13 Jul 2015

Some notes on Docker Dockerfiles.

Commands

• MAINTAINER - author, email, etc

• FROM - base image eg ubuntu

• CMD and ENTRYPOINT. Separately, either can be used to specify the default executable. When both are used, CMD is appended to ENTRYPOINT to give the container’s command line. Either can be overridden from docker run however CMD is easier – it’s just picks up the remainder of the docker run command (like "$*" for shell scripts) – allowing a docker image to be thought of as a “wrapped” executable

• RUN - install stuff. For dev, separate out RUN commands, so layers are cached and builds are faster. For prod, chain RUN commands with && or ; as multiple RUN commands cause multiple layers

• COPY and ADD. COPY copies file into the image; ADD does the same but also does things like untar or retrieving from URL - avoid as behaviour is too overloaded.

• VOLUME persists a directory to host filesystem under /var/lib/docker/volumes; to get the expected behaviour (a directory shared between host and container) use docker run -v /var/tmp/foo:/var/tmp/foo.

• ENV, WORKDIR and USER - environment variables, cwd and userid for CMD/ENTRYPOINT

• EXPOSE - expose a network port. Use nn not nn:mm form - allow user to specify ublic port using -p option. EXPOSE’d ports can be automatically mapped using -P option.

Build, Run, Exec

# build the image & tag it; use current dir as context
docker build -t="soniah/foo:1.0" .
# run, automap ports. For dev, omit -D -- stdout is tailed and
# container is automatically stopped on ctrl-c.
docker run -P sonia/foo
# get an interactive shell
docker exec -it random_name bash
# remove all old images, except ubuntu "base" images
docker rmi -f `docker images | tail -n +2 | grep -v 'ubuntu' | awk {'print $3'}`
# remove all containers, including stopped containers
docker rm -f `docker ps --no-trunc -aq`

See also

• Dockerfile Best Practices - MCrosby
• Dockerfile Best Practices
• Dockerfile: ENTRYPOINT vs CMD
• Dockerfile: ADD vs COPY