From 8e71348370592924e1bd6a4054fe1d3331c9e7e0 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 8 Mar 2019 16:37:41 +0100 Subject: [PATCH] remove references to obsolete versions, and rewrite stdin section This removes references to obsolete versions of Docker, and rewrites the section on building from a Dockerfile piped through `stdin`. Signed-off-by: Sebastiaan van Stijn --- .../dockerfile_best-practices.md | 152 +++++++++++++++--- 1 file changed, 130 insertions(+), 22 deletions(-) diff --git a/develop/develop-images/dockerfile_best-practices.md b/develop/develop-images/dockerfile_best-practices.md index f0142e2f0b..afa6aa4e50 100644 --- a/develop/develop-images/dockerfile_best-practices.md +++ b/develop/develop-images/dockerfile_best-practices.md @@ -101,38 +101,147 @@ Sending build context to Docker daemon 187.8MB ### Pipe Dockerfile through `stdin` -Docker 17.05 added the ability to build images by piping `Dockerfile` through -`stdin` with a _local or remote build-context_. In earlier versions, building an -image with a `Dockerfile` from `stdin` did not send the build-context. +Docker has the ability to build images by piping `Dockerfile` through `stdin` +with a _local or remote build context_. Piping a `Dockerfile` through `stdin` +can be useful to perform one-off builds without writing a Dockerfile to disk, +or in situations where the `Dockerfile` is generated, and should not persist +afterwards. -**Docker 17.04 and lower** +> The examples in this section use [here documents](http://tldp.org/LDP/abs/html/here-docs.html) +> for convenience, but any method to provide the `Dockerfile` on `stdin` can be +> used. +> +> For example, the following commands are equivalent: +> +> ```bash +> echo -e 'FROM busybox\nRUN echo "hello world"' | docker build - +> ``` +> +> ```bash +> docker build -< FROM busybox +> RUN echo "hello world" +> EOF +> ``` +> +> You can substitute the examples with your preferred approach, or the approach +> that best fits your use-case. + +#### Build an image using a Dockerfile from stdin, without sending build context + +Use this syntax to build an image using a `Dockerfile` from `stdin`, without +sending additional files as build context. The hyphen (`-`) takes the position +of the `PATH`, and instructs Docker to read the build context (which only +contains a `Dockerfile`) from `stdin` instead of a directory: + +```bash +docker build [OPTIONS] - ``` -docker build -t foo -< **Note**: Attempting to build a Dockerfile that uses `COPY` or `ADD` will fail +> if this syntax is used. The following example illustrates this: +> +> ```bash +> # create a directory to work in +> mkdir example +> cd example +> +> # create an example file +> touch somefile.txt +> +> docker build -t myimage:latest -< FROM busybox +> COPY somefile.txt . +> RUN cat /somefile.txt +> EOF +> +> # observe that the build fails +> ... +> Step 2/3 : COPY somefile.txt . +> COPY failed: stat /var/lib/docker/tmp/docker-builder249218248/somefile.txt: no such file or directory +> ``` + +#### Build from a local build context, using a Dockerfile from stdin + +Use this syntax to build an image using files on your local filesystem, but using +a `Dockerfile` from `stdin`. The syntax uses the `-f` (or `--file`) option to +specify the `Dockerfile` to use, using a hyphen (`-`) as filename to instruct +Docker to read the `Dockerfile` from `stdin`: + +```bash +docker build [OPTIONS] -f- PATH ``` -docker build -t foo . -f-< **Under the hood** +> +> When building an image using a remote Git repository as build context, Docker +> performs a `git clone` of the repository on the local machine, and sends +> those files as build context to the daemon. This feature requires `git` to be +> installed on the host where you run the `docker build` command. + ### Exclude with .dockerignore To exclude files not relevant to the build (without restructuring your source @@ -142,9 +251,9 @@ similar to `.gitignore` files. For information on creating one, see the ### Use multi-stage builds -[Multi-stage builds](multistage-build.md) (in [Docker 17.05](/release-notes/docker-ce/#17050-ce-2017-05-04) or higher) -allow you to drastically reduce the size of your final image, without struggling -to reduce the number of intermediate layers and files. +[Multi-stage builds](multistage-build.md) allow you to drastically reduce the +size of your final image, without struggling to reduce the number of intermediate +layers and files. Because an image is built during the final stage of the build process, you can minimize image layers by [leveraging build cache](#leverage-build-cache). @@ -220,14 +329,13 @@ In older versions of Docker, it was important that you minimized the number of layers in your images to ensure they were performant. The following features were added to reduce this limitation: -- In Docker 1.10 and higher, only the instructions `RUN`, `COPY`, `ADD` create - layers. Other instructions create temporary intermediate images, and do not - directly increase the size of the build. +- Only the instructions `RUN`, `COPY`, `ADD` create layers. Other instructions + create temporary intermediate images, and do not increase the size of the build. -- In Docker 17.05 and higher, you can do [multi-stage builds](multistage-build.md) - and only copy the artifacts you need into the final image. This allows you to - include tools and debug information in your intermediate build stages without - increasing the size of the final image. +- Where possible, use [multi-stage builds](multistage-build.md), and only copy + the artifacts you need into the final image. This allows you to include tools + and debug information in your intermediate build stages without increasing the + size of the final image. ### Sort multi-line arguments