Skip to main content

Docker 101: Understanding Containers from Scratch

Docker Basics and Docker Compose Explained

Docker Through My Lens

Introduction to Docker

Docker is a platform designed to create, deploy, and run applications inside containers. Containers bundle an application with all its dependencies, ensuring consistency across different environments.

Unlike virtual machines, containers are lightweight and share the host operating system kernel, making them efficient for development, testing, and deployment.

Basic Docker Commands

To start using Docker, here are some essential commands:

  • docker run [image] – Runs a container from the specified image.
  • docker ps – Lists running containers.
  • docker ps -a – Lists all containers, including stopped ones.
  • docker stop [container_id] – Stops a running container.
  • docker rm [container_id] – Removes a container.
  • docker images – Lists available Docker images.
  • docker rmi [image_id] – Removes a Docker image.

Creating Your First Docker Container

You can run a simple container by pulling a test image and running it:

docker run hello-world

This command downloads the hello-world image if it’s not already on your system and runs it, printing a confirmation message.

Dockerfile: Building Your Own Image

A Dockerfile is a text file that contains instructions to build a Docker image. It automates image creation and ensures consistency.

Example Dockerfile for a Node.js application:

# Dockerfile
FROM node:18
WORKDIR /app
COPY package*.json ./
RUN npm install
COPY . .
EXPOSE 3000
CMD ["node", "index.js"]

Explanation:

  • FROM node:18 – Uses the official Node.js image version 18 as the base.
  • WORKDIR /app – Sets the working directory inside the container.
  • COPY package*.json ./ – Copies package files for dependency installation.
  • RUN npm install – Installs Node.js dependencies.
  • COPY . . – Copies the rest of the application files.
  • EXPOSE 3000 – Declares port 3000 for external access.
  • CMD ["node", "index.js"] – Defines the command to run the app.

Building and Running Your Image

Build the image using:

docker build -t my-node-app .

Run the container with:

docker run -d -p 3000:3000 my-node-app

Step-by-Step: Create Your Own Docker Container

Let’s build a simple Docker container step by step using a basic "Hello World" Node.js app.

  1. Create a project directory: 
    mkdir my-node-app
cd my-node-app
  2. Create a simple app file: 
    echo "console.log('Hello from my container!');" > index.js
  3. Write a Dockerfile: 
    FROM node:18
WORKDIR /app
COPY index.js .
CMD ["node", "index.js"]
  4. Build your Docker image: 
    docker build -t my-node-app .
  5. Run the container: 
    docker run my-node-app

    You should see the message: Hello from my container!

This simple example shows how you can package a basic Node.js script inside a container and run it anywhere.

Why Use Docker Compose?

Most applications require multiple components, like a web server and a database. Managing these containers individually can be tedious and error-prone.

Docker Compose solves this by defining and running multi-container Docker applications via a simple YAML file (docker-compose.yml).

Compose allows you to start, stop, and manage all related containers as a single service with one command.

Key Docker Compose Commands

CommandDescriptionExample
upCreate, build, and start containersdocker-compose up
startStart existing containersdocker-compose start
stopStop running containersdocker-compose stop
downStop and remove containers, networksdocker-compose down
buildBuild or rebuild containersdocker-compose build

Example: E-Commerce Application Using Docker Compose

Suppose you have an e-commerce site running on an Apache web server and a MySQL database storing customer data.

You could manually run:

docker network create ecommerce
docker run -p 80:80 --name webserver --net ecommerce webserver-image
docker run --name database --net ecommerce -e MYSQL_ROOT_PASSWORD=secret mysql:latest

This approach is repetitive and error-prone if you want to scale or manage containers frequently.

Instead, with Docker Compose, you can define your services in a docker-compose.yml file:

version: '3.3'
services:
  web:
    build: ./webserver
    ports:
      - '80:80'
    networks:
      - ecommerce
  database:
    image: mysql:latest
    environment:
      - MYSQL_ROOT_PASSWORD=helloworld
      - MYSQL_DATABASE=ecommerce
    networks:
      - ecommerce

networks:
  ecommerce:

Running docker-compose up spins up both services connected via the ecommerce network automatically.

Docker Socket Explained

The Docker daemon (which manages containers) listens on a Unix socket file, usually /var/run/docker.sock.

This socket acts like a communication channel between Docker clients (like the CLI) and the Docker service.

Real-World Scenario

In CI/CD pipelines, tools like Jenkins often run inside Docker containers but need to control Docker on the host to build or run containers.

By mounting the Docker socket inside the Jenkins container:

docker run -v /var/run/docker.sock:/var/run/docker.sock jenkins

Jenkins can issue Docker commands to the host’s Docker daemon as if it were running directly on the host.

Security Considerations

  • Exposing the Docker socket to containers is a serious security risk.
  • If compromised, attackers can control all Docker containers and the host system.

Conclusion

Docker and Docker Compose are essential tools that simplify the development and deployment of applications by using containers.

Understanding Dockerfiles, basic commands, and how to manage multi-container applications with Compose helps you build consistent, portable environments.

Finally, understanding internal components like the Docker socket helps when automating container management but always be cautious of the security implications.

Labels:

Comments

Post a Comment

Please do not enter any spam link here.

Popular posts from this blog

Exploiting and Securing GitLab: Lessons from a TryHackMe Lab

Perimeter security isn’t enough—because sometimes the threat is already inside. In this blog post, I’m sharing what I learned from a hands-on TryHackMe lab on GitLab security . It revealed how a simple internal misconfiguration—like open registration or overly permissive repo access—can lead to major data exposure inside an organization. I’ll walk you through the red team perspective on exploiting a misconfigured GitLab instance , and then flip the script to explain how you can secure your own internal build systems . Scenario: Inside the Walls of a Large Organization Think of a large organization—like a bank—with thousands of employees and multiple teams handling development, IT operations, and security. To keep intellectual property (IP) secure, these organizations often host self-managed GitLab instances on their internal network. But here’s where things can go wrong: GitLab is hosted internally Allows anyone on the internal network to register Has some projects...
Post a Comment
Read more

Email Security Deep Dive: 13 Steps to Keep Your Emails Safe

Email Security Checklist The Email Security Checklist 1. Enable SPF (Sender Policy Framework) What it is: SPF is like a guest list for your email domain. It tells the world that only specific servers are allowed to send email for your domain. How it works: Publish an SPF record in DNS. When someone receives an email claiming to be from your domain, their mail server checks if the sending IP is listed in the SPF record. If the IP is not listed, the email is rejected or marked as spam. Example SPF record: v=spf1 ip4:203.0.113.0/24 include:_spf.google.com -all Only servers in the specified IP range and Google’s mail servers can send emails for this domain. Others are rejected. Points to Note: Prevents attackers from spoofing your domain and sending phishing or spam emails. 2. Enable DKIM (DomainKeys Identified Mail) What it is: DKIM is a digital signature for each email, ensuring that the message hasn’t been tampered with. Ho...
Post a Comment
Read more

Do you know, by blindly following trends and using hashtags you can be the victim of cyber crime? : #couplechallenge

Awareness is necessity "Nohashtag challenges" Nowadays, #couplechallenge, #smilechallenge, #chirichchallenge trending on social media platforms. But do you know the history of hashtags? Lets see, how hashtag was invented. Chris Messina a product designer who has been working in Silicon Valley created the idea of hashtag. He and his small group of colleagues were thinking that twitter needs some kind of frame work. He got the idea of hashtag from internet chat room that had pound symbol in front of them. His main idea to create hashtag was for the internet and wanted that anybody writing text on internet be able to participate in global conversation. In 2007, he asked one of his friends to use #sandiego for his tweets and this way the use of hashtag started. In 2009, Twitter added the option of hashtag to its search bar. And this way hashtag became a trend. This trend then being followed by other apps like tumbler, Facebook, instag...
Post a Comment
Read more

પ્રાઇઝ સ્કેમ: જો તમારે ઇનામ મેળવવા માટે ચૂકવણી કરવી પડતી હોય તો તે ઇનામ નથી

Awareness is necessity શું તમને ક્યારેય કોઈ કોલ્સ આવ્યા છે કે જેમાં તમે કોઈ પણ ઓનલાઇન શોપિંગ વેબસાઇટમાંથી ઇનામ અથવા લોટરી જીતી લીધી હોય તેવું કહે છે? શક્યતા છે કે આ કોલ્સ ફ્રોડ છે. સાયબર સ્વયંસેવક તરીકે, મેં આ પ્રકારની છેતરપિંડીઓના કેટલાક કેસ નું અધ્યયન કર્યું છે. ચાલો સમજીએ કે આ પ્રકારની છેતરપિંડી કેવી રીતે થાય છે? !! છેતરપિંડી કરનાર તમને કોઈપણ વિશ્વસનીય ઓનલાઇન શોપિંગ સાઇટમાંથી કર્મચારી હોવાનુ કહે છે.તેઓ તમને સાઇટ પરથી તમારી છેલ્લી ખરીદી વિશેની વિગતો, ઉત્પાદન અને ઓર્ડર ની વિગતો સાથે તમને મનાવવાનો પ્રયાસ કરે છે. જ્યારે કોઈ વ્યક્તિ માને છે કે છેતરપિંડી કરનાર ઓનલાઇન સાઇટનો કર્મચારી છે, ત્યારે તેઓ તમને વિવિધ ઇનામો જેવા કે લેપટોપ, ટીવી, મોબાઇલ ફોન વિશે આકર્ષક યોજનાઓ આપે છે અને તમારી પાસેથી એક ઇનામ પસંદ કરવાનો વિકલ્પ આપે છે.જ્યારે તમે થોડી રુચિ બતાવો અને ઇનામ પસંદ કરો ત્યારે ઉલ્લેખિત ઇનામમાંથી, તેઓ તમને SMS તરીકે એક લિંક મોકલે છે.મોકલેલી લિંક એ છેતરપિંડીની લિંક છે જે તમારી વિગતો જેવી કે બેંક વિગતો તેમજ વ્યક્તિગત માહિતી માટે પૂછે છે.નોંધણી કરતી વખતે, તે તમને તમારા સ્થા...
Post a Comment
Read more

e-SIM fraud : All you need to know about e-SIM and SIM swapping fraud

Awareness is necessity Ever heard about the place, Jamtara? Many of you must have seen the famous series "Jamtara: Sab ka number ayega" on Netflix. It is located near Jharkhand's capital Ranchi. This place has become a hub for phishing and bank fraud. Recently, Jamtara has come in the limelight because this place's fraudsters have started a new type of crime/ fraud, i.e. e-SIM fraud. Do you know what eSIM is? e-SIM stands for the "Embedded Subscriber Identity Module." You don't need to buy a telecom operator's SIM card separately and insert it into your mobile. e-SIM is a part of your smartphone's hardware. This e-SIM chip comes pre-installed on your smartphone. Its working is the same as our standard SIM, which saves information like IMSI number, some contact details etc. e-SIM is re-writable means previous telecom operator related details can be erased and new information can be written again by a new telecom operator. This type o...
1 comment
Read more

OLX fraud : Beware of this new fraud/scam of 'Army men'

Awareness is necessity Nowadays, OLX related frauds are increasing, such as share OLX password/OTP, QR code scams, Paytm link scam etc. The most occurring cases are related to Army personnel. Instead of writing all the things, it will be better to watch the video by a YouTuber, Mr. Rohit R Gaba and lets see How fraudster makes fools to people as Army personnel. Here, in the video, the fraudster talked about QR code. Let's understand what a QR code is and how fraud can be occurred by QR code. QR code ( Quick Response code ), We can store so much information within it in text form. I made one QR code that stores information such as a person's name, aadhar card number, etc. We can store any data with the QR code. Same fraudster store bank details and malicious code so that when you scan that QR code, the money will be debit from the account directly. How to protect ourselves from online OLX frauds? Always prefer face to face meetings with buyers or sellers and ...
Post a Comment
Read more