Master Docker Basics: Concepts, Installation, and Core Commands

Basic Concepts

Docker is an application container engine written in Go, a type of Linux container that provides a simple interface for using containers.

Problems it solves:

Inconsistent environment configuration

Heavy virtual machines (high resource consumption, slow startup)

Main uses:

Provide disposable environments for local testing, CI unit tests, and builds.

Offer elastic cloud services; Docker containers can be started and stopped on demand, making them ideal for dynamic scaling and micro‑service architectures.

When people refer to “Docker,” they usually mean Docker Engine, a client‑server application composed of the Docker daemon, a REST API, and a CLI.

Structure

Client calls Docker

Docker pulls images from a registry

Docker creates container instances from images

Image

Docker packages an application and its dependencies into an image file, which serves as a template for containers. Images are reusable; it is recommended to start from existing images rather than building from scratch.

Container

A container is a runnable instance of an image. It has its own root filesystem, network configuration, process space, and optionally its own user namespace. Processes run in isolation, providing a security benefit over running directly on the host.

Registry

A registry stores images (public or private). After creating an image, you can push it to a registry. Docker Hub is the most common public registry.

UnionFS

UnionFS is a layered, lightweight, high‑performance filesystem that allows multiple layers to be stacked as a single virtual filesystem. Docker images are built on UnionFS; each layer adds or modifies files without altering lower layers.

Image Loading Principle

Docker images consist of multiple filesystem layers:

bootfs : contains the bootloader and kernel. The bootloader loads the kernel, after which the kernel takes over memory ownership and the bootfs is unmounted.

rootfs : contains the standard Linux directories and files. It relies on the host kernel, so it includes only basic commands and tools. New layers are added on top when modifications are made.

Installation

Ubuntu

1. Set up the Docker apt repository

<code># Add Docker official GPG key
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
chmod a+r /etc/apt/keyrings/docker.asc

# Add the apt source
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null</code>

2. Install Docker packages

<code>sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin</code>

3. Run a test container

<code>sudo docker run hello-world</code>

Basic Operations

General Information

Show Docker version

<code># Display Docker basic information
docker version</code>

System info (containers, images, etc.)

<code>docker info</code>

Docker events

<code>docker events [OPTIONS]</code>

Help

<code>docker --help
docker [command] --help</code>

Registry Commands

Search images

<code>docker search [OPTIONS] IMAGE_NAME</code>

Login to a registry

<code># Login to a registry
docker login [OPTIONS] [SERVER]
# Example: docker login</code>

Logout

<code>docker logout [SERVER]</code>

Image Commands

List images

<code>docker images [OPTIONS] [REPOSITORY[:TAG]]
# Alias: docker image ls</code>

Pull an image

<code>docker pull [OPTIONS] NAME[:TAG|@DIGEST]</code>

Remove an image

<code>docker rmi [OPTIONS] IMAGE [IMAGE...]
# Force delete all images: docker rmi -f $(docker images -aq)</code>

Export / Import

<code># Export a container
docker export [OPTIONS] CONTAINER
# Import an image
docker import [OPTIONS] file|URL|- [REPOSITORY[:TAG]]</code>

Container Commands

Basic lifecycle

<code># Start container
docker start CONTAINER
# Restart container
docker restart CONTAINER
# Stop container
docker stop CONTAINER
# Kill container
docker kill CONTAINER
# Inspect container
docker inspect CONTAINER
# View stats
docker stats CONTAINER
# List processes
docker top CONTAINER</code>

List containers

<code>docker ps [OPTIONS]
# Alias: docker container ls</code>

Run a container

<code>docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
# Common options: -d/--detach, -e, -h/--hostname, --mount, --name, --network, --rm, -v, -p, -i, -t, -m/--memory, --privileged, --restart
# Example: docker run -itd --name myubuntu ubuntu</code>

Remove a container

<code>docker rm [OPTIONS] CONTAINER [CONTAINER...]
# Force delete running container: docker rm -f CONTAINER_ID</code>

View logs

<code>docker logs [OPTIONS] CONTAINER
# Options: --details, -f/--follow, --since, --tail, -t/--timestamps</code>

Execute a command inside a container

<code>docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
# Example: docker exec -it mycontainer /bin/bash</code>

Copy files

<code>docker cp CONTAINER:PATH HOST_PATH</code>

Update container settings

<code>docker update [OPTIONS] CONTAINER [CONTAINER...]
# Options: -c (CPU weight), -m (memory limit), --restart</code>

Volume Commands

Create a volume

<code>docker volume create [OPTIONS] [VOLUME]
# Options: -d/--driver, --label, --name, -o/--opt</code>

Use a volume

<code>docker run -d -v hello:/world busybox ls /world</code>

Network Commands

Create a network

<code>docker network create [OPTIONS] NETWORK
# Options: -d/--driver (bridge, overlay, etc.), --config-from, --ipv6, --label</code>

Network modes

Bridge mode : Docker creates a virtual bridge (docker0) on the host; containers share this bridge by default. Port mapping is done via iptables DNAT.

Host mode : Container shares the host’s network namespace, gaining direct access to host interfaces.

Container mode : New container shares the network namespace of an existing container.

None mode : Container gets its own network namespace but no automatic configuration; manual setup required.

Examples for each mode are provided in the original tutorial.