This article breaks down how Docker works under the hood — revealing that containers are not lightweight virtual machines but isolated Linux processes. It explains what happens when you run docker run, how images form a root filesystem, and how Linux namespaces, cgroups, and the shared host kernel combine to create container isolation.