O'Reilly logo
live online training icon Live Online training

Practical Docker

Learn best practices for building maintainable Dockerfiles

Raju Gandhi

A Docker image is the artifact of the container world. Leaner images allow easier resource management (disk pressure in your registries), fewer attack vectors, and better performance when pulling or pushing images for storage or upon deployment. Lean images also produce smaller containers, which in turn require fewer resources at runtime, allowing for higher server density. Multistage Dockerfiles can help reduce the complexity of CI/CD pipelines by reducing the number of moving parts in building, testing, and producing a production-grade image.

Join expert Raju Gandhi to explore best practices for writing Dockerfiles. You'll learn how to best use an instruction and produce maintainable Dockerfiles that result in leaner images in your builds. Along the way, you'll discover why you should use multistage Dockerfiles and how to implement them.

What you'll learn-and how you can apply it

By the end of this live, online course, you’ll understand: - How the Docker cache works, how to best leverage it, and when to bust the cache - Some gotchas in the Dockerfile instruction set and how to avoid them - The implications of using certain Dockerfile instructions and their effect on image sizes - How multistage builds can help alleviate the complexity in building Docker images for your applications

And you’ll be able to: - Build a multistage Dockerfile that allows for testing your code, building an artifact inside a container, and producing an image with the absolute minimum that is needed to run your application

This training course is for you because...

  • You're a developer writing a Dockerfile for your application, and you want to ensure that you are leveraging the Docker cache correctly (for faster builds), not rebuilding images unnecessarily, and building the leanest image (and consequent container).
  • You're a build engineer trying to optimize your build pipeline that uses containers for testing, building, and producing production-grade images with minimum fuss.
  • You're a developer working with a multitier architecture (layered, service based, or microservices), and you need a mechanism to easily spin up your services, databases, and queues and help them communicate with each other.

Prerequisites

Required materials and setup: - A machine (recent OS and sufficient privileges) with Git, Docker, and the text editor of your choice installed - Clone the course GitHub repository (link will be provided closer to the event date)

Recommended preparation: - Docker: Up & Running (book)

About your instructor

  • Raju Gandhi is a programmer, consultant, speaker, trainer, and all-around nice guy. He has worked in the software industry for over 15 years and has experience in both government and private sectors. Raju is a practitioner of both Agile and DevOps methods as well as good programming and architectural patterns and believes that finding the right balance between such practices will allow us to deliver software that our customers cherish. He is also a strong advocate of functional programming and a proponent of immutability across both software and hardware. Raju is a regular speaker at conferences around the country (and occasionally around the world) and has routinely participated in the No Fluff, Just Stuff tour. In his spare time, you will find Raju reading, playing with technology, or spending time with his wonderful (and significantly better) other half.

Schedule

The timeframes are only estimates and may vary according to how the class is progressing

Overview and introduction

  • What are the benefits of containerization
  • The role of images in the docker workflow
  • What is a container?
  • Why Dockerfiles?
  • The union filesystem and its limitations
  • Inspecting the docker build output
  • Build a simple image by hand, then build it using a Dockerfile
  • Discussion around what a Dockerfile really is
  • Review

Dockerfile instructions (and their dos and don'ts)

  • FROM (understanding lineage)
  • ARG
  • ENV
  • LABEL
  • RUN (understanding its effect on the cache)
  • ADD/COPY (and the .dockerignore file)
  • USER
  • EXPOSE
  • ENTRYPOINT / CMD
  • Understanding compile versus runtime
  • HEALTHCHECK
  • Review
  • Multi-stage builds

  • Why multi-stage builds?

  • Building a multi-stage Dockerfile
  • Review

We will attempt to take a 10 minute break every 50 minutes or so.