For forwarding, please indicate the source:
1. Dockerfile core syntax rules
- Instruction capitalization: All instructions must be capitalized (such as
FROM,RUN) - Sequential execution: Instructions are executed from top to bottom in order
- Hierarchical construction: Each instruction generates a mirror layer, modifying the upper layer will not affect the lower layer
- Comment support: Use
#Symbols add comments - Basic mirror: Must include
FROMInstructions are the first instruction
2. Detailed explanation of common instructions
| instruction | effect | Example |
|---|---|---|
| FROM | Specify the basic image | FROM ubuntu:20.04 |
| RUN | Execute the command and submit the result | RUN apt-get update && apt-get install -y curl |
| COPY | Copy local files to the mirror | COPY ./app /app |
| ADD | Copy files and support automatic decompression (recommended to use COPY first) | ADD / /tmp |
| CMD | Define the default command for container startup (can be overridden) | CMD ["python", ""] |
| ENTRYPOINT | Define the container start main command (cannot be overwritten, can be used in combination) | ENTRYPOINT ["python"] |
| WORKDIR | Set up the working directory | WORKDIR /app |
| EXPOSE | Declare container listening port | EXPOSE 80 |
| ENV | Set environment variables | ENV NODE_ENV=production |
| VOLUME | Create a mount point | VOLUME /data |
| ARG | Define build parameters (only valid at build time) | ARG USER_ID=1000 |
| USER | Specify the run user | USER root |
| LABEL | Add metadata | LABEL maintainer="your@" |
| ONBUILD | Directives that are executed when defining mirrors as the basis for other mirrors (less used) | ONBUILD RUN echo "Building child image" |
3. Typical usage scenario examples
Example 1: Build Application Image
# Use official mirror as the basis FROM node:18-alpine # Set up the working directory WORKDIR/app # Copy and install dependencies COPY package*.json ./ RUN npm install --Production # Copy the application code COPY . . # Expose the application port EXPOSE3000# Define the startup command CMD ["npm", "start"]
Build command:
docker build -t my-node-app .
Run the command:
docker run -p 3000:3000 my-node-app
Example 2: Python Web Service Mirror
# Use the official Python image FROM python:3.11-slim # Set environment variables ENV PYTHONUNBUFFERED=1# Create a working directory WORKDIR/code # Install system dependencies RUN apt-get update && apt-get install -y --no-install-recommends \ gcc \ python3-dev \ && rm -rf /var/lib/apt/lists/*# Copy dependent files and install them COPY. RUN pip install --no-cache-dir -r # Copy the application code COPY . . # Start the command CMD ["gunicorn", "--bind", "0.0.0.0:8000", ""]
2. Construction optimization skills:
- use
.dockerignoreFile Exclusion irrelevant files - Merge RUN instructions to reduce the number of layers:
RUN apt-get update \ && apt-get install -y package \ && rm -rf /var/lib/apt/lists/*
3. Multi-stage construction (reducing the final mirror volume):
# Build phase FROM golang:1.21 as builder WORKDIR /app COPY . . RUN go build -o myapp # Final stage FROM alpine:latest COPY--from=builder /app/myapp /app/ CMD ["/app/myapp"]
4. Key points to note
- Layer cache mechanism: After the Dockerfile is modified, only the modified instructions and subsequent instructions will be re-executeed.
- Safety Best Practices:
- Avoid running the final container as root user
- Use a minimum basic image (such as alpine)
- Regularly update basic images
- Multi-stage construction: suitable for situations where a compiled environment is required but not required at runtime (such as Go/C++ applications)
- Health Check:
HEALTHCHECK --interval=30s --timeout=3s \ CMD curl -f http://localhost/ || exit 1
5. Debugging skills
- Enter container debugging:
docker run -it my-image /bin/bash
- View build history:
docker history my-image
-
View mirror details:
docker inspect my-image
Reference link:
/reference/dockerfile/