September 3, 2025

Understanding Dockerfile and Building a Docker Image

Docker has revolutionized how software is developed, shipped, and deployed by introducing containerization. One of the core components of Docker is the Dockerfile, a script that contains a series of instructions for building a Docker image. In this article, we will explore what a Dockerfile is, its key components, and how to build a Docker image using it.

What is a Dockerfile?

A Dockerfile is a simple text file that contains a series of instructions that Docker uses to automate the process of building a Docker image. Each instruction in the Dockerfile corresponds to a specific command or action that Docker will take when creating an image. The resulting image can then be used to run containers, which are isolated environments where applications can run.

The Dockerfile allows you to specify things like:

  • Base image: The starting point for your image (e.g., an official Python or Node.js image).
  • Dependencies: Libraries, packages, and other software that your application requires.
  • Build steps: Commands to copy files, set environment variables, or run scripts to configure your environment.
  • Port configuration: Exposing ports that should be accessible when the container runs.

Key Dockerfile Instructions

Below are the most commonly used instructions in a Dockerfile:

1. FROM: Specifies the base image to use. Every Dockerfile must start with a FROM instruction. For example, if you’re building a Python application, you might use:

FROM python:3.9

2. LABEL: Adds metadata to your image, such as the version or the maintainer.

LABEL maintainer="you@example.com"

3. WORKDIR: Sets the working directory inside the container.

WORKDIR /app

4. COPY: Copies files or directories from the host machine into the container.

COPY myfile /app

5. ADD: Just like the COPY command, ADD can copy files from your local filesystem into the Docker image but If the source file is a .tar, .tar.gz, .tgz, .tar.xz, or .tar.bz2 archive, ADD will automatically extract the contents into the destination directory inside the container.ADD command can also accept a URL as the source. When you use a URL, Docker will download the file and place it in the destination inside the container

ADD myapp.tar.gz /app/

# Download and extarcts
ADD https://example.com/myapp.tar.gz /app/

# Also accepts wild cards
ADD *.tar.gz /app/

6. RUN: Executes commands inside the container during the image build process. It can install dependencies or run setup commands

RUN pip install -r requirements.txt

7. ENV: Sets environment variables inside the container.

ENV APP_ENV=production

8. EXPOSE: Specifies which ports the container will listen on at runtime.It does not actually publish the port or make it accessible from outside the container. Instead, it serves as a form of documentation and allows Docker to map the container’s internal ports to host ports when running the container.

EXPOSE 8080

# Multiple exports
EXPOSE 80 3306

# can also specify tcp/udp 
EXPOSE 80/tcp 53/udp

CMD: Specifies the default command to run when the container starts. Only one CMD instruction can be used in a Dockerfile.

CMD ["python", "app.py"]

ENTRYPOINT: Defines the default executable to run when the container starts. You can use ENTRYPOINT in conjunction with CMD for additional flexibility.

ENTRYPOINT ["python"]
CMD ["app.py"]

Example Dockerfile

Let’s look at a simple Dockerfile that sets up a Python application.

# Start with the official Python base image
FROM python:3.9-slim

# Set the working directory inside the container
# this simae as cd /app [inside the container]
WORKDIR /app

# Copy the current directory (host) into the /app directory (container)
COPY . /app

# Install dependencies specified in requirements.txt
RUN pip install --no-cache-dir -r requirements.txt

# Expose port 8080 to make the app accessible
EXPOSE 8080

# Define the default command to run the app
CMD ["python", "app.py"]

Building a Docker Image

Once you’ve written your Dockerfile, you can build the image using the docker build command.

Here are the steps to build and run a Docker image:

  • Navigate to the project directory: Open a terminal and go to the directory containing the Dockerfile.
  • Build the Docker image: Run the following command to build the image. Replace myapp with your desired image name.
# Build the image with custom name
docker build -t myapp .

# Build the imaeg with random name

docker build myapp .

# Note : The . at the end signifies the current directory (where the Dockerfile is located).

Docker will read the Dockerfile and execute the instructions to build the image. If successful, you’ll see an image ID returned in the terminal.

List Docker images: After building, you can see your image in the list of available Docker images:

docker images

Running the Docker Image

After building the image, you can run it as a container 

docker run -p 8080:8080 myapp

This will start your application inside the container and map port 8080 from the container to port 8080 on your local machine.

Access the application: If your app is a web application, you can now open your browser and go to http://localhost:8080 (or another port, depending on what you’ve configured).

CMD vs ENTRYPOINT in Docker: A Detailed Comparison

When creating a Dockerfile, one of the key decisions you’ll need to make is how to define the default behavior of a container when it starts. Two primary instructions control this behavior: CMD and ENTRYPOINT. Both allow you to specify a command that will run when the container starts, but they have different purposes and behavior.

In this article, we will compare CMD and ENTRYPOINT in detail, explore their differences, and provide examples to help you understand when and how to use each.

Overview of CMD and ENTRYPOINT

CMD:

  • The CMD instruction specifies the default command and its arguments to run when the container starts.
  • If you don’t provide a command when you run the container, Docker will use the CMD instruction.
  • CMD can be overridden by specifying a command directly in the docker run command.

ENTRYPOINT:

  • The ENTRYPOINT instruction sets the executable that will always run when the container starts.
  • Unlike CMD, it is not easily overridden by arguments in docker run. Instead, any arguments passed to docker run will be appended to the command defined in ENTRYPOINT.
  • You can combine ENTRYPOINT with CMD to provide default arguments.

Examples of CMD and ENTRYPOINT in Action

Example 1: Using CMD Alone

Let’s start with a simple example where we use CMD to define a default command for the container.

FROM ubuntu:latest
CMD ["echo", "Hello, World!"]

Here, the container will, by default, run the echo command with the argument “Hello, World!” when it is started. You can run the image like this:

docker build -t myimage .
docker run myimage

# output 

## Hello, World!

However, you can override the CMD by specifying a new command in docker run:

docker run myimage echo "Goodbye, World!"

# output 

## Goodbye, World!

Here, docker run myimage echo “Goodbye, World!” overrides the default CMD because CMD can be overridden.

Example 2: Combining ENTRYPOINT and CMD

Now, let’s see an example using ENTRYPOINT. We’ll define a fixed executable that can’t be easily overridden, but we can still pass arguments to it.

FROM ubuntu:latest
ENTRYPOINT ["echo"]
CMD ["Hello, World!"]

Here, ENTRYPOINT defines echo as the executable, and CMD provides the default argument “Hello, World!”. The container will always run echo by default, but you can pass other arguments when running the container.

To build and run the container:

docker build -t myimage .
docker run myimage

# output 

## Hello, World!

But now, if you specify a different argument when running the container, it will append it to the ENTRYPOINT command:

docker run myimage "Goodbye, World!"

# output 

## Goodbye, World!

In this case, ENTRYPOINT is fixed as echo, and only the argument passed (“Goodbye, World!”) is variable

Optimisation of Docker file

To optimize a Dockerfile for minimal layers and the smallest possible image size, you should focus on reducing the number of layers, minimizing intermediate files, and avoiding redundant operations. Docker images are built in layers, where each command in a Dockerfile creates a new layer. By combining related commands into single layers and removing unnecessary dependencies, you can significantly reduce both the size and the number of layers.

Optimization Techniques

  • Combine RUN Commands: Multiple RUN commands create multiple layers. You can combine them into a single RUN command, separating the commands with &&. This will reduce the number of layers in your image.
  • Clean up APT cache: After installing packages with apt-get, always clean up the cache to reduce the image size ( for ubuntu/debian)
  • Use apt-get install with -y and –no-install-recommends: This ensures that you only install the essential packages, without the extra recommended packages that are often unnecessary for the container’s purpose.( for ubuntu/debian)
  • Use a Multi-Stage Build (when applicable): If you need to compile something or install build dependencies, consider using a multi-stage build. This allows you to copy only the necessary binaries or files from a build stage to the final image, without including unnecessary build tools.
  • Use a Smaller Base Image: Start with a minimal base image (e.g., ubuntu:20.04 vs. ubuntu:latest), or consider even smaller alternatives like alpine, depending on your use case.

example :

# Docker v1
FROM ubuntu:22.04

# Combine package installation into a single layer and clean up to minimize image size
RUN apt-get update -y && \
    apt-get upgrade -y && \
    apt-get install -y --no-install-recommends --fix-missing \
        cpio \
        ssh \
        u-boot-tools \
        ca-certificates \
        iputils-ping \
        net-tools \
        htop \
        iproute2 \
        make \
        vim \
        gawk \
        bzip2 \
        libncurses5 \
        libncursesw5 \
        libpython2.7 \
        python-is-python3 \
        xml-twig-tools \
        gcc \
        python3 \
        squashfs-tools \
        gcc-multilib \
        fakeroot \
        sshpass \
        rauc && \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/* && \

Conclusion

The Dockerfile is a crucial component in Docker’s containerization process. By writing a Dockerfile, you define the blueprint for building a Docker image, which can then be used to spin up consistent, isolated containers across different environments. Building and running Docker images with the docker build and docker run commands makes deploying applications easier, faster, and more reliable. Understanding Dockerfiles will empower you to automate the entire deployment pipeline and ensure that your applications work seamlessly anywhere.

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Like