# Docker Build Your Own Container

![](https://i.ytimg.com/vi/FgFQA8sr8EM/maxresdefault.jpg)

## Let's start with an example

### TSWD Java 

### Let's see the Docker File

```dockerfile
# Creating first container to compile Java code and create jar file
FROM maven:3-openjdk-11 AS build
WORKDIR /app

# Copying pom.xml file to container
COPY pom.xml .

# Downloading dependencies
RUN mvn -f ./pom.xml clean package

# Copying source code to container
COPY src src
COPY resources resources

# Compiling and creating jar file
RUN mvn -f ./pom.xml package

# Creating second container to run jar file
FROM openjdk:11
ENV BUILD "tswd-java-examples-1.0-SNAPSHOT.jar"
WORKDIR /app

# Copying jar file from first container to second container
COPY --from=build /app/target/${BUILD} app.jar

# Running jar file
ENTRYPOINT ["java","-cp","app.jar"]
```

### Build Image

In [1]:
%%bash
cd /Users/nics/Dev/GitHub/tswd-java-examples ## Change with the right path
docker build . -t unict:tswd-java-examples

#1 [internal] load build definition from Dockerfile
#1 sha256:dde3262195569584055857047fdd9c35c6408148dff1130783d143d9b658a6aa
#1 transferring dockerfile: 37B 0.0s done
#1 DONE 0.0s

#2 [internal] load .dockerignore
#2 sha256:dd351bd229f87c0d6036d53610df9c7fe0337a9366cec2c4ffd3b2706db05fde
#2 transferring context: 2B done
#2 DONE 0.0s

#3 [internal] load metadata for docker.io/library/openjdk:11
#3 sha256:492c5fbb1d42addd537e615bae70edf30b75d7728818ac0ad99e723b78156af5
#3 DONE 0.8s

#4 [internal] load metadata for docker.io/library/maven:3-openjdk-11
#4 sha256:774966ac24c0a9ed0b2f9e52cb201d6876bff9dc5ad3187d12d3da43893a4a6d
#4 DONE 0.8s

#7 [build 1/7] FROM docker.io/library/maven:3-openjdk-11@sha256:805f366910aea2a91ed263654d23df58bd239f218b2f9562ff51305be81fa215
#7 sha256:a0f0743ec03a30e78363af08e7d17c76ecb038122507b3377d3e75822e7fe289
#7 DONE 0.0s

#5 [stage-1 1/3] FROM docker.io/library/openjdk:11@sha256:99bac5bf83633e3c7399aed725c8415e7b569b54e03e4599e580fc9cdb7c21ab
#5 sha256:3f0

Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven/2.0.6/maven-2.0.6.pom (9.0 kB at 133 kB/s)
#11 3.020 Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/5/maven-parent-5.pom
Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-parent/5/maven-parent-5.pom (15 kB at 218 kB/s)
#11 3.091 Downloading from central: https://repo.maven.apache.org/maven2/org/apache/apache/3/apache-3.pom
Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/apache/3/apache-3.pom (3.4 kB at 51 kB/s)
#11 3.162 Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.0/plexus-utils-3.0.pom
Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/3.0/plexus-utils-3.0.pom (4.1 kB at 53 kB/s)
#11 3.241 Downloading from central: https://repo.maven.apache.org/maven2/org/sonatype/spice/spice-parent/16/spice-parent-16

#11 5.416 Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/doxia/doxia/1.0-alpha-7/doxia-1.0-alpha-7.pom
Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/doxia/doxia/1.0-alpha-7/doxia-1.0-alpha-7.pom (3.9 kB at 51 kB/s)
#11 5.494 Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.0.6/maven-error-diagnostics-2.0.6.pom
Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.0.6/maven-error-diagnostics-2.0.6.pom (1.7 kB at 22 kB/s)
#11 5.576 Downloading from central: https://repo.maven.apache.org/maven2/commons-cli/commons-cli/1.0/commons-cli-1.0.pom
Downloaded from central: https://repo.maven.apache.org/maven2/commons-cli/commons-cli/1.0/commons-cli-1.0.pom (2.1 kB at 27 kB/s)
#11 5.656 Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-descriptor/2.0.6/maven-plugin-descriptor-2.0.6.p

Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-registry/2.0.6/maven-plugin-registry-2.0.6.jar (29 kB at 144 kB/s)
Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.0.6/maven-error-diagnostics-2.0.6.jar
Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/doxia/doxia-sink-api/1.0-alpha-7/doxia-sink-api-1.0-alpha-7.jar (5.9 kB at 26 kB/s)
#11 7.438 Downloading from central: https://repo.maven.apache.org/maven2/commons-cli/commons-cli/1.0/commons-cli-1.0.jar
Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.0.6/maven-repository-metadata-2.0.6.jar (24 kB at 99 kB/s)
#11 7.460 Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-plugin-descriptor/2.0.6/maven-plugin-descriptor-2.0.6.jar
Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-artifact

#11 8.741 Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-profile/2.0.9/maven-profile-2.0.9.pom
Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-profile/2.0.9/maven-profile-2.0.9.pom (2.0 kB at 25 kB/s)
#11 8.825 Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.0.9/maven-repository-metadata-2.0.9.pom
Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.0.9/maven-repository-metadata-2.0.9.pom (1.9 kB at 19 kB/s)
#11 8.930 Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.0.9/maven-error-diagnostics-2.0.9.pom
Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.0.9/maven-error-diagnostics-2.0.9.pom (1.7 kB at 19 kB/s)
#11 9.026 Downloading from central: https://repo.maven.apache.org/maven2/org/apac

#11 11.31 Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.2.1/maven-repository-metadata-2.2.1.pom
Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-repository-metadata/2.2.1/maven-repository-metadata-2.2.1.pom (1.9 kB at 23 kB/s)
#11 11.39 Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.2.1/maven-error-diagnostics-2.2.1.pom
Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-error-diagnostics/2.2.1/maven-error-diagnostics-2.2.1.pom (1.7 kB at 19 kB/s)
#11 11.48 Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-project/2.2.1/maven-project-2.2.1.pom
Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/maven-project/2.2.1/maven-project-2.2.1.pom (2.8 kB at 33 kB/s)
#11 11.57 Downloading from central: https://repo.maven.apache.org/maven2/org/apac

Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-utils/1.4.5/plexus-utils-1.4.5.pom (2.3 kB at 27 kB/s)
#11 13.87 Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-classworlds/2.2.2/plexus-classworlds-2.2.2.pom
Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-classworlds/2.2.2/plexus-classworlds-2.2.2.pom (4.0 kB at 49 kB/s)
#11 13.95 Downloading from central: https://repo.maven.apache.org/maven2/org/apache/xbean/xbean-reflect/3.4/xbean-reflect-3.4.pom
Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/xbean/xbean-reflect/3.4/xbean-reflect-3.4.pom (2.8 kB at 31 kB/s)
#11 14.04 Downloading from central: https://repo.maven.apache.org/maven2/org/apache/xbean/xbean/3.4/xbean-3.4.pom
Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/xbean/xbean/3.4/xbean-3.4.pom (19 kB at 180 kB/s)
#11 14.15 Downloading from central: https://rep

#11 14.95 Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-javac/2.2/plexus-compiler-javac-2.2.jar
#11 14.95 Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-shared-utils/0.1/maven-shared-utils-0.1.jar (155 kB at 409 kB/s)
#11 14.95 Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-container-default/1.5.5/plexus-container-default-1.5.5.jar
#11 14.96 Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-component-annotations/1.5.5/plexus-component-annotations-1.5.5.jar (4.2 kB at 11 kB/s)
#11 14.96 Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-classworlds/2.2.2/plexus-classworlds-2.2.2.jar
Downloaded from central: https://repo.maven.apache.org/maven2/org/codehaus/plexus/plexus-compiler-api/2.2/plexus-compiler-api-2.2.jar (25 kB at 59 kB/s)
#11 15.01 Downloading from central: htt

#11 16.46 Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/surefire-booter/2.12.4/surefire-booter-2.12.4.jar
#11 16.46 Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/surefire-api/2.12.4/surefire-api-2.12.4.jar
#11 16.47 Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/maven-surefire-common/2.12.4/maven-surefire-common-2.12.4.jar
#11 16.47 Downloading from central: https://repo.maven.apache.org/maven2/org/apache/commons/commons-lang3/3.1/commons-lang3-3.1.jar
#11 16.47 Downloading from central: https://repo.maven.apache.org/maven2/org/apache/maven/shared/maven-common-artifact-filters/1.3/maven-common-artifact-filters-1.3.jar
Downloaded from central: https://repo.maven.apache.org/maven2/org/apache/maven/surefire/surefire-booter/2.12.4/surefire-booter-2.12.4.jar (35 kB at 390 kB/s)
#11 16.55 Downloading from central: https://repo.maven.apache.org/maven2/org/codehaus/pl

#14 1.346 [INFO] Changes detected - recompiling the module!
#14 1.349 [INFO] Compiling 31 source files to /app/target/classes
#14 1.888 [INFO] 
#14 1.888 [INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @ tswd-java-examples ---
#14 1.890 [INFO] skip non existing resourceDirectory /app/src/test/resources
#14 1.890 [INFO] 
#14 1.891 [INFO] --- maven-compiler-plugin:3.1:testCompile (default-testCompile) @ tswd-java-examples ---
#14 1.896 [INFO] Changes detected - recompiling the module!
#14 1.896 [INFO] Compiling 1 source file to /app/target/test-classes
#14 1.922 [INFO] 
#14 1.922 [INFO] --- maven-surefire-plugin:2.12.4:test (default-test) @ tswd-java-examples ---
#14 1.986 [INFO] 
#14 1.986 [INFO] --- maven-jar-plugin:2.4:jar (default-jar) @ tswd-java-examples ---
#14 2.073 [INFO] Building jar: /app/target/tswd-java-examples-1.0-SNAPSHOT.jar
#14 2.094 [INFO] ------------------------------------------------------------------------
#14 2.094 [INFO] BUILD SUCCESS

## Run your image as a container

In [4]:
%%bash
docker run -d -t unict:tswd-java-examples edu.unict.tswd.socket.tcp.echoserver.EchoServer

9b3fd823790548c6c9d77435ae3bc79df140b3e49915da3e295b060d4a2c37ba


## Is running ?

In [5]:
%%bash
docker ps

CONTAINER ID   IMAGE                      COMMAND                  CREATED         STATUS         PORTS     NAMES
9b3fd8237905   unict:tswd-java-examples   "java -cp app.jar ed…"   3 seconds ago   Up 2 seconds             competent_morse


## DockerFile

![](https://i.imgflip.com/50yk9z.jpg)

[NicsMeme](https://imgflip.com/i/50yk9z) insipired by [Docker Anti Patterns](https://codefresh.io/containers/docker-anti-patterns/)


## Build syntax
```bash
$ docker build -f /path/to/a/Dockerfile
```

### Format
```DockerFile
# Comment
INSTRUCTION arguments
```

*Convention: instructions are in UPPER case*

### FROM
- First instruction after comments/parser directives/arg
- Indicates the Image source (download from the registry)
- Can use ARG parameter 
- it's your baby!

```DockerFile
FROM [--platform=<platform>] <image>[:<tag>] [AS <name>]
```

https://docs.docker.com/engine/reference/builder/#from

![](images/babyboss.png)

### ARG

Define enviroment variabile used in the Builder

```DockerFile
ARG <name>[=<default value>]
```    

Argument can be used in DockerFile FROM, RUN, ...
also passed during the BUILD

```bash
$ docker build --build-arg user=what_user 
```

ARG are referenced using standard ${VARIABLE} notation

Be careful with ARG
- scope starts from the line where is defined
- ENV wins on ARG in RUN 
- There are a set of predefined ARG (like HTTP_PROXY)
- Don't pass secret in ARG 

https://docs.docker.com/engine/reference/builder/#arg

![](images/arguments-penauts.png)

## ENV

Define enviroment variabile that _persist_ in the container

```DockerFile
ENV <key> <value>
ENV <key>=<value> ...
```    

Enviroment variable can be also passed while starting 

```bash
$ docker run -e "deep=purple"
```

https://docs.docker.com/engine/reference/builder/#env

![](images/wikipedia-env-variable.png)

## RUN (shell mode)

Execute commands in the _layer_ on top of the current image

 (shell form, the command is run in a shell, which by default is /bin/sh -c on Linux or cmd /S /C on Windows)

```DockerFile
RUN <command>
```    

The default shell for the shell form can be changed using the SHELL command.

In the shell form you can use a \ (backslash) to continue a single RUN instruction onto the next line. For example, consider these two lines:

```DockerFile
RUN /bin/bash -c 'source $HOME/.bashrc; \
echo $HOME'
``` 

https://docs.docker.com/engine/reference/builder/#env

![](images/docker-layers.png)

## RUN (exec mode)

```DockerFile
RUN ["executable", "param1", "param2"] (exec form)
```    

Unlike the shell form, the exec form does not invoke a command shell. This means that normal shell processing does not happen. 

> To use a different shell, other than ‘/bin/sh’, use the exec form passing in the desired shell. For example, 

```DockerFile
RUN ["/bin/bash", "-c", "echo hello"]
```

For example, `RUN [ "echo", "$HOME" ]` will not do variable substitution on $HOME. If you want shell processing then either use the shell form or execute a shell directly, for example:

```DockerFile
RUN [ "sh", "-c", "echo $HOME" ]. 
```

> The exec form is parsed as a JSON array, which means that you must use double-quotes (“) around words not single-quotes (‘).

https://docs.docker.com/engine/reference/builder/#run

![](images/docker-images.png)

## CMD (exec form)

The main purpose of a CMD is to provide defaults for an executing container. These defaults can include an executable, or they can omit the executable, in which case you must specify an ENTRYPOINT instruction as well.

Exec form, this is the preferred form

```DockerFile
CMD ["executable","param1","param2"] 
```    

Like RUN exec form do not invoke a shell, so in order to force the variabile substituion done by shell use

```DockerFile
CMD [ "sh", "-c", "echo $HOME" ]
```

https://docs.docker.com/engine/reference/builder/#env

## CMD (shell form)

The main purpose of a CMD is to provide defaults for an executing container. These defaults can include an executable, or they can omit the executable, in which case you must specify an ENTRYPOINT instruction as well.


```DockerFile
CMD command param1 param2
```    

If you want to run your <command> without a shell then you must express the command as a JSON array and give the full path to the executable. This array form is the preferred format of CMD. Any additional parameters must be individually expressed as strings in the array:
 
```DockerFile
FROM ubuntu
CMD echo "This is a test." | wc -l
```

https://docs.docker.com/engine/reference/builder/#cmd

![](images/gandalf-docker-cmd.png)

### Confused ?

- RUN actually runs a command and commits the result
- CMD does not execute anything at build time, but specifies the intended command for the image.

### ENTRYPOINT (exec form)

An `ENTRYPOINT` allows you to configure a container that will run as an executable.

```DockerFile
ENTRYPOINT ["executable", "param1", "param2"]
```    

```bash
$ docker run -i -t --rm -p 80:80 nginx
```

https://docs.docker.com/engine/reference/builder/#entrypoint

## EXPOSE

Define enviroment variabile that _persist_ in the container

```DockerFile
EXPOSE <port> [<port>/<protocol>...]
```    

The EXPOSE instruction does not actually publish the port. 

It functions as a type of documentation between the person who builds the image and the person who runs the container, about which ports are intended to be published. 

To actually publish the port when running the container, use the -p flag on docker run to publish and map one or more ports, or the -P flag to publish all exposed ports and map them to high-order ports.

```bash
$ docker run -p 80:80/tcp -p 80:80/udp 
```

https://docs.docker.com/engine/reference/builder/#expose

## ADD

The ADD instruction copies new files, directories or remote file URLs from <src> and adds them to the filesystem of the image at the path <dest>.
    
```DockerFile
ADD [--chown=<user>:<group>] <src>... <dest>
ADD [--chown=<user>:<group>] ["<src>",... "<dest>"] (this form is required for paths containing whitespace)
```    

The <dest> is an absolute path, or a path relative to WORKDIR, into which the source will be copied inside the destination container.
    
```DockerFile
ADD test relativeDir/          # adds "test" to `WORKDIR`/relativeDir/
ADD test /absoluteDir/         # adds "test" to /absoluteDir/
```

https://docs.docker.com/engine/reference/builder/#add

## COPY

The COPY instruction copies new files or directories from <src> and adds them to the filesystem of the container at the path <dest>.
    
```DockerFile
COPY [--chown=<user>:<group>] <src>... <dest>
COPY [--chown=<user>:<group>] ["<src>",... "<dest>"] (this form is required for paths containing whitespace)
```    

![](images/docker-copy-add-meme.png)

## VOLUME

The VOLUME instruction creates a mount point with the specified name and marks it as holding externally mounted volumes from native host or other containers.r

```DockerFile
VOLUME ["/data"]
```    

The docker run command initializes the newly created volume with any data that exists at the specified location within the base image. For example, consider the following Dockerfile snippet:

```DockerFile
FROM ubuntu
RUN mkdir /myvol
RUN echo "hello world" > /myvol/greeting
VOLUME /myvol```

This Dockerfile results in an image that causes docker run to create a new mount point at /myvol and copy the greeting file into the newly created volume.

https://docs.docker.com/engine/reference/builder/#env

## WORKDIR

Define enviroment variabile that _persist_ in the container

```DockerFile
WORKDIR /path/to/workdir
```    

The WORKDIR instruction sets the working directory for any RUN, CMD, ENTRYPOINT, COPY and ADD instructions that follow it in the Dockerfile. If the WORKDIR doesn’t exist, it will be created even if it’s not used in any subsequent Dockerfile instruction.

```bash
WORKDIR /a
WORKDIR b
WORKDIR c
RUN pwd
```

The output of the final pwd command in this Dockerfile would be /a/b/c.



https://docs.docker.com/engine/reference/builder/#env

### Best Practices

https://docs.docker.com/develop/develop-images/dockerfile_best-practices/

### Cheat Sheet
- https://kapeli.com/cheat_sheets/Dockerfile.docset/Contents/Resources/Documents/index
- https://github.com/wsargent/docker-cheat-sheet
- https://www.docker.com/sites/default/files/d8/2019-09/docker-cheat-sheet.pdf

### Docker Commit

[To commit or not to commit?](https://medium.com/@lizrice/to-commit-or-not-to-commit-5ab72f9a466e)

**Don’t do it.**

No, really, I know it’s tempting, but if you’re ever going to use this container image again, don’t use commit. There are significant downsides to the commit approach:

- You can’t reproduce the image
- You can’t change the base image

Creating a Dockerfile might feel a bit like work, but if you might want this image again, it’s the approach you need to take.
