1.01 Docker Overview
Docker is a container platform used to package applications with their required libraries and dependencies, then run them consistently across different environments such as developer laptops, testing servers, staging, and production.
Goal
Understand why Docker is needed, what containers are, how containers differ from virtual machines, and how Docker helps teams build, ship, and run applications reliably.
Why Do We Need Docker?
Before Docker, running a multi-service application usually required installing every component directly on the host machine.
Example application stack:
| Layer | Example |
|---|---|
| Web Server | Node.js / Express |
| Database | MongoDB |
| Messaging | Redis |
| Orchestration / Automation | Ansible |
This creates many operational problems.
Common problems without Docker
- Different services may require different OS versions.
- One application may need one library version, while another needs a different version.
- Setting up a new developer machine takes a long time.
- Dev, test, staging, and production environments may behave differently.
- Upgrading one component can break another component.
- Troubleshooting becomes difficult because dependencies are installed directly on the host.
This dependency and compatibility problem is often called βthe matrix from hell.β
What Docker Does
Docker solves this by running each application component in its own isolated container.
Instead of installing everything directly on the host:
Docker separates them:
Each container carries its own libraries and dependencies.
Docker benefits
- Same application behavior across environments.
- Faster setup for new developers.
- Easier upgrades and rollbacks.
- Better isolation between services.
- Faster application startup.
- Lightweight compared to virtual machines.
- Supports DevOps workflows by standardizing packaging and deployment.
What Are Containers?
Containers are isolated environments that run processes on a shared operating system kernel.
Each container can have its own:
- processes
- network interfaces
- file system mounts
- libraries
- dependencies
- application runtime
But containers share the host OS kernel.
Container A Container B Container C
Processes Processes Processes
Network Network Network
Mounts Mounts Mounts
\ | /
Docker
OS Kernel
Hardware
Note
Containers are not full virtual machines. They isolate applications, but they do not boot a separate operating system kernel for every container.
Sharing the Kernel
Linux distributions such as Ubuntu, Fedora, SUSE, Debian, and CentOS have two major parts:
The kernel talks to the hardware. The software layer provides tools, libraries, package managers, shells, and user-space utilities.
Docker containers share the host kernel and package only the software and dependencies needed by the application.
Linux container on Linux host
If the Docker host runs Ubuntu, it can run containers based on Debian, Fedora, CentOS, or Alpine because they all use the Linux kernel.
Windows vs Linux containers
A Linux Docker host cannot directly run Windows containers because Windows uses a different kernel.
When Linux containers run on Docker Desktop for Windows or macOS, they usually run inside a lightweight Linux VM behind the scenes.
Docker Images vs Containers
| Term | Meaning |
|---|---|
| Image | A package or template used to create containers |
| Container | A running instance of an image |
Think of an image like a VM template or application package. A container is what runs from that image.
Tip
One image can be used to create many containers.
Example:
Each command starts a container from the specified image.
Containers vs Virtual Machines
Virtual machines and containers both provide isolation, but they work differently.
| Area | Virtual Machines | Containers |
|---|---|---|
| Size | Usually GBs | Usually MBs |
| Startup | Minutes | Seconds |
| OS per workload | Yes | No |
| Kernel | Separate kernel per VM | Shared host kernel |
| Isolation | Stronger | Lighter isolation |
| Resource usage | Higher | Lower |
| Portability | Good | Very good |
| Best use | Full OS isolation | Application packaging and scaling |
Note
It is not containers OR virtual machines. In production, it is often containers ON virtual machines.
Docker in Production
In real production environments, containers are commonly deployed on virtual machines or cloud instances.
This gives both benefits:
- VMs provide infrastructure isolation and easy provisioning.
- Docker provides fast application packaging and scaling.
Production pattern
A cloud team may create several VM-based Docker hosts. Each host can run many containers. If demand increases, the team can add more hosts and run more containers.
How Docker Helps DevOps
Traditionally:
Developers build application
β
Operations team reads setup guide
β
Ops installs dependencies manually
β
Production issues happen
With Docker:
Developers + Operations define Dockerfile
β
Docker image is built
β
Same image runs in dev/test/prod
The application and dependencies are packaged together.
DevOps benefit
Docker reduces the gap between development and operations because the same container image can be tested, shipped, and deployed consistently.
Simple Docker Workflow
1. Write application code
2. Create Dockerfile
3. Build Docker image
4. Push image to registry
5. Run container from image
6. Scale containers if required
Example commands:
Note
Do not focus too much on commands at the overview stage. The key idea is that Docker builds images and runs containers from those images.
Docker Hub and Registries
Many popular applications already have container images available in public registries.
Examples:
nginxmongoredismysqlpostgresnodeubuntualpine
A registry stores images. Docker Hub is a popular public registry.
Tip
In production, organizations usually use private registries such as Amazon ECR, Google Artifact Registry, Azure Container Registry, Harbor, or private Docker Hub repositories.
Production Best Practices
Do
- Use official or verified images when possible.
- Pin image versions instead of using
latest. - Keep images small using minimal base images.
- Run one main process per container.
- Store application configuration outside the image.
- Use environment variables or secret managers for runtime configuration.
- Scan images for vulnerabilities.
- Use non-root users inside containers.
- Send logs to stdout/stderr so platforms can collect them.
- Rebuild images regularly to include security patches.
Don't
- Do not install everything into one large container.
- Do not store passwords or secrets inside Docker images.
- Do not rely on manual changes inside running containers.
- Do not use untrusted images in production.
- Do not use
latestfor production deployments. - Do not treat containers like full virtual machines.
- Do not run privileged containers unless absolutely required.
Common Misconceptions
Can containers replace virtual machines?
Not always. Containers package and isolate applications. Virtual machines isolate full operating systems. In production, containers often run on VMs.
Can a Linux host run Windows containers?
Not directly. Containers share the host kernel, so Windows containers need a Windows kernel.
Is Docker the same as Kubernetes?
No. Docker runs containers. Kubernetes orchestrates containers across many nodes.
Is a container the same as an image?
No. An image is the package. A container is the running instance.
Troubleshooting Basics
When a container does not work, check in this order:
docker ps -a
docker logs <container-name-or-id>
docker inspect <container-name-or-id>
docker exec -it <container-name-or-id> sh
Common issues
- Container exits immediately.
- Port is not mapped correctly.
- Environment variables are missing.
- Application cannot connect to database.
- Image tag is incorrect.
- File permissions are wrong.
- Container has no network connectivity.
Quick Revision
Docker = platform for building and running containers
Image = package/template
Container = running instance of an image
Containers:
- isolate processes
- have their own dependencies
- share host OS kernel
- start quickly
- are lightweight
Virtual Machines:
- include full OS
- are heavier
- provide stronger OS-level isolation
Quote
Docker helps package an application with everything it needs so it can run the same way across development, testing, staging, and production.
Exam / Interview Points
Good explanation
Docker solves environment inconsistency by packaging an application with its libraries and dependencies into a container image. That image can run as a container on any Docker-enabled host, making deployments faster, repeatable, and reliable.
One-liner
Docker is used to containerize applications so they can run consistently across different environments with their own dependencies while sharing the host OS kernel.