1.

Types of Docker Networks:

•Bridge Network (default):
•This is the default network driver for standalone containers.
•Containers are connected to a virtual bridge (docker0) on the host.
•Containers can communicate with each other on this network using their
IP addresses or container names.
•Host Network:
•The container shares the host's networking namespace (same IP
address).
•It is often used when you need a container to have direct access to the
host's network (e.g., for performance reasons).
•No network isolation between the container and the host.
•Overlay Network:
•Used in Docker Swarm to enable multi-host networking.
•Allows containers across different Docker hosts to communicate
securely.
•It abstracts the complexity of networking across different machines,
making it appear as though they are on the same network.
•Macvlan Network:
•This mode gives a container its own MAC address and allows it to be
treated like a physical network interface.
•Typically used for legacy applications or systems that require direct
access to physical network interfaces.
•None Network:
•This mode disables all networking for a container.
•Useful for containers that do not need network access, such as isolated
tasks.

2. Networking Features:
•DNS Resolution: Docker provides automatic DNS resolution for container
names. This means containers on the same network can reach each other by
their container name (e.g., container1, container2)
•Port Mapping: When running containers with the -p flag, Docker maps container
ports to host ports, allowing external access to services running in the container.
•Exposing Ports: You can expose ports in a container (e.g., via EXPOSE in a
Dockerfile) to make them available to other containers or the external world.
•Custom Networks: Docker allows you to create custom networks to improve
security and isolation between containers. You can specify network types such as
bridge or overlay.
3. Networking in Docker Swarm:
•Service Discovery: In Swarm mode, services are discovered by their name
across the cluster, and containers can automatically find and connect to each
other.
•Routing Traffic: Docker Swarm provides routing capabilities to manage traffic
between containers in a multi-node cluster.

4. Docker Network Commands:

•docker network ls: List all networks.
•docker network inspect [network_name]: Inspect a specific network.
•docker network create [network_name]: Create a custom network.
•docker network connect [network_name] [container_name]: Connect an existing
container to a network.
•docker network disconnect [network_name] [container_name]: Disconnect a
container from a network.

5. Best Practices:
•Use Custom Networks: For better isolation and control over container
communication.
•Limit Port Exposing: Only expose the necessary ports to minimize security risks.
•Use Overlay Networks for Swarm: For distributed and highly available
applications.

docker run – This command is used to start a new Docker container from an image.
2.docker ps – This command is used to list all the running Docker containers.
3.docker stop – This command is used to stop a running container.
4.docker rm – This command is used to remove a Docker container.
5.docker images – This command is used to list all the Docker images that are currently
available on your system.
6.docker pull – This command is used to download a Docker image from a registry.
7.docker exec – This command is used to execute a command in a running container.
8.docker-compose – This command is used to manage multi-container Docker applications.

Summary on Dockerfile:
A Dockerfile is a script containing a set of instructions to automate the creation of
Docker images. It defines how a container should be built, specifying the base image,
dependencies, configurations, and commands required to run an application.
Key Features of Dockerfile:
1. Automates Image Creation
Eliminates the need for manual image building.
Ensures consistency across different environments.
2. Layered Architecture
Each instruction in a Dockerfile creates a new layer in the image.
Uses caching to improve build efficiency.
3. Customizable Base Image
Can start from any official or custom base image (FROM ubuntu:latest).
Reduces redundancy and keeps images lightweight.
4. Supports Dependency Management
Installs required libraries, tools, and frameworks automatically.
Ensures applications run with the necessary dependencies.
5. Environment Configuration
Allows setting environment variables (ENV), ports (EXPOSE), and
working directories (WORKDIR).
Helps in customizing the containerized application behavior.
6. Runs Commands Automatically
Supports RUN, CMD, and ENTRYPOINT to execute scripts and processes
inside the container.
Defines the default command to be executed when a container starts.
Advantages of Dockerfile:

Standardized and reproducible image builds.

Lightweight and efficient due to layer caching.

Automates deployments, reducing manual intervention.

Disadvantages of Dockerfile:

Requires optimization to prevent large image sizes.

Sensitive information (e.g., passwords) should not be stored inside a Dockerfile.

Best Use Cases:
Building customized Docker images for applications.
Automating deployments in CI/CD pipelines.
Packaging microservices with required dependencies.
What are Docker Volumes?
Docker Volumes are a popular and effective method for assuring data permanence while
working in containers. Docker volumes are file systems that are mounted on Docker
containers to preserve the data generated by the container.
What is the Docker File System?
A Docker container executes the software stack specified in a Docker image. Images are built
up of read-only layers that operate on the Union File System. When we start a new container,
Docker adds a read-write layer on top of the image layers, allowing the container to function
like a conventional Linux file system. So, each file modification within the container generates
a functioning copy in the read-write layer. However, when the container is stopped or
removed, the read-write layer disappears.
Types Of Mounts in Docker
The data appears the same from within the container in all mount modes. In the filesystem of
the container, it is shown as a directory or a single file.

•Volumes: Docker manages volumes kept in a section of the host

filesystem (/var/lib/docker/volumes on Linux). This portion of the
filesystem shouldn't be altered by non-Docker processes. In Docker,
volumes are the most effective way to store data. Using the docker
volume create command, we may directly create a volume, or Docker
can do it for us when it creates a container or service.
•Named Pipes: To facilitate communication between a container and
the Docker host, a named pipe mount can be employed. Using a
named pipe to connect to the Docker Engine API while running a third-
party program inside a container is the typical use case.
•Bind Mounts: On the host system, bind mounts can be kept anywhere.
These might be crucial system folders or files. They are always modifiable
by non-Docker processes running on a Docker host or in a Docker
container. Comparatively speaking, bind mounts are less useful than
volumes.
•Tmpfs Mounts: These mounts are never written to the host system's
filesystem; instead, they are kept solely in the memory of the host
system. Neither on the Docker host nor in a container is it stored on a
disc. Sensitive or non-persistent state data can be stored on the tmpfs
mount for the duration of the container.

Docker Volume Plugins

Docker Engine volume plugins link Engine installations with external storage systems such
as Amazon EBS, allowing data volumes to survive beyond the lifespan of a single Docker host.
For further details, please refer to the plugin documentation.
Command-Line Changes
Use the --volume and --volume-driver options on the docker container run command to grant
a container access to a volume. The host's volume name and path are accepted by the --
volume (or -v) flag, whereas the driver type is accepted by the --volume-driver flag.
$ docker volume create --driver=flocker volumename
$ docker container run -it --volume volumename:/data busybox sh

Volume Plugin Protocol

If a plugin registers itself as a VolumeDriver when activated, it must provide the Docker
Daemon with writeable paths on the host filesystem. The Docker daemon provides these paths
to containers to consume. The Docker daemon makes the volumes available by bind-
mounting the provided paths into the containers.
{
"Name": "volume_name",
"Opts": {}
}

Using Docker Volumes

Manually Creating and Linking Volumes with Proper Naming And Labeling Conventions
•Make sure you use appropriate name and labelling practices when
establishing Docker volumes.

docker volume create \

--label description="my_vol" \
--label version="1.0.1" \
my_vol

Using Volumes in Dockerfiles with Controlling Permissions For Volumes

•In order to preserve data security and integrity, make sure the
appropriate permissions are specified for Docker volumes.

FROM baseimage
RUN mkdir /app/data
RUN chown -R 1000:1000 /app/data
RUN chmod 647 /app/data
VOLUME /app/data

Mounting Volumes as Read-Only

Mounting volumes as read-only in Docker allows for the protection of sensitive or critical data
from unintended modifications. By setting the volume option to read-only, you ensure that any
changes made within the container are not persisted to the underlying volume, preserving
data integrity and security.
docker run -d \
-v /path/on/host:/path/in/container:ro \
--name my_container \
my_image

•-v /path/on/host:/path/in/ mounts the directory /path/on/host on the

host machine to /path/in/container in the container as read-only (ro).
•--name my_container assigns the name my_container to the Docker
container.
•my_image is the name of the Docker image used to create the
container.

Tracking And Controlling Volume Consumption

•To maximise resource consumption, track and adjust Docker volume
usage on a regular basis.

$ docker system df -v

Populating Volume Content

When mounting volumes to container paths with existing data, Docker ensures data integrity
by copying the existing container data into the new volume. Consequently, neighboring mount
points and other containers using the volume will also access the populated content,
preventing inadvertent data loss.
Reusing Volumes When Containers Start
Instead of manually specifying each volume with the -v flag, you can use --volumes-from to
inherit volumes from an existing container when starting a new container:
# Create the first container
$ docker run -d --name test -v my_vol:/data image:latest
# Create the second container
$ docker run -d --name backup --volumes-from test image:latest

This command automatically mounts all volumes from the "test" container into the "backup"
container, simplifying the setup process. It's handy for tasks like backing up data from one
container to another.
Interacting With Docker Volumes
Each volume's name and the storage driver that supports it will be shown. Use docker volume
inspect to obtain more in-depth details about a particular volume instead:
Inspecting Volumes
To inspect volumes in Docker, you can use the docker volume inspect command
followed by the name or ID of the volume you want to inspect. For example:
docker volume inspect my_vol
Removing Volumes
To remove volumes in Docker, you can use the docker volume rm command followed by
the name or ID of the volume you want to remove. For example:
docker volume rm my_vol

Pruning Volumes
To prune volumes in Docker, you can use the docker volume prune command. This
command removes all volumes not used by at least one container. Here's how you can use it:
docker volume prune

Starting a Container with a Volume

On Using -v Option
•we may start a container with a bind mount using the -v option:

$ docker run -v $(pwd):/var/opt/project bash:latest \

bash -c "ls /var/opt/project"

•This shows nothing from the mount position. However, if we write to

the volume within a single execution of the container:

$ docker run -v data-volume:/var/opt/project bash:latest \

bash -c "echo Baeldung > /var/opt/project/Baeldung.txt"

Using The –mount Option

•To indicate the volume we want to mount, we might find it easier to
use the more obvious –mount option:

$ docker run --mount \

'type=volume,src=data-volume,\
 dst=/var/opt/project,volume-driver=local,\
readonly' \
bash -c "ls /var/opt/project"

On Using Shared Volumes

Assume that we used the data-volume mount in a container to run our echo script.
Afterwards, we could make a list of every container we've used:
$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED
STATUS PORTS NAMES
5774502f857 bash "docker-entrypoint.s…" 8 minutes ago
Exited (0) 8 minutes ago exciting_payne

How to use Docker Volumes?

The following command launches a fresh Ubuntu 22.04 container and connects your terminal
to it (-it), enabling you to execute example commands in the ensuing stages. Within the
container, a volume named demo_volume is mounted to /data. Use the following command
right now:
$ docker run -it -v demo_volume:/data ubuntu:22.06

•Give a list of everything in the /data directory of your container:

$ ls /data

•Include a test file with any random content:

$ echo "foobar" > /data/foo

$ cat /data/foo
foobar

•Launch a fresh container with the same volume attached now:

$ docker run -it -v demo_volume:/app alpine:latest

•Add the --mount option to the docker run command in order to mount a
data volume to a container.
•It stores the data created inside the virtual environment by adding
volume to the designated container.
•To launch a container and mount a data drive to it, use the following
syntax:

$ docker run --mount

source=[volume_name],destination=[path_in_container]
[docker_image]

Using Volumes With Docker Compose

In Docker Compose, volumes may also be defined and utilised. Create a top-level volumes
field in your docker-compose.yml file, identify the volumes you want to create, then mount
your volumes into your containers in the services section:
services:
app:
image: app-image:latest
volumes:
- app_data:/data
volumes:
app_data:

•To use an already-existing volume, include it in the docker-

compose.yml file's volumes section and set the external flag to true:

volumes:
demo_volume:
external: true

So this is the volume of the docker. We saw that Docker typically starts a container with a
blank filesystem, but that data may be stored for a longer period of time than the container's
lifetime thanks to bind mounts and volumes.We learned how to use the command line to
attach volumes to an active container as well as how to list and manage Docker volumes.
Troubleshooting Common Docker Volume Issues
Permission Denied When Mounting Volumes
•If you are mounting a local disc or host directory with the -v option
while operating a Docker container, as follows:

docker run -it --rm \

-p 8888:8888 \
-v <my-vol>:<container-dir> \
quay.io/jupyter/minimal-notebook:latest

Incompatible CPU detected

A processor (CPU) that supports virtualization—more especially, the Apple Hypervisor
framework—is necessary for Docker Desktop to function. Only Mac computers with CPUs
that support the Hypervisor framework may use Docker Desktop.
$ sysctl kern.hv_support

Path Conversion On Windows

When using Linux, mounting a route to another path is handled by the system. For instance,
when executing the subsequent command on a Linux system:
$ docker run --rm -ti -v /home/user/work:/work alpine

Permissions Errors On Data Directories For Shared Volumes

Docker Desktop defaults the read, write, and execute permissions for both users and groups
on shared volumes to 0777 when sharing files from Windows.On shared discs, the default
permissions are not customisable. You must either utilise non-host-mounted volumes or figure
out a means to get the programmes to operate with the default file permissions if you are
working with applications that need permissions different from the shared volume defaults
during container runtime.
Docker Volumes - FAQs
What is the Purpose of Docker Volumes?
The primary purpose of Docker volumes is to keep data outside of the
container so it may be backed up or shared. Docker volumes rely on
Docker's file system and are the recommended means of preserving
data for Docker containers and services.

What Distinguishes the Two Types of Docker Volumes?

Docker volumes are critical for handling data in container-based
systems. They exist in two varieties: named volumes and nameless
volumes.

Where is Docker Volume Stored?

Volumes are also kept within the host file system, which is controlled
by Docker. On Linux, volumes are located in "/var/lib/docker/volume".
Non-Docker processes should not be able to alter this section of the
file system.

How to Mount the Volume in Docker?

After generating the Volume, mount it to Docker Containers. We will
establish a Docker Container with the Ubuntu base image that you will
specify in the Dockerfile, and then mount the geeksforgeeks Volume
to that Container with the -v parameter.

Can I Mount a Docker Volume on a Host?

Yes , you can mount host volumes with the -v command and
supplying the name of the host directory.

What are the 3 types of Docker volumes?

The three types of Docker volumes are:

 Host-mounted volumes: Files are stored on the host system.

 Named volumes: Managed by Docker and stored in a known
location within the Docker filesystem.
 Anonymous volumes: Created and managed by Docker, but exist
outside of any container's filesystem.
 1. Containers:

• Containers are isolated environments where applications

run, bundling the application and its dependencies
together, making them portable across any environment
(development, staging, production).
• Containers are lightweight compared to virtual machines
because they share the host operating system’s kernel but
run in isolated spaces.

2. Images:

• A Docker Image is a snapshot of a container and contains

the application, libraries, configurations, and dependencies
needed to run an application.
• Images are immutable and can be used to create multiple
containers.

3. Dockerfile:

• A Dockerfile is a script containing a series of instructions

on how to build a Docker image.
• It specifies the base image to use, sets up the
environment, installs dependencies, and copies
application files into the container.

4. Docker Hub:

• Docker Hub is a cloud-based registry service where users

can find and share Docker images. It offers both public
and private repositories for storing images.
• You can pull images from Docker Hub or push your own
images to share them with others.

5. Basic Docker Commands:

• docker build: Builds a Docker image from a Dockerfile.

• docker run: Runs a container from an image.
• docker ps: Lists running containers.
• docker stop: Stops a running container.
• docker images: Lists available images on your system.
 • docker pull: Pulls an image from a registry (like Docker
Hub).
• docker push: Pushes an image to a registry.

6. Docker Compose:

• Docker Compose is a tool for defining and running multi-

container Docker applications. You can define all your
services (containers) and their relationships in a YAML file
(docker-compose.yml) and easily manage them together.

7. Isolation and Portability:

• Isolation: Containers provide process isolation from each

other and the host system.
• Portability: Since Docker packages the application and its
dependencies into a container, it runs the same way on
any system that supports Docker.
