Docker Container Diff

docker container diff

This command inspects changes to files or directories on a container's filesystem. So we can get an idea about which all files or directories got added or deleted to the container layer. The docker container diff command allows you to view the differences between the container's filesystem and its base image. Syntax:

docker container diff <container_id_or_name>

Now, let's dive into some practical examples to see how it works.

  • Example 1: Checking File Additions Suppose you have a running container named web_app based on the image nginx:latest. To check the files that have been added to the container, use the following command:

    docker container diff web_app
    This will display a list of files or directories that have been added since the container was started.
  • Example 2: Identifying Modified Files If you want to find out which files have been modified inside the container, use:

    docker container diff web_app | grep 'C '

    This command filters the output to show only files with changes (C denotes modification).

  • Example 3: Spotting Deleted Files

    To see a list of files or directories that have been deleted inside the container, run:

    docker container diff web_app | grep 'D '

    Here, D indicates deletion.


The docker container diff command is a handy tool for understanding the changes made within a running Docker container. By examining file additions, modifications, and deletions, you gain insights into the container's filesystem alterations. This information can be crucial for troubleshooting or understanding the impact of changes made during runtime.

AA file or directory was created
CA file or directory was changed
DA file or directory was deleted

Let's create a hypothetical scenario where we have an Nginx container named web_app based on the nginx:latest image. We'll start the container, make some changes, and then use the docker container diff command to inspect the differences. Here's a sample output:

# Start the Nginx container
docker run -d --name web_app nginx:latest

# Create a new file inside the container
docker exec web_app touch /app/new_file.txt

# Modify an existing file
docker exec web_app echo "Updated content" > /usr/share/nginx/html/index.html

# Delete a file
docker exec web_app rm /usr/share/nginx/html/delete_me.txt

# View the changes using docker container diff
docker container diff web_app

Sample Output:

A /app/new_file.txt
C /usr/share/nginx/html/index.html
D /usr/share/nginx/html/delete_me.txt


  • A indicates that a file or directory has been added (/app/new_file.txt).
  • C denotes a change or modification to an existing file (/usr/share/nginx/html/index.html).
  • D signifies that a file or directory has been deleted (/usr/share/nginx/html/delete_me.txt).

This output shows the summary of changes made within the container since it started. You can use this information to track modifications, additions, or deletions in the container's filesystem, providing valuable insights into its runtime behavior.