(TWN) DevOps Fundamentals: Containerization with Docker

-

Docker is a open-source platform that has revolutionized how we build, ship, and run applications by introducing a standardised way to package software. 

In this article, we will look into: what is a container? How are docker containers and images different? How are containers and virtual machines different? And deep dive into Docker.



1. What is a Container?

At its core, a container is a way to package an application along with all its necessary dependencies, libraries, and configurations. It serves as a portable artifact that can be easily shared and moved across different environments—from a developer's laptop to a testing server and finally to production—without any changes in behavior.

Where do containers live?

Containers are stored in repositories.

  • DockerHub: The primary public repository for sharing Docker images.
  • Private Repositories: Most companies maintain their own private registries to secure proprietary code.

How containers Improve the Development Process?

Containers allow developers to run services (like databases or message brokers) without installing them directly on their host operating system. Because each container is an isolated OS layer (typically a Linux-based image), your local machine stays clean, and the environment remains consistent for everyone on the team.

2. Containers vs. Images: The Technical Distinction

It is common to use these terms interchangeably, but they represent different states of an application:

  • Image: The actual package. It is a read-only artifact containing the compiled code and dependencies. Technically, an image is made of stacked layers, usually starting with a small Linux base image.
  • Container: A running instance of an image. When you "pull" an image and start it, it becomes a container.
    • Not running = Image
    • Running = Container

3. Containers vs. Virtual Machines (VMs)

While containers might feel like VMs, they differ in what they virtualize:

  • VMs: Virtualize both the OS Application layer and the OS Kernel layer. This makes them heavy and slow to start.
  • Docker: Virtualizes only the OS Application layer. It shares the host's Linux kernel, making containers significantly faster and more lightweight.

Note on Compatibility: Docker was built for Linux. On Windows or Mac, Docker Desktop uses a hypervisor layer with a lightweight Linux distribution to provide the necessary kernel.

4. Deep-Dive into Docker 

Docker Architecture & Components

The Docker Engine consists of three primary components:

  1. Docker Server (Daemon): Manages images, containers, networks, and volumes.
  2. Docker API: The interface used to interact with the Docker Server.
  3. Docker CLI: The command-line client where users execute commands.

Essential Docker Commands

To manage the lifecycle of a container, you will frequently use these commands:

  • docker pull: Download an image from a registry.
  • docker images: List all locally stored images.
  • docker ps: List running containers.
  • docker run: Create and start a container from an image.

Port Mapping

Since containers run in isolation, you must map the Container Port to a Host Port to access the application from your machine. Multiple containers can run on a single host as long as their host ports do not conflict.

5. Docker Compose

Orchestration with Docker Compose and YAML

When an application requires multiple services (e.g., a Node.js backend and a MongoDB database), managing individual docker run commands becomes tedious. This is where Docker Compose comes in.

What is YAML?

YAML (which stands for "YAML Ain't Markup Language") is a human-friendly configuration format. It is critical for docker-compose.yml files because it allows you to define multi-container applications in a declarative way.

Dockerfile vs. Docker Compose

  • Dockerfile: A text file containing instructions to build a single image (e.g., FROM node, COPY, RUN).
  • Docker-compose.yml: A file used to run and orchestrate multiple containers together, defining their networks, volumes, and startup order.

6. Networking & Storage in Docker

Data Persistence and Networking

  • Docker Network: Docker creates isolated networks for containers. Within a Compose file, containers can communicate with each other simply by using their service names.
  • Docker Volumes: By default, data inside a container is lost when the container is deleted. Volumes allow you to persist data generated by the container (like database records) on the host machine.

7. Connection between Docker & Jenkins

The CI/CD Workflow: Jenkins and Docker

In a professional pipeline, Docker is integrated into the Continuous Integration (CI) process:

  1. Development: A developer writes code and a Dockerfile.
  2. Commit: The code and Dockerfile are pushed to a Git repository.
  3. Build: A CI server (like Jenkins) takes the Dockerfile, builds a Docker image (e.g., turning a Java JAR into an image), and tags it.
  4. Push: Jenkins pushes the image to a private registry using the naming convention: registryDomain/imageName:tag.
  5. Deploy: The development or production servers pull the new image and run it.

8. Docker Best Practices

To ensure your containers are secure and efficient, follow these industry standards:

  1. Use Official Images: Always start with verified base images.
  2. Keep Images Small: Use "Slim" or "Alpine" versions of images to reduce the attack surface and download time.
  3. Optimize Caching: Order your Dockerfile commands from least to most frequently changing to take advantage of layer caching.
  4. Use .dockerignore: Explicitly exclude files (like node_modules or logs) from being sent to the Docker daemon.
  5. Multi-stage Builds: Use one stage for building the app and a second, smaller stage for running it.
  6. Least Privilege: Avoid running containers as the root user; create a dedicated user within the Dockerfile.

In Conclusion:

By adopting Docker, you simplify complex deployments—such as setting up a Nexus repository or a MongoDB cluster—into a few lines of code, ensuring that your application runs perfectly everywhere. 

Comments

Post a Comment

Popular posts from this blog

(Commentary): Trusting the process

-
 Life is a very puzzling thing. Sometimes when we frantically chase after something, we do not get it. But, we go past the need of wanting it, we easily get it.  Success is similar in that sense. Whether it is success in career, relationship, happiness, or money. When we chase after love and relationship, we end up becoming "needy". When we chase after money, we are labelled as "greedy". It is not to say that we should not chase after things, or wholeheartedly pursue things.  I believe the nuance there is the difference between chasing "frantically" and chasing "wholeheartedly". When we say frantic, we often mean that the person is in such desperation that they believe that they cannot live without. When we say wholeheartedly, we mean that the person is sole focus and pure intention pursuing something .  The intention and the mood with which (the state of mind) that we pursue a goal is important. So what is the state of mind we should cultivate...
Read more

About me

-
Image
 Hello World! In this ever-changing world of AI, returning to blogging or blogger on 2026 is the last thing that I expected of myself. I did not even know if blogger was still around but I just thought that I should be a producer instead of a consumer. Consuming knowledge after knowledge, course after course, can be an energy consuming task. While the advent of AI has made the consumption and breakdown of knowledge better, there is still no better way to retain and understand knowledge then to teach or put it into practice.  This blog series is an small attempt from me to do that. To becoming a better version of me. To improve 1% every single day.  Promise to oneself: "It is okay if you do not blog for a long period of time, just jump back in and do it. Just do it." Hi, I am Lokesh. This is about my learning journey. I am a techie, a student, and a dad.   I am currently invested in learning about DevOps, AI, and MLOps. Balancing family, work, and studies.  ...
Read more

(Hat) AI Engineer

-
Image
 AI Engineer is probably one of the most popular roles right now. Many people aspire to be AI Engineer without fully understanding on what the role is about.  In this article, we will look at: What is an AI Engineer? What an AI Engineer does? How is different from the other AI roles that people might get confused with? AI Engineer: - is responsible for designing and developing AI Models that can be used in various applications - work across different stages of the AI Development life cycle, including data collection, pre-processing, model training, and deployment - integrate the AI models into existing systems and ensuring they function correctly with a broader architecture - also fine-tune models for efficiency and accuracy What is the value that AI Engineers bring to an Organisation? That question must be answered by what is the value that AI brings to an organisation. Ultimately, for any organisation where AI is not the product or service that they provide, it is about 2 th...
Read more