Module Review
[!TIP] Use this page to verify your understanding before moving on.
Key Takeaways
- Container vs VM: Containers virtualize the OS (shared kernel, light). VMs virtualize Hardware (full OS, heavy).
- Isolation: Achieved via Namespaces (what you see) and Cgroups (what you use).
- Architecture: Docker is Client-Server. CLI → Daemon (
dockerd) →containerd→runc. - Immutability: Images are read-only templates. Containers add a thin read-write layer on top.
- Ephemeral: Containers are meant to be stopped and destroyed. Data inside them is lost unless persisted (Volumes).
1. Interactive Flashcards
Test your recall. Click to flip.
What kernel feature isolates "What a process can see"?
Namespaces (PID, NET, MNT, etc.)
What component actually spawns the container process?
runc (The OCI Runtime)
Why does a container exit immediately?
Because its main process (PID 1) finished execution.
What is the difference between `docker run` and `docker start`?
`run` creates a NEW container. `start` launches an EXISTING stopped container.
How do you run a container in the background?
Use the `-d` (detached) flag.
2. Cheat Sheet
| Category | Command | Action |
|---|---|---|
| Lifecycle | docker run -d <img > |
Start container in background |
docker stop <id> |
Graceful shutdown | |
docker rm -f <id> |
Force kill and remove | |
| Inspection | docker ps -a |
List all containers |
docker logs <id> |
View output stream | |
docker inspect <id> |
View low-level JSON metadata | |
| Cleanup | docker system prune |
Remove unused data (stop first!) |
| Debugging | docker exec -it <id> sh |
Open shell inside container |
3. Next Steps
Now that you understand the basics, let’s learn how to build your own images.
Proceed to Module 02: Images →
Check the Docker Glossary for definitions.