What Is a Dockerfile?
A Dockerfile is simply a text file that contains instructions on how to build a Docker image.
Think of it like a recipe.
If you want to bake a cake, you need instructions:
1. Get flour
2. Add sugar
3. Add eggs
4. Bake
Docker works the same way.
Example:
FROM node:20
WORKDIR /app
COPY . .
RUN npm install
EXPOSE 3000
CMD ["npm","start"]
Docker reads these instructions from top to bottom.
Understanding Each Dockerfile Instruction
FROM
Example:
FROM ubuntu:22.04
or
FROM node:20
This is the base image.
Think of it as the foundation of a house.
Without a foundation:
No house
Without FROM:
No image
Interview Question:
What is the first instruction in most Dockerfiles?
Answer:
FROM
WORKDIR
Example:
WORKDIR /app
Creates a working directory.
Equivalent Linux command:
mkdir /app
cd /app
Every following instruction executes inside:
/app
COPY
Example:
COPY . .
Meaning:
Copy current project
into container
Host:
project/
app.js
package.json
Container:
/app
app.js
package.json
RUN
Executes commands during image build.
Example:
RUN npm install
Docker executes:
npm install
while building the image.
This creates dependencies inside the image.
CMD
Example:
CMD ["npm","start"]
Defines what runs when the container starts.
Without CMD:
Container starts and exits immediately.
CMD acts like:
npm start
inside the container.
EXPOSE
Example:
EXPOSE 3000
Documents which port application uses.
Important:
Many beginners think:
EXPOSE 3000
opens the port.
It does NOT.
It simply informs Docker.
Real port publishing happens using:
docker run -p 3000:3000 image
Building an Image
Dockerfile:
FROM nginx
Build:
docker build -t my-nginx .
Output:
my-nginx
now becomes a local image.
Verify:
docker images
What Happens During docker build?
This is where many DevOps interviews become difficult.
Docker does not create one giant file.
Docker creates layers.
Understanding Layers
Example:
FROM ubuntu
RUN apt update
RUN apt install nginx
COPY . .
Docker creates:
Layer 1 → Ubuntu
Layer 2 → apt update
Layer 3 → nginx install
Layer 4 → copied files
Visual:
Layer 4
Layer 3
Layer 2
Layer 1
Every instruction creates another layer.
Why Layers Matter
Imagine image size:
5 GB
Without layers:
Every build:
Download entire 5 GB
With layers:
Docker only downloads changed layers.
Huge performance improvement.
Docker Cache
One of the most important concepts for senior engineers.
Example:
FROM node:20
COPY package.json .
RUN npm install
COPY . .
CMD ["npm","start"]
First build:
docker build .
May take:
2 minutes
Second build:
10 seconds
Why?
Docker reuses cached layers.
Bad Dockerfile Design
Example:
FROM node:20
COPY . .
RUN npm install
Any code change:
npm install runs again
Very slow.
Better Dockerfile Design
Example:
FROM node:20
COPY package.json .
RUN npm install
COPY . .
Now Docker only reruns:
COPY . .
Much faster.
Senior DevOps engineers always optimize caching.
Multi-Stage Builds
Used in production almost everywhere.
Problem:
Building React app:
FROM node:20
Contains:
Node
NPM
Build Tools
Source Code
Huge image.
Solution:
Multi-stage build.
FROM node:20 AS builder
WORKDIR /app
COPY . .
RUN npm install
RUN npm run build
FROM nginx
COPY --from=builder /app/dist /usr/share/nginx/html
Result:
Production image contains only:
Built website
Nginx
Not:
Node
NPM
Source code
Much smaller.
More secure.
Faster deployment.
Container Storage Problem
Suppose MySQL runs in container.
docker run mysql
Database contains:
Customers
Orders
Invoices
Container crashes.
Container deleted.
Everything disappears.
Why?
Containers are ephemeral.
Ephemeral means temporary.
Volumes
Docker volumes persist data.
Example:
docker volume create mysql-data
Use:
docker run \
-v mysql-data:/var/lib/mysql \
mysql
Now:
Container Deleted
Data survives.
Real Production Example
Company database:
5 TB
Container restarts.
Without volume:
5 TB lost
Business destroyed.
With volume:
Data remains
Volumes are mandatory for databases.
Bind Mounts
Different from volumes.
Example:
docker run \
-v $(pwd):/app
Meaning:
Host Directory
↔
Container Directory
Changes on host instantly appear inside container.
Mostly used:
Development
Testing
Not usually production.
Docker Networking
One of the most important topics for senior DevOps engineers.
Why Networking Exists
Suppose:
Frontend Container
Backend Container
Database Container
Need communication.
Docker creates networks.
Bridge Network
Default network.
Create:
docker network create app-network
Run:
docker run --network app-network
All containers can communicate.
Example
Backend:
backend-container
Database:
postgres-container
Backend can connect:
postgres-container:5432
No IP needed.
Docker provides internal DNS.
Port Publishing
Container:
80
Host:
8080
Mapping:
docker run -p 8080:80 nginx
Visual:
Browser
|
Host 8080
|
Container 80
Host Network
Container uses host network directly.
docker run --network host nginx
No isolation.
Higher performance.
Used occasionally.
Overlay Networks
Used across servers.
Example:
Server A
Server B
Server C
Containers communicate as one network.
Used in:
- Docker Swarm
- Kubernetes concepts
Docker Compose
Real applications rarely use one container.
Example application:
Frontend
Backend
PostgreSQL
Redis
Starting individually is painful.
Without Compose
docker run frontend
docker run backend
docker run postgres
docker run redis
Difficult.
With Compose
services:
frontend:
image: frontend
backend:
image: backend
postgres:
image: postgres
redis:
image: redis
Start:
docker compose up -d
Everything starts.
Enterprise Example
Application:
React Frontend
Node Backend
PostgreSQL
Redis
Compose file defines:
Networks
Volumes
Ports
Containers
Dependencies
Entire environment built with:
docker compose up
Very common in development environments.
What a Senior DevOps Engineer Must Understand from Part 2
You should be able to explain:
Dockerfile
- FROM
- COPY
- RUN
- CMD
- EXPOSE
- WORKDIR
Layers
- How layers are created
- How caching works
- How layer optimization works
Multi-Stage Builds
- Why used
- How they reduce image size
- Security benefits
Storage
- Volumes
- Bind mounts
- Persistent data
Networking
- Bridge
- Host
- Overlay
- Port publishing
- Container DNS
Docker Compose
- Multi-container applications
- Networks
- Volumes
- Environment creation
These are the concepts that separate someone who can "run a container" from someone who can design and support Docker environments in production.
Top comments (0)