1.03 Docker Run

Docker run is one of the most important Docker commands. It creates and starts a container from an image. This page covers common docker run options used in real projects: tags, interactive input, port mapping, volume mapping, inspection, and logs.

Goal

Understand how to run containers in a predictable way for development, testing, and production-like environments.

Why `docker run` Matters

A Docker image is a packaged template. A container is a running instance of that image.

docker run IMAGE

Example:

docker run redis

If the image is not available locally, Docker pulls it from the registry first, then starts the container.

Note

If no image tag is specified, Docker uses the latest tag by default.

Run With Image Tags

Tags allow you to choose a specific version of an image.

docker run redis
docker run redis:4.0

In the first command, Docker uses:

redis:latest

In the second command, Docker uses:

redis:4.0

Avoid latest in production

Do not depend on latest for production deployments. The latest tag can change over time, which may cause unexpected version changes.

Production practice

Pin image versions explicitly.

docker run redis:7.2

Better for production:

docker run redis:7.2.4

Run in Interactive Mode

Some containers need user input. By default, Docker containers do not listen to standard input.

Example application behavior:

./app.sh

Output:

Welcome! Please enter your name: Mumshad
Hello and Welcome Mumshad!

If you run the same application in Docker without interactive mode:

docker run kodekloud/simple-prompt-docker

It may not wait for input.

Use -i for interactive mode:

docker run -i kodekloud/simple-prompt-docker

Use -t to allocate a pseudo-terminal:

docker run -it kodekloud/simple-prompt-docker

Best option for interactive containers

Use -it together when you need to type input inside the container.

docker run -it ubuntu bash

Run With Port Mapping

Containers have their own internal network. If an application listens inside the container, external users cannot access it unless you publish the port.

Example web app running inside the container on port 5000:

docker run kodekloud/webapp

The application may listen on:

http://0.0.0.0:5000

But that is inside the container network.

Use -p to publish a container port on the Docker host:

docker run -p 80:5000 kodekloud/webapp

Format:

docker run -p HOST_PORT:CONTAINER_PORT IMAGE

So this means:

Docker host port 80  -->  Container port 5000

Now users can access the app using:

http://<docker-host-ip>:80

Multiple containers with different host ports

You can run multiple containers from the same image by mapping them to different host ports.

docker run -p 8000:5000 kodekloud/webapp
docker run -p 8001:5000 kodekloud/webapp
docker run -p 8002:5000 kodekloud/webapp

Common mistake

You cannot bind multiple containers to the same host port at the same time.

This will fail if port 80 is already in use:

docker run -p 80:5000 kodekloud/webapp
docker run -p 80:5000 kodekloud/webapp

Run With Environment Variables

Many application images require configuration through environment variables.

Example MySQL container:

docker run -e MYSQL_ROOT_PASSWORD=pass mysql

Format:

docker run -e KEY=value IMAGE

Tip

Use environment variables for non-sensitive runtime configuration. For secrets, prefer Docker secrets, Kubernetes Secrets, or an external secrets manager in production.

Run With Volume Mapping

Containers have their own filesystem. If a container is deleted, data inside the container is also deleted.

For databases like MySQL, data is commonly stored inside:

/var/lib/mysql

If you run MySQL without a volume:

docker run mysql

Then stop and remove it:

docker stop mysql
docker rm mysql

The container data is lost.

Use -v to map a host directory to a container directory:

docker run -v /opt/datadir:/var/lib/mysql mysql

Format:

docker run -v HOST_PATH:CONTAINER_PATH IMAGE

This means:

/opt/datadir on Docker host  -->  /var/lib/mysql inside container

Why volumes are important

Volumes help persist application data even after the container is removed.

Production storage

For production databases, do not rely only on local host paths without backup, monitoring, and recovery planning.

Run in Detached Mode

By default, some containers run in the foreground. You stay attached to the container output.

docker run kodekloud/simple-webapp

Use -d to run in the background:

docker run -d kodekloud/simple-webapp

Docker returns the container ID immediately.

Check running containers:

docker ps

Attach back to the container:

docker attach <container-id-or-name>

Note

You can use the first few characters of the container ID as long as they uniquely identify the container.

Inspect a Container

Use docker inspect to view detailed container information in JSON format.

docker inspect <container-name-or-id>

This shows details such as:

container state
image configuration
command and arguments
mounts
network settings
environment variables

Inspect container

docker inspect blissful_hopper

Useful fields:

State
Mounts
Config
NetworkSettings

Production troubleshooting

Use docker inspect when you need exact details about ports, mounts, IP address, environment variables, or restart behavior.

View Container Logs

If a container runs in detached mode, use docker logs to view its output.

docker logs <container-name-or-id>

Follow logs live:

docker logs -f <container-name-or-id>

Show recent logs:

docker logs --tail 50 <container-name-or-id>

Show timestamps:

docker logs -t <container-name-or-id>

When logs are empty

If docker logs shows nothing, the application may be writing logs to a file inside the container instead of standard output.

Production logging

Containerized applications should write logs to stdout and stderr. This makes logs easier to collect using Docker, Kubernetes, Fluent Bit, CloudWatch, Loki, or other logging systems.

Common `docker run` Options

Option	Meaning	Example
`-d`	Run in detached/background mode	`docker run -d nginx`
`-i`	Keep STDIN open	`docker run -i ubuntu`
`-t`	Allocate pseudo-terminal	`docker run -it ubuntu bash`
`-p`	Publish port	`docker run -p 80:5000 webapp`
`-v`	Mount volume	`docker run -v /data:/var/lib/mysql mysql`
`-e`	Set environment variable	`docker run -e APP_ENV=prod app`
`--name`	Assign container name	`docker run --name web nginx`
`--rm`	Remove container after exit	`docker run --rm alpine echo hi`

Practical Examples

Redis with tagInteractive Ubuntu shellWeb app with port mappingMySQL with persistent dataDetached web app

docker run redis:4.0

Runs Redis version 4.0.

docker run -it ubuntu bash

Starts an Ubuntu container and opens a shell.

docker run -p 8080:5000 kodekloud/webapp

Maps Docker host port 8080 to container port 5000.

docker run \
  -e MYSQL_ROOT_PASSWORD=pass \
  -v /opt/datadir:/var/lib/mysql \
  mysql

Stores MySQL data on the Docker host.

docker run -d --name webapp -p 8080:8080 kodekloud/simple-webapp
docker logs -f webapp

Runs the app in the background and follows logs.

Production Best Practices

Do

Pin image versions instead of using latest.
Use --name for important containers.
Use -d for long-running services.
Use -p only for ports that must be exposed.
Use volumes for persistent data.
Send logs to stdout and stderr.
Store secrets securely instead of hardcoding them in commands.
Use health checks and restart policies for long-running workloads.

Don't

Do not run databases without persistent storage.
Do not expose unnecessary ports.
Do not use random image tags in production.
Do not store passwords directly in shell history for real environments.
Do not manually run production containers without a repeatable deployment process.
Do not depend only on container logs without centralized logging.

Recommended Production-Style Command

docker run -d \
  --name webapp \
  --restart unless-stopped \
  -p 8080:8080 \
  -e APP_ENV=production \
  kodekloud/simple-webapp:1.0

Explanation:

-d runs the container in background mode.
--name gives the container a clear name.
--restart unless-stopped restarts the container after failures or host reboot.
-p exposes the application port.
-e sets runtime configuration.
The image uses a specific version tag.

Warning

For real production, prefer orchestration platforms like Kubernetes, Docker Compose, ECS, or Nomad instead of manually running many containers with raw docker run.

Quick Troubleshooting

Problem	Check
Container exits immediately	`docker ps -a`, `docker logs <container>`
App not accessible	Check `-p HOST_PORT:CONTAINER_PORT`
Port already allocated	Use a different host port
Data disappeared	Check if a volume was used
Wrong app version	Check image tag
Need full container details	`docker inspect <container>`
Need live logs	`docker logs -f <container>`

Quick Command Summary

# Run latest Redis
docker run redis

# Run specific Redis version
docker run redis:4.0

# Run interactive container
docker run -it ubuntu bash

# Run web app with port mapping
docker run -p 80:5000 kodekloud/webapp

# Run container in background
docker run -d kodekloud/simple-webapp

# Run MySQL with persistent storage
docker run -v /opt/datadir:/var/lib/mysql mysql

# Inspect container
docker inspect <container-name-or-id>

# View logs
docker logs <container-name-or-id>

# Follow logs
docker logs -f <container-name-or-id>

Remember

docker run is not only for starting containers. It also defines how the container connects to input, ports, volumes, environment variables, logs, and the host system.

1.03 Docker Run

Why docker run Matters

Run With Image Tags

Run in Interactive Mode

Run With Port Mapping

Run With Environment Variables

Run With Volume Mapping

Run in Detached Mode

Inspect a Container

View Container Logs

Common docker run Options

Practical Examples

Production Best Practices

Recommended Production-Style Command

Quick Troubleshooting

Quick Command Summary

Why `docker run` Matters

Common `docker run` Options