docker-images-vs-containers-complete-beginners-guide

What is the docker, and how would you use it in a system engineering role ?

Docker is a platform that allows developers and system administrators to package applications and their dependencies into containers. Containers are lightweight, portable and run consistently across different computing environment.

How docker is used in system engineering:

1. Containerization: Docker packages an application with all its dependencies into a single container, which can be run on any system that supports docker. This simplifies deployment and eliminate dependency conflicts.

2. Environment Isolation: Each containers is isolated, providing a consistent environment for applications regardless of the underlying host system. This helps with environment replication across development, stagging and production.

3. CI/CD pipelines: (Continuous Integration and Continuous Delivery/Development) Docker containers are widely used in CI/CD  pipelines to ensure consistent testing, building and deployment environment.

4. Scalability: Dockers containers can be easily scaled up or down in a Kubernetes or docker swarm environment.

Core components of Docker

It is responsible for the overall functioning of the docker platform and docker engine is a client-server based application and consists of 3 main components.

- Server
- REST API
- Client


- Server -> The server runs a daemon known as dockerd (Docker Daemon), which is nothing but a process. It is responsible for creating and managing docker images, containers, networks and volumes on the Docker platform.

- REST API - The REST API specifies how the applications can interact with the server and instruct it to get their job done.

- The client is nothing but a command line interface, that allows users to interact with docker using the commands.

Docker Terminology 

Docker Images and Docker containers are the two essential things that you will come across daily while working with docker.

In simple terms, a docker image is a template that contains the application, and all the dependencies required to run that application on docker.

On the other hand, as started earlier, a docker container is a logical entity. In more precise terms, it is a running instance of the docker image.

What is Docker Hub? 

Docker hub is the official online repository where you could find all the docker images that are available for us to use also allows us to store and distribute our custom images as well if we wish to do so. We could also make them either public or private, based on our requirements.


What is Docker image?

Docker image is actually an executable file that file inside instruction for which types of container we should make so using one image we can create multiple container.

Image is basically like a static screenshot or static snapshot of what the code and the dependencies or what the local development environment look like.

The relation between Docker and Container like the same as Class (class - how look like object create a blueprint of code) and Object in between of relation.

Docker image is giving a blue print of how container look like in MAC, Linux, Windows.

Container 

Docker is platform or services that useful for creating a container. container i

• Portable - Portable means we can share data one machine to another machine is become to easier share code as well as dependencies with their development team.
• Lightweight - Lightweight means easier to build, update and destroy and if we want install extra addon dependencies then we can install in same container.

OR

why we make container so what should i do for making container ?

• Containers are standardized software units that package code and dependencies together, ensuring an application runs quickly and reliably across any computing environment.

after making Docker Container and add some dependencies or else so we should make again docker image ?

Yes, you need to create a new image if you want to save those changes permanently. Containers are temporary and disposable. Any changes you make directly inside a running container will be lost forever if that container is stopped, deleted, or restarted.


You have two main ways to handle this, depending on your goal:

Method: Save the Live Container (Quick Fix)

If you spent a lot of time configuring a running container manually and do not want to lose your work immediately, you can take a snapshot of it.

Find your running container ID:

• bashdocker ps

Use code with caution.Commit the changes to create a brand new image directly from that running container:

• bashdocker commit CONTAINER_ID your-new-image-name

How to install and run docker desktop

Step 1: Check Requirements

Option A: Docker Desktop (Recommended)

Requirements:

• Windows 10 64-bit
• At least 4 GB RAM (8+ GB recommended)
• Hardware virtualization enabled in BIOS
• WSL 2 support

First, open PowerShell as Administrator and check:

systeminfo


Look for:

• Hyper-V Requirements: Yes
• Virtualization Enabled In Firmware: Yes

Step 2: Enable WSL 2

Open PowerShell as Administrator:

wsl --install

After completing task 1 like according to image 1(above image) it will ask for reboot the system then after rebooting the system (according to image 2 - below) it will automatically popup a cmd and run this wsl linux.

Restart your PC.

Verify:

wsl --status

You should see WSL version 2 installed.

Step 3: Download Docker Desktop

Go to:

Docker Desktop for Windows

Download the installer.

Step 4: Install Docker Desktop

Run the installer.

During installation:

✅ Use WSL 2 instead of Hyper-V (recommended)
✅ Add Docker Desktop shortcut

Restart if prompted.

Step 5: Start Docker

Launch Docker Desktop.

Wait until Docker reports:

• Docker Engine running

Step 6: Verify Installation

Open PowerShell:

• docker --version

Example output:

• Docker version 28.x.x

Check Docker engine:

• docker info

NOTE -  some useful URLs you can check here  

• https://hub.docker.com/_/hello-world
• https://app.docker.com/accounts/whoiskumaratul

Step 7: Run Your First Container

To run this your first container hello world docker from URL - you can check here - Docker Hello World 

Test Docker with:

• docker run hello-world

If successful, you'll see a welcome message.

So, for this we will pull first - docker pull hello-world

 Then run container and you can see in the docker desktop UI there will be create docker image and docker container 

• docker run hello-world

Docker Ubuntu

When we installed wsl ubuntu you have noticed in your local directory - linux section is there 

 you can run this via Linux ubuntu - try this command docker run -it ubuntu 

 -it -> we want to run in interactive mode

 Now we can check directory and create new folder, file because we are in linux directory 

Stop container

• docker stop <container_id>

Remove container

• docker rm <container_id>

Remove image

• docker rmi <image_name>

Step 8: Run an Nginx Web Server

Pull and run Nginx:

• docker run -d -p 8080:80 nginx

Verify:

• docker ps

Open browser:

• http://localhost:8080

You should see the Nginx welcome page.

Essential Docker Commands for Interviews

List running containers

• docker ps

List all containers

• docker ps -a

List images

• docker images

Stop container

• docker stop <container_id>

Remove container

• docker rm <container_id>

Remove image

• docker rmi <image_name>

Disclaimer

How to identify my wbs chargecode in powershell

A WBS (Work Breakdown Structure) / Charge code is usually not something Powershell can 'discover' automatically from your system because it's company-specific financial/project data (Stored in tools like SAP, ServiceNow, internal portals, or time-tracking systems).

1. Check Environment Variables (if your organization uses them)

Some companies push project/charge codes as environment variables.

Get-ChildItem Env:

Look for anything like:

• WBS
• CHARGECODE
• PROJECT
• COSTCENTER

2. Check Active Directory (if stored in AD)

Sometimes WBS/cost center is stored as a user attribute.

Get-ADUser -Identity $env:USERNAME -Properties *

Look for fields like:

• department
• extensionAttributeX
• employeeID
• costCenter

Filter only relevant fields:

Get-ADUser -Identity $env:USERNAME -Properties  department,extensionAttribute1,extensionAttribute2

If you got error like as you can see the image below so in screenshot, the error is very clear:

Get-ADUser : The term 'Get-ADUser' is not recognized

✅ What this means

Your PowerShell does not have the Active Directory module installed or loaded.

Get-ADUser comes from the ActiveDirectory module, which is:

• ✅ Available on domain-joined machines with RSAT installed
• ❌ Not available by default on normal Windows installs

✅ Fix it (step-by-step)

🔹 Option 1: Check if module exists but not loaded

Get-Module -ListAvailable ActiveDirectory

👉 If you see output well and good but if you are not seeing then leave it as of now.

Then just import it:

Import-Module ActiveDirectory

Option 2: Install RSAT (Most likely needed)

Since you’re a IT Support Engineer, this is probably your case.

Run:

Get-WindowsCapability -Name RSAT.ActiveDirectory* -Online

Install it:

Add-WindowsCapability -Online -Name RSAT.ActiveDirectory.DS-LDS.Tools~~~~0.0.1.0

Option 3: If installation is blocked

In many corporate environments:

❌ You may NOT have permission to install RSAT

👉 Then:

Ask IT:

"Please enable RSAT Active Directory PowerShell module on my machine"

✅ After fixing

Use this correct command 

👉 Environment variables cannot start with numbers

✅ Correct version:

If your username is your ID:

Get-ADUser -Identity $env:USERNAME -Properties *

Or explicitly:

Get-ADUser -Identity 221843 -Properties *

Filter WBS / Charge info (after it works)

Get-ADUser -Identity $env:USERNAME -Properties * |
Select-Object Name, Department, Title, extensionAttribute1, extensionAttribute2

Disclaimer

10G SR SFP+ vs 40G SR4 QSFP+: Complete Guide to Fiber Optic Transceivers, MTP/MPO Connectors & Breakout Cables

Modern data centers and enterprise networks rely heavily on high-speed fiber connectivity. Two of the most commonly used optical transceivers are the 10GBASE-SR SFP+ and 40GBASE-SR4 QSFP+ modules.

If you work in networking, data centers, IT infrastructure, or enterprise switching environments like Cisco and Meraki, understanding the difference between these modules is extremely important.

In this guide, we will cover:

•  What 10G-SR and 10G-LR mean
•  Full form of SFP+, QSFP+, SR, and LR
•  Difference between 10G SR and 40G SR4
•  What MTP/MPO connectors are
•  How 12-fiber MPO cables work
•  Breakout cable concepts
•  Fiber polarity and connector types
•  Real-world networking use cases

#. What is 10G-SR?

Full Form of 10G-SR

• 10G = 10 Gigabit Ethernet
• SR = Short Range
• So, 10GBASE-SR means:

> 10 Gigabit Ethernet Short Range optical communication standard.

It is designed for short-distance high-speed communication over multimode fiber (MMF).

#. What is 10G-LR?

Full Form of 10G-LR

• 10G = 10 Gigabit Ethernet
• LR = Long Range

So, 10GBASE-LR means:

> 10 Gigabit Ethernet Long Range optical communication standard.

Unlike SR, LR is designed for long-distance communication using single-mode fiber (SMF).

# Difference Between 10G-SR and 10G-LR

| Feature      | 10G-SR                | 10G-LR                  |
| ------------ | --------------------- | ----------------------- |
| Full Form    | Short Range           | Long Range              |
| Speed        | 10Gbps                | 10Gbps                  |
| Fiber Type   | Multimode Fiber (MMF) | Single-Mode Fiber (SMF) |
| Wavelength   | 850nm                 | 1310nm                  |
| Connector    | Duplex LC             | Duplex LC               |
| Distance     | Up to 300m/400m       | Up to 10km              |
| Cost         | Lower                 | Higher                  |
| Common Usage | Data Centers          | Long Campus Links       |

#. What is SFP+?

Full Form of SFP+

SFP+ = Small Form-factor Pluggable Plus

It is a compact hot-swappable transceiver used for:

•  10 Gigabit Ethernet
•  Fiber communication
•  Switch-to-switch links
•  Server uplinks
•  Storage networking

A 10G-SR SFP+ module usually uses:

•  Duplex LC connector
•  Multimode fiber
•  850nm wavelength

#. What is QSFP+?

Full Form of QSFP+

• QSFP+ = Quad Small Form-factor Pluggable Plus
• “Quad” means it contains 4 independent lanes.

Each lane can carry:

• 4×10Gbps=40Gbps

So a QSFP+ SR4 module delivers:

> 40 Gigabit Ethernet speed using 4 parallel 10G lanes.

#. What is 40GBASE-SR4?

Full Form of 40GBASE-SR4

•  40G = 40 Gigabit Ethernet
•  SR = Short Range
•  4 = Four parallel lanes

40G SR4 uses:

•  Multimode fiber
•  MPO/MTP connector
•  Parallel optics technology

It is commonly used in:

•  Data centers
•  Spine-leaf architecture
•  High-density aggregation switches
•  Enterprise core networking

#. 10G SR SFP+ vs 40G SR4 QSFP+

| Feature     | 10G SR SFP+      | 40G SR4 QSFP+         |
| ----------- | ---------------- | --------------------- |
| Speed       | 10Gbps           | 40Gbps                |
| Form Factor | SFP+             | QSFP+                 |
| Fiber Type  | MMF              | MMF                   |
| Connector   | LC Duplex        | MPO/MTP               |
| Fiber Count | 2 fibers         | 8 fibers used         |
| Wavelength  | 850nm            | 850nm                 |
| Use Case    | Standard uplinks | High-density backbone |

#. What is an MTP/MPO Connector?

The MTP/MPO connector is a high-density fiber connector that combines multiple fiber strands into one compact connector.

Full Form of MPO

• MPO = Multi-Fiber Push-On
• It is the industry-standard multi-fiber connector.

Full Form of MTP

• MTP = Multi-fiber Termination Push-on
• MTP is an advanced branded version of MPO developed by US Conec.

It includes:

•  Better alignment
•  Improved ferrule design
•  Lower insertion loss
•  Better durability
•  Higher performance

#. What Does “12-Fiber MPO” Mean?

A 12-fiber MPO connector contains:

• 12 Fiber Positions
• However, in 40G SR4, only 8 fibers are actively used.

#. How 40G SR4 Uses 12 Fibers

The 12-fiber MPO layout works like this:

| Fiber Usage | Purpose       |
| ----------- | ------------- |
| 4 Fibers    | Transmit (Tx) |
| 4 Fibers    | Receive (Rx)  |
| 4 Fibers    | Unused/Idle   |

The bandwidth calculation becomes:

• 4×10G=40G
• Each lane carries 10Gbps.

#. What is Fiber Polarity?

Fiber polarity ensures:

> Transmit (Tx) on one side connects to Receive (Rx) on the other side.

Without correct polarity:

 Link will fail

 Optical communication will not establish

#. What is MPO Type-B Cable?

For direct 40G QSFP+ to QSFP+ connectivity, networks commonly use:

> Type-B MPO crossover cable

This swaps the fibers internally so Tx aligns with Rx correctly.

#. Male vs Female MPO Connectors

Male MPO

Contains:

•  Two alignment guide pins

Female MPO

Contains:

•  Two guide holes

| Device            | Connector Type |
| ----------------- | -------------- |
| QSFP+ Transceiver | Male           |
| MPO Patch Cable   | Female         |

Typically:

#. What is QSFP Breakout?

A QSFP+ port can be split into:

• 1×40G→4×10G

This is called:

•  Breakout
•  Channelization
•  Fan-out connectivity

Using an MPO-to-LC breakout cable, one 40G port becomes four separate 10G SFP+ connections.

#. Real-World Use Cases

 10G SR SFP+

Commonly used for:

•  Server uplinks
•  Access switch uplinks
•  VMware networking
•  Storage traffic
•  Enterprise LAN

40G SR4 QSFP+

•  Spine-leaf architecture
•  Core switch interconnects
•  Data center aggregation
•  High-density networking
•  Cisco Nexus environments

#. Cisco and Meraki Compatibility

Popular compatible modules include:

•  Cisco SFP-10G-SR
•  Cisco SFP-10G-SR-S
•  Cisco QSFP-40G-SR4
•  Meraki MA-SFP-10GB-SR
•  Meraki MA-QSFP-40G-SR

These are widely deployed in enterprise networking environments.

#. Advantages of 10G SR SFP+

•  Lower cost
•  Easy deployment
•  Duplex LC simplicity
•  Ideal for short-range networking
•  Highly compatible

#. Advantages of 40G SR4 QSFP+

•  Much higher bandwidth
•  High port density
•  Supports breakout architecture
•  Better for modern data centers
•  Scalable backbone connectivity

#. Important Networking Terms

| Term  | Meaning                               |
| ----- | ------------------------------------- |
| SFP+  | Small Form-factor Pluggable Plus      |
| QSFP+ | Quad Small Form-factor Pluggable Plus |
| SR    | Short Range                           |
| LR    | Long Range                            |
| MPO   | Multi-Fiber Push-On                   |
| MTP   | Multi-fiber Termination Push-on       |
| MMF   | Multimode Fiber                       |
| SMF   | Single-Mode Fiber                     |
| Tx    | Transmit                              |
| Rx    | Receive                               |

#. Final Thoughts

Both 10G SR SFP+ and 40G SR4 QSFP+ modules are critical components in modern enterprise and data center networking.

Choose 10G SR when:

•  You need affordable 10Gbps connectivity
•  Distance is short
•  LC duplex fiber is available

Choose 40G SR4 when:

•  You need higher throughput
•  Building scalable infrastructure
•  Deploying spine-leaf architecture
•  Using MPO/MTP structured cabling

Understanding MPO/MTP fiber layouts, polarity, and breakout concepts is essential for anyone working in networking, data centers, or optical infrastructure.

For network engineers and IT professionals, mastering these fiber technologies builds a strong foundation for working with modern high-speed Ethernet environments.

Disclaimer

🔐 ACL (Access Control List)

ACL is a set of rules used on routers and switches to permit or deny network traffic based on IP addresses, protocols, or ports.



ACL is used for:

• Security
• Traffic filtering
• Blocking users
• Allowing specific networks
• Firewall-like control

Used in:

• Enterprises
• Firewalls
• ISPs
• Corporate networks
• Banks

🎯 Real-Life Example

Suppose company says:

❌ HR department cannot access Server
✅ IT department can access Server

👉 ACL handles this.

🔥 What You Will Learn

✔ Permit/Deny traffic
✔ Standard ACL
✔ Extended ACL basics
✔ Interface filtering
✔ Inbound/Outbound traffic
✔ Enterprise security logic

🧪 Practical Topology

In Cisco Packet Tracer create:

PC0 ---- Switch ---- Router ---- Server

🌐 IP Addressing

🔌 Wiring

Use:
✅ Copper Straight-Through

 ⚙️ Step 1: Configure Router Interfaces

enable
configure terminal

interface g0/0
ip address 192.168.1.1 255.255.255.0
no shutdown

interface g0/1
ip address 200.1.1.1 255.255.255.0
no shutdown

 ⚙️ Step 2: Configure PC & Server

🧪 Step 3: Test Before ACL

From PC0:
ping 200.1.1.2
✔ Success

🔥 Step 4: Create ACL

Now we block PC0 from reaching Server.

🔹 Create Standard ACL

access-list 1 deny 192.168.1.10
access-list 1 permit any

🧠 Meaning

🔥 Step 5: Apply ACL to Interface

Apply on router interface:

interface g0/0
ip access-group 1 in

🧠 Important Concept

in means:

Traffic entering interface.

🔍 Packet Flow

PC0 → Router G0/0 → ACL checks → deny
Packet dropped.

🧪 Step 6: Test Again

From PC0:
ping 200.1.1.2
❌ Failed
ACL blocked it.

  

🔥 Verify ACL

Run:
show access-lists
You’ll see packet matches.

🔥 Full ACL Configuration

enable
configure terminal

access-list 1 deny 192.168.1.10
access-list 1 permit any

interface g0/0
ip access-group 1 in

🧠 VERY IMPORTANT RULE

ACL processes:

TOP → DOWN

First match wins.

🔥 Hidden Rule

Every ACL ends with:

implicit deny any

Means:
If not permitted → automatically denied.

🎯 Standard vs Extended ACL

🔥 Example Extended ACL

access-list 101 deny tcp 192.168.1.0 0.0.0.255 any eq 80

Blocks:

HTTP traffic

 

🧠 Important Interview Questions

❓ What is ACL?

 Traffic filtering/security mechanism.

❓ What is implicit deny?
Hidden deny rule at end of ACL.

❓ Difference between inbound and outbound?

❓ Which ACL is closer to destination?
Standard ACL


❓ Which ACL is closer to source?
Extended ACL

Disclaimer

NAT (Network Address Translation)

NAT is a process that translates private IP addresses into public IP addresses to enable communication with external networks like the internet. NAT Network Address Translation practical in cisco packet tracer

This is used in:

• Home WiFi routers
• Offices
• Enterprises
• ISPs
• Firewalls

Without NAT:

👉 Private IP devices cannot access the internet.

🎯 Why NAT Exists

Private IPs:

• 192.168.x.x
• 10.x.x.x
• 172.16.x.x

❌ Cannot work directly on internet.

So router does:

Private IP  →  Public IP

🔥 What You Will Learn

• ✔ Inside vs Outside interfaces
• ✔ Private/Public IP
• ✔ NAT translation
• ✔ Internet simulation
• ✔ PAT overload
• ✔ Enterprise internet access

🧪 Practical Topology

In Cisco Packet Tracer create:

PC0 ---- Switch ---- Router ---- Server

🌐 IP Addressing

🔹 Internal LAN

🔹 External Network

🔌 Wiring

PC → Switch

Use:

✅ Copper Straight-Through

Switch → Router

Use:

✅ Copper Straight-Through

Router → Server

Use:

✅ Copper Straight-Through

🔥 Physical Port Connections

Like - 

⚙️ Step 1: Configure Router Interfaces

enable
configure terminal

interface g0/0
ip address 192.168.1.1 255.255.255.0
ip nat inside
no shutdown

interface g0/1
ip address 200.1.1.1 255.255.255.0
ip nat outside
no shutdown

🧠 Important Concept

⚙️ Step 2: Configure PC

⚙️ Step 3: Configure Server

🔥 Step 4: Create Access List

access-list 1 permit 192.168.1.0 0.0.0.255

🧠 Why ACL?

Tells router:

👉 Which internal IPs should be translated.

🔥 Step 5: Enable NAT Overload (PAT)

ip nat inside source list 1 interface g0/1 overload

🧠 Meaning

🎯 Full NAT Configuration

enable
configure terminal

interface g0/0
ip address 192.168.1.1 255.255.255.0
ip nat inside
no shutdown

interface g0/1
ip address 200.1.1.1 255.255.255.0
ip nat outside
no shutdown

access-list 1 permit 192.168.1.0 0.0.0.255

ip nat inside source list 1 interface g0/1 overload

🧪 Step 6: Test Connectivity

From PC0:

ping 200.1.1.2

✔ Success

🔍 What Happens Internally

192.168.1.10
↓
Router translates
↓
200.1.1.1
↓
Server

🔥 Verify NAT Translation

On router:

show ip nat translations

You’ll see:

Inside local → Inside global

🔥 Most Important Interview Questions

❓ Difference Between NAT and PAT?

❓ What is Overload?

PAT (Port Address Translation)

❓ Why NAT Important?

Conserves public IPv4 addresses.

❓ What command verifies NAT?

show ip nat translations

🔥 Common Mistakes

🎯 What You Learned

• ✔ NAT basics
• ✔ Private/Public IP
• ✔ PAT overload
• ✔ ACL for NAT
• ✔ Enterprise internet logic

Disclaimer