March 14, 2017



A Docker Image is built from a simple, descriptive set of steps called instructions, which are stored in a text file called a Dockerfile. To create an image from a Dockerfile, the Docker daemon reads the file, executes the instructions, and outputs an image.

  • Dockerfile
    • Has been described as the source code of the image or an artifact that describes how a Docker image is created
    • Dockerfile is a text file with two types of entries:
      • # Comment
        • a line beginning with a hash symbol, used to insert comments into the file
        • instructions are executed in order listed, each one creating a layer in the image
        • uppercase names used by convention
      • Example Dockerfile:
      • # Start with ubuntu 16.04
        FROM ubuntu:16.04


        # Instruction with three components
        RUN apt-get update && apt-get install emacs24 && apt-get clean

        CMD ["/bin/bash"]

    • Dockerfile Instructions include:
      • FROM - Specify the base image (required entry)
      • MAINTAINER - Specify the maintainer, i.e. the Author field of the generated image (deprecated)
      • LABEL - A key-value pair that adds metadata to an image; One or more LABEL entries and/or multiple key-value pairs per entry; Replaces MAINTAINER
      • RUN - Run a command
      • ADD - Add a file or directory
      • ENV - Create an environment variable
      • COPY - Copy files/directories from a source to a destination in the container file system
      • VOLUME - enable access to a directory
      • CMD - process to run when executing the container; defaults for an executing container
      • ENTRYPOINT - sets the primary command for the image
    • The name, Dockerfile is used by convention
    • Special note about the FROM instruction:
      • The FROM instruction in the Dockerfile specifies the "base image"
        • e.g. to build a Debian-based MySQL container, the Dockerfile will start with FROM debian.
      • The special instruction, FROM scratch can be used as a starting point for creating containers that don't require a "base image". E.g. an application such as the "hello" executable, compiled with the -static flag, does not need any specific binaries and libraries, as such it can run without a "base image" and on top of the host OS kernel
        • The scratch image is essentially an empty base image
        • What type of application can be run on top of an empty base image? An application with all the dependencies baked-in. I.e. an application where all the dependencies were statically linked during compilation.
        • Note: The Linux ldd command will show which libraries are dynamically linked in an application

No comments:

Post a Comment