Docker Fundamentals

💤0
Lv 10 XP
← 📦 Containers & Kubernetes · Docker

Docker Fundamentals

Beginner ⭐ 50 XP ⏱ 25 min #docker#containers#images

Understand what containers really are, how images differ from containers, and run your first one.

📖Theory

A container is a lightweight, isolated process that bundles an application with everything it needs to run — libraries, dependencies, config — so it behaves the same on your laptop, a teammate’s machine, and production.

The crucial distinction:

  • An image is a read-only template (a blueprint). It’s built once and never changes.
  • A container is a running instance of an image. You can start many containers from the same image, like objects from a class.

Containers differ from virtual machines because they share the host’s kernel instead of each booting a full operating system. That makes them start in milliseconds and use a fraction of the resources.

graph TD
  D["Dockerfile"] -->|docker build| I["Image
(read-only template)"]
  I -->|docker run| C1["Container 1"]
  I -->|docker run| C2["Container 2"]
  I -->|docker run| C3["Container 3"]
  C1 --- K["Host OS Kernel"]
  C2 --- K
  C3 --- K
One image, many containers — all sharing the host kernel
🧪Run your first containers
  1. Check Docker is working

    Confirm the Docker engine is installed and running:

    docker --version
docker run hello-world

    The hello-world image prints a confirmation message and exits. If you see it, your installation works.

  2. Run an interactive container

    Start an Ubuntu container and drop into its shell:

    docker run -it ubuntu bash

    You’re now inside a fresh Ubuntu environment. Try cat /etc/os-release, then type exit to leave. The container stops when its main process ends.

  3. Run a web server in the background

    Start nginx, detached (-d), mapping container port 80 to your port 8080:

    docker run -d -p 8080:80 --name web nginx

    Open http://localhost:8080 — you’ll see the nginx welcome page served from the container.

  4. Inspect and clean up

    List, inspect logs, then stop and remove:

    docker ps                 # running containers
docker logs web           # see its output
docker stop web           # stop it
docker rm web             # remove it
🌍Real-World Example

A minimal Dockerfile that packages a Node.js app into an image:

FROM node:20-alpine          # start from a small base image
WORKDIR /app                 # set the working directory
COPY package*.json ./        # copy dependency manifests first (layer caching)
RUN npm ci                   # install dependencies
COPY . .                     # copy the rest of the source
EXPOSE 3000                  # document the port
CMD ["node", "server.js"]    # what runs when the container starts

Build and run it:

docker build -t myapp:1.0 .
docker run -p 3000:3000 myapp:1.0
✍️Hands-On Exercise
  1. Run docker run -d -p 8080:80 nginx, confirm it in a browser, then stop it.
  2. Use docker exec -it <name> sh to get a shell inside a running container.
  3. Pull the alpine image and check its tiny size with docker images.
  4. Write a one-line Dockerfile based on alpine that runs echo "hello" as its command, build it, and run it.
🧾Cheat Sheet
TaskCommand
Run a containerdocker run <image>
Run interactivelydocker run -it <image> bash
Run detached + port mapdocker run -d -p 8080:80 <image>
List running containersdocker ps (add -a for all)
Shell into a containerdocker exec -it <name> sh
View logsdocker logs <name>
Stop / remove containerdocker stop <name> / docker rm <name>
List / remove imagesdocker images / docker rmi <image>
Build an imagedocker build -t name:tag .
Clean up everything unuseddocker system prune
💬Common Interview Questions
What's the difference between an image and a container?

An image is an immutable template built from a Dockerfile. A container is a running (or stopped) instance of an image. Many containers can run from one image.

How do containers differ from virtual machines?

Containers share the host OS kernel and isolate at the process level, so they’re lightweight and start almost instantly. VMs run a full guest OS on a hypervisor, using far more resources.

What does `-p 8080:80` mean?

It publishes a port: traffic to port 8080 on the host is forwarded to port 80 inside the container. The format is host:container.

🚑Troubleshooting Scenarios

“port is already allocated”. Another process is using that host port. Pick a different one (-p 8081:80) or stop whatever is using it.

Container exits immediately. Its main process finished. Containers live only as long as their primary command runs — a web server stays up, but echo hello exits at once. Check docker logs.

“Cannot connect to the Docker daemon”. The Docker engine isn’t running. Start Docker Desktop (or sudo systemctl start docker on Linux), and ensure your user can access the daemon.

📚Official Documentation

📝 My notes on this topic

Auto-saves as you type