Docker

Docker is a container platform that packages applications and their dependencies into isolated, portable containers that run consistently across Linux, macOS, and Windows environments.

What Docker Does and When to Use It

Docker builds container images from Dockerfiles, runs containers from those images, and manages container lifecycles — start, stop, restart, remove. Docker Compose extends this to multi-container applications by defining services, networks, and volumes in a single docker-compose.yml file.

System administrators use Docker to deploy web servers, databases, and applications in isolated environments without dependency conflicts. Developers use Docker to create reproducible development environments that match production. Docker eliminates "it works on my machine" problems by packaging the application with its exact runtime dependencies.

Docker is not a virtual machine — containers share the host kernel and do not run a full OS. For workloads requiring hardware-level isolation or different kernels, use VMs (KVM, VirtualBox). Docker is not an orchestrator — for production clustering, scaling, and service discovery, use Kubernetes or Docker Swarm.

How to Install Docker

=== "Ubuntu"

```bash
sudo apt install docker.io docker-compose-v2
sudo systemctl enable docker
sudo usermod -aG docker $USER
```

Log out and back in for the group change to take effect.

=== "macOS"

Download and install Docker Desktop from [docker.com](https://www.docker.com/products/docker-desktop/).

Core Concepts of Docker

Docker Images vs Containers

A Docker image is a read-only template containing the application code, runtime, libraries, and configuration. A Docker container is a running instance of an image with its own writable filesystem layer. Multiple containers can run from the same image simultaneously. Images are built with docker build and containers are started with docker run.

Docker Volumes and Data Persistence

Docker containers are ephemeral — data written inside a container is lost when the container is removed. Docker volumes persist data outside the container lifecycle. Named volumes ( docker volume create dbdata) are managed by Docker. Bind mounts map a host directory into the container. See Docker volumes vs bind mountsfor choosing the right approach.

Docker Networking

Docker creates isolated networks for containers. Containers on the same Docker network communicate by container name. The default bridge network provides basic connectivity. Docker Compose creates a dedicated network per project automatically.

Common Tasks with Docker

How to Run a Container with Docker

docker run -d -p 8080:80 --name webserver nginx:latest

The Docker command runs an Nginx container in detached mode, mapping host port 8080 to container port 80.

How to View Running Containers with Docker

docker ps

How to View Container Logs with Docker

docker logs webserver

For detailed instructions, see How to debug a crashing Docker container.

Docker Troubleshooting

Related Tools and Guides

Nginxis commonly deployed inside Docker containers. MySQLrequires Docker volumes for data persistence. UFWrules are bypassed by Docker's iptables manipulation — see Docker bypasses UFW. Certbotcan run as a Docker container for certificate management.