Docker Container Basics

Docker packages applications and their dependencies into portable containers that run consistently across any environment. A container shares the host OS kernel but is isolated at the process, filesystem, and network level.

Images and Layers

A Docker image is a read-only snapshot built from a series of layers. Each instruction in a Dockerfile adds a layer. Layers are cached and shared, so two images built from the same base share those base layers on disk.

Writing a Dockerfile

Start from a minimal base image, copy only what you need, install dependencies in a separate layer to maximise cache reuse, and set a non-root user before the final CMD or ENTRYPOINT.

Volumes and Persistence

Containers are ephemeral by default — data written inside a container is lost when it stops. Mount a named volume or bind-mount a host directory to persist data beyond the container lifecycle.

Networking

Containers on the same Docker network can communicate by container name. Bridge networks are the default; overlay networks span multiple Docker hosts in a Swarm. Expose ports with -p hostPort:containerPort.

Docker Compose

Docker Compose defines multi-container applications in a single compose.yaml file. Run the entire stack with docker compose up. Services, volumes, and networks are all declared declaratively.