Container management encompasses the complete lifecycle of container operations—from image creation and registry storage to runtime configuration, networking, persistent storage, and resource control. While containers provide lightweight application isolation through Linux namespaces and cgroups, effective management requires understanding how to build, distribute, run, and monitor containerized workloads at scale. Modern container management spans multiple layers: image optimization for fast deployments, registry authentication for secure distribution, volume strategies for data persistence, network drivers for connectivity, and resource limits to prevent contention—all critical for running reliable production workloads.
What This Cheat Sheet Covers
This topic spans 22 focused tables and 167 indexed concepts. Below is a complete table-by-table outline of this topic, spanning foundational concepts through advanced details.
Table 1: Container Registries
A registry is where your built images live before they run anywhere — the warehouse between docker build and docker run. Choosing one is mostly about where the rest of your stack already sits: ECR for AWS, Artifact Registry for GCP, ACR for Azure, GHCR for GitHub-centric workflows, or Harbor and a self-hosted registry when you need everything on-premises. Most of the managed options bundle vulnerability scanning and RBAC, which matters more than raw storage once you're running in production.
| Type | Example | Description |
|---|---|---|
docker pull nginx:latest | • Public container registry hosting millions of images • supports automated builds, webhooks, and free public repositories with rate limiting (100 pulls/6h unauthenticated). | |
docker push harbor.example.com/myproject/app:v1.0.0 | Open-source OCI-compliant registry with vulnerability scanning, policy enforcement, replication, and RBAC—ideal for on-premises enterprise use. | |
aws ecr get-login-password | docker logindocker push 123456.dkr.ecr.us-east-1.amazonaws.com/app | AWS-managed private registry with IAM integration, image scanning, lifecycle policies, and tight integration with ECS/EKS. | |
gcloud auth configure-dockerdocker push us-docker.pkg.dev/project/repo/image | Unified registry for Docker images, Helm charts, and language packages with vulnerability scanning and SLSA provenance support. | |
az acr login --name myregistrydocker push myregistry.azurecr.io/app:latest | Azure-managed registry with geo-replication, content trust, webhooks, and integration with Azure services. |