docker · thaJeztah · Dec 15, 2022 · May 1, 2022 · Jun 20, 2022 · Oct 9, 2022
@@ -1060,7 +1060,7 @@ If an environment variable is only needed during build, and not in the final
 image, consider setting a value for a single command instead:
 
 ```dockerfile
-RUN DEBIAN_FRONTEND=noninteractive apt-get update && apt-get install -y ...
+RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y ...
 ```
 
 Or using [`ARG`](#arg), which is not persisted in the final image:

@@ -29,15 +29,15 @@ By default, `docker inspect` will render results in a JSON array.
 
 If a format is specified, the given template will be executed for each result.
 
-Go's [text/template](https://golang.org/pkg/text/template/) package
-describes all the details of the format.
+Go's [text/template](https://golang.org/pkg/text/template/) package describes
+all the details of the format.
 
 ## Specify target type (--type)
 
 `--type container|image|node|network|secret|service|volume|task|plugin`
 
-The `docker inspect` command matches any type of object by either ID or name.
-In some cases multiple type of objects (for example, a container and a volume)
+The `docker inspect` command matches any type of object by either ID or name. In
+some cases multiple type of objects (for example, a container and a volume)
 exist with the same name, making the result ambiguous.
 
 To restrict `docker inspect` to a specific type of object, use the `--type`
@@ -49,6 +49,35 @@ The following example inspects a _volume_ named "myvolume"
 $ docker inspect --type=volume myvolume
 ```
 
+### <a name=size></a> Inspect the size of a container (-s, --size)
+
+The `--size`, or short-form `-s`, option adds two additional fields to the
+`docker inspect` output. This option only works for containers. The container
+doesn't have to be running, it also works for stopped containers.
+
+```console
+$ docker inspect --size mycontainer
+```
+
+The output includes the full output of a regular `docker inspect` command, with
+the following additional fields:
+
+- `SizeRootFs`: the total size of all the files in the container, in bytes.
+- `SizeRw`: the size of the files that have been created or changed in the
+  container, compared to it's image, in bytes.
+
+```console
+$ docker run --name database -d redis
+3b2cbf074c99db4a0cad35966a9e24d7bc277f5565c17233386589029b7db273
+$ docker inspect --size database -f '{{ .SizeRootFs }}'
+123125760
+$ docker inspect --size database -f '{{ .SizeRw }}'                 
+8192
+$ docker exec database fallocate -l 1000 /newfile 
+$ docker inspect --size database -f '{{ .SizeRw }}'
+12288
+```
+
 ## Examples
 
 ### Get an instance's IP address
@@ -80,33 +109,30 @@ $ docker inspect --format='{{.Config.Image}}' $INSTANCE_ID
 
 ### List all port bindings
 
-You can loop over arrays and maps in the results to produce simple text
-output:
+You can loop over arrays and maps in the results to produce simple text output:
 
 ```console
 $ docker inspect --format='{{range $p, $conf := .NetworkSettings.Ports}} {{$p}} -> {{(index $conf 0).HostPort}} {{end}}' $INSTANCE_ID
 ```
 
 ### Find a specific port mapping
 
-The `.Field` syntax doesn't work when the field name begins with a
-number, but the template language's `index` function does. The
-`.NetworkSettings.Ports` section contains a map of the internal port
-mappings to a list of external address/port objects. To grab just the
-numeric public port, you use `index` to find the specific port map, and
-then `index` 0 contains the first object inside of that. Then we ask for
-the `HostPort` field to get the public address.
+The `.Field` syntax doesn't work when the field name begins with a number, but
+the template language's `index` function does. The `.NetworkSettings.Ports`
+section contains a map of the internal port mappings to a list of external
+address/port objects. To grab just the numeric public port, you use `index` to
+find the specific port map, and then `index` 0 contains the first object inside
+of that. Then we ask for the `HostPort` field to get the public address.
 
 ```console
 $ docker inspect --format='{{(index (index .NetworkSettings.Ports "8787/tcp") 0).HostPort}}' $INSTANCE_ID
 ```
 
 ### Get a subsection in JSON format
 
-If you request a field which is itself a structure containing other
-fields, by default you get a Go-style dump of the inner values.
-Docker adds a template function, `json`, which can be applied to get
-results in JSON format.
+If you request a field which is itself a structure containing other fields, by
+default you get a Go-style dump of the inner values. Docker adds a template
+function, `json`, which can be applied to get results in JSON format.
 
 ```console
 $ docker inspect --format='{{json .Config}}' $INSTANCE_ID

@@ -25,11 +25,6 @@ Options:
 
 The `docker logs` command batch-retrieves logs present at the time of execution.
 
-> **Note**
->
-> This command is only functional for containers that are started with the
-> `json-file` or `journald` logging driver.
-
 For more information about selecting and configuring logging drivers, refer to
 [Configure logging drivers](https://docs.docker.com/config/containers/logging/configure/).
 

@@ -19,38 +19,91 @@ Options:
 
 ## Description
 
-By default, this will render all version information in an easy to read
-layout. If a format is specified, the given template will be executed instead.
+The version command prints the current version number for all independently
+versioned Docker components. Use the [`--format`](#format) option to customize
+the output.
 
-Go's [text/template](https://golang.org/pkg/text/template/) package
-describes all the details of the format.
-
-## Examples
+The version command (`docker version`) outputs the version numbers of Docker
+components, while the `--version` flag (`docker --version`) outputs the version
+number of the Docker CLI you are using.
 
 ### Default output
 
+The default output renders all version information divided into two sections;
+the "Client" section contains information about the Docker CLI and client
+components, and the "Server" section contains information about the Docker
+Engine and components used by the Engine, such as the "Containerd" and "Runc"
+OCI Runtimes.
+
+The information shown may differ depending on how you installed Docker and
+what components are in use. The following example shows the output on a macOS
+machine running Docker Desktop:
+
 ```console
 $ docker version
 
 Client:
- Version:           19.03.8
- API version:       1.40
- Go version:        go1.12.17
- Git commit:        afacb8b
- Built:             Wed Mar 11 01:21:11 2020
+ Version:           20.10.16
+ API version:       1.41
+ Go version:        go1.17.10
+ Git commit:        aa7e414
+ Built:             Thu May 12 09:17:28 2022
  OS/Arch:           darwin/amd64
  Context:           default
- Experimental:      true
 
-Server:
+Server: Docker Desktop 4.8.2 (77141)
+ Engine:
+  Version:          20.10.16
+  API version:      1.41 (minimum version 1.12)
+  Go version:       go1.17.10
+  Git commit:       f756502
+  Built:            Thu May 12 09:15:33 2022
+  OS/Arch:          linux/amd64
+  Experimental:     false
+ containerd:
+  Version:          1.6.4
+  GitCommit:        212e8b6fa2f44b9c21b2798135fc6fb7c53efc16
+ runc:
+  Version:          1.1.1
+  GitCommit:        v1.1.1-0-g52de29d
+ docker-init:
+  Version:          0.19.0
+  GitCommit:        de40ad0
+```
+
+### Client and server versions
+
+Docker uses a client/server architecture, which allows you to use the Docker CLI
+on your local machine to control a Docker Engine running on a remote machine,
+which can be (for example) a machine running in the Cloud or inside a Virtual Machine.
+
+The following example switches the Docker CLI to use a [context](context.md)
+named "remote-test-server", which runs an older version of the Docker Engine
+on a Linux server:
+
+```console
+$ docker context use remote-test-server
+remote-test-server
+
+$ docker version
+
+Client:
+ Version:           20.10.16
+ API version:       1.40 (downgraded from 1.41)
+ Go version:        go1.17.10
+ Git commit:        aa7e414
+ Built:             Thu May 12 09:17:28 2022
+ OS/Arch:           darwin/amd64
+ Context:           remote-test-server
+
+Server: Docker Engine - Community
  Engine:
   Version:          19.03.8
   API version:      1.40 (minimum version 1.12)
   Go version:       go1.12.17
   Git commit:       afacb8b
   Built:            Wed Mar 11 01:29:16 2020
   OS/Arch:          linux/amd64
-  Experimental:     true
  containerd:
   Version:          v1.2.13
   GitCommit:        7ad184331fa3e55e52b890ea95e65ba581ae3429
@@ -62,12 +115,21 @@ Server:
   GitCommit:        fec3683
 ```
 
+## Examples
+
+### <a name=format></a> Format the output (--format)
+
+The formatting option (`--format`) pretty-prints the output using a Go template,
+which allows you to customize the output format, or to obtain specific information
+from the output. Refer to the [format command and log output](https://docs.docker.com/config/formatting/)
+page for details of the format.
+
 ### Get the server version
 
 ```console
 $ docker version --format '{{.Server.Version}}'
 
-19.03.8
+20.10.16
 ```
 
 ### Dump raw JSON data

@@ -687,7 +687,7 @@ the container exits**, you can add the `--rm` flag:
 | `--security-opt="label=level:LEVEL"`      | Set the label level for the container                                     |
 | `--security-opt="label=disable"`          | Turn off label confinement for the container                              |
 | `--security-opt="apparmor=PROFILE"`       | Set the apparmor profile to be applied to the container                   |
-| `--security-opt="no-new-privileges:true"` | Disable container processes from gaining new privileges                   |
+| `--security-opt="no-new-privileges=true"` | Disable container processes from gaining new privileges                   |
 | `--security-opt="seccomp=unconfined"`     | Turn off seccomp confinement for the container                            |
 | `--security-opt="seccomp=profile.json"`   | White-listed syscalls seccomp Json file to be used as a seccomp filter    |