BestHub
Sign in
Cloud Native 6 min read

Dockerfile Instruction Writing Recommendations

This article provides practical guidelines for writing Dockerfile instructions—including RUN, CMD, ENTRYPOINT, ADD, COPY, and WORKDIR—offering syntax recommendations, best‑practice examples, and advice on when to use each command to create efficient, maintainable container images.

Practical DevOps Architecture
Practical DevOps Architecture
Practical DevOps Architecture
Dockerfile Instruction Writing Recommendations

Dockerfile instruction writing recommendations are presented for beginners to avoid common mistakes and build clean, efficient images.

RUN creates a new image layer; when using RUN, follow these principles: use a backslash (\\) for line continuation, sort commands alphabetically for readability, and keep the command concise. Example for installing packages on an official CentOS image:

FROM centos:7
RUN yum install -y automake \
    curl \
    python \
    vim

CMD and ENTRYPOINT both define the container's start command. They can be written in two forms:

Exec form: ["command", "param"] (JSON array), which uses the Linux exec mechanism and is the recommended Docker style.

Shell form: command param, which runs via /bin/sh -c.

When using the exec form, the container's PID 1 is the command specified; with the shell form, the command runs inside a shell process, so PID 1 is the shell.

Key differences:

If an ENTRYPOINT is set, you must use the --entrypoint flag to override it; arguments after docker run replace the CMD but not the ENTRYPOINT. ENTRYPOINT can be combined with CMD or used alone; CMD can only be used alone.

Use CMD for flexible images that users may want to override, and ENTRYPOINT for images that should always run a specific program.

Regardless of which you choose, prefer the exec form.

ADD and COPY both add files to the image. COPY handles simple file and directory copying and works well with Docker's build cache, resulting in smaller images. ADD supports additional features such as automatic tar extraction and remote URLs, but these features are often unnecessary and can bypass cache optimizations.

Therefore, prefer COPY for local files. When you need to fetch a file from a URL, use wget (or curl) followed by extraction commands instead of ADD. Example replacement:

RUN wget -O /tmp/memtester-4.3.0.tar.gz http://pyropus.ca/software/memtester/old-versions/memtester-4.3.0.tar.gz \
    && tar -xvf /tmp/memtester-4.3.0.tar.gz -C /tmp \
    && make -C /tmp/memtester-4.3.0 && make -C /tmp/memtester-4.3.0 install

WORKDIR improves build clarity by setting the working directory for subsequent instructions. Avoid chaining RUN cd /path && ... and instead use WORKDIR /path.

--- End of article ---

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

Dockercloud-nativeOperations
Practical DevOps Architecture
Written by

Practical DevOps Architecture

Hands‑on DevOps operations using Docker, K8s, Jenkins, and Ansible—empowering ops professionals to grow together through sharing, discussion, knowledge consolidation, and continuous improvement.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment