.65 [~] $ docker top competent_torvalds aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 27340 0.0 0.0 2728 1516 ? Ss 20:13 0:00 tail -f /dev/null
docker top webapp -o pid,cmd
Using the -o flag to select PID and command columns, this command lists processes in "webapp". It customizes output for focused analysis, such as verifying running services.
docker top workercontainer
This command displays top processes in "workercontainer". It monitors background tasks, ensuring efficient operation in queue or batch processing setups.
docker top cachecontainer auxww
This command uses "auxww" to show full command lines in "cachecontainer". It reveals detailed arguments, aiding in configuration verification for caching services.
c@parrot 192.168.1.65 [~] $ docker top competent_torvalds auxww
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 27340 0.0 0.0 2728 1516 ? Ss 20:13 0:00 tail -f /dev/null
docker top apiservice -o pid,%cpu,%mem
This command lists PID, CPU percentage, and memory percentage for processes in "apiservice". It focuses on performance metrics, supporting optimization in API endpoints
When this command is exampled you will see it as:
c@parrot 192.168.1.65 [~] $ docker top competent_torvalds -o pid,%cpu,%mem
PID %CPU %MEM
27340 0.0 0.0