Unraveling Docker’s Secrets: What Lies Beneath the Surface?

Praveen Dandu
3 min readAug 1



Most of us use Docker on a daily basis, but have you ever wondered what happens beneath the surface? In this blog, we will delve into some intriguing questions related to Docker’s inner workings. By understanding these concepts, you can gain valuable insights into Docker container management and enhance your overall Docker mastery.

➡️ Q1: What’s the Kernel version of your Docker container?

To find out the Kernel version of your Docker container, you can execute the following command inside the container:

$ uname -r

Knowing the Kernel version is crucial for compatibility and performance tuning. Docker containers share the host system’s kernel, so it’s essential to ensure that your application’s Kernel requirements align with the host’s Kernel version.

➡️ Q2: Why does the first process inside the Docker container run as PID 1?

The first process inside a Docker container typically runs as PID 1 because of a concept called “init isolation.” When a container starts, a lightweight init process is launched as PID 1 to manage other processes within the container. This process ensures that when a container’s main process exits, all other processes are properly terminated, preventing “zombie” processes and ensuring a clean container shutdown.

➡️ Q3: How much default memory is allocated to your Docker container?

By default, Docker containers do not have a predefined memory limit, which means they can use all available memory on the host system. This can lead to resource contention and affect other applications running on the same host. To view the default memory limit, you can run the following command:

$ docker inspect --format='{{.HostConfig.Memory}}' <container_id>

➡️ Q4: Can you limit how much memory a container can use?

Yes, you can limit the memory usage of a Docker container. By setting memory constraints, you ensure that the container operates within defined limits, preventing it from consuming excessive resources. To set a memory limit for a container, use the – memory flag when running the container:

$ docker run  – memory=<memory_limit> <image_name>

For example, to set a limit of 512MB, use – memory=512m.

➡️ Q5: How does a container get its IP or communicate with the outside world?

Docker containers communicate with the outside world using network bridge interfaces. When you start a container, Docker creates a virtual network interface (veth pair) and connects it to a bridge interface on the host. The container gets its IP address from the bridge’s subnet, allowing it to communicate with other containers and the host.


By pondering these questions and exploring the provided examples, you’ve taken a significant step towards mastering Docker. Understanding the Kernel version, process isolation, memory allocation, and networking within Docker containers will empower you to optimize performance, manage resources effectively, and troubleshoot networking issues with confidence. Happy Dockerizing!

Thank you for reading my blog! If you enjoyed the content and want to receive timely updates whenever I publish a new article, make sure to follow me on Medium. It’s quick and easy! Just log in to your Medium account (or create one if you haven’t already), visit my profile, and click the “Follow” button. Stay informed and never miss a new post! Your support means a lot to me, and I’m excited to continue sharing valuable insights with you. Happy reading! 🚀



Praveen Dandu

🚀 DevOps Engineer | Automating Infrastructure, Streamlining Deployments | Continuous Integration & Delivery Specialist https://www.linkedin.com/in/pravin24/