Best Practices for Writing Dockerfiles

Why Dockerfile Best Practices Matter

Poorly written Dockerfiles lead to large, insecure, and hard-to-maintain container images. Following best practices ensures faster builds, smaller images, better security, and improved maintainability.

1. Use Official or Minimal Base Images

Choose minimal or well-maintained base images like:

FROM alpine:3.19
# or
FROM python:3.11-slim

2. Pin Versions Explicitly

Avoid surprises by pinning versions of dependencies and packages:

RUN apt-get install -y curl=7.68.0-1ubuntu2.6

3. Combine RUN Commands

Reduce layers by chaining commands:

RUN apt-get update && apt-get install -y curl unzip && rm -rf /var/lib/apt/lists/*

4. Leverage `.dockerignore`

Exclude unnecessary files from context to speed up builds and reduce image size:

node_modules
.git
*.log

5. Use Multi-stage Builds

To keep images clean and small:

FROM golang:1.21 as builder
WORKDIR /app
COPY . .
RUN go build -o main

FROM alpine:3.19
COPY --from=builder /app/main /main
CMD ["/main"]

6. Don’t Run as Root

Add a non-root user for security:

RUN addgroup -S app && adduser -S app -G app
USER app

7. Use Healthchecks

Ensure containers are functioning as expected:

HEALTHCHECK CMD curl --fail http://localhost:8080/health || exit 1

8. Clean Up After Yourself

Delete temporary files and unnecessary dependencies:

RUN rm -rf /tmp/*

Conclusion

Following Dockerfile best practices leads to cleaner, safer, and more efficient container images — a must for production environments. Start applying them today to make your containers shine.

Why Dockerfile Best Practices Matter#

1. Use Official or Minimal Base Images#

2. Pin Versions Explicitly#

3. Combine RUN Commands#

4. Leverage .dockerignore#

5. Use Multi-stage Builds#

6. Don’t Run as Root#

7. Use Healthchecks#

8. Clean Up After Yourself#

Conclusion#