Here are typical Dockerfile
, container's FileSystem Structure
and some common Docker Commands
for managing containers, images, networks, and volumes:
Typical Dockerfile
Here's a typical Dockerfile for a Golang service with commonly used Docker commands, multi-stage builds, utility installations.
# Stage 1: Build Stage
# This stage builds the application and reduces the final image size by only copying the compiled binary.
# Use the official Golang image for building the application
FROM golang:1.19 AS builder
# Set environment variables for Go
# Variables in the builder stage mainly for Go settings
ENV GO111MODULE=on \
CGO_ENABLED=0 \
GOOS=linux \
GOARCH=amd64
# Set the working directory inside the container
# So paths are relative, improving readability and avoiding absolute paths.
WORKDIR /app
# Copy Go modules and dependencies files
COPY go.mod go.sum ./
# Download dependencies
RUN go mod download
# Copy the entire source code into the container
COPY . .
# Build the application binary
RUN go build -o myapp .
# Stage 2: Final Image
# Use a smaller base image for running the application (distroless or Alpine)
FROM alpine:3.15
# Install utilities (optional)
RUN apk add --no-cache curl
# Set an environment variable
ENV PORT=8080
# Create a non-root user and group to run the application securely
# USER appuser ensures the application runs as a non-root user.
RUN addgroup -S appgroup && adduser -S appuser -G appgroup
# Set the working directory
WORKDIR /app
# Copy only the necessary files from the build stage
COPY --from=builder /app/myapp .
# Change ownership to the non-root user
RUN chown -R appuser:appgroup /app
# Expose the application port
EXPOSE 8080
# Set default user for container execution
USER appuser
# Use CMD or ENTRYPOINT to run the binary
# ENTRYPOINT is often used for commands that should not be overridden by other commands
ENTRYPOINT ["./myapp"]
# CMD is for specifying the arguments passed to ENTRYPOINT or an alternative command
CMD ["--help"]
# ENTRYPOINT is set to ./myapp so the binary runs by default, with CMD providing additional default arguments or options (e.g., --help).
Docker Container FileSystem Structure
The filesystem structure inside a Docker container is based on a minimal Linux root filesystem (Read More), designed to be lightweight and specific to the application it runs. Hereβs a breakdown of common directories:
/
βββ bin/ # Essential binaries, executables, user commands (ls, cp, etc.)
βββ dev/ # Device files (terminals, USBs), usually for virtual devices
βββ etc/ # System and containerized application configuration files (network, users)
βββ home/ # Optional, user-specific files and directories, for non-root users
βββ lib/ # Shared libraries needed by bin/ and sbin/
βββ media/ # Mount points for removable media (e.g., CD, USB) (often empty)
βββ mnt/ # Temporary mount location for external filesystems
βββ proc/ # Virtual filesystem with system/process info, representing process and system info
βββ root/ # Home directory for the root user
βββ run/ # Runtime process information (e.g., PIDs, sockets), application state files
βββ sbin/ # System management binaries, commands, usually for root (e.g., reboot)
βββ srv/ # Service data provided by the system (e.g., web, FTP)
βββ tmp/ # Temporary files, often cleared on reboot, wiped on container stop/restart
βββ usr/ # User binaries, libraries, documentation, secondary hierarchy for system resources
β βββ bin/ # User binaries (e.g., git, gcc)
β βββ lib/ # Libraries for user binaries
β βββ local/ # Locally installed software and files
βββ var/ # Variable data files that change frequently
βββ cache/ # Application cache data
βββ log/ # System and application logs
βββ mail/ # User mail storage
βββ tmp/ # Temporary storage for running applications
Containers are built to isolate application dependencies, so only essential directories and files for the application are typically present, making it lightweight and minimal
1. Docker Container Commands:
-
Run a container:
docker run -d --name <container-name> <image-name>
- Runs a container in detached mode (
-d
) from the specified image. - Example:
docker run -d --name my-nginx nginx
- Runs a container in detached mode (
-
List running containers:
docker ps
- Shows all currently running containers.
- Add
-a
to list all containers, including stopped ones.
-
Stop a container:
docker stop <container-id|container-name>
- Stops a running container.
-
Remove a container:
docker rm <container-id|container-name>
- Deletes a stopped container.
- Use
-f
to force-remove a running container.
2. Docker Image Commands:
-
Build an image:
docker build -t <image-name>:<tag> <path-to-dockerfile>
- Builds an image from a Dockerfile.
- Example:
docker build -t my-app:latest .
-
List images:
docker images
- Lists all images available on the host.
-
Remove an image:
docker rmi <image-id|image-name>
- Deletes an image.
- Use
-f
to force-remove an image if it's being used.
-
Pull an image from a repository:
docker pull <image-name>:<tag>
- Downloads an image from Docker Hub or other registries.
- Example:
docker pull ubuntu:latest
3. Docker Network Commands:
-
List networks:
docker network ls
- Shows all Docker networks.
-
Create a network:
docker network create <network-name>
- Creates a new Docker network.
-
Connect a container to a network:
docker network connect <network-name> <container-name>
-
Inspect a network:
docker network inspect <network-name>
- Shows detailed information about a Docker network.
4. Docker Volume Commands:
-
Create a volume:
docker volume create <volume-name>
- Creates a new volume for persistent storage.
-
List volumes:
docker volume ls
- Lists all Docker volumes.
-
Remove a volume:
docker volume rm <volume-name>
- Deletes a volume.
-
Inspect a volume:
docker volume inspect <volume-name>
- Shows detailed information about a volume.
5. Miscellaneous Commands:
-
View container logs:
docker logs <container-id|container-name>
- Displays logs from a specific container.
- Use
-f
to follow the logs in real-time.
-
Access a running container's shell:
docker exec -it <container-id|container-name> /bin/bash
- Starts an interactive shell inside a running container.
- Example:
docker exec -it my-nginx /bin/bash
-
Tag an image:
docker tag <image-name> <repository>/<image-name>:<tag>
- Tags an image to prepare it for pushing to a registry.
- Example:
docker tag my-app myrepo/my-app:latest
-
Push an image to a registry:
docker push <repository>/<image-name>:<tag>
- Uploads an image to a Docker registry.
-
Prune unused containers, images, networks, and volumes:
docker system prune
- Cleans up unused resources.
- Add
-a
to remove all stopped containers and unused images.
These commands cover most of the typical operations when working with Docker, such as managing containers, images, and networking.
If you found this helpful, let me know by leaving a π or a comment!, or if you think this post could help someone, feel free to share it! Thank you very much! π
Top comments (0)