Docker Fixes the "Works on My Machine" Problem

Here's the thing about Docker: it solved the most annoying problem in software development. You know how your Node.js app works perfectly on your MacBook but crashes immediately on the staging server because it's running Ubuntu 22.04 with a different version of everything? Docker packages your app with the exact versions of everything it needs, so it runs the same everywhere.

Docker vs VM Architecture

The Real Problem Docker Solves

Before Docker, deploying software was a fucking nightmare. You'd spend hours debugging why your app worked locally but failed in production. Different Python versions, missing libraries, conflicting dependencies - it was endless.

I've personally spent entire nights troubleshooting deployment issues that turned out to be because prod was running Python 3.8.10 while my local machine had 3.9.7. Docker eliminates this by packaging your code with the exact runtime it needs.

Containers share the host kernel but isolate everything else. Your app thinks it's running on its own machine, but it's actually just a process with fancy isolation. This means you get near-native performance without the overhead of full VMs.

Container vs VM Comparison

How Docker Actually Works (The Technical Bits)

Docker uses Linux namespaces and cgroups to create isolated environments. The Docker daemon (dockerd) manages containers, images, networks, and volumes on your system.

Here's what happens when you run docker run:

  1. Image Pull: Docker pulls the image from a registry (usually Docker Hub)
  2. Container Creation: Creates a new container from that image
  3. Filesystem Setup: Sets up a read-write layer on top of the image
  4. Network Setup: Creates network interfaces and assigns IP addresses
  5. Process Start: Runs your application as PID 1 inside the container

The genius is in the layered filesystem. Images are built in layers, so if you update just your application code, Docker only needs to rebuild that layer. Base OS layers get cached and reused across containers.

Production Reality Check

Docker Desktop is now a paid product - Pro plans cost $9/month, Team is $15/month per user. They made this change in December 2024, which pissed off a lot of developers who had been using it free.

In production, you're probably not running Docker Desktop anyway. You're using the Docker Engine directly on Linux servers, which is still free and open source.

Container networking can be a pain in the ass. The default bridge network works fine for simple cases, but once you need containers talking to each other reliably, you'll be diving into custom networks and service discovery.

Docker Hub rate limiting broke half the internet's CI pipelines in 2020. Free accounts get 100 pulls per 6 hours, which sounds like a lot until you're running integration tests that pull base images.

Docker Network Architecture

The Gotchas Nobody Tells You

Memory limits are enforced hard: Set --memory=512m and your container gets killed with exit code 137 when it tries to use 513MB. No warnings, just dead. Here's a real GitHub issue about this exact problem.

File permissions are a nightmare: Files created in containers often have weird ownership, especially with volume mounts. You'll spend time fighting with chown and understanding user namespaces.

Windows containers still suck: If you're on Windows and need to run Windows containers, prepare for pain. The tooling is years behind Linux containers. Windows Server 2022 containers are better but still janky.

BuildKit cache gets corrupted: Sometimes Docker's build cache gets corrupted and builds become slow as hell. docker builder prune -af usually fixes it, but you'll lose all cached layers. I've seen this happen after Docker Desktop updates especially.

Exit code 125 means your Dockerfile is fucked: When you see this error, it's usually a syntax error in your Dockerfile or you're trying to run a command that doesn't exist in the image.

Despite the frustrations, Docker solved a real problem. The "works on my machine" era is basically over. When you're debugging a production issue at 3 AM and the container runs exactly the same locally as it did in production, you'll remember why we put up with all this complexity.

Docker vs The Competition: What Actually Works in 2025

Feature

Docker

Podman

containerd

Pricing

Desktop costs $9-24/month now

Free (always)

Free

Architecture

Fat daemon running as root

No daemon, rootless

Minimal daemon

Windows Support

Works (mostly)

Good luck

Server only

Docker Compose

Native support

podman-compose exists

External tools

Real-world Usage

Everyone uses it

Red Hat shops

Kubernetes backend

Pain Points

Licensing costs, daemon crashes

macOS support is meh

No user-friendly tools

Docker's Ecosystem: The Good, the Bad, and the Expensive

Docker isn't just the container runtime anymore. They've built a whole ecosystem of tools, and some of them are actually useful. Others feel like money grabs.

Docker Desktop: Now With a Price Tag

Docker Desktop used to be free. Now it costs $9-24/month per user for companies, which pissed off a lot of people. But here's the thing - if you've ever tried to get Docker working reliably on Windows or macOS without it, you'll pay the money.

What actually works: The GUI for managing containers is decent. Volume management doesn't suck. The built-in Kubernetes cluster is handy for testing.

What's annoying: Docker Desktop randomly eats all your RAM. On M1/M2 Macs, it sometimes just stops working and you have to restart it. The Windows version requires WSL2, which has its own set of problems.

Docker Desktop 4.44 added AI model hosting in early 2025, which feels like they're jumping on the AI hype train. It's actually useful if you're doing local LLM development with models like Llama or Mistral, but most developers don't need it. The feature lets you run and manage AI models as containers, which is handy for testing but overkill for most web development.

Docker Hub: The Registry Everyone Uses

Docker Hub hosts pretty much every container image that matters. It's free for public images, but they added rate limiting that broke CI/CD pipelines worldwide.

Free accounts: 100 pulls per 6 hours. Sounds like a lot until your build pipeline pulls the same base images 20 times.

Paid plans: Start at $5/month for unlimited pulls. Worth it if you're running CI/CD that isn't constantly breaking.

Docker Layered Images

The Docker Official Images are maintained by Docker and generally don't have obvious security holes. Use these unless you have a specific reason not to.

Docker Compose: Actually Useful

Docker Compose is probably Docker's best tool after the core container runtime. You define your multi-container app in a YAML file, run docker-compose up, and it just works.

version: '3.8'
services:
  web:
    build: .
    ports:
      - "3000:3000"
  db:
    image: postgres:15
    environment:
      POSTGRES_PASSWORD: password

What's great: Local development environments that mirror production. Everyone on your team gets the same setup.

What's frustrating: YAML syntax errors that don't tell you what's wrong. Environment variable handling that works differently than you expect. Network configuration that seems simple but has weird edge cases.

Docker Scout: Security Theater

Docker Scout scans your images for vulnerabilities. It'll find thousands of CVEs in your node_modules that you can't fix without breaking everything.

The reports are comprehensive but mostly useless. "Critical vulnerability in libssl" sounds scary until you realize it's only exploitable if someone has shell access to your container, at which point you have bigger problems.

Docker Image Layers Visualization

Reality check: Use it to catch obvious problems (like using latest tags or running as root), but don't stress about every CVE.

Docker Build Cloud: Performance You Can Buy

Docker Build Cloud runs your builds on faster cloud instances. It actually works - builds that take 10 minutes locally finish in 2 minutes.

When it's worth it: Large codebases with complex Dockerfiles. Teams where developer time costs more than cloud compute.

When it's not: Simple applications, infrequent builds, or if your build server is already fast enough.

The Real Costs of Docker

Docker's pricing model changed everything. Here's what teams actually pay:

Small startups (< 10 developers): Use free Docker Desktop until Docker sends a compliance email. Then either pay $90/month or switch to Rancher Desktop.

Medium companies (10-50 developers): $900-2400/month for Docker Desktop licenses. Plus Docker Hub Pro ($50/month) to avoid rate limits. Plus Docker Scout ($100-500/month) for security scanning.

Enterprise (50+ developers): $10,000-50,000/month for Docker Business. At this scale, most companies also run their own container registries.

Open source alternatives: Podman is free but has rough edges. Rancher Desktop works on Mac/Windows but isn't as polished.

What Actually Matters

For individual developers: Docker Desktop is worth $9/month if you're doing container development regularly. The alternatives are free but frustrating.

For teams: Factor in the total cost - licenses, registry fees, scanning tools. It adds up quickly, but so does debugging container issues.

For enterprises: Docker's enterprise features (SSO, image signing, policy management) are genuinely useful if you have compliance requirements. Otherwise, you're paying for support.

The ecosystem works, but Docker's transformation from free open-source tool to paid platform caught everyone off guard. Budget accordingly.

For teams just getting started, focus on the core Docker engine and Docker Compose - they're still free and cover 90% of container use cases. As you scale, the paid tools become worth considering, but you'll know when you need them because the free alternatives will start causing more problems than they solve.

Docker FAQ: The Questions People Actually Ask

Q

Why is my Docker container exiting with code 137?

A

Your container ran out of memory and got killed by the OOM killer. Set --memory=512m or whatever limit makes sense. Check what's actually using memory with docker stats. If you're running Chrome in a container (why?), it'll eat all available memory by default.

Q

Docker Desktop is eating all my RAM - what do I do?

A

Go to Docker Desktop → Settings → Resources and lower the memory limit. Default is usually 50% of your system RAM, which is stupid. Set it to 4-8GB max unless you're doing something that actually needs more. Restart Docker Desktop after changing.

Q

How do I fix "permission denied" when mounting volumes?

A

This is usually a file ownership issue. Your container runs as root but your host files are owned by your user. Either:

  • Use --user $(id -u):$(id -g) to run the container as your user
  • chown -R $(id -u):$(id -g) /path/to/mounted/directory on the host
  • Or just give up and chmod 777 everything (not recommended for prod)
Q

My build is slow as hell - how do I speed it up?

A
  • Use .dockerignore to exclude node_modules, .git, and other garbage
  • Put frequently changing files (like your source code) at the bottom of your Dockerfile
  • Use multi-stage builds to avoid including build tools in the final image
  • docker builder prune -af if your cache is corrupted
  • Consider Docker Build Cloud if you have money to burn
Q

Why can't my containers talk to each other?

A

They're probably on different networks. Use docker-compose and let it handle the networking, or create a custom bridge network:

docker network create myapp
docker run --network myapp --name web nginx
docker run --network myapp --name db postgres
Q

Docker Hub keeps rate limiting me - what are my options?

A
  • Pay $5/month for Docker Hub Pro (unlimited pulls)
  • Use alternative registries like ghcr.io (GitHub Container Registry)
  • Set up your own registry with docker run registry:2
  • Cache base images in your CI/CD system
Q

Is Podman actually a good Docker replacement?

A

For Linux servers? Yes. For macOS/Windows development? Meh. Podman is daemonless and rootless by default, which is nice for security. But Docker Desktop's polish is worth the $9/month for most developers. Try Rancher Desktop as a middle ground.

Q

How do I debug a container that won't start?

A
## See what happened
docker logs container-name

## Start with a shell instead of your app
docker run -it --entrypoint /bin/sh your-image

## Check if your app exists and has the right permissions
docker exec -it container-name ls -la /app
Q

My Dockerfile works locally but fails in CI - why?

A
  • Different base image versions (use specific tags, not latest)
  • Missing build dependencies in CI environment
  • Cached layers that aren't being rebuilt
  • Platform differences (ARM vs x86) if you're on Apple Silicon
  • Different environment variables or secrets
Q

What's the difference between CMD and ENTRYPOINT?

A
  • CMD sets default arguments that can be overridden
  • ENTRYPOINT sets the command that always runs
  • Use both: ENTRYPOINT ["./app"] and CMD ["--prod"]
  • This lets you run docker run myapp --dev to override just the arguments
Q

How much does Docker actually cost for a team?

A

Small team (5 developers): $45/month for Docker Desktop Pro
Medium team (20 developers): $300/month for Pro + $5/month for Docker Hub Pro
Enterprise (100 developers): $2400/month for Business plan + registry + scanning tools

Factor in time saved not debugging environment issues. For most teams, it's worth it.

Q

Should I run databases in containers?

A

Development: Absolutely. Consistent database versions, easy cleanup, works great with docker-compose.
Production: Maybe. Stateless apps in containers are great. Databases need special handling for persistence, backups, and performance. Most teams use managed database services (AWS RDS, etc.) instead.

Q

Why is my Node.js app slow in Docker?

A
  • You're probably not using the production image properly
  • Make sure you're running npm ci --only=production
  • Use node:18-alpine instead of the full node:18 image
  • Don't run as root - create a user in your Dockerfile
  • Set NODE_ENV=production
Q

Can I run GUI applications in Docker?

A

Technically yes, but it's painful. You need to forward X11 or use VNC. Better options:

  • Use web interfaces instead
  • Run the GUI app on the host, containerize just the backend
  • Use Docker Desktop's GUI container support (experimental)
Q

How do I handle secrets in containers?

A

Don't: Put secrets in environment variables or build them into images
Do: Use Docker secrets, mounted files, or external secret managers

## Mount secret as file
docker run -v /host/secret:/app/secret:ro myapp

## Or use Docker Swarm secrets
docker service create --secret my_secret myapp

Docker Resources That Don't Suck

Related Tools & Recommendations

integration
Similar content

Jenkins Docker Kubernetes CI/CD: Deploy Without Breaking Production

The Real Guide to CI/CD That Actually Works

Jenkins
/integration/jenkins-docker-kubernetes/enterprise-ci-cd-pipeline
100%
tool
Similar content

Docker Desktop: GUI for Containers, Pricing, & Setup Guide

Docker's desktop app that packages Docker with a GUI (and a $9/month price tag)

Docker Desktop
/tool/docker-desktop/overview
60%
tool
Recommended

Google Kubernetes Engine (GKE) - Google's Managed Kubernetes (That Actually Works Most of the Time)

Google runs your Kubernetes clusters so you don't wake up to etcd corruption at 3am. Costs way more than DIY but beats losing your weekend to cluster disasters.

Google Kubernetes Engine (GKE)
/tool/google-kubernetes-engine/overview
56%
tool
Similar content

containerd - The Container Runtime That Actually Just Works

The boring container runtime that Kubernetes uses instead of Docker (and you probably don't need to care about it)

containerd
/tool/containerd/overview
51%
tool
Similar content

Podman: Rootless Containers, Docker Alternative & Key Differences

Runs containers without a daemon, perfect for security-conscious teams and CI/CD pipelines

Podman
/tool/podman/overview
49%
howto
Similar content

Mastering Docker Dev Setup: Fix Exit Code 137 & Performance

Three weeks into a project and Docker Desktop suddenly decides your container needs 16GB of RAM to run a basic Node.js app

Docker Desktop
/howto/setup-docker-development-environment/complete-development-setup
46%
troubleshoot
Similar content

Fix Docker Won't Start on Windows 11: Daemon Startup Issues

Stop the whale logo from spinning forever and actually get Docker working

Docker Desktop
/troubleshoot/docker-daemon-not-running-windows-11/daemon-startup-issues
46%
tool
Similar content

Red Hat OpenShift Container Platform: Enterprise Kubernetes Overview

More expensive than vanilla K8s but way less painful to operate in production

Red Hat OpenShift Container Platform
/tool/openshift/overview
43%
troubleshoot
Recommended

Fix Kubernetes Service Not Accessible - Stop the 503 Hell

Your pods show "Running" but users get connection refused? Welcome to Kubernetes networking hell.

Kubernetes
/troubleshoot/kubernetes-service-not-accessible/service-connectivity-troubleshooting
39%
tool
Recommended

GitHub Actions Security Hardening - Prevent Supply Chain Attacks

integrates with GitHub Actions

GitHub Actions
/tool/github-actions/security-hardening
37%
alternatives
Recommended

Tired of GitHub Actions Eating Your Budget? Here's Where Teams Are Actually Going

integrates with GitHub Actions

GitHub Actions
/alternatives/github-actions/migration-ready-alternatives
37%
tool
Recommended

GitHub Actions - CI/CD That Actually Lives Inside GitHub

integrates with GitHub Actions

GitHub Actions
/tool/github-actions/overview
37%
troubleshoot
Similar content

Fix Docker Container Startup Failures: Troubleshooting & Debugging Guide

Real solutions for when Docker decides to ruin your day (again)

Docker
/troubleshoot/docker-container-wont-start-error/container-startup-failures
30%
troubleshoot
Recommended

Docker Desktop is Fucked - CVE-2025-9074 Container Escape

Any container can take over your entire machine with one HTTP request

Docker Desktop
/troubleshoot/cve-2025-9074-docker-desktop-fix/container-escape-mitigation
28%
troubleshoot
Recommended

Docker Desktop Security Configuration Broken? Fix It Fast

The security configs that actually work instead of the broken garbage Docker ships

Docker Desktop
/troubleshoot/docker-desktop-security-hardening/security-configuration-issues
28%
troubleshoot
Similar content

Fix Docker Permission Denied on Mac M1: Troubleshooting Guide

Because your shiny new Apple Silicon Mac hates containers

Docker Desktop
/troubleshoot/docker-permission-denied-mac-m1/permission-denied-troubleshooting
28%
troubleshoot
Similar content

Fix Docker Daemon Connection Failures: Troubleshooting Guide

When Docker decides to fuck you over at 2 AM

Docker Engine
/troubleshoot/docker-error-during-connect-daemon-not-running/daemon-connection-failures
27%
tool
Recommended

Jenkins - The CI/CD Server That Won't Die

integrates with Jenkins

Jenkins
/tool/jenkins/overview
26%
tool
Recommended

Jenkins Production Deployment - From Dev to Bulletproof

integrates with Jenkins

Jenkins
/tool/jenkins/production-deployment
26%
troubleshoot
Similar content

Fix Trivy & ECR Container Scan Authentication Issues

Trivy says "unauthorized" but your Docker login works fine? ECR tokens died overnight? Here's how to fix the authentication bullshit that keeps breaking your sc

Trivy
/troubleshoot/container-security-scan-failed/registry-access-authentication-issues
25%

Recommendations combine user behavior, content similarity, research intelligence, and SEO optimization