What is Docker (one line)
- A Docker container is a running instance of a Docker image. It includes the application, libraries, and runtime, isolated from the host system.
Why use Docker (short & practical)
- Consistency: same environment on your laptop, CI, and production.
- Portability: images run anywhere the Docker engine runs.
- Efficiency: containers share the host kernel — they start fast and use less memory than VMs.
- Simplifies CI/CD & microservices: build, ship, and scale small independent services easily.
Core concepts (simple definitions)
- Image: immutable blueprint (read-only).
- Container: running instance of an image (writable layer on top).
- Registry: storage for images (e.g., Docker Hub).
- Dockerfile: text file with build instructions for an image.
- Volume / Bind mount: ways to persist or share data outside a container.
- Network drivers: bridge (default), host, none, overlay (for multi-host).
- Layer caching: build reuses unchanged layers to speed up builds.
Minimal Dockerfile — what each line means
FROM openjdk:17-jdk-slim # base image with Java runtime
WORKDIR /app # set working directory inside the image
COPY build/libs/myapp.jar /app/myapp.jar
EXPOSE 8080 # documents the port the app uses
ENTRYPOINT ["java","-jar","/app/myapp.jar"]
- FROM: base image.
- WORKDIR: where subsequent commands run.
- COPY: copy files from host into the image.
- EXPOSE: documents a port (does not publish it).
- ENTRYPOINT: the executable used when container starts.
Tip: add a .dockerignore to exclude build artifacts you don’t want in the image.
Essential commands (clean cheat-sheet)
General info
docker --version # show docker client version
docker info # daemon summary (containers, images, storage driver)
Build images
docker build -t myapp:1.0 . # build image from Dockerfile in current dir
docker build --no-cache -t myapp:1.0 . # rebuild without cache
Run & lifecycle (create, start, stop, remove)
docker run --name web -d -p 8080:80 nginx:latest
# -d (detached), -p hostPort:containerPort, --name containerName
docker run -it --rm ubuntu bash
# -it interactive, --rm remove on exit
docker ps # list running containers
docker ps -a # list all containers (including stopped)
docker stop <container> # graceful stop
docker start <container> # start stopped container
docker restart <container> # restart
docker rm <container> # remove container
Images
docker pull nginx:latest # download image from registry
docker images # list local images
docker rmi <image> # remove image
docker tag SOURCE:TAG TARGET:TAG # retag an image
docker save -o img.tar <image> # save image to tar
docker load -i img.tar # load image from tar
Inspect, exec & logs
docker logs -f <container> # follow logs
docker exec -it <container> /bin/bash # open shell inside running container
docker inspect <container|image> # JSON metadata and settings
Volumes & mounts (persist data)
docker volume create myvol
docker run -v myvol:/data ... # named volume
docker run -v /host/path:/data ... # bind mount
docker volume ls
docker volume rm myvol
- Named volumes (managed by Docker) are best for databases and portability.
- Bind mounts map a host folder directly into the container (useful for development).
Networking (quick)
docker network ls
docker network create mynet
docker run --network mynet ...
docker network inspect mynet
Cleanup (free disk space)
docker system df
docker image prune # remove dangling images
docker container prune # remove stopped containers
docker system prune -a # remove unused images/containers/networks (careful)
Compose (multi-container apps)
docker compose up -d
docker compose down
docker compose ps
docker compose logs -f
Monitoring & debug
docker stats # live resource usage
docker top <container> # processes running inside container
Top comments (0)