13. Docker & Containerization#
1. Docker — Overview#
What is Docker?#
- Platform for packaging applications with all dependencies into containers
- Ensures app runs consistently across different machines
- “Build once, run anywhere”
Core Benefits:#
| Benefit | Description |
|---|
| Consistency | Same environment on dev, staging, production |
| Isolation | Apps don’t interfere with each other |
| Portability | Run on any machine with Docker installed |
| Reproducibility | Exact same environment every time |
- ❌ Does NOT make code run faster
- ❌ Does NOT automatically write code
- ❌ Does NOT provide free hosting
2. Core Docker Components:#
Docker Image
→ Blueprint/template (read-only)
→ Built from Dockerfile
→ Stored in registry (Docker Hub)
Docker Container
→ Running instance of image
→ Isolated environment
→ Has own filesystem, network
Dockerfile
→ Instructions to build image
→ Plain text file
Docker Registry
→ Docker Hub (public)
→ Private registries (ECR, GCR)
3. docker run -p — Port Mapping#
docker run -p 8501:8501 dashboard
# │ │
# │ └── Container port (inside Docker)
# └──────── Host port (your machine)
# Access via: http://localhost:8501
- ✅
docker run -p 8501:8501 dashboard — exam answer (TDS_(1) Q28) - ❌
docker build -t dashboard . → builds image, doesn’t run - ❌
docker push dashboard → pushes to registry, doesn’t run - ❌
docker stop → stops container
4. docker logs — View Error Messages#
docker logs container_id # view all logs ✅
docker logs -f container_id # follow/stream logs
docker logs --tail 100 container_id # last 100 lines
- ✅
docker logs container_id — exam answer for debugging crashes (TDS_(1) Q29) - ❌
docker build → builds image, not view logs - ❌
docker stop → stops container - ❌
docker remove → removes container
5. Essential Container Commands:#
docker ps # list RUNNING containers
docker ps -a # list ALL containers (including stopped)
docker stop container_id # stop running container
docker rm container_id # remove stopped container
docker rm -f container_id # force remove running container
6. Shell Access Inside Container:#
docker exec -it container_id bash # open bash shell
docker exec -it container_id sh # if bash not available
docker exec container_id env # check environment variables
docker exec container_id ls /app # check file system
7. docker stats — Resource Monitoring:#
docker stats # all containers
docker stats container_id # specific container
# Shows: CPU%, Memory usage, Network I/O
8. Dockerfile — Instructions Reference#
FROM python:3.11.0 # base image (use specific version ✅)
WORKDIR /app # set working directory
COPY requirements.txt . # copy dependency file first
RUN pip install -r requirements.txt # install packages ✅
COPY . . # copy application code
EXPOSE 8501 # document port (does NOT publish!)
ENV PYTHONUNBUFFERED=1 # set environment variable
CMD ["streamlit", "run", "dashboard.py"] # default run command
All Dockerfile Instructions:#
| Instruction | Purpose |
|---|
FROM | Base image |
WORKDIR | Set working directory |
COPY | Copy files into image |
ADD | Copy + extract archives |
RUN | Execute during build |
CMD | Default run command |
ENTRYPOINT | Fixed run command |
EXPOSE | Document port |
ENV | Set environment variable |
ARG | Build-time variable |
VOLUME | Mount point |
USER | Set user |
HEALTHCHECK | Health check command |
9. RUN pip install -r requirements.txt — Exam Answer#
- ✅ Installs Python packages in container — exam answer (TDS_(1) Q31)
- ❌
COPY dashboard.py → copies file, doesn’t install - ❌
EXPOSE 8501 → documents port, doesn’t install - ❌
FROM python:3.11 → sets base image, doesn’t install packages
10. EXPOSE vs -p — Key Distinction#
| EXPOSE in Dockerfile | -p in docker run |
|---|
| Purpose | Documentation only | Actually publish port |
| Effect | None on its own | Maps host→container |
| Analogy | “This door exists” | “Open this door” |
EXPOSE 8501 # documents port — does NOT make accessible ✅
docker run -p 8501:8501 dashboard # actually publishes port ✅
- ✅
EXPOSE documents the listen port; must still use -p to publish — exam answer (TDS_(1) Q32) - ❌ Automatically makes app accessible → false
- ❌ Closes port for security → false
- ❌ Changes application code → false
11. Layer Caching — Best Practice:#
# ✅ Copy requirements first (changes less often)
COPY requirements.txt .
RUN pip install -r requirements.txt # cached if requirements unchanged
COPY . . # only rebuilds on code change
# ❌ Copy everything first (rebuilds pip install on every code change)
COPY . .
RUN pip install -r requirements.txt
12. Multi-Stage Builds + Service Mesh — Exam Answer#
For Distributed Edge Deployment:#
- Multiple intersections/nodes → each needs container
- Different services → separate containers
- Resource constraints → limit CPU/memory per container
# Stage 1: Build
FROM python:3.11 AS builder
RUN pip install --user -r requirements.txt
# Stage 2: Production (smaller image)
FROM python:3.11-slim AS production
COPY --from=builder /root/.local /root/.local
COPY app.py .
CMD ["python", "app.py"]
- ✅ Multi-stage Docker builds with service mesh + resource constraints — exam answer (May_FN Q376)
- ❌ Single monolithic container → all services coupled
- ❌ Virtual machines → too heavy for edge devices
- ❌ Direct installation → no isolation
13. Resource Constraints:#
docker run \
--cpus="0.5" \ # 50% of one CPU core
--memory="512m" \ # 512MB RAM limit
-p 8501:8501 \
dashboard
14. .dockerignore — Exclude Files:#
.git
.env
.env.*
__pycache__
*.pyc
*.log
secrets/
15. Docker Compose — Multi-Container:#
# docker-compose.yml
version: '3.8'
services:
dashboard:
build: .
ports:
- "8501:8501"
environment:
- API_KEY=${API_KEY}
depends_on:
- database
database:
image: postgres:15
environment:
- POSTGRES_DB=analytics
docker-compose up -d # start all services
docker-compose down # stop all services
docker-compose logs # view logs
Common Docker Issues & Debugging:#
| Problem | Command |
|---|
| App crashes on start | docker logs container_id ✅ |
| Can’t access in browser | Check -p port mapping |
| Missing environment var | docker exec container_id env |
| File not found | docker exec container_id ls /app |
| Out of memory | docker stats container_id |
Docker — Complete Command Reference:#
# Build
docker build -t name .
docker build -t name:v1.0 .
# Run
docker run -p host:container name # with port ✅
docker run -d -p 8501:8501 name # detached mode
docker run -e API_KEY=val name # with env var
docker run -v /host:/container name # with volume
# Manage containers
docker ps # running
docker ps -a # all
docker stop container_id
docker rm container_id
docker logs container_id # debug crashes ✅
docker exec -it id bash # shell access
# Manage images
docker images
docker rmi image_name
docker pull python:3.11
docker push username/app
# Cleanup
docker system prune # remove unused resources
Quick Reference#
Core concepts:
Image → blueprint (built from Dockerfile)
Container → running instance of image
Key commands:
docker run -p 8501:8501 name ✅ run with port mapping
docker logs container_id ✅ debug crashes
docker ps list running
docker exec -it id bash shell access
Dockerfile:
FROM → base image
RUN pip install -r requirements.txt ✅ install packages
EXPOSE → document port (NOT publish!) ✅
CMD → default run command
EXPOSE vs -p:
EXPOSE → documentation only ✅
-p → actually publishes port ✅
Layer caching:
COPY requirements.txt first ✅
THEN COPY . .
Multi-stage builds:
→ smaller final image
→ separate build and production stages ✅
Edge deployment:
✅ Multi-stage + service mesh + resource constraints
❌ Single monolithic container
❌ Virtual machines