mathbong
KO
infra Docker

[Docker Series Part 1] What Docker Is and Why It Is Essential for Infrastructure

#docker#infra#containers#deployment#operations
한국어 버전

When people first meet Docker, they often treat it as a convenient local runner. That impression is not wrong, because Docker does make it easy to boot a local environment and bundle dependencies. But once you zoom out, Docker is less about a single command and more about the technology that unifies environments, simplifies deployments, and standardizes how we operate services.

The infamous “it worked on my laptop yesterday but not on the server today” moment hints at Docker’s real value: providing consistent environments. From there, Docker naturally extends beyond developer comfort into environment provisioning, deployment, and infrastructure.

This article takes that path step by step: a brief view of the Docker technology, what it means as an environment tool, how it reshapes deployments, and finally how it fits into the infrastructure layer.

How this post flows

  1. What Docker technology actually is
  2. The first images students meet on macOS
  3. How Docker keeps environments consistent
  4. Managing multiple containers with Docker Compose
  5. Why Docker leads straight into infrastructure

Terms introduced here

  1. Image: A packaged unit containing an app and its runtime so servers can reproduce the same result.
  2. Container: A running instance of an image with process isolation and resource controls.
  3. Volume: Persistent storage that outlives a container. Docker-managed named volumes keep database or upload data even when containers are rebuilt, while bind mounts point to host directories and tmpfs mounts live only in memory.
  4. Bridge network: A user-defined virtual network that lets containers resolve each other by service name and control which ports are reachable from outside.
  5. Dockerfile: A plain-text recipe that lists the base image, packages, files, and entrypoint needed to build a reproducible image artifact.

Reading card

  • Estimated time: 20 minutes
  • Prereqs: familiarity with terminal basics plus Linux processes, ports, and environment variables (skim a short primer if these are new)
  • After reading: you can explain Docker separately as a developer tool and as infrastructure.

What is Docker?

Docker packages an application and its execution context into an image, then runs that image as a container. The point is not “move the app alone,” but “move the app plus the conditions it needs to run.”

Traditionally we installed language runtimes, system packages, and library versions on each server by hand. It works, but the more servers you have, the easier it is for small differences to cause outages. Docker locks those execution conditions into the image, so the same software behaves more predictably wherever it goes.

Docker is closer to a process isolation and standardized deployment technology than a full OS virtualization stack like a VM. That is why it becomes common ground between development and operations.

Running Docker on macOS does not mean Linux processes magically run on macOS itself. Docker Desktop uses the platform’s lightweight hypervisor—HyperKit on Intel Macs and Apple’s Virtualization Framework plus Rosetta 2 translation on Apple Silicon—to host a Linux environment and run containers there. Students benefit from this setup because it offers Ubuntu or Alpine practice environments on macOS without heavy overhead, even though the underlying kernel still differs from a real server.

First Docker images you will see on macOS

Learning Docker starts with “which image should I run?” Sticking to a few official images with clear purposes gives beginners confidence.

1. Ubuntu image

Images such as ubuntu:24.04 feel intuitive for Linux server practice. You can install packages with apt, and most introductory material targets Ubuntu.

docker run -it --rm ubuntu:24.04 bash

This command drops students into an Ubuntu shell inside their Mac terminal. It is the safest way to practice installs, file operations, and process checks.

2. Alpine image

The alpine:3.20 line is extremely small and fast. The default shell is sh, and the package manager is apk instead of apt. It is perfect for explaining “small Linux environments” and “lightweight deployment images.”

docker run -it --rm alpine:3.20 sh

Alpine starts instantly and keeps image size low, so it shows that containers do not have to feel like heavy VMs. On the flip side, many familiar utilities are missing, which makes it useful for discussing trade-offs between practice and production images.

3. Service images such as MySQL

Database images demonstrate the moment Docker moves beyond “app runner” into “infrastructure lab tool.” The mysql:8.4 image boots a database as soon as you wire environment variables, ports, and volumes.

docker run -d --name mysql-lab \
  -e MYSQL_ROOT_PASSWORD=your-root-password \
  -e MYSQL_DATABASE=sample \
  -p 3306:3306 \
  -v mysql-data:/var/lib/mysql \
  mysql:8.4

Official service images usually include the default utilities and startup scripts, so students spend less time on installation docs and initial setup. The takeaway is that a Docker image is not just a zip file but a runnable unit already primed for a role. Do not worry about memorizing every flag in the command above—the point is seeing how environment variables, ports, and volumes come together for a service image.

So far we have only run images that someone else built. The next step is understanding why and how you would create your own image so every machine runs the exact same environment.

How Docker Delivers Consistent Environments

Docker’s popularity is largely about minimizing environment drift. Developers run different operating systems, local package versions vary, and servers carry their own quirks. All of that causes unpredictable behavior.

Docker answers by “freezing the environment as code.” A Dockerfile is where you list the base image, package installs, copied files, environment variables, and startup command. Docker reads that file, builds a new image, and gives you a deployment artifact you can push to registries instead of sharing runbooks.

If every teammate runs the same image, the “works on my machine” excuse fades. If production servers pull the same image, the gap between local and production narrows as well.

The value is reproducibility, not convenience:

  • New teammates can boot the same environment quickly.
  • CI can test under conditions that match local development.
  • Operations can check server state based on image tags such as app:v1.2.3 or a git commit SHA.

Identical image tags guarantee the same filesystem and dependency set, but they do not erase host-level differences such as kernel versions, cgroup limits, or hardware profiles. Docker brings consistency to what runs, while infrastructure still governs how it behaves under load.

In other words, Docker is less about describing environments and more about shipping them in a cloneable form.

Managing Multiple Containers with Docker Compose

At this point, learning Docker Compose beats typing docker run repeatedly. Real practice sessions and services usually need an app, a database, and supporting tools together.

On macOS, Compose shines because “one Ubuntu lab container,” “one lightweight Alpine container,” and “one MySQL database” can live in one file.

services:
  ubuntu-lab:
    image: ubuntu:24.04
    command: ["bash", "-lc", "sleep infinity"]
    stdin_open: true
    tty: true

  alpine-lab:
    image: alpine:3.20
    command: ["sh", "-lc", "sleep infinity"]
    stdin_open: true
    tty: true

  mysql:
    image: mysql:8.4
    environment:
      MYSQL_ROOT_PASSWORD: your-root-password
      MYSQL_DATABASE: sample
      MYSQL_USER: student
      MYSQL_PASSWORD: your-app-password
    ports:
      - "3306:3306"
    volumes:
      - mysql-data:/var/lib/mysql
    restart: unless-stopped

volumes:
  mysql-data:

One file now brings all three environments up and down.

docker compose up -d
docker compose ps
docker compose exec ubuntu-lab bash
docker compose exec alpine-lab sh
docker compose exec mysql mysql -u student -p

Key ideas:

  1. Service names are your control handles. Labels like ubuntu-lab, alpine-lab, and mysql immediately show where to connect.
  2. Environment definitions live in code. Anyone rerunning this file gets the same images, ports, and volumes.
  3. Data lives in volumes. The mysql-data volume keeps database files safe between restarts.
  4. Practice flow stays simple. Sharing one compose.yaml beats copying long terminal commands.

The MySQL service does not expose a general-purpose shell, so you usually interact with it via the mysql CLI instead of bash. If you want shell access for debugging, override the command with "bash" or "sh" and keep the container open.

Learning Compose early reframes Docker as “declaring entire environments” rather than “running single containers,” which is exactly the mindset shift that leads into infrastructure.

For early labs, four commands cover most needs:

  • docker compose up -d: launch the full environment in the background.
  • docker compose ps: check which services are running.
  • docker compose exec <service> <shell>: enter a specific container.
  • docker compose down: tear the environment down.

Use docker compose down to stop containers while keeping data. Add -v only when you want to delete every named volume and reset the database entirely, because that flag irreversibly wipes persistent data.

How Docker Changes Deployment

Once environments are consistent, deployment is the next process to change. The old model was logging into a server, installing packages, pulling code, and restarting a process. It works, but states diverge between servers and rollback is messy.

Docker replaces that with an image-based flow:

SourceImage buildPush to registryDeploy to serverRun container

The server never rebuilds the app. It simply runs a verified image, so a deployment server behaves like an execution host, not a build box. That reduction in moving parts slashes operational complexity.

Why this matters:

Imagine you run 10 servers and need to roll out version 1.6. Without Docker you SSH into each one, pull code, install packages, and hope nothing differs. With Docker you build image app:v1.6 once, test it, push it to a registry, and every server pulls the same artifact.

  1. Reproducibility: identical image tags deliver the same filesystem and dependencies anywhere.
  2. Replaceability: it is easy to kill a problematic container and start a fresh one.
  3. Standardization: logs, ports, environment variables, and startup commands all live in code.

Viewed through deployment, Docker is no longer a local helper. It governs which image to build when, how to tag it, which registry to use, and how to roll back.

Why Docker Leads Into Infrastructure

At this stage Docker clearly sits inside the infrastructure layer. Deployments and operations always touch networking, storage, health checks, and recovery procedures. Containers alone do not run a service.

Thinking of Docker as infrastructure widens the scope beyond a single Dockerfile:

1. Network

Containers are isolated by default, so you must plan which services share user-defined bridge networks, which ports to expose outside, and which ones should stay internal. Docker now defines part of your network boundary and DNS naming inside that boundary.

2. Storage

Containers are disposable but data is not. You need to choose which directories become volumes—databases, uploaded files, caches—or else redeployments will delete state.

3. Observability

Operations cares more about “is it healthy?” than “is it running?” So you design log access, health checks, and restart policies alongside the containers themselves.

4. Deployment procedure

Hand-running containers is not a deployment process. A real procedure covers image builds, tagging rules, registry uploads, server rollouts, and rollback plans. Only then does Docker fulfill its infrastructure role.

Where Compose Fits in Operations

For small services or learning setups, Docker Compose is often a better starting point than a full orchestrator like Kubernetes. The question is not “is it the newest tool?” but “can the operator grasp system state from a short document?” Students also benefit because Compose expresses multiple practice containers at once. Just remember: Compose fits local development, labs, and single-host deployments; cluster-scale services usually need another orchestrator, health checks, and orchestration features. Also note that depends_on only enforces startup order; your app still needs retries or health checks if the database takes longer to accept connections.

services:
  app:
    image: ghcr.io/example/app:v1.2.3
    ports:
      - "8000:8000"
    env_file:
      - .env
    restart: unless-stopped
    depends_on:
      - db

  db:
    image: postgres:16
    volumes:
      - postgres-data:/var/lib/postgresql/data
    restart: unless-stopped

volumes:
  postgres-data:

This file already encodes infrastructure decisions: which images to run, which ports to open, which data to persist, and how to restart processes. In the learning phase it is an environment manifest; for single-server services it becomes a deployment manifest. Keep .env files out of version control and avoid storing production secrets there—real deployments use dedicated secret stores.

Common Misconceptions

“Docker makes operations easy by default”

Partially. It does reduce environment drift, but without log collection, secret management, tag strategy, and backups, Docker can even hide problems.

“Docker is a developer tool, not infrastructure”

It feels that way because most people meet it during local development. The moment your deployment pipeline and server operations revolve around Docker images, it is part of the infrastructure core.

“Containers mean you can ignore servers”

Containers abstract servers but do not erase them. Kernel tuning, disks, memory, networking, firewalls, and backup policies still belong to the server layer.

Wrap-up

Docker may look like a developer convenience at first, but it quickly becomes a technology that delivers consistent environments, standardizes deployments, and shapes operational procedures. That broader arc explains why Docker belongs under infrastructure.

The rest of this series will focus less on “how to install Docker” and more on “what else you must design once Docker enters the operations layer.” As soon as you use a mix of Ubuntu practice images, Alpine deployment images, and service images like MySQL via Compose, Docker shifts into an infrastructure context. The next article explains why Dockerfile structure and image tagging directly influence environment consistency and deployment reliability.

💬 댓글

이 글에 대한 의견을 남겨주세요

Docker Series