Dockerfile & Image Fundamentals
- Use slim base image for smaller disk usage.
- Combine multiple commands in single RUN commands to minimize number of layers
- If the application startup command self-daemonizes (spawns a daemon process and quits), you must either configure the application not to self-daemonize (e.g.
nginx -g 'daemon off') so that the main process does not exit or find an alternative workaround. Otherwise the container will also exit.
Building the Image
docker build -t <image-name> <build-context-path>Build an image. Build context path is where the Dockerfile is located (e.g.
.if in current directory) reference.
TODO On windows, you get the following message when building images for non-windows hosts: SECURITY WARNING: You are building a Docker image from Windows against a non-Windows Docker host. All files and directories added to build context will have ‘-rwxr-xr-x’ permissions. It is recommended to double check and reset permissions for sensitive files and directories.
In some situations, the image build process can leave untagged and unreferenced images behind. These images are shown in the image list with both repository and tag set to
<none>. These dangling images can be pruned with the command
docker rmi $(docker images -f "dangling=true" -q).
See here for more info.
The equivalent command in a windows shell is
@FOR /f "tokens=*" %i IN ('docker images -f "dangling=true" -q') DO docker rmi %i.