Learn best practices for building maintainable Dockerfiles
Topic: System Administration
A Docker image is the artifact of the container world. Leaner images allow easier resource management (disk pressure in your registries), fewer attack vectors, and better performance when pulling or pushing images for storage or upon deployment. Lean images also produce smaller containers, which in turn require fewer resources at runtime, allowing for higher server density. Multistage Dockerfiles can help reduce the complexity of CI/CD pipelines by reducing the number of moving parts in building, testing, and producing a production-grade image.
Join expert Raju Gandhi to explore best practices for writing Dockerfiles. You'll learn how to best use an instruction and produce maintainable Dockerfiles that result in leaner images in your builds. Along the way, you'll discover why you should use multistage Dockerfiles and how to implement them.
What you'll learn-and how you can apply it
By the end of this live, online course, you’ll understand: - How the Docker cache works, how to best leverage it, and when to bust the cache - Some gotchas in the Dockerfile instruction set and how to avoid them - The implications of using certain Dockerfile instructions and their effect on image sizes - How multistage builds can help alleviate the complexity in building Docker images for your applications
And you’ll be able to: - Build a multistage Dockerfile that allows for testing your code, building an artifact inside a container, and producing an image with the absolute minimum that is needed to run your application
This training course is for you because...
- You're a developer writing a Dockerfile for your application, and you want to ensure that you are leveraging the Docker cache correctly (for faster builds), not rebuilding images unnecessarily, and building the leanest image (and consequent container).
- You're a build engineer trying to optimize your build pipeline that uses containers for testing, building, and producing production-grade images with minimum fuss.
- You're a developer working with a multitier architecture (layered, service based, or microservices), and you need a mechanism to easily spin up your services, databases, and queues and help them communicate with each other.
Required materials and setup: - A machine (recent OS and sufficient privileges) with Git, Docker, and the text editor of your choice installed - Clone the course GitHub repository (link will be provided closer to the event date)
Recommended preparation: - Docker: Up & Running (book)
About your instructor
Raju Gandhi is a software craftsman with almost 20 years of hands-on experience scoping, architecting, designing, and implementing full stack applications. A full-time consultant, published author, internationally known public speaker, and trainer, he provides a 360-degree view of the development cycle. He’s proficient in a variety of programming languages and paradigms, experienced with software development methodologies, and an expert in infrastructure and tooling. He’s long pursued hermeticism across the development stack by championing immutability during development (with languages like Clojure), deployment (leveraging tools like Docker and Kubernetes), and provisioning and configuration via code (using toolkits like Ansible, Terraform, Packer, and “everything as code”). In his spare time, you’ll find Raju reading, playing with technology, or spending time with his wonderful (and significantly better) other half.
The timeframes are only estimates and may vary according to how the class is progressing
Overview and introduction
- What are the benefits of containerization
- The role of images in the docker workflow
- What is a container?
- Why Dockerfiles?
- The union filesystem and its limitations
- Inspecting the docker build output
- Build a simple image by hand, then build it using a Dockerfile
- Discussion around what a Dockerfile really is
Dockerfile instructions (and their dos and don'ts)
- FROM (understanding lineage)
- RUN (understanding its effect on the cache)
- ADD/COPY (and the .dockerignore file)
- ENTRYPOINT / CMD
- Understanding compile versus runtime
Why multi-stage builds?
- Building a multi-stage Dockerfile
We will attempt to take a 10 minute break every 50 minutes or so.