Manipulating Container Images


There are various ways to manage image containers in a devops fashion. For example, a developer finished testing a custom container in a machine, and needs to transfer this container image to another host for another developer, or to a production server. There are two ways to accomplish this:

1.Save the container image to a *.tar file.

2.Publish (push) the container image to an image registry

One of the ways a developer could have created this custom container is discussed later in this chapter (docker commit). However, the recommended way to do so, that is, using Dockerfiles is discussed in next chapters.

Saving and Loading Images

Existing images from the Docker cache can be saved to a .tar file using the docker save command. The generated file is not a regular tar file: it contains image metadata and preserves the original image layers. By doing so, the original image can be later recreated exactly as it was.

The general syntax of the docker command save verb is as follows:

# docker save [-o FILE_NAME] IMAGE_NAME[:TAG]

If the -o option is not used the generated image is sent to the standard output as binary data.

In the following example, the MySQL container image from the Docker registry is saved to the mysql.tar file:

# docker save -o mysql.tar mysql:5.7

.tar files generated using the save verb can be used for backup purposes. To restore the container image, use the docker load command. The general syntax of the command is as follows:

# docker load [-i FILE_NAME]

To save disk space, the file generated by the save verb can be compressed as a Gzip file. The load verb uses the gunzip command before importing the file to the cache directory.

Publishing Images to a Registry

To publish an image to the registry, it must be stored in the Docker's cache cache, and should be tagged for identification purposes. To tag an image, use the tag verb, as follows:


For example, Let's say I want to push the latest version of Alpine to my account and give it a tag of versi1. I can do this in the following way:

# docker image tag alpine:latest palopalepalo/alpine:versi1
# docker images
REPOSITORY            TAG                 IMAGE ID            CREATED             SIZE
nginx                 latest              7e4d58f0e5f3        10 days ago         133MB
mysql                 5.7                 ef08065b0a30        10 days ago         448MB
mysql                 latest              e1d7dc9731da        10 days ago         544MB
alpine                latest              a24bb4013296        3 months ago        5.57MB
palopalepalo/alpine   versi1              a24bb4013296        3 months ago        5.57MB

Now, to be able to push the image, I have to log in to my account, as follows:

# docker login -u palopalepalo -p <my secret password>

After a successful login, I can then push the image, like this:

# docker image push palopalepalo/alpine:versi1

You will see something similar to this in the Terminal:

#  docker image push palopalepalo/alpine:versi1
The push refers to repository []
50644c29ef5a: Mounted from library/alpine 
versi1: digest: sha256:a15790640a6690aa1730c38cf0a440e2aa44aaca9b0e8931a9f2b0d7cc90fd65 size: 528

For each image that we push to Docker Hub, we automatically create a repository. A repository can be private or public. Everyone can pull an image from a public repository. From a private repository, an image can only be pulled if one is logged in to the registry and has the necessary permissions configured.

Deleting All Images

To delete all images that are not used by any container, use the following command:

# docker rmi $(docker images -q)

The command returns all the image IDs available in the cache, and passes them as a parameter to the docker rmi command for removal. Images that are in use are not deleted, however, this does not prevent any unused images from being removed.