1# create
2
3<!---MARKER_GEN_START-->
4Create a new container
5
6### Aliases
7
8`docker container create`, `docker create`
9
10### Options
11
12| Name | Type | Default | Description |
13|:--------------------------|:--------------|:----------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
14| `--add-host` | `list` | | Add a custom host-to-IP mapping (host:ip) |
15| `--annotation` | `map` | `map[]` | Add an annotation to the container (passed through to the OCI runtime) |
16| `-a`, `--attach` | `list` | | Attach to STDIN, STDOUT or STDERR |
17| `--blkio-weight` | `uint16` | `0` | Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0) |
18| `--blkio-weight-device` | `list` | | Block IO weight (relative device weight) |
19| `--cap-add` | `list` | | Add Linux capabilities |
20| `--cap-drop` | `list` | | Drop Linux capabilities |
21| `--cgroup-parent` | `string` | | Optional parent cgroup for the container |
22| `--cgroupns` | `string` | | Cgroup namespace to use (host\|private)<br>'host': Run the container in the Docker host's cgroup namespace<br>'private': Run the container in its own private cgroup namespace<br>'': Use the cgroup namespace as configured by the<br> default-cgroupns-mode option on the daemon (default) |
23| `--cidfile` | `string` | | Write the container ID to the file |
24| `--cpu-count` | `int64` | `0` | CPU count (Windows only) |
25| `--cpu-percent` | `int64` | `0` | CPU percent (Windows only) |
26| `--cpu-period` | `int64` | `0` | Limit CPU CFS (Completely Fair Scheduler) period |
27| `--cpu-quota` | `int64` | `0` | Limit CPU CFS (Completely Fair Scheduler) quota |
28| `--cpu-rt-period` | `int64` | `0` | Limit CPU real-time period in microseconds |
29| `--cpu-rt-runtime` | `int64` | `0` | Limit CPU real-time runtime in microseconds |
30| `-c`, `--cpu-shares` | `int64` | `0` | CPU shares (relative weight) |
31| `--cpus` | `decimal` | | Number of CPUs |
32| `--cpuset-cpus` | `string` | | CPUs in which to allow execution (0-3, 0,1) |
33| `--cpuset-mems` | `string` | | MEMs in which to allow execution (0-3, 0,1) |
34| `--device` | `list` | | Add a host device to the container |
35| `--device-cgroup-rule` | `list` | | Add a rule to the cgroup allowed devices list |
36| `--device-read-bps` | `list` | | Limit read rate (bytes per second) from a device |
37| `--device-read-iops` | `list` | | Limit read rate (IO per second) from a device |
38| `--device-write-bps` | `list` | | Limit write rate (bytes per second) to a device |
39| `--device-write-iops` | `list` | | Limit write rate (IO per second) to a device |
40| `--disable-content-trust` | `bool` | `true` | Skip image verification |
41| `--dns` | `list` | | Set custom DNS servers |
42| `--dns-option` | `list` | | Set DNS options |
43| `--dns-search` | `list` | | Set custom DNS search domains |
44| `--domainname` | `string` | | Container NIS domain name |
45| `--entrypoint` | `string` | | Overwrite the default ENTRYPOINT of the image |
46| `-e`, `--env` | `list` | | Set environment variables |
47| `--env-file` | `list` | | Read in a file of environment variables |
48| `--expose` | `list` | | Expose a port or a range of ports |
49| `--gpus` | `gpu-request` | | GPU devices to add to the container ('all' to pass all GPUs) |
50| `--group-add` | `list` | | Add additional groups to join |
51| `--health-cmd` | `string` | | Command to run to check health |
52| `--health-interval` | `duration` | `0s` | Time between running the check (ms\|s\|m\|h) (default 0s) |
53| `--health-retries` | `int` | `0` | Consecutive failures needed to report unhealthy |
54| `--health-start-interval` | `duration` | `0s` | Time between running the check during the start period (ms\|s\|m\|h) (default 0s) |
55| `--health-start-period` | `duration` | `0s` | Start period for the container to initialize before starting health-retries countdown (ms\|s\|m\|h) (default 0s) |
56| `--health-timeout` | `duration` | `0s` | Maximum time to allow one check to run (ms\|s\|m\|h) (default 0s) |
57| `--help` | | | Print usage |
58| `-h`, `--hostname` | `string` | | Container host name |
59| `--init` | | | Run an init inside the container that forwards signals and reaps processes |
60| `-i`, `--interactive` | | | Keep STDIN open even if not attached |
61| `--io-maxbandwidth` | `bytes` | `0` | Maximum IO bandwidth limit for the system drive (Windows only) |
62| `--io-maxiops` | `uint64` | `0` | Maximum IOps limit for the system drive (Windows only) |
63| `--ip` | `string` | | IPv4 address (e.g., 172.30.100.104) |
64| `--ip6` | `string` | | IPv6 address (e.g., 2001:db8::33) |
65| `--ipc` | `string` | | IPC mode to use |
66| `--isolation` | `string` | | Container isolation technology |
67| `--kernel-memory` | `bytes` | `0` | Kernel memory limit |
68| `-l`, `--label` | `list` | | Set meta data on a container |
69| `--label-file` | `list` | | Read in a line delimited file of labels |
70| `--link` | `list` | | Add link to another container |
71| `--link-local-ip` | `list` | | Container IPv4/IPv6 link-local addresses |
72| `--log-driver` | `string` | | Logging driver for the container |
73| `--log-opt` | `list` | | Log driver options |
74| `--mac-address` | `string` | | Container MAC address (e.g., 92:d0:c6:0a:29:33) |
75| `-m`, `--memory` | `bytes` | `0` | Memory limit |
76| `--memory-reservation` | `bytes` | `0` | Memory soft limit |
77| `--memory-swap` | `bytes` | `0` | Swap limit equal to memory plus swap: '-1' to enable unlimited swap |
78| `--memory-swappiness` | `int64` | `-1` | Tune container memory swappiness (0 to 100) |
79| `--mount` | `mount` | | Attach a filesystem mount to the container |
80| `--name` | `string` | | Assign a name to the container |
81| `--network` | `network` | | Connect a container to a network |
82| `--network-alias` | `list` | | Add network-scoped alias for the container |
83| `--no-healthcheck` | | | Disable any container-specified HEALTHCHECK |
84| `--oom-kill-disable` | | | Disable OOM Killer |
85| `--oom-score-adj` | `int` | `0` | Tune host's OOM preferences (-1000 to 1000) |
86| `--pid` | `string` | | PID namespace to use |
87| `--pids-limit` | `int64` | `0` | Tune container pids limit (set -1 for unlimited) |
88| `--platform` | `string` | | Set platform if server is multi-platform capable |
89| `--privileged` | | | Give extended privileges to this container |
90| `-p`, `--publish` | `list` | | Publish a container's port(s) to the host |
91| `-P`, `--publish-all` | | | Publish all exposed ports to random ports |
92| `--pull` | `string` | `missing` | Pull image before creating (`always`, `\|missing`, `never`) |
93| `-q`, `--quiet` | | | Suppress the pull output |
94| `--read-only` | | | Mount the container's root filesystem as read only |
95| `--restart` | `string` | `no` | Restart policy to apply when a container exits |
96| `--rm` | | | Automatically remove the container when it exits |
97| `--runtime` | `string` | | Runtime to use for this container |
98| `--security-opt` | `list` | | Security Options |
99| `--shm-size` | `bytes` | `0` | Size of /dev/shm |
100| `--stop-signal` | `string` | | Signal to stop the container |
101| `--stop-timeout` | `int` | `0` | Timeout (in seconds) to stop a container |
102| `--storage-opt` | `list` | | Storage driver options for the container |
103| `--sysctl` | `map` | `map[]` | Sysctl options |
104| `--tmpfs` | `list` | | Mount a tmpfs directory |
105| `-t`, `--tty` | | | Allocate a pseudo-TTY |
106| `--ulimit` | `ulimit` | | Ulimit options |
107| `-u`, `--user` | `string` | | Username or UID (format: <name\|uid>[:<group\|gid>]) |
108| `--userns` | `string` | | User namespace to use |
109| `--uts` | `string` | | UTS namespace to use |
110| `-v`, `--volume` | `list` | | Bind mount a volume |
111| `--volume-driver` | `string` | | Optional volume driver for the container |
112| `--volumes-from` | `list` | | Mount volumes from the specified container(s) |
113| `-w`, `--workdir` | `string` | | Working directory inside the container |
114
115
116<!---MARKER_GEN_END-->
117
118## Description
119
120The `docker container create` (or shorthand: `docker create`) command creates a
121new container from the specified image, without starting it.
122
123When creating a container, the Docker daemon creates a writeable container layer
124over the specified image and prepares it for running the specified command. The
125container ID is then printed to `STDOUT`. This is similar to `docker run -d`
126except the container is never started. You can then use the `docker container start`
127(or shorthand: `docker start`) command to start the container at any point.
128
129This is useful when you want to set up a container configuration ahead of time
130so that it's ready to start when you need it. The initial status of the
131new container is `created`.
132
133The `docker create` command shares most of its options with the `docker run`
134command (which performs a `docker create` before starting it).
135Refer to the [`docker run` CLI reference](container_run.md)
136for details on the available flags and options.
137
138## Examples
139
140### Create and start a container
141
142The following example creates an interactive container with a pseudo-TTY attached,
143then starts the container and attaches to it:
144
145```console
146$ docker container create -i -t --name mycontainer alpine
1476d8af538ec541dd581ebc2a24153a28329acb5268abe5ef868c1f1a261221752
148
149$ docker container start --attach -i mycontainer
150/ # echo hello world
151hello world
152```
153
154The above is the equivalent of a `docker run`:
155
156```console
157$ docker run -it --name mycontainer2 alpine
158/ # echo hello world
159hello world
160```
161
162### Initialize volumes
163
164Container volumes are initialized during the `docker create` phase
165(i.e., `docker run` too). For example, this allows you to `create` the `data`
166volume container, and then use it from another container:
167
168```console
169$ docker create -v /data --name data ubuntu
170
171240633dfbb98128fa77473d3d9018f6123b99c454b3251427ae190a7d951ad57
172
173$ docker run --rm --volumes-from data ubuntu ls -la /data
174
175total 8
176drwxr-xr-x 2 root root 4096 Dec 5 04:10 .
177drwxr-xr-x 48 root root 4096 Dec 5 04:11 ..
178```
179
180Similarly, `create` a host directory bind mounted volume container, which can
181then be used from the subsequent container:
182
183```console
184$ docker create -v /home/docker:/docker --name docker ubuntu
185
1869aa88c08f319cd1e4515c3c46b0de7cc9aa75e878357b1e96f91e2c773029f03
187
188$ docker run --rm --volumes-from docker ubuntu ls -la /docker
189
190total 20
191drwxr-sr-x 5 1000 staff 180 Dec 5 04:00 .
192drwxr-xr-x 48 root root 4096 Dec 5 04:13 ..
193-rw-rw-r-- 1 1000 staff 3833 Dec 5 04:01 .ash_history
194-rw-r--r-- 1 1000 staff 446 Nov 28 11:51 .ashrc
195-rw-r--r-- 1 1000 staff 25 Dec 5 04:00 .gitconfig
196drwxr-sr-x 3 1000 staff 60 Dec 1 03:28 .local
197-rw-r--r-- 1 1000 staff 920 Nov 28 11:51 .profile
198drwx--S--- 2 1000 staff 460 Dec 5 00:51 .ssh
199drwxr-xr-x 32 1000 staff 1140 Dec 5 04:01 docker
200```
View as plain text