Day 143: Docker & How It Works
Understanding the Basics of Docker and Its Functionality
Today I took a deeper step into the world of containerization by exploring how Docker actually works under the hood.
Docker is more than just a tool for running isolated apps — it’s a complete platform built on powerful concepts like images, layers, isolation, networking, and storage.
Understanding these internals is essential for building reliable, optimized, and production-ready containers.
✅ What Is Docker? (Deep Understanding)
Docker is a containerization platform that packages applications into isolated units called containers.
These containers include:
Application code
Runtime
Libraries
Dependencies
Environment configuration
This ensures the application behaves the same across any environment.
⚙️ How Docker Works Internally
To understand Docker, you need to understand its four core components.
1️⃣ Docker Daemon (dockerd)
The heart of Docker.
The Docker Daemon:
Manages images and containers
Handles builds and networks
Communicates with the Linux kernel
Responds to Docker CLI requests
It listens for API calls and performs all heavy tasks in the background.
2️⃣ Docker Client (CLI)
The command-line interface developers use.
Commands like:
docker run
docker build
docker stop
docker pull
are sent to the Daemon, which executes them.
3️⃣ Docker Images
Images are read-only templates used to create containers.
They consist of layers, each representing a change—like installing a package or copying files.
Example:
FROM python:3.10-slim
COPY . /app
RUN pip install -r requirements.txt
Each line creates a new immutable layer.
Benefits of layers:
✅ Faster builds
✅ Efficient caching
✅ Reduced storage usage
✅ Shared layers across images
4️⃣ Docker Containers
A container is a running instance of an image.
Containers use:
Namespaces → Process isolation
Cgroups → Resource control
UnionFS → Layers combined into a filesystem
This gives containers the illusion of running in their own environment while sharing the host OS kernel.
🛰️ Docker Architecture (Visual)
+------------------------+
| Docker CLI |
+-----------+------------+
|
v
+------------------------+
| Docker Daemon |
+-----------+------------+
|
v
+------------------------+
| Images / Containers |
+------------------------+
|
v
+------------------------+
| Host OS |
+------------------------+
🌐 Docker Networking
Docker provides isolated network environments:
bridge (default) → Containers communicate within a private subnet
host → No isolation; uses host network
none → Completely isolated
custom networks → Ideal for microservices
Example:
docker network create mynet
docker run --network=mynet myapp
💾 Docker Storage
Docker uses volumes for persistent storage.
Types:
Volumes → Best for production
Bind Mounts → Direct host directory mapping
Tmpfs → In-memory filesystem
Example:
docker run -v mydata:/var/lib/data myapp
🔍 A Simple Docker Workflow
Write a Dockerfile
Build the image
docker build -t myapp .Run the container
docker run -p 3000:3000 myappPush to a registry (Docker Hub, ECR, GitHub)
docker push myapp
This workflow allows you to package, run, and ship apps anywhere.
✅ Key Takeaways
Docker containers rely on kernel-level isolation, making them fast and lightweight.
Images are built using immutable layers.
Docker Daemon performs all the heavy lifting behind CLI commands.
Networking and storage allow real-world application deployment.
Containers are the foundation for Kubernetes, ECS, EKS, Nomad, and modern DevOps.
