<img src="https://cdn.educba.com/academy/wp-content/uploads/2020/10/Docker-Pull.jpg" alt=
“Docker Pull” />
to Docker Pull
The ‘docker pull’ is a Docker command to download a Docker image or repository locally to the host from a public or private registry. When we run any container and the specified Docker image is not present locally, it first pulls it from the registry. Most of the time, images are downloaded from a public registry that is “hub.docker.com” when we create our own custom Docker images, as we use the official Docker image as the base image. There are different flags available in this command, however, some only work in the most recent version.
docker pull [OPTIONS] NAME[:TAG|@DIGEST]
, -a: Used to download all images with different tags to that repository
disable-content-trust: Image verification will be skipped before extracting it
. -platform: Used to
set the platform
quiet, -q: Used to extract images silently (not detailed).
: It helps us to know more about the command if we forget.
docker pull -help
How does Pull Command work
When we run the pull command from the command line, it first checks locally or on the host the images and, if the image does not exist locally, the Docker daemon connects to the public registry ‘hub.docker.com’ if no private record is mentioned in the file ‘daemon.json’ and extracts the Docker image mentioned in the command and if it finds the image locally, Check for updates and download the latest version of the image. It actually matches the behind-the-scenes picture summary. Also, if we don’t mention the tag, then it extracts the image with the ‘most recent’ tag by default.
If we are trying to access the registry behind the proxy server, then we need to configure the Docker daemon proxy settings by setting environment variables on a host using systemd.
We can extract only 3 layers of an image simultaneously using this pull command by default and if we have to download an image that has more layers then there could be a chance that it could throw a timeout issue if the internet connection is slow. We can adjust the ‘-max-concurrent-downloads’ option in the ‘daemon.json’ file.
Let’s understand the command with some examples
Scenario: – Different ways to pull Docker images from Docker Hub
. 1. Extract the ‘
alpine’ image without any tags as shown below:
docker pull alpine
In the example above, we can see that if we don’t provide any tag, the Docker daemon extracts the image labeled ‘latest’ by default and extracts the image only if there is an image that exists with the last tag
. 2. Extract image with a specific tag, for example, we will extract the same ‘alpine’
image with a different tag, i.e. ‘border’ as shown below: –
docker pull alpine:edge
In the example above, we can see that we
have specified the tag after ‘:’ so that we can specify any tag you want to download, it could be a version like 3, 3.12, 3.12.0, etc. We can browse the public repository for available tags of any image.
3. We can even extract images by digest. We can see that there is a key called digest when
we extract the images in the examples above, so we can use that summary to extract the image as shown below: – docker pull [email protected]:3e92a8388546f6b15943678d323afdbbf1d950368264e0317b45e469dfa81d53 In the
example above, we have extracted the image ‘alpine:edge’ but using the summary and we have to use ‘@’ after the image name instead of ‘: ‘. Extracting the image using summary is very useful if the application supports any specific Docker image because there is a newer version of the same image and with the same tag being updated, so the application could break.
Let’s extract another image called ‘ubuntu’ using tag and summary
as shown below: –
ubuntu:20.04 docker pull [email protected]:bc2f7250f69267c9c6b66d7b6a81a54d3878bb85f1ebb5f951c896d13e6ba537
In the example above, we have first used the tag to download the image and then we use the summary of the same image to extract the image and we can see the status that says ‘The image is updated…’ Because we are taking the same picture.
Scenario #1: Extract
the image from a different record or private record As we know, the
- pull command downloads images from the Docker hub by default, however, we can extract images from our private registry or any different record, we just have to specify the path of that record while extracting the image from that record, for example, if we already have a registry running as a container on the same server, we can use the below command to pull Docker images from that local registry.
Docker Pull localhost: 5000 / Alpine
In the snapshot above, we can see that we have first mentioned the log path followed by the repository name and then the tag and path is nothing more than the URL of that server without a protocol specifier (https://).
The important thing is that the image must be available in the private registry. For this example, you first tagged an existing alpine image with the name ‘localhost:5000/alpine’ and sent it to the local registry.
Scenario #2: Pull a repository with all available tags 2
. We can use the ‘-all-tags’ or ‘-a’ option to extract all images with different tags at once, as the ‘docker pull’ command extracts only one image at a time by default and the command is displayed as follows: – docker pull
In the example above, we can see that you have started downloading all the images with different tags from the ‘alpine’ repository. We can use the keyboard shortcut ‘ctrl+c’ to interrupt the pull.
We can use the command ‘docker image ls’ to verify the same thing shown in the following snapshot: – Docker
Scenario #3: Extract Docker images that are not signed and
content-trust is enabled
We can use the ‘-disable-content-trust’ option to download unverified images as shown below: –
pull localhost:5000/alpine docker pull -disable-content-trust localhost:5000/alpine
In the snapshot above, we can
see that the first command threw an error when extracting the image since the image is not verified and the ‘DOCKER_CONTENT_TRUST’ is enabled, however, when we use the ‘—disable-content-trust’ option, we can extract the image without any error. By default, it is disabled, so to test this scenario we can use the command ‘export DOCKER_CONTENT_TRUST=1’ to enable it.
Scenario #4: Extract
the image without any detailed output We can use the ‘-quiet’ or ‘-q’ option to suppress the detailed output as shown below: –
docker pull -q nginx:alpine
In the snapshot above, we can see that the output does not show the different layers that are downloaded or summary or status, since we can see them if we extract the image without the ‘
-q’ option as shown
in the following snapshot:
Advantages of Docker Pull It helps to download the images from any registry,
- it can be a public or private registry
- You can even pull the entire repository if necessary using the ‘-all-tags’ option
- It helps to download unsigned Docker images, however, we must be aware of the risks when doing so.
This is a useful and frequently used command while working with Docker. The ‘-platform’ option only works with experimental features enabled as of now. Downloading unsigned Docker images is not recommended if you are not familiar with the image, such as how it works or what it does.
This is a guide to Docker Pull. Here we discuss the introduction, scenario, and how does the pull command work in Docker with examples respectively?. You can also take a look at the following articles for more information:
Docker Import Docker
- hosts Docker
- Stop Container