|
| 1 | +<div align="center"> |
| 2 | + |
| 3 | +# Introduction to Docker |
| 4 | +</div> |
| 5 | + |
| 6 | +Docker is a platform for building, shipping, and running applications in lightweight, portable containers. Containers package an application and its dependencies together, ensuring consistent behavior across development, CI, and production environments. |
| 7 | + |
| 8 | +## Why use Docker |
| 9 | +- Reproducible runtime environments across machines and teams. |
| 10 | +- Faster developer workflows (build once, run anywhere). |
| 11 | +- Resource-efficient compared to full virtual machines. |
| 12 | +- Simplifies dependency management and deployment pipelines. |
| 13 | + |
| 14 | +## Core concepts |
| 15 | +- Image: Immutable, read-only snapshot that contains application code, runtime, libraries, and metadata. Built from a Dockerfile. |
| 16 | +- Container: A running instance of an image; isolated filesystem, network namespace, and process tree. |
| 17 | +- Dockerfile: Declarative text file that defines how to build an image. |
| 18 | +- Registry: A service to store and distribute images (Docker Hub, private registries). |
| 19 | +- Volume: Persistent storage that lives outside container lifecycle. |
| 20 | +- Network: Isolation and connectivity between containers (bridge, host, overlay). |
| 21 | +- Tag: Named pointer to an image version (e.g., myapp:1.0, nginx:latest). |
| 22 | + |
| 23 | +## Key components |
| 24 | +- Docker Engine: The runtime that builds and runs containers. |
| 25 | +- Docker CLI: Command-line interface (docker) to interact with the Engine. |
| 26 | +- Docker Compose: Tool to define and run multi-container applications via YAML. |
| 27 | +- Docker Desktop: Desktop application for macOS/Windows that bundles Engine, CLI, and tools. |
| 28 | +- Registry/Hub: Public or private storage for images. |
| 29 | + |
| 30 | +## Typical workflow |
| 31 | +1. Write a Dockerfile that describes the application image. |
| 32 | +2. Build the image: `docker build -t myapp:latest .` |
| 33 | +3. Run a container: `docker run -d --name myapp -p 8080:80 myapp:latest` |
| 34 | +4. Test and iterate locally. |
| 35 | +5. Push image to a registry: `docker push myregistry/myapp:latest` |
| 36 | +6. Deploy by pulling the image to target hosts or orchestrator. |
| 37 | + |
| 38 | +## Minimal examples |
| 39 | + |
| 40 | +Dockerfile (simple Node.js app): |
| 41 | +```dockerfile |
| 42 | +FROM node:18-alpine |
| 43 | +WORKDIR /app |
| 44 | +COPY package*.json ./ |
| 45 | +RUN npm ci --production |
| 46 | +COPY . . |
| 47 | +CMD ["node", "server.js"] |
| 48 | +``` |
| 49 | + |
| 50 | +Run an nginx container: |
| 51 | +```bash |
| 52 | +docker run -d --name web -p 80:80 nginx:stable |
| 53 | +``` |
| 54 | + |
| 55 | +docker-compose.yml (web + redis): |
| 56 | +```yaml |
| 57 | +version: "3.8" |
| 58 | +services: |
| 59 | + web: |
| 60 | + build: . |
| 61 | + ports: |
| 62 | + - "8080:80" |
| 63 | + depends_on: |
| 64 | + - redis |
| 65 | + redis: |
| 66 | + image: redis:7-alpine |
| 67 | +``` |
| 68 | +Start: `docker compose up -d` |
| 69 | + |
| 70 | +## Useful commands |
| 71 | +- Build: `docker build -t myapp:tag .` |
| 72 | +- Run: `docker run -d -p 80:80 --name app myapp:tag` |
| 73 | +- List running containers: `docker ps` |
| 74 | +- List images: `docker images` |
| 75 | +- Exec into container: `docker exec -it app /bin/sh` |
| 76 | +- Logs: `docker logs -f app` |
| 77 | +- Remove container/image: `docker rm app`, `docker rmi myapp:tag` |
| 78 | +- Compose: `docker compose up -d`, `docker compose logs -f` |
| 79 | + |
| 80 | +## Best practices |
| 81 | +- Use small base images (alpine, distroless) when possible. |
| 82 | +- Follow multi-stage builds to reduce final image size. |
| 83 | +- Do not store secrets in images; use environment variables, secrets managers, or Docker Secrets. |
| 84 | +- Keep images immutable and versioned with tags. |
| 85 | +- Add a .dockerignore file to speed builds and avoid leaking files. |
| 86 | +- Run processes as non-root inside containers when feasible. |
| 87 | +- Add HEALTHCHECK to images for orchestration health reporting. |
| 88 | + |
| 89 | +## Security considerations |
| 90 | +- Scan images for vulnerabilities regularly. |
| 91 | +- Minimize installed packages and attack surface. |
| 92 | +- Use official or trusted base images. |
| 93 | +- Pin image digests or tags for reproducible deployments. |
| 94 | +- Limit container capabilities and use user namespaces or seccomp profiles. |
| 95 | + |
| 96 | +## Troubleshooting tips |
| 97 | +- If container fails to start: check `docker logs <container>` and `docker inspect <container>`. |
| 98 | +- Network issues: inspect networks (`docker network ls`, `docker network inspect`). |
| 99 | +- Build issues: add `--progress=plain` and check Dockerfile layers; use `docker build --no-cache` to force rebuild. |
| 100 | + |
| 101 | +## Next steps / learning path |
| 102 | +- Install Docker Desktop (Windows/macOS) or Docker Engine (Linux). |
| 103 | +- Learn Dockerfile best practices and multi-stage builds. |
| 104 | +- Learn Docker Compose for multi-container dev environments. |
| 105 | +- Explore orchestration: Kubernetes or Docker Swarm for production-scale deployments. |
| 106 | +- Read the official docs: https://docs.docker.com/ |
| 107 | + |
| 108 | +This file should serve as a concise reference for getting started with Docker and as a base to link to more detailed guides (Dockerfile patterns, Compose, security hardening, CI/CD integrations). |
0 commit comments