Docker Basics - ggcoder.com

VM vs Container

Virtual machines emulate an entire OS, making them heavy and slow to start. Containers share the host kernel and package only the app plus its dependencies — launching in milliseconds and using a fraction of the resources.

Virtual Machine	Container
Full OS per instance	Shared host kernel
GBs of disk space	MBs of disk space
Minutes to start	Milliseconds to start
Strong isolation (hypervisor)	Process-level isolation
Heavy resource usage	Lightweight and dense

App

↓

Bins/Libs

↓

Container Runtime

↓

Host OS

↓

Hardware

Container Layer Stack

Hardware

Physical or virtual machine

Host OS

Shared kernel — not duplicated

Container Runtime

Docker Engine manages containers

Base Image

e.g. node:20-alpine

Dependencies

node_modules, system libs

Application

Your code and config

Core Concepts

Four primitives underpin everything in Docker. Understanding them removes the mystery from most Docker commands.

Image

Read-only blueprint built from a Dockerfile. Layers are cached and shared.

Container

A running instance of an image. Ephemeral by default — data is lost when removed.

Volume

Persistent storage managed by Docker, mounted into one or more containers.

Network

Virtual network allowing containers to communicate by service name.

Dockerfile Anatomy

A Dockerfile is a sequence of instructions that Docker executes to produce an image. Multi-stage builds keep the final image lean by discarding build-time tooling.

Dockerfile (multi-stage)

# Stage 1: build
FROM node:20-alpine AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci
COPY . .
RUN npm run build

# Stage 2: runtime
FROM node:20-alpine AS runner
WORKDIR /app
COPY --from=builder /app/dist ./dist
COPY --from=builder /app/node_modules ./node_modules
EXPOSE 3000
CMD ["node", "dist/index.js"]

FROM

Choose a base image. Alpine variants are smallest.

COPY / RUN

Each instruction adds a layer. Order dependencies before source code to maximise cache hits.

EXPOSE

Documents the port — does not actually publish it. Use -p at runtime.

CMD / ENTRYPOINT

Default command when the container starts. CMD can be overridden; ENTRYPOINT cannot.

Docker Workflow

Write Dockerfile

Define build steps and base image

Build Image

docker build -t name:tag .

Push Registry

docker push name:tag to share

Pull

docker pull on the target host

Run Container

docker run -d -p 8080:80 name

Docker Compose

Compose defines your entire multi-container application in a single YAML file, making local development and CI reproducible with one command.

compose.yml

services:
  app:
    build: .
    ports:
      - "3000:3000"
    environment:
      - DATABASE_URL=postgres://db/myapp
    depends_on:
      - db

  db:
    image: postgres:16-alpine
    volumes:
      - pgdata:/var/lib/postgresql/data
    environment:
      - POSTGRES_DB=myapp
      - POSTGRES_PASSWORD=secret

volumes:
  pgdata:

✓Useful commands

docker compose up -d starts all services in the background. docker compose logs -f app tails logs. docker compose down -v stops everything and removes volumes.

Essential Commands

Images

docker build -t name:tag . — build from Dockerfile

docker pull image:tag — download from registry

docker images — list local images

docker rmi image:tag — remove an image

Containers

docker run -d -p 8080:80 nginx — run detached

docker ps — list running containers

docker exec -it id sh — shell into container

docker stop / rm id — stop and remove

Volumes & Networks

docker volume create myvol — create named volume

docker volume ls / inspect — list and inspect

docker network create mynet — create bridge network

docker network ls — list networks