This document provides an overview of common keywords and instructions in Dockerfiles, along with their explanations and usage.
- Usage:
FROM <image>:<tag>
- Description: Defines the base image for the Docker image. Every Dockerfile must begin with a
FROM
instruction, specifying the base layer for the new image. - Example:
FROM python:3.9
- Usage:
WORKDIR <directory-path>
- Description: Sets the working directory for subsequent instructions like
COPY
,RUN
, andCMD
. If the directory doesn’t exist, Docker creates it. - Example:
WORKDIR /app
- Usage:
COPY <source> <destination>
- Description: Copies files or directories from the host system into the Docker container’s filesystem.
- Example:
COPY . /app
- Usage:
ADD <source> <destination>
- Description: Similar to
COPY
, but with extra capabilities like decompressing.tar
files directly into the container. - Example:
ADD package.tar.gz /app
- Usage:
RUN <command>
- Description: Executes a command in the container during the image build process, often used to install packages or dependencies.
- Example:
RUN apt-get update && apt-get install -y nginx
- Usage:
CMD ["executable", "param1", "param2"]
- Description: Specifies the default command to run when the container starts. Only the last
CMD
instruction in the Dockerfile is used. - Example:
CMD ["python", "app.py"]
- Usage:
ENTRYPOINT ["executable", "param1", "param2"]
- Description: Configures a container to run as an executable. Often used in combination with
CMD
to provide default arguments. - Example:
ENTRYPOINT ["nginx", "-g", "daemon off;"]
- Usage:
ENV <key> <value>
- Description: Sets environment variables that can be accessed by processes in the container.
- Example:
ENV PORT=8080
- Usage:
EXPOSE <port>
- Description: Informs Docker that the container will listen on the specified network ports at runtime. It doesn’t publish the port but serves as documentation and metadata.
- Example:
EXPOSE 80
- Usage:
VOLUME ["<path>"]
- Description: Creates a mount point with the specified path that will be stored outside of the container’s filesystem, useful for persistent data.
- Example:
VOLUME ["/data"]
- Usage:
ARG <name>[=<default value>]
- Description: Defines a build-time variable that users can pass when building the image. Unlike
ENV
,ARG
is only available during the build. - Example:
ARG VERSION=latest
- Usage:
LABEL <key>=<value>
- Description: Adds metadata to the image in key-value pairs, useful for versioning, licensing, and maintaining other metadata.
- Example:
LABEL maintainer="[email protected]"
- Usage:
USER <username or UID>
- Description: Specifies the user to use when running the container. This helps run containers with non-root users for added security.
- Example:
USER node
- Usage:
HEALTHCHECK [OPTIONS] CMD <command>
- Description: Monitors and checks the health of a container, running specified commands to ensure it’s functioning properly.
- Example:
HEALTHCHECK CMD curl -f http://localhost || exit 1
- Usage:
ONBUILD <INSTRUCTION>
- Description: Adds a trigger instruction to the image, which is executed when the image is used as a base image in another Dockerfile.
- Example:
ONBUILD RUN echo "Trigger Instruction"
- Usage:
STOPSIGNAL <signal>
- Description: Sets the system call signal to stop the container, like
SIGTERM
orSIGKILL
. - Example:
STOPSIGNAL SIGKILL
- Usage:
SHELL ["executable", "parameters"]
- Description: Specifies the default shell for
RUN
commands on Windows and Linux containers. - Example:
SHELL ["powershell", "-command"]
Below is an example Dockerfile that uses some of the above instructions to create a simple Node.js application image.
# Set the base image
FROM node:14
# Set environment variable
ENV NODE_ENV=production
# Set working directory
WORKDIR /app
# Copy package.json and install dependencies
COPY package*.json ./
RUN npm install
# Copy application source code
COPY . .
# Expose application port
EXPOSE 3000
# Default command to run application
CMD ["node", "app.js"]