Chapter 8. Build automation and advanced image considerations

 

This chapter covers

  • Automated packaging with Dockerfile
  • Metadata instructions
  • File system instructions
  • Packaging for multiprocess and durable containers
  • Trusted base images
  • Working with users
  • Reducing the image attack surface

A Dockerfile is a file that contains instructions for building an image. The instructions are followed by the Docker image builder from top to bottom and can be used to change anything about an image. Building images from Dockerfiles makes tasks like adding files to a container from your computer simple one-line instructions. This section covers the basics of working with Dockerfile builds and the best reasons to use them, a lean overview of the instructions, and how to add future build behavior. We’ll get started with a familiar example.

8.1. Packaging Git with a Dockerfile

Let’s start by revisiting the Git on Ubuntu example. Having previously built a similar image by hand, you should recognize many of the details and advantages of working with a Dockerfile.

First, create a new directory and from that directory create a new file with your favorite text editor. Name the new file Dockerfile. Write the following five lines and then save the file: 

# An example Dockerfile for installing Git on Ubuntu
FROM ubuntu:latest
MAINTAINER "dockerinaction@allingeek.com"
RUN apt-get install -y git
ENTRYPOINT ["git"]

8.2. A Dockerfile primer

 
 

8.3. Injecting downstream build-time behavior

 

8.4. Using startup scripts and multiprocess containers

 
 

8.5. Building hardened application images

 
 

8.6. Summary

 
 
 
sitemap

Unable to load book!

The book could not be loaded.

(try again in a couple of minutes)

manning.com homepage