Docker Engine (CLI and runtime) is free and open source. Docker Desktop is free for personal use, education, and small businesses (under 250 employees and $10M revenue). Larger companies need a subscription.

Docker vs virtual machines?

Containers share the host OS kernel, making them faster to start (seconds vs minutes) and more lightweight (MBs vs GBs). VMs provide stronger isolation. In practice, most web applications use containers; VMs are used when you need different OS kernels or maximum isolation.

How do I debug a Docker container?

Use docker logs to view output, docker exec -it [id] sh to get a shell inside the container, or docker inspect to see configuration details. For network issues, try docker network ls and docker network inspect.

Docker for Beginners: A Practical Getting Started Guide

March 31, 2026 · 12 min read

📑 Table of Contents

What Is Docker and Why Should You Care?
Key Concepts: Images, Containers, and Dockerfiles
Installing Docker on Your System
Essential Docker Commands Every Developer Needs
Writing Your First Dockerfile
Docker Compose for Multi-Container Applications
Volumes: Persisting Data Beyond Container Lifecycles
Docker Networking Fundamentals
Production-Ready Best Practices
Debugging and Troubleshooting Common Issues
Popular Tools and Integrations
Frequently Asked Questions

Docker revolutionized software development by solving the infamous "it works on my machine" problem. Instead of installing dependencies directly on your system and dealing with version conflicts, Docker packages everything your application needs into isolated containers that run identically everywhere—from your laptop to production servers.

If you haven't learned Docker yet in 2026, now is the time. It's become the de facto standard for application deployment, used by over 13 million developers worldwide and integrated into virtually every modern development workflow.

What Is Docker and Why Should You Care?

Docker is a containerization platform that wraps your application and all its dependencies into a standardized unit called a container. Think of it as a lightweight, portable package that includes everything needed to run your software: code, runtime, system tools, libraries, and settings.

Before Docker, developers faced constant environment inconsistencies. Your Node.js app might work perfectly on your MacBook with Node 18, but crash on your colleague's Windows machine running Node 16. Or worse, it would work in development but fail mysteriously in production because of subtle differences in system libraries.

Docker eliminates these headaches by creating consistent, reproducible environments. When you containerize an application, you're guaranteeing it will behave the same way regardless of where it runs.

Key Benefits of Using Docker

Consistency across environments: Development, staging, and production all run identical containers
Faster onboarding: New team members can start contributing in minutes instead of spending days setting up their environment
Isolation: Run multiple projects with conflicting dependencies on the same machine without interference
Efficient resource usage: Containers share the host OS kernel, making them much lighter than virtual machines
Simplified deployment: Ship your entire application stack as a single artifact
Microservices architecture: Break monolithic applications into manageable, independently deployable services

Pro tip: Docker isn't just for production deployments. Many developers use it to run databases, caching layers, and other services locally without cluttering their system with installations. Need PostgreSQL for one project and MySQL for another? Run both in containers without conflicts.

Key Concepts: Images, Containers, and Dockerfiles

Understanding three core concepts is essential before diving into Docker commands and workflows.

Docker Images

An image is a read-only template that contains everything needed to run an application. Think of it as a class in object-oriented programming—it's a blueprint, not a running instance.

Images are built in layers, with each layer representing a change or instruction. This layered architecture enables efficient storage and transfer because Docker only needs to download or store layers that have changed.

You can pull pre-built images from Docker Hub (the official registry) or build your own custom images. Popular base images include node, python, nginx, postgres, and redis.

Docker Containers

A container is a running instance of an image—like an object instantiated from a class. One image can spawn multiple containers, each running independently with its own isolated filesystem, network, and process space.

Containers are ephemeral by design. When you stop and remove a container, any data written inside it disappears unless you've explicitly configured persistent storage using volumes (more on this later).

Dockerfiles

A Dockerfile is a text file containing instructions for building a Docker image. It's essentially a recipe that tells Docker how to assemble your application environment step by step.

Each instruction in a Dockerfile creates a new layer in the image. Docker caches these layers intelligently, so rebuilding an image only processes the layers that have changed—making subsequent builds extremely fast.

Here's a minimal Dockerfile for a Node.js application:

FROM node:20-alpine
WORKDIR /app
COPY package*.json ./
RUN npm ci --production
COPY . .
EXPOSE 3000
CMD ["node", "server.js"]

Let's break down what each instruction does:

FROM specifies the base image (Node.js 20 on Alpine Linux, a minimal distribution)
WORKDIR sets the working directory inside the container
COPY transfers files from your host machine into the container
RUN executes commands during the build process (installing dependencies)
EXPOSE documents which port the application listens on
CMD defines the default command to run when starting a container

Installing Docker on Your System

Docker installation varies slightly by operating system, but the process is straightforward on all major platforms.

macOS and Windows

Download and install Docker Desktop from the official website. Docker Desktop includes everything you need: the Docker Engine, Docker CLI, Docker Compose, and a user-friendly GUI for managing containers.

After installation, Docker Desktop runs in the background and adds a menu bar icon (macOS) or system tray icon (Windows) for quick access to settings and running containers.

Linux

On Linux, install Docker Engine directly using your distribution's package manager. For Ubuntu/Debian:

curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
sudo usermod -aG docker $USER

Log out and back in for the group membership to take effect, allowing you to run Docker commands without sudo.

Verifying Installation

Confirm Docker is working correctly by running:

docker --version
docker run hello-world

The second command pulls a tiny test image and runs it in a container. If you see a welcome message, Docker is installed and functioning properly.

Essential Docker Commands Every Developer Needs

Mastering a handful of core commands will cover 90% of your daily Docker usage. Here's a comprehensive reference table:

Command	What It Does	Common Options
`docker build -t myapp .`	Build an image from a Dockerfile in the current directory	`-t` tags the image with a name
`docker run myapp`	Create and start a container from an image	`-d` (detached), `-p` (port mapping), `--name`
`docker ps`	List running containers	`-a` shows all containers (including stopped)
`docker stop [id]`	Gracefully stop a running container	Use container ID or name
`docker rm [id]`	Remove a stopped container	`-f` forces removal of running containers
`docker images`	List all images on your system	`-a` shows intermediate images
`docker rmi [image]`	Remove an image	`-f` forces removal
`docker logs [id]`	View container output and logs	`-f` follows log output in real-time
`docker exec -it [id] sh`	Open an interactive shell inside a running container	`-it` enables interactive terminal
`docker pull [image]`	Download an image from a registry	Specify tag like `nginx:1.25`
`docker compose up`	Start all services defined in docker-compose.yml	`-d` runs in background
`docker compose down`	Stop and remove all containers from compose file	`-v` also removes volumes

Practical Command Examples

Running a container with port mapping and environment variables:

docker run -d \
  --name my-postgres \
  -p 5432:5432 \
  -e POSTGRES_PASSWORD=secret \
  postgres:16

This starts PostgreSQL in the background, maps port 5432 to your host machine, and sets the database password.

Viewing real-time logs from a container:

docker logs -f my-postgres

Executing commands inside a running container:

docker exec -it my-postgres psql -U postgres

This opens an interactive PostgreSQL shell inside the container.

Quick tip: You don't need to type full container IDs. Docker accepts unique prefixes, so if your container ID is a3f8b2c1d4e5, you can use docker stop a3f as long as no other container ID starts with those characters.

Writing Your First Dockerfile

Let's build a complete Dockerfile for a real-world Node.js application, explaining each decision along the way.

# Use a specific version of Node.js on Alpine Linux (smaller image size)
FROM node:20-alpine

# Install system dependencies if needed
RUN apk add --no-cache python3 make g++

# Set working directory
WORKDIR /app

# Copy package files first (for better layer caching)
COPY package*.json ./

# Install production dependencies only
RUN npm ci --production --silent

# Copy application source code
COPY . .

# Create a non-root user for security
RUN addgroup -g 1001 -S nodejs && \
    adduser -S nodejs -u 1001 && \
    chown -R nodejs:nodejs /app

# Switch to non-root user
USER nodejs

# Expose the application port
EXPOSE 3000

# Health check to monitor container status
HEALTHCHECK --interval=30s --timeout=3s \
  CMD node healthcheck.js || exit 1

# Start the application
CMD ["node", "server.js"]

Dockerfile Best Practices

Order matters for caching efficiency. Place instructions that change frequently (like COPY . .) near the end of your Dockerfile. This way, Docker can reuse cached layers for dependency installation when only your source code changes.

Use .dockerignore files to exclude unnecessary files from the build context:

node_modules
npm-debug.log
.git
.env
*.md
.DS_Store

This speeds up builds and reduces image size by preventing Docker from copying files you don't need in the container.

Multi-Stage Builds

For compiled languages or applications requiring build tools, use multi-stage builds to keep final images small:

# Build stage
FROM node:20-alpine AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci
COPY . .
RUN npm run build

# Production stage
FROM node:20-alpine
WORKDIR /app
COPY package*.json ./
RUN npm ci --production
COPY --from=builder /app/dist ./dist
USER node
CMD ["node", "dist/server.js"]

The final image only contains production dependencies and compiled artifacts, not build tools or source code.

Docker Compose for Multi-Container Applications

Real-world applications rarely consist of a single service. You typically need a web application, database, cache, message queue, and other supporting services. Docker Compose lets you define and manage multi-container applications using a single YAML configuration file.

Here's a complete docker-compose.yml for a typical web application stack:

version: '3.8'

services:
  web:
    build: .
    ports:
      - "3000:3000"
    environment:
      - NODE_ENV=production
      - DATABASE_URL=postgresql://postgres:secret@db:5432/myapp
      - REDIS_URL=redis://redis:6379
    depends_on:
      - db
      - redis
    volumes:
      - ./logs:/app/logs
    restart: unless-stopped

  db:
    image: postgres:16-alpine
    environment:
      - POSTGRES_DB=myapp
      - POSTGRES_USER=postgres
      - POSTGRES_PASSWORD=secret
    volumes:
      - pgdata:/var/lib/postgresql/data
    ports:
      - "5432:5432"
    restart: unless-stopped

  redis:
    image: redis:7-alpine
    ports:
      - "6379:6379"
    volumes:
      - redisdata:/data
    restart: unless-stopped

  nginx:
    image: nginx:1.25-alpine
    ports:
      - "80:80"
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf:ro
    depends_on:
      - web
    restart: unless-stopped

volumes:
  pgdata:
  redisdata:

Working with Docker Compose

Start all services in the background:

docker compose up -d

View logs from all services:

docker compose logs -f

View logs from a specific service:

docker compose logs -f web

Stop all services:

docker compose down

Rebuild and restart services after code changes:

docker compose up -d --build

Scale a service to multiple instances:

docker compose up -d --scale web=3

Pro tip: Use docker compose watch (available in Docker Compose v2.22+) to automatically rebuild and restart services when you modify source code. This creates a seamless development experience similar to hot-reloading.

Environment-Specific Configurations

Create separate compose files for different environments:

docker-compose.yml - Base configuration
docker-compose.override.yml - Development overrides (automatically merged)
docker-compose.prod.yml - Production configuration

Run with production settings:

docker compose -f docker-compose.yml -f docker-compose.prod.yml up -d

Volumes: Persisting Data Beyond Container Lifecycles

Containers are ephemeral—when you remove a container, all data written inside it disappears. For databases, uploaded files, and other persistent data, you need volumes.

Docker provides three ways to persist data:

Named Volumes (Recommended)

Docker manages these volumes, storing data in a dedicated location on the host filesystem. This is the preferred approach for production databases and stateful services.

docker run -d \
  --name postgres \
  -v pgdata:/var/lib/postgresql/data \
  postgres:16

List all volumes:

docker volume ls

Inspect a volume to see where data is stored:

docker volume inspect pgdata

Bind Mounts

Bind mounts link a specific directory on your host machine to a path inside the container. Perfect for development when you want code changes to immediately reflect in the container.

docker run -d \
  --name web \
  -v $(pwd):/app \
  -p 3000:3000 \
  node:20-alpine \
  node /app/server.js

Changes to files in your current directory instantly appear inside the container at /app.

tmpfs Mounts

Store data in the host's memory rather than on disk. Useful for sensitive temporary data that shouldn't be written to the filesystem.

docker run -d \
  --tmpfs /tmp:rw,size=100m \
  myapp

Volume Management Commands

Command	Purpose
`docker volume create myvolume`	Create a new volume
`docker volume ls`	List all volumes
`docker volume inspect myvolume`	View detailed volume information
`docker volume rm myvolume`	Delete a volume
`docker volume prune`	Remove all unused volumes

Quick tip: Back up database volumes regularly using docker run --rm -v pgdata:/data -v $(pwd):/backup alpine tar czf /backup/pgdata-backup.tar.gz /data. This creates a compressed archive of your volume data.

Docker Networking Fundamentals

Docker automatically creates isolated networks for containers to communicate. Understanding networking is crucial when building multi-container applications.

Network Types

Docker supports several network drivers:

bridge: Default network for containers on a single host. Containers can communicate using container names as hostnames.
host: Container shares the host's network stack directly (no isolation). Useful for performance-critical applications.
none: Disables networking entirely. Container has no network access.
overlay: Enables communication between containers across multiple Docker hosts (used in Swarm and Kubernetes).

Creating Custom Networks

Create a custom bridge network for better isolation and DNS resolution:

docker network create myapp-network

Run containers on this network:

docker run -d --name db --network myapp-network postgres:16
docker run -d --name web --network myapp-network -p 3000:3000 myapp

The web container can now connect to the database using postgresql://postgres:secret@db:5432/myapp—Docker's built-in DNS resolves db to the database container's IP address.

Port Mapping

Containers run in isolated networks by default. To access services from your host machine or external networks, map container ports to host ports:

docker run -p 8080:80 nginx

This maps port 80 inside the container to port 8080 on your host. Access the service at http://localhost:8080.

You can also bind to specific network interfaces:

docker run -p 127.0.0.1:8080:80 nginx

This only allows connections from localhost, not external networks.

Production-Ready Best Practices

Following these practices will make your Docker deployments more secure, efficient, and maintainable.

Image Optimization

Use specific image tags: Never use latest in production. Pin exact versions like node:20.11.1-alpine for reproducibility.
Choose minimal base images: Alpine Linux variants are typically 5-10x smaller than full distributions.
Minimize layers: Combine related RUN commands using && to reduce layer count.
Clean up in the same layer: Remove temporary files in the same RUN instruction that creates them.

RUN apt-get update && \
    apt-get install -y build-essential && \
    npm install && \
    apt-get remove -y build-essential && \
    apt-get autoremove -y && \
    rm -rf /var/lib/apt/lists/*

Security Hardening

Run as non-root user: Create and switch to a dedicated user in your Dockerfile.
Scan images for vulnerabilities: Use tools like Trivy or Snyk to detect security issues.
Use read-only filesystems: Add --read-only flag when running containers that don't need write access.
Limit resources: Set memory and CPU limits to prevent resource exhaustion.

docker run -d \
  --memory="512m" \
  --cpus="1.0" \
  --read-only \
  --tmpfs /tmp \
  myapp

Health Checks

Define health checks in your Dockerfile so orchestration tools can monitor container health:

HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
  CMD curl -f http://localhost:3000/health || exit 1

Logging Best Practices

Log to stdout/stderr, not files. Docker captures these streams automatically.
Use structured logging (JSON format) for easier parsing and analysis.
Configure log rotation to prevent disk space issues: docker run --log-opt max-size=10m --log-opt max-file=3 myapp

Resource Management

Regularly clean up unused resources to reclaim disk space:

# Remove stopped containers
docker container prune

# Remove unused images
docker image prune -a

# Remove unused volumes
docker volume prune

# Remove everything unused (nuclear option)
docker system prune -a --volumes

Pro tip: Set up automated cleanup with a cron job: 0 2 * * * docker system prune -f runs daily at 2 AM, removing dangling images and stopped containers without confirmation prompts.

Debugging and Troubleshooting Common Issues

Even experienced developers encounter Docker issues. Here's how to diagnose and fix common problems.

Container Won't Start

Check container logs for error messages:

docker logs container-name

If the container exits immediately, view logs from stopped containers:

docker logs container-name
docker inspect container-name

Common causes include:

Missing environment variables
Port conflicts (another service using the same port)
Incorrect file permissions
Application crashes on startup

Can't Connect to Container Service

Verify the container is running and ports are mapped correctly:

docker ps

Check if the service is listening inside the container:

docker exec container-name netstat -tlnp

Test connectivity from inside the container:

docker exec container-name curl localhost:3000

Build Failures

Use --no-cache to force a complete rebuild without using cached layers:

docker build --no-cache -t myapp .

Enable BuildKit for better error messages and faster builds:

DOCKER_BUILDKIT=1 docker build -t myapp .

Disk Space Issues

Check Docker's disk usage:

docker system df

This shows space used by images, containers, volumes, and build cache. Clean up aggressively if needed:

docker system prune -a --volumes

Performance Problems

Monitor container resource usage in real-time:

docker stats

For detailed performance analysis, use ctop, a top-like interface for container metrics.

Popular Tools and Integrations

The Docker ecosystem includes powerful tools that enhance your containerization workflow.

Container Management

Portainer: Web-based GUI for managing Docker containers, images, networks, and volumes. Perfect for teams who prefer visual interfaces.
Lazydocker: Terminal UI for Docker management. Navigate containers, view logs, and execute commands without memorizing CLI syntax.
Dive: Analyze Docker images layer by layer to identify bloat and optimize image size.

Security Scanning

Trivy: Comprehensive vulnerability scanner for container images, filesystems, and Git repositories.
Docker Bench Security: Automated security audit tool that checks Docker installations against CIS benchmarks.

Registry and Distribution

Docker Hub: Official public registry with millions of pre-built images.
Harbor: Open-source registry with vulnerability scanning, image signing, and role-based access control.
Amazon ECR, Google GCR, Azure ACR: Cloud-native container registries integrated with respective cloud platforms.

Orchestration

Docker Swarm: Built-in orchestration for clustering multiple Docker hosts.
Kubernetes: Industry-standard container orchestration platform for production deployments at scale.
Nomad: Lightweight alternative to Kubernetes with simpler configuration.

Development Tools

Dev Containers: VS Code extension for developing inside containers with full IDE support.
Format
Json Formatter Html Formatter Css Formatter Sql Formatter Xml Formatter

Encode
Base64 Jwt Decoder Hash Generator

Generate
Uuid Generator Regex Tester

Tools
Diff Checker Color Converter Timestamp Converter Json To Csv

Company
About Blog Contact Sitemap

© 2026 RunDev. All processing happens in your browser.
Privacy Terms

More Tools: dl-kit nettool1 go-calc txt-tool