Chapter 1: Introduction to Docker & Architecture
Docker is a tool that allows developers to run applications in the same way on every machine.
This is done using **CONTAINERS**, which are isolated environments with everything an app needs.
Example: You build a website project on your laptop. On your friend’s laptop, it fails because
their JAVA version is different. With Docker, you package your code + JAVA+ dependencies into
a container. Now it works everywhere.
Docker has two main parts:
1. Docker Client → The tool you use to run commands like ‘docker run’ or ‘docker pull’.
2. Docker Daemon → The engine in the background that creates and manages containers.
The client and daemon talk via REST API, Unix socket, or network.
Analogy: You (client) say ‘Make tea!’ and the kitchen (daemon) makes it.
Chapter 2: Docker Components
1. Docker Images → Templates used to create containers. Built in layers.
2. Docker Containers → Running instances of images. Temporary unless connected to storage.
3. Docker Engine → Core runtime that builds and runs containers locally.
4. Docker Hub → Online repo to store and share images.
5. Dockerfile → A script with steps to build an image.
Workflow: Dockerfile → docker build → Docker Image → docker run → Container
🏗️ Dockerfile = Recipe / Blueprint (instructions)
📦 Docker Image = Baked Cake (ready-to-use artifact built from the Dockerfile)
🚀 Docker Container = Slice of Cake (a running instance of the image)
So in simple terms:
A Dockerfile is a blueprint for Docker images, which then become the basis for running containers.
Chapter 3: Basic Docker Commands
Image Commands:- docker image ls → List images- docker pull → Download image- docker rmi → Remove image
Container Commands:- docker run → Run a container- docker ps -a → List containers- docker exec -it /bin/bash → Enter container terminal- docker logs → View logs
Chapter 4: Docker vs Virtual Machines
Docker Containers:- Start in seconds- Lightweight (share host OS)- Faster performance- Isolation at process level
Virtual Machines:- Start in minutes- Heavy (need full OS)- Slower performance- Isolation at hardware level
Example: Run 10 microservices → Use containers.
Run Windows on Linux → Use VM.
Chapter 5: Storage & Volumes
Containers are temporary. When deleted, data is lost. Storage is needed to save data.
Types of Storage:
1. Bind Mount → Maps host path to container path.
2. Docker Volume → Managed by Docker, stored in /var/lib/docker/volumes.
3. tmpfs → Data stored in RAM (fast, temporary).
Commands:- docker volume ls → List volumes- docker volume create myvol → Create a volume- docker run -v myvol:/data ubuntu → Mount volume in container
Chapter 6: Networking in Docker
Types of Networks:
1. None → No network
2. Host → Shares host IP
3. Bridge (default) → Private network with unique container IPs
Commands:- docker network ls → List networks- docker network create mynet → Create a network- docker run –network mynet nginx → Connect container to network
Chapter 7: Dockerfile (Blue print )
A Dockerfile is a set of instructions to build an image.
Common instructions:- FROM ubuntu → Base image- COPY . /app → Copy files- RUN apt-get install nginx → Run commands- CMD [“nginx”, “-g”, “daemon off;”] → Default command- EXPOSE 80 → Open port
Analogy: Recipe for a cake → Add ingredients step by step.
Chapter 8: Tags, Building & Pushing Images
Tags are version labels for images.
Example:
docker tag myctr myuser/app:v1
Build Image:
docker build -t myuser/app:1.0 .
Push to Docker Hub:
docker push myuser/app:1.0
Chapter 9: Docker Compose
Compose is used for multi-container apps.
Commands:- docker-compose up -d → Start services- docker-compose down → Stop services- docker-compose ps → List services- docker-compose logs → View logs- docker-compose scale web=3 → Scale replicas
Chapter 10: Docker Swarm (Orchestration)
Swarm manages containers across many servers.
Concepts:- Manager node → Controls cluster- Worker node → Runs containers- Services → Higher-level objects with replicas
Commands:- docker swarm init → Initialize Swarm- docker service create –replicas 2 nginx → Run service- docker service scale myweb=5 → Scale service- docker service update –image nginx:1.25 myweb → Update service- docker service rollback myweb → Rollback
Chapter 11: CPU, Memory & Resource Management
Why? To prevent one container from using all host resources.
Examples:- docker run –memory=512m httpd → Limit memory- docker run –cpus=0.5 httpd → Limit CPU- docker stats → Monitor usage
Rule: Always keep 20–30% resources free for the host OS.
Chapter 12: Docker Security & Best Practices
Security Best Practices:
1. Use lightweight base images (e.g., alpine).
2. Run containers as non-root.
3. Keep images updated.
4. Use multi-stage builds.
5. Drop unnecessary privileges.
6. Store secrets securely (e.g., Docker Secrets).
7. Expose only required ports.
8. Apply SELinux/AppArmor.
Example:
docker run -d –name safe-app –memory=512m –cpus=”0.5″ –security-opt=no-new-privileges–cap-drop=ALL myuser/app:1.0
Chapter 13: Docker Command Reference
System :- docker –version- docker info
Containers :- docker run -it alpine /bin/sh- docker stop- docker rm
Images :- docker pull nginx- docker build -t myapp .- docker push myapp
Volumes :- docker volume create myvol- docker run -v myvol:/data nginx
Networks :- docker network create mynet- docker run –network mynet nginx
Compose :- docker-compose up -d- docker-compose down
Swarm :- docker swarm init- docker service create nginx
Security :- docker run –read-only –tmpfs /tmp:rw,size=64m myapp