Skip to main content

Dockerfile

Docker file supports different keyworkds, they are not too many easy to undersstand. They keswoards are case sensitive and always in uppercase.

FROM

The FROM keyword is used to set the baseline image. The docker file uses the baseline and add the logic on top of it.

RUN

The RUN command is used to run shell command, it have two forms

  1. RUN <command>
  2. RUN ["executable", "param1", ... "paramN"]

RUN also have extra flags they are --mount, --network, --security and allow you to execute more relevent steps.

COPY

The COPY command is used to copy files from source to destination, the destination useally the image where files that are copied would be bundled. The COPY also have flag --link, when --link is used the source files well get copied into an empty destination directory. And this step is turned into a layer in the docker history.

COPY [--chown=<user>:<group>] <src> <dest>

# examples of root path
COPY sou* /src/ #uses absolute path or the root path of the docker image
COPY sou?.js /src/

# example of relative path
COPY test.tsx src/ #uses relateive path and copied into <WORKDIR>/src/ folder

# example of chown
COPY --chown=55:kbasics files* /target-dir/
COPY --chown=bin files* /target-dir/

# example of link
COPY --link /source /target

ADD

The ADD command is superset of COPY, it will do everything what COPY do and have few extra capabilities. The best thing of using ADD is local tar file auto-extraction into a folder/image, download folder or files from url like git clone etc.

ADD --checksum=sha256:24454f830cdb571e2c4ad15481119c43b3cafd48dd869a9b2945d1036d1dc68d https://mirrors.edge.kernel.org/pub/linux/kernel/Historic/linux-0.01.tar.gz / # this like borrowed from dockerhub as is.

# syntax=docker/dockerfile:1-labs
ADD --keep-git-dir=true https://github.com/test/test.git#v0.1.1 /my-code

The --keep-git-dir=true flag will add the .git directory while adding files from git. By default the value is false (when nothing is passed).

ENV

The ENV command would set environment variables, it will take a key value pair as agrument

ENV key="value" # no spaces between key, value and = symobols

ENV SECRET="Its a big secret"
ENV FILE_PATTERN=Rex\ My\ test.java #regex example

#multiple key values with multiline
ENV SECRETE_KEY="My-secrete-key" FILE_PATTERN=Rex\ My\ test.jav \
SECRETE_VALUE="Polar bear will have black skin"

WORKDIR

The WORKDIR command is used to set current working directory, so the commands RUN, CMD, ENTRYPOINT, COPY and ADD commands would always run in this folder.

WORKDIR /usr/test/code
WORKDIR sub-folder

ENTRYPOINT

The ENTRYPOINT command is used to execute a command when a container is exuectated for first time. It will have wo forms

  1. ENTRYPOINT ["executable","param1","param2",... "paramN"] : - The first variable in array represents the executable followed by required arguments for exuectable
  2. ENTRYPOINT command param1 param2 ... :- This is a regular shell command format

The ENTRYPOINT and CMD works in similar manner, to override ENTRYPOINT command while docker container runtime, we must use --entrypoint flag. in other hand it would can be overrided CMD without any extra flag.

CMD

The CMD command is used to execute a default command for a container when the containe run for first time. The command have 3 possible forms

  1. CMD ["executable","param1","param2",... "paramN"] : - The first variable in array represents the executable followed by required arguments for exuectable
  2. CMD ["param1","param2",... "paramN"] :- When there is ENTRYPOINT set the CMD consider all parameters provided in array are arguments for the exeuctable of ENTRYPOINT
  3. CMD command param1 param2 ... :- This is a regular shell command format
CMD ["/usr/bin/wc","--help"] # type 1
CMD echo "hello wordld." | wc - # type 3

LABEL

The LABEL keyword is used to set metadata of docker image.

LABEL version="1.1.0"
LABEL net.knowbasics.label-alue="test"
LABEL "net.knowbasics.label-alue"="test"
LABEL metaInfo.label1="value1" metaInfo.label2="value2" label3="value3"

EXPOSE

The EXPOSE command is used to document ports information while creating the image, it will not add any technical effect on docker image / container. By default it will consider tcp port.

EXPOSE 8080 # considered as tcp
EXPOSE 8050/tcp
EXPOSE 8070/udp

VOLUME

The VOLUME command allow you to create a volume.

VOLUME ["/volume/one", "volume-two"] #syntax 1
VOLUME /volume/one #sytnax 2

What is volume? A volume is a virtual storage drive for docker. Using a docker volume we seperate storage from container. This will enables you with many beinfits.

  • We can keep volume even the container is removed, so the data is safe.
  • The volume can be backup or migrated. (Its a great help while working with db based/storaged based docker containers)
  • volumes can be shared between multipel docker containers and it is even more safe.
  • It is possible to store volumes in rmeote hosts or clould providers.
  • Volumes allow to enable encryption on data

You can learn more about volumes in this link

The VOLUME command in Docker file allow you to create a volume along with container, and pre store data. below is simple example where server.js is stored in volume.

FROM alpine:3.16
RUN apk add nodejs npm
VOLUME /src
WORKDIR /src
COPY ./server.js .
EXPOSE 3000
CMD node server.js

The server.js in above example is already used while explaining about docker images, you can copy it from here, if you not already know about how to create docker image, you may have to go through entire section once to get full understand.

USER

The USER command is used to set default user or user group to use as default user for current stage. The specified user is used for RUN, ENTRYPOINT and CMD commands.

When the user doesn’t mentioned it will be run with the root group, for windows the user must created first if its not built in account.

ARG

The ARG keyword used to set arguments (variables) in dockerfile, that can be passed with docker build command using --build-arg <varname=value>