SIVARO

What Is a Docker and Why Is It Used? The Real Developer's Guide

I remember the exact moment I stopped fighting dependency hell. It was 2018. We were deploying a Python service across three environments — my laptop, a st...

what docker used real developer's guide
By Nishaant Dixit

What Is a Docker and Why Is It Used? The Real Developer's Guide

I remember the exact moment I stopped fighting dependency hell. It was 2018. We were deploying a Python service across three environments — my laptop, a staging server, and production. The local version ran fine. Staging crashed with a missing OpenSSL binding. Production? It worked but was 2x slower because the system packages were different.

That's when I understood what Docker actually solves.

Docker is a platform for running applications in isolated, lightweight environments called containers. Each container packages your code with exactly the dependencies it needs — system libraries, config files, environment variables, the specific Python version. Nothing more. Nothing less. The container runs the same way on my MacBook, an EC2 instance, or a Raspberry Pi.

But here's the thing most tutorials miss: Docker isn't just about "it works on my machine." That's the entry-level benefit. The real power is in how it changes your deployment architecture, your team's workflow, and your operational sanity.

I'm Nishaant Dixit, founder of SIVARO. We build data infrastructure and production AI systems. We've been running containers since Kubernetes 1.8. I've seen what Docker does to teams — the good, the bad, and the "why is my disk full again" ugly.

Let me walk you through what actually matters.

The Container Lie You've Been Told

Most people think containers are "lightweight VMs." They're wrong.

Joe Beda, co-creator of Kubernetes, said it best: containers are just processes with namespaces and cgroups applied. A VM virtualizes hardware. A container virtualizes the operating system.

Here's the practical difference:

A VM boots an entire guest OS. That's gigabytes of RAM, minutes of startup time, and a full kernel you need to patch.

A container shares the host kernel. It's a process — isolated, but still a process. It starts in milliseconds, uses megabytes of overhead, and doesn't require you to manage a separate operating system.

I tested this at SIVARO. Our inference service needed 50 replicas. With VMs, that was 50 full Ubuntu instances — roughly 1.5GB each before any application code. With containers? 50MB per container. Same application. 30x less memory overhead.

The official Docker documentation makes this distinction clear: containers are an abstraction at the app layer that packages code and dependencies together. VMs are an abstraction of physical hardware.

So no — is docker just a vm? Absolutely not. If you treat it like one, you'll miss the point and probably end up running a container with a full init system inside it. Don't do that.

What Docker Actually Does (The 30-Second Explanation for Dummies)

If someone asks me "what is docker explained for dummies?", I say this:

Docker lets you take a snapshot of your entire application environment — the code, the libraries, the config files, the operating system tools — and run that snapshot identically anywhere Docker is installed.

That snapshot is called an image. When you run an image, it becomes a container.

The magic is in the Dockerfile. It's a recipe. Here's what one looks like for a real project we shipped at SIVARO:

dockerfile
FROM python:3.11-slim

WORKDIR /app

# Install system dependencies for ML inference
RUN apt-get update && apt-get install -y     libgomp1     libpq-dev     && rm -rf /var/lib/apt/lists/*

COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt

COPY . .

CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "80"]

Every line in that file is auditable. Every dependency is pinned. The image we build from this runs identically on my machine and on AWS Fargate.

That reproducibility is the core value. Not "easy deployment" or "microservices." Reproducibility.

Why Docker Won (And What It Lost)

Docker didn't win because it was the best technology in 2013. It won because it made containers usable.

Before Docker, you had LXC — Linux Containers. They existed. They worked. But setting them up was painful. Docker gave developers a CLI that worked like git. docker pull, docker run, docker commit. Familiar. Simple.

The Docker company's own site claims over 20 million developers use Docker today. That number tracks with what I see in the industry. Every client we work with at SIVARO — from fintech startups to healthcare data pipelines — uses Docker in some form.

But Docker isn't perfect. Here's what I've learned the hard way:

Docker Desktop is a resource hog on Mac. I've had it eat 8GB of RAM. We switched to Colima for local development. Saved 6GB.

Container sprawl is real. Our team once had 47 containers running on a single dev machine. Nobody knew what half of them did. We implemented resource limits and died laughing when we realized the old meme was true: "what is the meaning of docker in english? It's a dock worker." We were running a dock worker on every port.

The Real Use Cases (Bypassing the Tutorials)

You don't need Docker for everything. The dev tutorials push it as a solution to every problem. It's not.

Here's where Docker actually shines based on what I've seen:

1. CI/CD Consistency

We run 200+ builds a week at SIVARO. Before Docker, our CI pipeline broke weekly because build agents had different tools installed. Now every build runs in the same container image. Zero CI environment issues in the last 18 months.

2. Microservices Development

When you're running 12 services locally — API gateway, auth service, user service, data pipeline, ML inference — you need to run them in isolation. Docker Compose handles this. One file defines the entire stack.

Here's the Compose file we use for our dev environment:

yaml
version: '3.8'
services:
  api-gateway:
    build: ./gateway
    ports:
      - "8000:8000"
    environment:
      - DB_HOST=postgres
    depends_on:
      - postgres
      - redis
  
  inference:
    build: ./inference
    deploy:
      resources:
        limits:
          memory: 2G
    volumes:
      - ./models:/models
  
  postgres:
    image: postgres:15
    volumes:
      - pgdata:/var/lib/postgresql/data
  
  redis:
    image: redis:7-alpine

volumes:
  pgdata:

That file runs a full production-like environment on a developer's laptop. 50 megabytes of config replaces 12 pages of setup documentation.

3. Training and Deploying ML Models

This is controversial. Most people think Docker is just for web services. But we use it for ML inference pipelines.

The problem with ML models is dependency hell squared. You need specific CUDA versions, cuDNN versions, TensorRT, onnxruntime — and they all fight with each other. Docker containers pin each model to its own environment.

We run 15 different models in production. Each has its own Docker image with the exact CUDA toolkit and Python packages it needs. No conflicts. No "but it worked in training" emails.

Docker vs VM: The Numbers That Matter

Amazon's comparison page shows the official take. But let me give you the practical numbers from our production systems at SIVARO:

Startup time: Container = 200ms. VM = 45 seconds (with a warm image).

Memory overhead per unit: Container = 15MB (the Docker engine overhead, shared across all containers). VM = 512MB (guest OS minimum).

Density per host: We pack 40 containers on a 8-core, 32GB machine. With VMs, we'd get maybe 8.

Disk size for base image: Our Python image is 178MB. A minimal Ubuntu VM is 2.5GB.

But here's the trade-off that matters: security isolation. VMs have strong hardware isolation. If a container breaks out, it's on the host kernel. Is Docker just a VM? No — and that means you need to trust the container, or use additional security mechanisms like seccomp profiles and AppArmor.

At SIVARO, we run multi-tenant workloads in Docker for internal tools but use VMs for client-facing multi-tenant systems. Different threat models need different approaches.

Is Docker AWS or Azure?

This question comes up constantly. I hear it from clients: "Is docker aws or azure?"

No. Docker is a technology. AWS and Azure are cloud platforms that run Docker.

AWS offers ECS (Elastic Container Service), EKS (Kubernetes), and Fargate (serverless containers). Azure offers AKS (Azure Kubernetes Service) and Container Instances. Google Cloud has GKE and Cloud Run.

You can run Docker on your laptop, in a data center, on bare metal, or in the cloud. The technology is platform-agnostic. The overview from Docker's docs makes this explicit — Docker runs anywhere Linux does.

But I'll give you a practical take: if you're starting fresh in 2025, don't manage Docker yourself on servers. Use a managed container service. The operational overhead of running Docker on EC2 manually is not worth it for most teams. Use AWS Fargate or Google Cloud Run. Let the cloud provider handle orchestration.

Can I Learn Docker in 2 Days?

Yes. But you won't master it.

"Can i learn docker in 2 days?" — you can learn enough to be dangerous. Here's the roadmap:

Day 1: Learn docker run, docker build, basic Dockerfiles. Set up a simple web server in a container. Learn docker-compose for multi-service setups.

Day 2: Learn volumes for persistent data, networking between containers, and Docker Hub for sharing images. Debug a real problem with docker logs and docker exec.

That gets you productive. But you won't understand image layering, build caching, multi-stage builds, or security best practices in two days. Those take months of real use.

The endjin introduction to containers has a good 3-hour tutorial series if you want structured learning. But honestly? The best way is to containerize a real project you already have. You'll hit walls. You'll learn fast.

The Bad Parts Nobody Talks About

I've been running Docker in production since 2017. Here's what the marketing glosses over:

Docker's networking is confusing. There are bridge networks, host networks, overlay networks for swarm (which nobody uses), and macvlan. The default bridge network doesn't have DNS resolution between containers. We spent two days debugging a production issue because our app couldn't resolve the database hostname — turns out we were using the default network instead of a user-defined bridge.

Container logs can burn you. By default, Docker uses the json-file logging driver. If your app logs heavily, those files grow unbounded. We had a server run out of disk because a single container's log file hit 40GB. Configure log rotation in your Docker daemon config:

json
{
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "10m",
    "max-file": "3"
  }
}

Image bloat is real. Developers love to start with python:3.11 instead of python:3.11-slim or, better yet, python:3.11-alpine. The full image is 900MB. The slim version is 178MB. The alpine version is 47MB. Use multistage builds to keep images lean:

dockerfile
# Build stage
FROM python:3.11-slim AS builder
WORKDIR /app
COPY requirements.txt .
RUN pip install --user --no-cache-dir -r requirements.txt

# Runtime stage
FROM python:3.11-slim
WORKDIR /app
COPY --from=builder /root/.local /root/.local
COPY . .
ENV PATH=/root/.local/bin:$PATH
CMD ["python", "app.py"]

That final image is 10x smaller than what most teams ship.

The Future: Docker Isn't the End

Docker changed the industry. But containers are a means, not an end.

At SIVARO, we're already moving beyond raw Docker to serverless containers (AWS Fargate) and WASM-based runtimes for edge inference. Docker is the foundation, but the abstraction layer is shifting upward.

That said, you still need to understand Docker. It's the assembly language of modern infrastructure. Kubernetes runs on it. Serverless functions build on its principles. Even the new container runtimes like Podman and containerd follow the same mental model.

Learn Docker. Learn it well. It will teach you how to think about deployment, isolation, and reproducibility — concepts that matter regardless of what technology comes next.

FAQ: Docker Questions I Actually Get Asked

What is a docker and why is it used?

Docker is a containerization platform that packages your application with all its dependencies into a lightweight, portable container. It's used to ensure consistent behavior across different environments — from your laptop to production servers — eliminating the "it works on my machine" problem. It also enables efficient resource utilization compared to VMs and simplifies deployment, scaling, and management of distributed applications.

What is docker explained for dummies?

Think of Docker as a shipping container for your app. Before shipping containers, cargo came in different shapes and sizes — crates, barrels, pallets. Nothing fit together. Shipping containers standardized everything. Docker does the same for software: it packages your code, libraries, and configuration into a standard unit that ships anywhere Docker runs. Your app behaves identically on your laptop, in the cloud, or on a server in Antarctica.

Is docker just a vm?

No. Docker containers share the host operating system's kernel, while VMs run a complete guest OS inside a hypervisor. Containers start in milliseconds, use megabytes of overhead, and don't require managing a separate operating system. VMs boot in minutes, consume gigabytes, and provide stronger hardware isolation. They solve different problems. Use containers for application isolation. Use VMs for full-environment isolation.

Is docker aws or azure?

Neither. Docker is an open-source technology for running containers. AWS and Azure are cloud platforms that support running Docker containers. Think of Docker as a shipping standard — AWS and Azure are just different ports where you can ship your containers. You can run Docker on your own servers, Raspberry Pis, or any Linux machine.

What is the meaning of docker in english?

In the original English, a docker is a person who loads and unloads cargo from ships — a dock worker. Solomon Hykes, Docker's creator, chose the name because his technology "loads and unloads" software containers. The nautical metaphor runs deep: images are "shipped," containers are "ports," and Docker Hub is a "registry" (like a ship registry). It's a bit on the nose, but it stuck.

Can i learn docker in 2 days?

You can learn enough to be operational in two focused days. Day one: basic commands, Dockerfiles, and running containers. Day two: networking, volumes, and Docker Compose for multi-service apps. That gets you productive. But real proficiency — understanding image layering, build optimization, security hardening, and production orchestration — takes months of hands-on practice with real applications.

What's the difference between Docker and Kubernetes?

Docker runs individual containers. Kubernetes orchestrates many containers across multiple machines. Docker solves "how do I package and run this app?" Kubernetes solves "how do I manage 200 instances of this app across 10 servers, handle failures, rolling updates, and scaling?" You can use Docker without Kubernetes. You almost always need Docker (or an equivalent container runtime) to use Kubernetes.

Nishaant Dixit — Founder of SIVARO. Building data infrastructure and production AI systems since 2018. Built systems processing 200K events/sec.

Free · No Commitment · 48-Hour Delivery

Get a free infrastructure audit

2-hour remote session. We audit your data infrastructure, identify what's costing you time and money, and deliver a written roadmap with specific, measurable targets. No pitch.

Book Your Free Audit
N
Nishaant Dixit
Founder & Lead Engineer at SIVARO

Building data-intensive systems since 2018. 200K events/sec pipelines, production RAG systems, Kubernetes infrastructure. LinkedIn →

Start a Project
Need help with infrastructure?

Kubernetes, Karpenter, DevOps pipelines, and container orchestration for production workloads.

Explore MVP to Production