docker-create - Create a new container



docker-create - Create a new container


docker create [OPTIONS] IMAGE [COMMAND] [ARG...]


Alias for docker container create.



Add a custom host-to-IP mapping (host:ip)


Add an annotation to the container (passed through to the OCI runtime)

-a, --attach=



Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0)


Block IO weight (relative device weight)


Add Linux capabilities


Drop Linux capabilities


Optional parent cgroup for the container


Cgroup namespace to use (host|private)

default-cgroupns-mode option on the daemon (default)


Write the container ID to the file


CPU count (Windows only)


CPU percent (Windows only)


Limit CPU CFS (Completely Fair Scheduler) period


Limit CPU CFS (Completely Fair Scheduler) quota


Limit CPU real-time period in microseconds


Limit CPU real-time runtime in microseconds

-c, --cpu-shares=0

CPU shares (relative weight)


Number of CPUs


CPUs in which to allow execution (0-3, 0,1)


MEMs in which to allow execution (0-3, 0,1)


Add a host device to the container


Add a rule to the cgroup allowed devices list


Limit read rate (bytes per second) from a device


Limit read rate (IO per second) from a device


Limit write rate (bytes per second) to a device


Limit write rate (IO per second) to a device


Skip image verification


Set custom DNS servers


Set DNS options


Set custom DNS search domains


Container NIS domain name


Overwrite the default ENTRYPOINT of the image

-e, --env=

Set environment variables


Read in a file of environment variables


Expose a port or a range of ports


GPU devices to add to the container (’all’ to pass all GPUs)


Add additional groups to join


Command to run to check health


Time between running the check (ms|s|m|h) (default 0s)


Consecutive failures needed to report unhealthy


Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s)


Maximum time to allow one check to run (ms|s|m|h) (default 0s)


Print usage

-h, --hostname=""

Container host name


Run an init inside the container that forwards signals and reaps processes

-i, --interactive[=false]

Keep STDIN open even if not attached


Maximum IO bandwidth limit for the system drive (Windows only)


Maximum IOps limit for the system drive (Windows only)


IPv4 address (e.g.,


IPv6 address (e.g., 2001:db8::33)


IPC mode to use


Container isolation technology


Kernel memory limit

-l, --label=

Set meta data on a container


Read in a line delimited file of labels


Add link to another container


Container IPv4/IPv6 link-local addresses


Logging driver for the container


Log driver options


Container MAC address (e.g., 92:d0:c6:0a:29:33)

-m, --memory=0

Memory limit


Memory soft limit


Swap limit equal to memory plus swap: ’-1’ to enable unlimited swap


Tune container memory swappiness (0 to 100)


Attach a filesystem mount to the container


Assign a name to the container


Connect a container to a network


Add network-scoped alias for the container


Disable any container-specified HEALTHCHECK


Disable OOM Killer


Tune host’s OOM preferences (-1000 to 1000)


PID namespace to use


Tune container pids limit (set -1 for unlimited)


Set platform if server is multi-platform capable


Give extended privileges to this container

-p, --publish=

Publish a container’s port(s) to the host

-P, --publish-all[=false]

Publish all exposed ports to random ports


Pull image before creating ("always", "|missing", "never")

-q, --quiet[=false]

Suppress the pull output


Mount the container’s root filesystem as read only


Restart policy to apply when a container exits


Automatically remove the container when it exits


Runtime to use for this container


Security Options


Size of /dev/shm


Signal to stop the container


Timeout (in seconds) to stop a container


Storage driver options for the container


Sysctl options


Mount a tmpfs directory

-t, --tty[=false]

Allocate a pseudo-TTY


Ulimit options

-u, --user=""

Username or UID (format: [:])


User namespace to use


UTS namespace to use

-v, --volume=

Bind mount a volume


Optional volume driver for the container


Mount volumes from the specified container(s)

-w, --workdir=""

Working directory inside the container



Updated 2024-01-29 - |