We have extracted the best plastics of Dockerfile!

Introduction

This time, following the previous, I will introduce the basic writing method of Docker.

Extracted from the original ** Best practices for writing Dockerfiles **.

If you want to check the video, please click here. [YouTube Video] Introducing Dockerfile best practices! How many can you do? Collation

Use .dockerignore

You can set files like .gitignore that you don't want to add to the container.

# .dockerignore
*/tmp

1 process per container

Don't start Rails, MySQL, Nginx, etc. in one container (Dockerfile). It will be difficult to upgrade the version, and it will be difficult to isolate the cause.

Minimize the number of layers

Every time Docker executes RUN, ADD, COPY, an image is created temporarily. It also affects the readability of the Dockerfile, so try not to divide it as much as possible.

Use multi-stage build

Name it with the AS clause in FROM as follows: You can remove the intermediate image by declaring what you named when you recreate a new layer.

Go is used in the example, but Node seems to be useful as well.

FROM golang:1.11-alpine AS build

####Package introduction&Build####
RUN apk add --no-cache git
RUN go get github.com/golang/dep/cmd/dep

COPY Gopkg.lock Gopkg.toml /go/src/project/
WORKDIR /go/src/project/
RUN dep ensure -vendor-only

COPY . /go/src/project/
RUN go build -o /bin/project
####Build end####

#Recreate a new layer
FROM scratch
COPY --from=build /bin/project /bin/project
ENTRYPOINT ["/bin/project"]
CMD ["--help"]

Arguments are appropriate!

Arranging the arguments in alphabetical order improves readability.

RUN apt-get update && apt-get install -y bzr cvs git

Lighten with alpine image

You can reduce the capacity with the alpine image (5 M or less). By the way, alpine is an image of BusyBox plus package manager apk. Since the load on the host OS can be reduced, it may be good in a development environment.

Do not upgrade

If you upgrade, upgrade the base image version.

Use COPY over ADD

ADD is a versatile command that can behave unexpectedly. If you want to move files from the host OS to the guest OS, use COPY.

Do not use root user

It's not very good for security, so it's better to add USER.

Summary

This time, I introduced how to write a Dockerfile. I will introduce the specific writing method and usage in another article!

Comments on twitter and youtube are also welcome!

Postscript

For more details, read the translation by @zembutsu! Best practices for writing Dockerfiles

Recommended Posts

We have extracted the best plastics of Dockerfile!
Bingo judgment program
We have extracted the best plastics of Dockerfile!
Judgment of the calendar
[Rails] We have summarized the storage locations and usage of developer and user images.
The story of making the existing Dockerfile GPU compatible
The story of adding the latest Node.js to DockerFile
We have collected various implementation methods of singleton.