DEV Community

Devang Tomar
Devang Tomar

Posted on • Originally published at on

Mastering Dockerfile ️🐳: 10 Advanced Tips and Best Practices βš”

Dockerfile is a robust tool that empowers developers to create and deploy applications within Docker containers. While many developers are acquainted with the fundamentals of Dockerfile, there exists a treasure trove of advanced features and best practices that may not have yet graced your Docker repertoire.

In this exploration, we will unearth ten lesser-known Dockerfile tricks and tips to elevate your Docker skills, optimizing your builds and streamlining your containerized applications.

1. .dockerignore File: Reducing Build Context Size

A .dockerignore file is your secret weapon to exclude unnecessary files and directories from the build context. Shrinking the build context proves invaluable when dealing with large files or directories that need not clutter your image. Learn more.

# Example .dockerignore file

Enter fullscreen mode Exit fullscreen mode

2. COPY vs. ADD: Know the Differences

The COPY and ADD instructions may seem similar, but they harbor distinct nuances. Learn when to employ each, and why COPY is generally preferred according to Dockers official documentation. Read more.

# Using COPY
COPY src/ /app/
# Using ADD with tar extraction
ADD src.tar.gz /app/

Enter fullscreen mode Exit fullscreen mode

3. Multi-Stage Builds: Streamlining for Production

Discover the power of multi-stage builds. Employ multiple FROM statements in a single Dockerfile to craft an environment for building your application, then efficiently copy the results into a lean, production-ready image. More details.

# Stage 1: Build your golang executable
FROM golang as buildStage
COPY . .
RUN go build -o /go/bin/myapp

# Stage 2: Run the application
FROM alpine:latest
COPY --from=buildStage /go/bin/myapp /usr/local/bin/myapp
CMD ["myapp"]

Enter fullscreen mode Exit fullscreen mode

4. Multi-Layers and Caching: Speeding Up Builds

Docker leverages caching to expedite builds. Understand how layers, RUN, COPY, and ADD instructions influence caching, and when to employ techniques like chaining RUN commands. Dig deeper.

# Good practice: Chaining RUN commands
RUN yum --disablerepo=* --enablerepo="myrepo" && yum update -y && yum install nmap

Enter fullscreen mode Exit fullscreen mode

5. ONBUILD Instruction: Automation Beyond Your Image

Explore the ONBUILD instruction, a nifty tool to automate tasks when your Docker image serves as the base for another image. Unearth strategies to prevent resource conflicts and optimize your workflow. Learn more.

ONBUILD COPY . /app/src

Enter fullscreen mode Exit fullscreen mode

6. Change Your User: Enhancing Security

Improve security by modifying the default container user. Learn how to switch to a non-root user, bolstering security and reducing potential vulnerabilities. Read about it.

FROM alpine:latest

# Create a new user and switch to that user
RUN adduser -D -u 1000 appuser
USER appuser

# Set the working directory to /app

# Copy the script to the container and make it executable
RUN chmod +x

# Run the script
CMD ["./"]

Enter fullscreen mode Exit fullscreen mode

7. Container Health Checks: Ensuring Reliability

Dockers HEALTHCHECK instruction monitors container health. Configure checks to detect failures and automate container restarts. Ensure your applications stay robust and reliable. Discover more.

# Set the command to start the web server
CMD ["python", ""]

# Add a healthcheck for the web server
HEALTHCHECK --interval=5s \\
            --timeout=5s \\
            CMD curl --fail <http://localhost:5000/health> || exit 1

Enter fullscreen mode Exit fullscreen mode

8. Shell Form: Leveraging Shell-Specific Features

In addition to the exec form, Dockerfiles support a shell form that offers features like environment variable substitution and command chaining. Unearth the power of this form to customize your commands. Explore it.

# Using Shell Form
SHELL ["/bin/bash", "-c"]
RUN echo "This is a shell command."

Enter fullscreen mode Exit fullscreen mode

9. Metadata Instructions: Organizing Your Images

EXPOSE and LABEL instructions provide essential metadata. Be explicit about exposed ports and utilize labels to convey image purpose, authorship, and more. Dive into details.

FROM ubuntu:latest
LABEL maintainer="Your Name <>"
LABEL description="This is a simple Dockerfile example that uses the LABEL and EXPOSE instructions."
RUN apt-get update && \\
    apt-get install -y nginx
CMD ["nginx", "-g", "daemon off;"]

Enter fullscreen mode Exit fullscreen mode

10. Docker Images: Tar File Magic

Did you know? Docker images are essentially compressed tar files with metadata. Understand how Docker packages your files, compresses them, and maintains them as an efficient tarball. Learn why this knowledge is essential for efficient Docker practices.

Conclusion πŸ’­

With a touch of finesse and these advanced Dockerfile techniques, you can bolster security, enhance readability, expedite build times, and ultimately improve your continuous integration pipeline and productivity.

By running containers as non-root users, streamlining Dockerfiles, and using efficient build practices, youll not only optimize images but also create a more secure and efficient development environment. Its time to unlock the full potential of Dockerfile and elevate your containerization game.

Connect with Me on Social Media

🐦 Follow me on Twitter: devangtomar7

πŸ”— Connect with me on LinkedIn: devangtomar

πŸ“· Check out my Instagram: be_ayushmann

Checkout my blogs on Medium: Devang Tomar

# Checkout my blogs on Hashnode: devangtomar

πŸ§‘πŸ’» Checkout my blogs on devangtomar

Top comments (0)