Dockerfile Main commands and parameters:
directives | Main parameters | corresponds English -ity, -ism, -ization | usage example |
---|---|---|---|
FROM | <image>[:<tag>] [AS <name>] | Specify the base image | FROM ubuntu:24.04 AS base |
RUN | <command> or ["executable", "param1", "param2"] | Execute commands, usually used to install packages | RUN apt-get update && apt-get install -y python3 |
CMD | <command> or ["executable", "param1", "param2"] | Specifies the command to be executed when the container starts | CMD ["python3", ""] |
LABEL | <key>=<value> | Adding metadata to a mirror | LABEL version="1.0" description="This is my app" |
EXPOSE | <port>[/<protocol>] | Declare the port on which the container listens when running | EXPOSE 80/tcp |
ENV | <key>=<value> | Setting environment variables | ENV NODE_ENV production |
ADD | <src>... <dest> | Copying files, URL support and automatic decompression | ADD / /usr/src/things/ |
COPY | [--chown=<user>:<group>] <src>... <dest> | Copying a file or directory | COPY --chown=user:group files* /data/ |
ENTRYPOINT | ["executable", "param1", "param2"] | Sets the entry point to the container, usually used in conjunction with CMD | ENTRYPOINT ["nginx", "-g", "daemon off;"] |
VOLUME | ["/data"] | Create mount points for persistent data | VOLUME ["/var/log/"] |
USER | <user>[:<group>] | Specify the username or UID to use when running the container | USER www-data |
WORKDIR | /path/to/workdir | Setting up the working directory | WORKDIR /app |
ARG | <name>[=<default value>] | Define build parameters that can be passed at build time | ARG VERSION=latest |
ONBUILD | INSTRUCTION | Add a trigger to the image to execute a specific command | ONBUILD RUN /usr/local/bin/python-build --dir /app/src |
STOPSIGNAL | signal | Setting the system call signal to stop the container | STOPSIGNAL SIGTERM |
HEALTHCHECK | [OPTIONS] CMD command | Defining container health checks | `HEALTHCHECK --interval=5m --timeout=3s CMD curl -f http://localhost/ |
SHELL | ["executable", "parameters"] | Override the default shell | SHELL ["/bin/bash", "-c"] |
COPY --from | Copying files from a multi-stage build | COPY --from=builder /app /app | |
RUN --mount | Mounting directories or caches at build time | RUN --mount=type=cache,target=/root/.cache pip install -r |
Additional parameters and options:
-
COPY and ADD commands:
--chown=\<user\>:\<group\>
--chmod=\<permissions>
--from=\<name|index>
-
RUN command:
--mount=type=\<type>,target=\<path>,source=\<source>
--network=\<network>
--security=\<security-opt>
-
HEALTHCHECK command option:
-
--interval=DURATION
(Default: 30s) -
--timeout=DURATION
(Default: 30s) -
--start-period=DURATION
(Default: 0s) -
--retries=N
(Default: 3)
-
-
ARG Directive:
- Can be used before the FROM directive, affecting the selection of the base image
-
Multi-stage construction is relevant:
FROM \<image\> AS \<stage>
COPY --from=\<stage\> \<src\> \<dest>
Sample Dockerfile:
> #### Note: This document is for reference only, do not use it directly!
# Syntax version declaration
# syntax=docker/dockerfile:1
# Define build parameters
ARG BASE_IMAGE=ubuntu:24.04
# Specify the base image
FROM ${BASE_IMAGE} AS base
# Set the maintainer information (deprecated, use LABEL instead)
MAINTAINER John Doe <@>
# LABEL to add metadata
# Instead of MAINTAINER
LABEL = "John Doe <john@>"
LABEL version="1.0" description="This is an example Dockerfile"
# Setting environment variables
ENV APP_HOME=/app \
NODE_ENV=production
# Set the working directory
WORKDIR ${APP_HOME}
# Copy files to the image
COPY --chown=node:node . .
# Add remote files to the mirror
ADD / /tmp/
# Run the command
RUN apt-get update && apt-get install -y python3 \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# Run the command using mount (requires BuildKit support)
RUN --mount=type=cache,target=/root/.cache \
pip install -r
# Expose ports
EXPOSE 8080
# Create the data volume
VOLUME ["/data"]
# Set the default user
USER node
# Define health check
HEALTHCHECK --interval=5m --timeout=3s \
CMD curl -f http://localhost:8080/ || exit 1
# Set the command to run when the container starts
ENTRYPOINT ["node"]
# Set the default command
CMD [""]
# Set the stop signal
STOPSIGNAL SIGTERM
# Change the default shell
SHELL ["/bin/bash", "-c"]
# Multi-stage build: new stage
FROM base AS production
# Add a trigger command to the submirror
ONBUILD RUN echo "This is triggered when used as a base image"
# Copy files from previous stage
COPY --from=base ${APP_HOME} ${APP_HOME}
> AI reminder of what to look for when building a Dockerfile:
> - some commands (e.g.HEALTHCHECK and RUN --mount)
A newer version of Docker or a specific builder such as BuildKit is required to use it.
> - In practice, you will typically not use all of these directives in a single Dockerfile. You should choose the appropriate directives based on your project needs.
> - The order of the instructions is important, especially for things likeFROM、ARG、ENV
such instructions, they affect the behavior of subsequent instructions.
> - multi-stage builds (used in this example)FROM ... AS ...
) is an advanced technique for optimizing image size and improving security.
> - MAINTAINER
command has been deprecated and it is recommended to use theLABEL
to add maintainer information.
Reference.
[1] /reference/dockerfile/
[2] /build/concepts/dockerfile/