LinuxCommandLibrary

docker-pull

Download a Docker image from a registry

TLDR

View documentation for the original command

$ tldr docker image pull
copy

SYNOPSIS

docker pull [OPTIONS] NAME[:TAG|@DIGEST]

PARAMETERS

--all-tags, -a
    Download all tagged images in the repository

--disable-content-trust
    Skip image signing verification (default enabled)

--platform string
    Set target platform (e.g., linux/amd64, linux/arm64)

--policy string
    Pull policy: always|never|missing (default 'missing')

--quiet, -q
    Suppress verbose output and progress bars

--registry-mirror stringArray
    Preferred registry mirrors for faster pulls

DESCRIPTION

The docker pull command fetches a Docker image or repository from a registry such as Docker Hub, quay.io, or a private registry. It downloads the specified image layers, verifying checksums and only retrieving missing or outdated layers already present locally. By default, it pulls the latest tag if no tag is specified.

Use cases include setting up base images for containers, updating existing images, or pulling multi-platform images. For repositories, the --all-tags option downloads every tagged image. Progress is shown via a progress bar, suppressed with -q. Content trust can be disabled for unsigned images.

It interacts with the local Docker daemon, storing images in the configured storage driver (e.g., overlay2). Pulling respects pull policies: always (force pull), missing (default, pull if absent), or never (local only). Platform-specific pulls ensure compatibility across architectures like amd64 or arm64.

Common in CI/CD pipelines, development workflows, and production deployments to ensure consistent environments.

CAVEATS

Requires Docker daemon running and internet access. Large images consume bandwidth and disk space. Vulnerable to untrusted registries without content trust. Multi-stage pulls may timeout on slow networks.

EXAMPLES

docker pull alpine # Pulls latest alpine image
docker pull --quiet ubuntu:20.04 # Quiet pull specific tag
docker pull --all-tags nginx # All nginx tags

AUTHENTICATION

Login first with docker login for private registries. Uses credentials from docker config.

HISTORY

Introduced in Docker 0.5 (2013) as part of early Docker CLI. Evolved with Docker 1.0 (2014) release, adding tag support and registries. Multi-platform pulls added in Docker 17.05 (2017); content trust in 1.8 (2015). Maintained by Docker Inc., now Moby project.

SEE ALSO

docker images(1), docker push(1), docker tag(1), docker rmi(1), docker build(1)

Copied to clipboard