20.2 Intermediate Track

The Intermediate Track builds on foundational Docker knowledge — running containers, building images, publishing ports, and mounting volumes — and develops the skills needed to use Docker effectively in real-world development and deployment workflows. Where the beginner track focuses on single-container operation, the intermediate track addresses multi-container systems, networking, environment configuration, image optimization, and the patterns used in professional CI/CD pipelines.

What the Intermediate Track Covers

The intermediate track is organized around the practical problems that arise when moving from isolated containers to composed, connected, production-aware deployments:

Multi-container applications with Docker Compose — Real applications consist of multiple services: a web server, a database, a cache, a background worker. Docker Compose defines all of these services in a single file and manages their lifecycle together. The intermediate track covers writing compose.yml files, understanding service dependencies, managing networks and volumes across services, and using Compose for both local development and CI environments.

Docker networking in depth — Containers communicate with each other over Docker-managed networks. The intermediate track covers bridge networks, the DNS-based service discovery that Docker Compose provides, host networking mode, and the security implications of different network configurations.

Environment configuration and secrets — Production containers receive configuration through environment variables, .env files, and Docker secrets. The intermediate track covers how to pass configuration cleanly, how to avoid embedding secrets in images, and how to manage different configuration sets for development versus production.

Image optimization — Intermediate users learn to produce smaller, faster-building, more secure images using multi-stage builds, layer ordering for cache efficiency, .dockerignore, and non-root user configuration.

Container health and lifecycle — Healthchecks, restart policies, and graceful shutdown behavior determine whether containers are reliable in production. The intermediate track covers defining healthchecks in Dockerfiles, configuring restart policies, and understanding how SIGTERM handling affects container stop behavior.

Registries and image distribution — Getting images from a local build to a remote registry (Docker Hub, AWS ECR, GitHub Container Registry) is the step between building and deploying. The intermediate track covers docker login, docker push, image tagging conventions, and pulling from private registries.

Volumes and data management — Beyond the basics of named volumes and bind mounts, intermediate users need to understand volume drivers, backup strategies, and the difference between volumes appropriate for development (bind mounts for live code reload) and volumes appropriate for production (named volumes for persistent data).

Skills Demonstrated at the Intermediate Level

A developer working at the intermediate level can:

• Write a compose.yml that starts a full application stack (web app, database, cache) with a single docker compose up.
• Debug container connectivity issues by inspecting networks, checking DNS resolution between containers, and reading container logs.
• Reduce an image size by 50–80% using multi-stage builds.
• Pass environment-specific configuration to containers without modifying the image.
• Push a versioned image to a registry and pull it on another machine.
• Define a healthcheck that allows an orchestrator to know when a container is ready to receive traffic.
• Configure containers to restart automatically on failure using restart policies.

The Bridge from Beginner to Intermediate

The key conceptual shift from beginner to intermediate level is moving from thinking about containers in isolation to thinking about containers as components in a system. A database container is only useful if an application container can reach it on the right port. An application container is only repeatable across environments if its configuration is externalized rather than hardcoded. An image is only deployable if it exists in a registry that the target environment can access.

The commands that mark this transition include:

docker compose up -d

docker network create app-network
docker run -d --name db --network app-network postgres:15
docker run -d --name web --network app-network -p 8080:3000 my-app

docker build --target production -t my-app:v1.2.3 .
docker push registry.example.com/my-app:v1.2.3

Recommended Sequence

The intermediate track is most effective when approached in this order:

1. Docker Compose basics — define and run a two-service application (web + database).
2. Networking — understand how containers find each other and how to isolate services that should not communicate.
3. Environment and secrets — externalize configuration; connect to a real database using environment-provided credentials.
4. Image optimization — apply multi-stage builds and layer ordering to reduce image size.
5. Healthchecks and restart policies — make the composed application resilient to transient failures.
6. Registry workflow — tag, push, and pull images to simulate a deploy pipeline.

Each step introduces one new concern that applies directly to the application being built in previous steps, so learning is cumulative rather than theoretical.