Modern software development has changed completely.

Applications are no longer deployed directly on servers like before.

Today, companies package applications into containers so they can run consistently anywhere:

• Developer laptop
• Cloud servers
• Kubernetes clusters
• CI/CD pipelines
• Edge infrastructure

🔗 Resources

• ** Support the Journey on GitHub:
  If you're following along, consider starring and forking the repo:**
  https://github.com/17J/30-Days-Cloud-DevSecOps-Journey

• Docker Command Sheet:
  https://docker-command.vercel.app/

🧠 What is a Container?

A container is a lightweight isolated environment that includes:

• Application code
• Runtime
• Libraries
• Dependencies
• Environment variables
• System tools

Everything required to run the application is packaged together.

That means:

• Same behavior everywhere
• Faster deployments
• Portable infrastructure
• Easy scaling

⚔️ Containers vs Virtual Machines

This is one of the most important concepts in DevOps.

Both Containers and VMs isolate applications — but in very different ways.

🖥️ Virtual Machines (VMs)

A VM includes:

• Full Operating System
• Guest Kernel
• Hypervisor
• Application

Problems with VMs

• High memory usage
• Slow startup time
• Large storage consumption
• Less efficient scaling

🐳 Containers

👁 Container

Containers share the host OS kernel.

They only package:

• Application
• Dependencies
• Runtime

This makes them:

• Lightweight
• Fast
• Portable
• Efficient

📊 Containers vs VMs Comparison

📦 What is Docker?

Docker is a platform used to:

• Build applications
• Package applications
• Ship applications
• Run applications in isolated environments called containers

Docker ensures:

“It works the same everywhere.”

This solves the classic developer problem:

“It works on my machine.”

🏗️ Docker Architecture

Docker mainly consists of 3 components:

👁 Docker Registry

1️⃣ Docker Client

The CLI where commands are executed.

Example:

docker build
docker run
docker ps

2️⃣ Docker Daemon

The background service (dockerd) responsible for managing:

• Containers
• Images
• Networks
• Volumes

3️⃣ Docker Registry

A place where Docker images are stored.

Popular registries include:

• Docker Hub
• GitHub Container Registry
• AWS ECR
• Google Artifact Registry

🧱 What is a Docker Image?

A Docker Image is a:

Read-only blueprint used to create containers.

It contains:

• Application code
• Dependencies
• Runtime
• Configuration
• Libraries

🧠 Simple Analogy

The image is the template.

The container is the running instance.

🔍 Popular Docker Images

Some commonly used images:

nginx
ubuntu
node
python
mysql
redis
postgres

Pull an image:

docker pull nginx

Run a container:

docker run nginx

📝 What is a Dockerfile?

A Dockerfile is a text file containing instructions used to build a Docker image.

This is where containerization begins.

🧱 Example Dockerfile

FROM node:20-alpine

WORKDIR /app

COPY package.json package-lock.json ./

RUN npm ci --only=production

COPY . .

EXPOSE 3000

CMD ["node", "app.js"]

🔬 Dockerfile Explained

FROM

Defines the base image.

FROM node:20-alpine

WORKDIR

Sets the working directory inside the container.

WORKDIR /app

COPY

Copies files from local system into the container.

COPY . .

RUN

Executes commands during image build.

RUN npm install

EXPOSE

Documents which port the application uses.

EXPOSE 3000

CMD

Defines the default startup command.

CMD ["node", "app.js"]

🚀 Building Docker Images

Build image:

docker build -t myapp .

Explanation

▶️ Running Containers

Run container:

docker run -p 3000:3000 myapp

🔍 Understanding Port Mapping

-p 3000:3000

Means:

Access app on:

http://localhost:3000

📂 Containerizing a Node.js Application

📁 Project Structure

project/
│
├── app.js
├── package.json
└── Dockerfile

📄 app.js

const express = require("express");
const app = express();

app.get("/", (req, res) => {
 res.send("Docker is working!");
});

app.listen(3000);

📄 package.json

{"dependencies":{"express":"^4.18.2"}}

📄 Dockerfile

FROM node:20-alpine

WORKDIR /app

COPY package*.json ./

RUN npm ci

COPY . .

EXPOSE 3000

CMD ["node", "app.js"]

🏗️ Build the Image

docker build -t node-docker-demo .

▶️ Run the Container

docker run -p 3000:3000 node-docker-demo

Now open:

http://localhost:3000

You should see:

Docker is working!

📦 Docker Image Layers

Docker images are layered.

Each instruction creates a new layer.

Example:

FROM ubuntu:24.04
RUN apt update
RUN apt install nginx
COPY . .

Each line becomes a cached layer.

This makes builds:

• Faster
• Efficient
• Reusable

⚡ Docker Caching

Docker rebuilds only changed layers.

That’s why Dockerfiles should be optimized carefully.

✅ Cache-Friendly Pattern

COPY package.json .
RUN npm install

COPY . .

Why?

Dependencies are cached separately.

If only source code changes, Docker skips reinstalling packages.

❌ Bad Pattern

COPY . .
RUN npm install

Any file change invalidates cache.

Build becomes slower.

📁 Docker Volumes

Containers are ephemeral.

Data disappears after container removal.

Volumes solve this problem.

Create Volume

docker volume create mydata

Use volume:

docker run -v mydata:/data nginx

🌐 Docker Networking

Containers communicate using Docker networks.

Create network:

docker network create mynetwork

Run containers inside same network.

Useful for:

• APIs
• Databases
• Microservices
• Internal communication

🧹 Essential Docker Commands

📦 Images

docker images
docker pull nginx
docker build -t myapp .
docker push username/myapp:v1
docker rmi image_id

🐳 Containers

docker ps
docker ps -a
docker stop container_id
docker rm container_id
docker logs -f container_id
docker exec -it container_id sh

🧽 Cleanup

docker system prune
docker volume prune

🔥 Why Docker Became So Popular

Docker transformed software deployment because it provides:

• Environment consistency
• Faster deployments
• Infrastructure portability
• Easy CI/CD integration
• Better scalability
• Microservices support
• Cloud-native compatibility

☁️ Docker in Modern DevOps

Docker is now everywhere.

🔐 Docker Security Basics

Important security practices:

• Use minimal base images
• Avoid running as root
• Scan images regularly
• Keep dependencies updated
• Use signed images
• Remove unused containers/images

🏭 Real-World Docker & K8s Workflow

👁 Docker WorkFlow

🚀 Docker Best Practices

✅ Use Smaller Images

Prefer:

FROM node:20-alpine

Instead of huge base images.

Smaller images:

• Pull faster
• Reduce attack surface
• Save storage

✅ Always Use .dockerignore

Example:

node_modules
.git
.env
*.log

This reduces build size and prevents accidental secret leaks.

✅ Multi-Stage Builds

Use one stage for building.

Use another minimal stage for production.

✅ Tag Images Properly

Bad:

latest

Good:

v1.0.2

✅ Don’t Run Containers as Root

Example:

RUN adduser -S appuser
USER appuser

🎭 Multi-Stage Build Example

# Stage 1 — Build
FROMnode:20-alpineASbuilder

WORKDIR /app

COPY package*.json ./

RUN npm ci

COPY . .

RUN npm run build

# Stage 2 — Production
FROM node:20-alpine

WORKDIR /app

COPY --from=builder /app/dist ./dist
COPY --from=builder /app/node_modules ./node_modules

EXPOSE 3000

CMD ["node", "dist/index.js"]

📚 Final Thoughts

Docker completely changed how modern applications are built and deployed.

Understanding:

• Containers
• Docker Images
• Dockerfiles
• Layers
• Volumes
• Networking

is now a fundamental engineering skill.
Because modern infrastructure runs on containers.

most popular alternatives to Docker for containerization and container runtime workflows:

• Podman
• containerd
• CRI-O

🎯 Quick Recap