Docker file
What is Dockerfile?
Dockerfile is a file consisting of a collection of directives, which when Docker calls the file, it can automatically create images. See more https://docs.docker.com/engine/reference/builder/
Some commands used in Dockerfile:
FROM Is the base image for us to build a new image. This directive must be placed at the top of the Dockerfile
RUN Used when you want to install additional packages during the image build process.
COPY This directive is used to copy a new file or directory from the source (src) and move it to the destination (dest) in the container's file system. Source here can be the local host path or URL. COPY has 2 forms:
ENV Defines environment variables
EXPOSE Used to declare the listening ports of the container.
Combine with the -p parameter to expose the container's port to the outside (NAT port)
CMD Is a directive indicating which command is executed each time the container is initialized. In the Dockerfile there is only one CMD directive
ENTRYPOINT allows configuring a container that runs as an executable. ENTRYPOINT will overwrite the elements used by the CMD directive.
For example: docker run -it centos top -H
CMD and ENTRYPOINT interaction . Both commands determine which command is executed when running a container.
There are several rules in the interaction between the two commands:
At least 1 directive will be specified in the Dockerfile (of course it is possible for 2 directives to appear in the Dockerfile)
ENTRYPOINT is defined when using the container as an executable command
CMD is used as a way to specify default parameters for an ENTRYPOINT directive or execute a command within a container
CMD will be overwritten when running containers with interleaved parameters.
Example of CMD & ENTRYPOINT in Dockerfile:
The ADD directive is used to copy files, directories, or files with URLs from the source (src) and add them to the destination path (dest) in the image's file system.
ADD has 2 forms:
Note : Note the difference between COPY/ADD . COPY supports copying only local paths; ADD can support copying .tar compressed files and support URL paths.
WORKDIR Is a directive used to set up the working directory. It is the same as the home directory, in this case the home directory of the container. When calling WORKDIR, it will create a directory the first time it is called and access it as the home directory. It can be used multiple times in a Dockerfile.
USER
Used to set the user to use when running the image and for some directives: RUN, CMD & ENTRYPOINT in the Dockerfile.
VOLUME
Used to mount files/directories between host and container. The purpose of VOLUME is:
Retains data when container is removed
Share data between host and container
Share data between containers
Perform image build with Dockerfile
Let's test build the nginx installation package on centos:7 base image (CentOS7:nginx). Create a Dockerfile file with the following content:
Run Nginx in FOREGROUND mode (by default, nginx runs in BACKGROUND mode – daemon on)
Build image
Run container
Best tips with Dockerfile
Search for the application you want to run instead of using the os from FORM and then install that application on the os.
To version the application to distinguish the versions is really necessary.
Using Alpine, reduces storage space compared to using os.
A RUN command runs corresponding to a generated layer. So if possible, combine commands into one RUN command using &&
Instructions with few changes should be placed above, many changes below so that when Docker performs the build faster because it can reload the previously built cache.
Use .dockerignore
A Dockerfile can be used to run multi builds.
Use run user policies to ensure security.
Docker scan or CICD should be used to scan for vulnerabilities.
Create Dockerfile with Visual Studio 2022
With a real project, there will be many issues that need attention such as technology changing rapidly and updating new technology versions must be done regularly. In the actual case, when you deploy the system to Amazon's ECS, the running netCore version is 5 and need to be updated to version 6. For you to write a Dockerfile for the source yourself is very difficult because you do not code the entire project so it is difficult to understand everything. Folders and paths need to be copied and edited in Dockerfile. You will have to sit and fix each small section, which is very time consuming. The optimal solution for those who know how to apply technology is to use Visual Studio 2022 to automatically create a Dockerfile that matches your project.
The steps will be: Open the project with Visual Studio 2022 Select the .sln file Create Dockerfile Select OS And name, you have a Dockerfile most suitable for your project.
Last updated