Docker containerisation has transformed how businesses develop, deploy and manage applications. With over 92% of IT organisations now using containerisation technology, understanding Docker has become essential for companies seeking to modernise their infrastructure and improve development efficiency.

This tutorial provides a practical introduction to Docker containerisation, explaining core concepts and demonstrating how to implement containerised applications for business environments.

What Is Docker Containerisation?

Docker containerisation packages applications with all their dependencies into standardised units called containers. Unlike traditional virtual machines that require a full operating system for each instance, containers share the host system’s kernel while maintaining complete isolation for applications.

A container includes everything needed to run an application: code, runtime environment, system tools, libraries and configuration files. This approach eliminates the common problem of applications working in development but failing in production due to environmental differences.

Docker accounted for over 32% of the containerisation market in 2023, making it the leading platform for container technology. The platform simplifies application deployment by creating consistent environments across development, testing and production stages.

Understanding Container Architecture

Container architecture differs fundamentally from virtualisation. Virtual machines virtualise hardware, requiring each instance to run a complete operating system. This creates significant resource overhead and slow startup times.

Docker containers virtualise the operating system instead. Multiple containers run on a single host operating system, sharing the kernel but isolating processes, file systems and network resources. This architecture delivers three key advantages:

Containers start almost instantly because they don’t boot an operating system. A typical container launches in seconds compared to minutes for virtual machines. Containers use minimal resources since they share the host kernel. A server that supports 10 virtual machines might run 100 containers with similar performance. Containers behave identically across all environments. An application running in a container on a developer’s laptop will perform exactly the same way on a production server.

Installing Docker Desktop

Docker Desktop provides the complete Docker environment for Windows and Mac systems. The installation process takes approximately 10 minutes and requires administrator access.

Visit the official Docker website and download Docker Desktop for your operating system. The installer includes Docker Engine, Docker CLI client, Docker Compose and Docker Content Trust.

For Windows users, Docker Desktop requires Windows 10 64-bit with Hyper-V enabled. Mac users need macOS 10.15 or newer. Linux users install Docker Engine directly through their distribution’s package manager.

After installation, launch Docker Desktop and wait for the Docker daemon to start. You can verify the installation by opening a terminal and running the command docker --version. This should display the installed Docker version number.

Docker Desktop includes a graphical interface for managing containers, images and volumes. However, most professional workflows use the command-line interface for greater control and automation capabilities.

Core Docker Concepts

Understanding five fundamental concepts forms the foundation for working with Docker containerisation:

• Docker Images serve as read-only templates for creating containers. An image contains the application code, runtime, libraries and dependencies. Images are built from instructions in a Dockerfile and can be stored in registries like Docker Hub.
• Containers are running instances of images. You can create multiple containers from a single image. Each container operates independently with its own filesystem, network and process space. Containers can be started, stopped, moved and deleted without affecting other containers.
• Dockerfiles are text files containing instructions for building images. A Dockerfile specifies the base image, installs dependencies, copies application code and defines how the container should run. Writing efficient Dockerfiles is essential for creating optimised images.
• Docker Hub functions as a cloud-based registry for storing and sharing Docker images. Docker Hub hosts over 100,000 container images, including official images for popular technologies like Node.js, Python, MySQL and Redis. Businesses can create private repositories for proprietary applications.
• Docker Compose manages multi-container applications. Instead of starting each container manually, Docker Compose uses a YAML file to define all services, networks and volumes. This tool simplifies deploying complex applications with multiple interdependent services.

Creating Your First Dockerfile

A Dockerfile defines how to build a Docker image. Creating effective Dockerfiles requires understanding the basic instruction syntax and following best practices for efficiency and security.

Start by creating a new file named Dockerfile with no file extension. The file must be named exactly “Dockerfile” for Docker to recognise it automatically.

Every Dockerfile begins with an FROM instruction specifying the base image. For a Node.js application, you might start with:

FROM node:18-alpine

The alpine variant provides a minimal Linux distribution, resulting in smaller image sizes. Alpine-based images typically measure 5-10 MB compared to 100+ MB for full distributions.

The WORKDIR instruction sets the working directory inside the container:

WORKDIR /app

Copy your application files into the container using the COPY instruction:

COPY package*.json ./
RUN npm install
COPY . .

This approach copies package files first, installs dependencies, and then copies the remaining application code. This layering strategy optimises Docker’s cache mechanism, speeding up subsequent builds when only application code changes.

The EXPOSE instruction documents which port the container listens on:

EXPOSE 3000

Finally, the CMD instruction specifies the command to run when the container starts:

CMD ["node", "server.js"]

Building Docker Images

Building images from Dockerfiles creates reusable templates for deploying containers. The build process executes each instruction in the Dockerfile, creating intermediate layers that Docker caches for efficiency.

Navigate to the directory containing your Dockerfile and application code. Build the image using the docker build command:

docker build -t myapp:latest .

The -t flag tags the image with a name and version. The period at the end specifies the build context (current directory). Docker sends all files in this directory to the Docker daemon during the build process.

The Docker 2024 State of Application Development Report found that 64% of developers now use AI tools during development, with Docker remaining the primary platform for deploying these AI-powered applications.

Watch the build output to understand the process. Docker executes each instruction, creating a new layer. Successful builds end with a confirmation message including the image ID.

List your built images using:

docker images

This displays all available images with their repository names, tags, IDs, creation dates and sizes. Keeping image sizes small improves deployment speed and reduces storage costs.

Running Docker Containers

Running containers transforms static images into active applications. The docker run The command creates and starts containers with extensive configuration options.

Run a basic container from your image:

docker run -d -p 8080:3000 --name myapp-container myapp:latest

The -d flag runs the container in detached mode (background). The -p flag maps port 8080 on the host to port 3000 in the container, making your application accessible at localhost:8080. The --name flag assigns a recognisable name to the container.

View running containers:

docker ps

This displays container IDs, images, commands, creation times, status and port mappings. Add the -a flag to see all containers, including stopped ones.

Access container logs to troubleshoot issues:

docker logs myapp-container

For interactive debugging, execute commands inside running containers:

docker exec -it myapp-container /bin/sh

The -it flags create an interactive terminal session inside the container. This allows you to inspect the filesystem, check environment variables or run diagnostic commands.

Stop containers gracefully:

docker stop myapp-container

Remove stopped containers:

docker rm myapp-container

Managing Container Resources

Production containers require proper resource management to prevent individual containers from consuming excessive CPU or memory. Docker provides built-in mechanisms for setting resource constraints.

Limit memory usage when running containers:

docker run -d -m 512m --name myapp-container myapp:latest

The -m flag restricts the container to 512 megabytes of RAM. If the container attempts to exceed this limit, Docker terminates the process. Setting appropriate memory limits prevents runaway processes from affecting other containers.

Restrict CPU usage with the --cpus flag:

docker run -d --cpus="1.5" --name myapp-container myapp:latest

This limits the container to 1.5 CPU cores. Fractional values allow fine-tuned resource allocation across multiple containers on a single host.

Monitor container resource usage in real-time:

docker stats

This displays live metrics for CPU percentage, memory usage, network I/O and block I/O for all running containers. Resource monitoring helps identify performance bottlenecks and optimise container configurations.

Docker Compose for Multi-Container Applications

Most business applications require multiple services working together: web servers, databases, cache systems and background workers. Docker Compose orchestrates these multi-container applications through declarative configuration files.

Create a file named docker-compose.yml in your project directory:

version: '3.8'
services:
  web:
    build: .
    ports:
      - "8080:3000"
    environment:
      - DATABASE_URL=postgresql://db:5432/myapp
    depends_on:
      - db
  db:
    image: postgres:15-alpine
    environment:
      - POSTGRES_DB=myapp
      - POSTGRES_PASSWORD=secret
    volumes:
      - postgres-data:/var/lib/postgresql/data

volumes:
  postgres-data:

This configuration defines two services: a web application built from the current directory and a PostgreSQL database. The depends_on directive tells Docker Compose to start the database before the web service.

Start all services with a single command:

docker-compose up -d

Docker Compose creates networks automatically, allowing services to communicate using service names as hostnames. The web service connects to the database db:5432 without needing to know the container’s IP address.

Stop all services:

docker-compose down

View logs from all services:

docker-compose logs -f

The -f flag follows logs in real-time, displaying output from all containers in a single stream.

Container Networking Fundamentals

Docker networking enables communication between containers, between containers and the host, and between containers and external networks. Understanding networking options helps design secure and efficient containerised applications.

Docker creates three default networks: bridge, host and none. The bridge network is the default for containers, providing isolation and automatic DNS resolution between containers on the same network.

Create custom networks for better organisation:

docker network create myapp-network

Run containers on the custom network:

docker run -d --network myapp-network --name web myapp:latest
docker run -d --network myapp-network --name db postgres:15-alpine

Containers on the same network can communicate using container names. The web container connects to the database at db:5432 without additional configuration.

List networks:

docker network ls

Inspect network details:

docker network inspect myapp-network

This displays connected containers, IP addresses, subnet configuration and driver options. Network inspection helps troubleshoot connectivity issues and understand container communication patterns.

Persistent Data with Docker Volumes

Containers are ephemeral by design. When a container stops, all data inside it disappears. Docker volumes provide persistent storage that survives container lifecycle events.

Create a named volume:

docker volume create myapp-data

Mount the volume when running a container:

docker run -d -v myapp-data:/app/data myapp:latest

The -v flag mounts the myapp-data volume to /app/data inside the container. Applications write data to this path, and Docker stores it on the host filesystem outside the container.

List volumes:

docker volume ls

Inspect volume details:

docker volume inspect myapp-data

This reveals the volume’s mount point on the host system. Data persists even after removing containers, allowing database containers or file-based applications to maintain state across restarts.

Bind mounts offer an alternative for development workflows. Instead of using named volumes, bind mounts link host directories directly to container paths:

docker run -d -v /host/path:/container/path myapp:latest

Bind mounts allow real-time code changes during development. Modifying files on the host immediately reflects inside the container without rebuilding images.

Docker Security Best Practices

Container security requires attention throughout the development lifecycle. The 2024 Docker State of Application Development Report found that 87% of Docker images contain high or critical vulnerabilities, making security scanning essential.

Start with official base images from trusted sources. Official images receive regular security updates and follow best practices. Verify image signatures to prevent tampering:

docker trust inspect --pretty node:18-alpine

Run containers as non-root users. Create a dedicated user in your Dockerfile:

RUN addgroup -g 1001 appgroup && adduser -u 1001 -G appgroup -s /bin/sh -D appuser
USER appuser

This prevents processes inside containers from running with root privileges, limiting the impact of security breaches.

Scan images for vulnerabilities before deployment:

docker scan myapp:latest

Docker’s built-in scanning identifies known security issues in base images and dependencies. Address critical vulnerabilities before pushing images to production.

Limit container capabilities using the --cap-drop flag:

docker run -d --cap-drop=ALL --cap-add=NET_BIND_SERVICE myapp:latest

This removes all Linux capabilities except the ability to bind to privileged ports, reducing the attack surface.

Keep images updated with the latest security patches. Rebuild images regularly, even if the application code hasn’t changed, pulling updated base images with security fixes.

Optimising Docker Images

Image size directly impacts deployment speed, storage costs and security surface. Optimisation techniques reduce image sizes by 60-80% without affecting functionality.

Choose minimal base images. Alpine Linux variants typically measure 5-50 MB compared to 100-500 MB for Debian-based images:

FROM node:18-alpine

Use multi-stage builds to separate build dependencies from runtime dependencies:

FROM node:18-alpine AS builder
WORKDIR /app
COPY package*.json ./
RUN npm install
COPY . .
RUN npm run build

FROM node:18-alpine
WORKDIR /app
COPY --from=builder /app/dist ./dist
COPY package*.json ./
RUN npm install --production
CMD ["node", "dist/server.js"]

The first stage installs all dependencies and builds the application. The second stage copies only the compiled output and production dependencies, excluding development tools and build files.

Combine RUN commands to reduce layers:

RUN apt-get update && \
    apt-get install -y package1 package2 && \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/*

Each RUN instruction creates a new layer. Combining related commands minimises layer count and image size.

Create a .dockerignore file to exclude unnecessary files from the build context:

node_modules
.git
.env
*.log
*.md

This prevents Docker from sending large directories to the daemon during builds, speeding up the build process.

Container Orchestration with Docker Swarm

As containerised applications scale beyond a single host, orchestration platforms manage deployment, scaling and networking across clusters of machines. Docker Swarm provides built-in orchestration without additional tools.

Initialise a Swarm cluster:

docker swarm init

This converts the current Docker host into a Swarm manager node. The output includes a join token for adding worker nodes to the cluster.

Deploy services to the Swarm:

docker service create --name web --replicas 3 -p 8080:3000 myapp:latest

This creates three identical containers running your application. Docker Swarm distributes these replicas across available nodes and automatically restarts failed containers.

Scale services dynamically:

docker service scale web=5

List running services:

docker service ls

View service details:

docker service ps web

Docker Swarm handles load balancing automatically. Traffic to port 8080 is distributed across all container replicas regardless of which node receives the request.

Continuous Integration with Docker

Docker integrates seamlessly with CI/CD pipelines, enabling automated testing and deployment. Containerised build environments guarantee consistent results across different developers’ machines and CI servers.

Most CI platforms support Docker natively. A typical pipeline builds images, runs tests inside containers, scans for vulnerabilities and pushes images to registries.

Example workflow for GitHub Actions:

name: Docker CI
on: [push]
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Build image
        run: docker build -t myapp:${{ github.sha }} .
      - name: Run tests
        run: docker run myapp:${{ github.sha }} npm test
      - name: Scan for vulnerabilities
        run: docker scan myapp:${{ github.sha }}
      - name: Push to registry
        run: |
          echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin
          docker push myapp:${{ github.sha }}

This pipeline builds an image tagged with the commit SHA, runs tests inside a container, scans for security issues and pushes the image to Docker Hub if all checks pass.

Containerised testing environments eliminate environmental inconsistencies. Tests run in the same environment locally and on CI servers, preventing “works on my machine” problems.

Monitoring Containerised Applications

Production Docker deployments require monitoring to track performance, resource usage and availability. Proper monitoring identifies issues before they impact users and provides insights for capacity planning.

The global Docker monitoring market is projected to reach USD 4.11 billion by 2033, growing at 27.1% annually as more businesses adopt containerisation.

Docker’s built-in metrics provide basic monitoring:

docker stats --no-stream

For production environments, dedicated monitoring solutions offer comprehensive observability. Prometheus collects time-series metrics from containers, whilst Grafana visualises this data through customisable dashboards.

Export container metrics to Prometheus by running the cAdvisor container:

docker run -d \
  --name=cadvisor \
  -p 8080:8080 \
  --volume=/:/rootfs:ro \
  --volume=/var/run:/var/run:ro \
  --volume=/sys:/sys:ro \
  --volume=/var/lib/docker/:/var/lib/docker:ro \
  google/cadvisor:latest

Configure log aggregation to collect container logs centrally. Tools like Elasticsearch, Fluentd and Kibana (EFK stack) provide powerful log analysis capabilities.

Set up health checks in your Dockerfile:

HEALTHCHECK --interval=30s --timeout=3s \
  CMD curl -f http://localhost:3000/health || exit 1

Docker automatically monitors container health and restarts unhealthy containers, improving application reliability.

Deploying Docker to Cloud Platforms

Major cloud providers offer managed container services that handle infrastructure complexity whilst maintaining Docker compatibility. These services scale automatically and integrate with cloud security and monitoring tools.

AWS Elastic Container Service (ECS) provides container orchestration without managing Kubernetes complexity. ECS has a 45% market share amongst AWS organisations using container orchestration.

Azure Container Instances offers serverless container deployment, charging only for active container runtime. This suits applications with variable workloads that don’t require constant availability.

Google Cloud Run deploys containers that scale automatically from zero to thousands of instances based on traffic. Cloud Run simplifies deployment whilst maintaining full container portability.

For businesses seeking maximum control, container orchestration with Kubernetes provides advanced features for large-scale deployments. Over 96% of organisations using containers have adopted Kubernetes, making it the dominant orchestration platform.

ProfileTree assists Belfast businesses in selecting and implementing appropriate cloud deployment strategies for their containerised applications, balancing cost, complexity and scalability requirements.

Docker for Development Teams

Docker transforms development workflows by standardising development environments across teams. New developers can start working on projects within minutes rather than days spent configuring local environments.

Create a development-optimised Docker Compose. yml:

version: '3.8'
services:
  web:
    build:
      context: .
      target: development
    volumes:
      - .:/app
      - /app/node_modules
    ports:
      - "3000:3000"
    environment:
      - NODE_ENV=development

The volume mount enables hot reloading. Changes to the source code on the host immediately reflect inside the container without rebuilding images.

Share development environments through Docker Compose files in version control. Every team member runs identical services with consistent configurations, eliminating environmental differences that cause integration issues.

Use separate Dockerfiles for development and production. Development images include debugging tools and hot reload capabilities. Production images strip these extras for minimal size and maximum security:

FROM node:18-alpine AS development
RUN npm install -g nodemon
CMD ["nodemon", "server.js"]

FROM node:18-alpine AS production
CMD ["node", "server.js"]

Build development images:

docker build --target development -t myapp:dev .

Common Docker Troubleshooting

Even experienced teams encounter container issues. Understanding common problems and their solutions reduces downtime and improves debugging efficiency.

• Container Exits Immediately: Check container logs for error messages. Often caused by incorrect CMD instructions or missing dependencies:

docker logs container-name

• Port Already in Use: Stop the conflicting service or choose a different host port:

docker run -p 8081:3000 myapp:latest

• Out of Disk Space: Remove unused images, containers and volumes:

docker system prune -a --volumes

This reclaims disk space by deleting stopped containers, unused images and orphaned volumes. Add the -f flag to skip the confirmation prompt.

• Cannot connect to Docker Daemon: Verify Docker Desktop is running. On Linux, check the Docker service status:

systemctl status docker

• Slow Build Times: Optimise Dockerfile layer caching by ordering instructions from least frequently changed to most frequently changed. Copy package files before application code:

COPY package*.json ./
RUN npm install
COPY . .

• Network Connectivity Issues: Inspect container network settings and DNS resolution:

docker exec container-name ping other-container
docker exec container-name nslookup other-container

Conclusion

Docker containerisation provides Northern Ireland businesses with a proven path to modernise application deployment, reduce infrastructure costs and improve development efficiency. The technology has matured beyond early adoption into mainstream enterprise use, with clear best practices and robust tooling.

Starting with Docker requires understanding core concepts: images, containers, Dockerfiles and orchestration. This foundation enables teams to containerise applications progressively, beginning with development environments before moving to production deployments.

Success with containerisation depends on proper implementation of security practices, resource management and monitoring. These operational considerations prevent common pitfalls and ensure containerised applications perform reliably at scale.

How ProfileTree Belfast Can Help Your Business

ProfileTree is a Belfast-based digital marketing agency supporting SMEs across Northern Ireland, Ireland and the UK. While we don’t provide Docker containerisation services directly, we help businesses implement digital strategies that drive growth and efficiency. Our core services include web design and development with a focus on WordPress solutions that prioritise rankings, traffic and conversions.

We specialise in SEO services and local SEO strategies that help businesses appear in relevant searches across their target markets. Our content marketing team creates engaging written, video and animation content that connects with audiences and supports business objectives. We provide AI implementation and training to help SMEs adopt artificial intelligence technologies practically and ethically. Our digital training workshops cover topics from SEO fundamentals to accessibility best practices, empowering teams with the knowledge to manage their digital presence effectively.

Contact ProfileTree at our Belfast office in the McSweeney Centre to discuss how our services can support your digital marketing goals and business growth.