Master Docker: From Basics to Advanced Practices and Troubleshooting

Introduction

This article summarizes common Docker issues and pitfalls in a Q&A format.

1. What is Docker?

Docker is an open‑source application container engine written in Go and released under the Apache 2.0 license.

It runs applications inside Linux containers, providing a lightweight alternative to virtual machines.

Containers are portable, self‑contained environments that can be created on a single host.

Docker’s logo shows a blue whale pulling containers, symbolizing the host (whale) and isolated application containers.

2. Typical Docker use cases

Automated packaging and deployment of web applications.

Continuous integration, testing and release pipelines.

Deploying and tuning databases or other backend services in service‑oriented environments.

Building private PaaS platforms such as OpenShift or Cloud Foundry.

Docker is especially useful as an internal development environment because it eliminates the overhead of separate virtual machines and enables easy sharing of standardized images.

3. Advantages of Docker

Flexibility – even complex applications can be containerized.

Lightweight – containers share the host kernel.

Replaceability – containers can be updated or upgraded instantly.

Portability – build locally, deploy to the cloud, run anywhere.

Scalability – containers can be replicated automatically.

Stackability – services can be vertically or horizontally stacked.

4. Docker vs. Virtual Machines

VMs add a hypervisor layer and emulate hardware, each with its own kernel, while Docker uses Linux namespaces (PID, mount, network) to isolate processes, filesystems and networking without a separate kernel, resulting in lower resource consumption but slightly weaker isolation.

5. Core Docker components

Image

An image is a read‑only template that contains everything needed to run a container, similar to a VM snapshot.

Container

A container is a runnable instance created from an image, isolated from other containers and the host.

Registry

Registries store multiple images, each identified by a repository name and tag. The public Docker Hub ( https://hub.docker.com) is the largest registry.

6. Quick Docker installation (CentOS)

yum install -y yum-utils device-mapper-persistent-data lvm2
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum -y install docker-ce docker-ce-cli containerd.io
systemctl enable docker
systemctl start docker
docker ps   # view containers
docker version
docker info

7. Changing Docker storage location

Default storage directory is /var/lib/docker. To move it:

systemctl stop docker
mkdir -p /root/data/docker
mv /var/lib/docker /root/data/docker
ln -s /root/data/docker /var/lib/docker

8. Common image management commands

docker search

keyword – search public repositories. docker pull repository[:tag] – download an image. docker images – list local images (stored under /var/lib/docker). docker inspect imageID – detailed image information. docker tag source:tag target:tag – add a new tag. docker rmi repository:tag or imageID [-f] – delete an image. docker save -o filename.tar image – export to a file. docker load -i filename.tar – import from a file.

9. Creating containers

# List images
docker images
# Run a CentOS 7.8 container
docker run -d --name centos7.8 -h centos7.8 \
  -p 220:22 -p 3387:3389 \
  --privileged=true \
  centos:7.8.2003 /usr/sbin/init
# Run a CentOS 8.2 container
docker run -d --name centos8.2 -h centos8.2 \
  -p 230:22 -p 3386:3389 \
  --privileged=true \
  daocloud.io/library/centos:8.2.2004 init
# Enter a container
docker exec -it centos7.8 bash
docker exec -it centos8.2 bash
cat /etc/redhat-release   # verify OS version

10. Docker networking modes

host

Uses --net=host; container shares the host’s network namespace and IP.

container

Uses --net=container:NAME_or_ID; shares another container’s network namespace.

none

Uses --net=none; container has no network interfaces except the loopback.

bridge

Default mode; creates an isolated network namespace, connects to the docker0 bridge, and sets up NAT with iptables. Each container gets its own IP and can communicate via a veth pair.

11. Docker volumes

Volumes are special directories that can be mounted from the host into a container, persisting data independently of the image and allowing sharing between containers.

12. Setting up a private Docker registry

# Pull the registry image
docker pull registry
# Run the registry on port 5000
docker run -d --name registry -p 5000:5000 registry
docker update --restart=always registry
# Add insecure registry to daemon.json
{
  "registry-mirrors": ["https://docker.mirrors.ustc.edu.cn"],
  "insecure-registries": ["192.168.1.54:5000"]
}
systemctl restart docker
# Tag and push an image
docker tag postgres:11 192.168.1.54:5000/postgres
docker push 192.168.1.54:5000/postgres

13. Backing up and migrating Docker data

# Commit a running container to an image
docker commit redis myredis
# Save the image to a tar file
docker save -o myredis.tar myredis
# Load the image on another host
docker load -i myredis.tar

14. Deploying MySQL with Docker

# Pull MySQL images
docker pull mysql:5.7.30
docker pull mysql:8.0.20
# Run MySQL 5.7
docker run -d --name mysql5730 -h mysql5730 \
  -p 3309:3306 -v /usr/local/mysql5730/conf:/etc/mysql/conf.d \
  -e MYSQL_ROOT_PASSWORD=root -e TZ=Asia/Shanghai \
  mysql:5.7.30
# Run MySQL 8.0
docker run -d --name mysql8020 -h mysql8020 \
  -p 3310:3306 -v /usr/local/mysql8020/conf:/etc/mysql/conf.d \
  -e MYSQL_ROOT_PASSWORD=root -e TZ=Asia/Shanghai \
  mysql:8.0.20
# Access MySQL
docker exec -it mysql5730 bash
mysql -uroot -proot