Interpret contents of a Dockerfile

📘Cisco DevNet Associate (200-901 DEVASC)

---

A Dockerfile is a text file that contains a set of instructions used to build a Docker image. A Docker image is like a template for creating containers, which are isolated environments where your applications run.

Think of it as a recipe: the Dockerfile tells Docker exactly what steps to take to prepare an environment so that your application can run consistently anywhere.

---

Basic Structure of a Dockerfile

A Dockerfile usually contains:

1. Base Image
2. Maintainer / Metadata
3. Instructions to install software or dependencies
4. Copying files
5. Running commands
6. Exposing ports
7. Defining the default command

Let’s go through these one by one.

---

1. FROM – Base Image

• Syntax:

FROM <image>:<tag>

• Purpose:
  Specifies the starting point for the Docker image. Usually, it’s an existing image with an operating system or a programming environment.
• Example:

FROM python:3.11

This means the container starts with Python version 3.11 installed.

• Exam Tip:
  You need to recognize FROM as the instruction that defines the base image. Without it, Docker won’t know what environment to start with.

---

2. LABEL – Metadata

• Syntax:

LABEL key="value"

• Purpose:
  Adds metadata to the image, like author, version, or description.
• Example:

LABEL maintainer="pooja@example.com"
LABEL version="1.0"

• Exam Tip:
  LABEL is optional but can provide important information about the image.

---

3. RUN – Execute Commands

• Syntax:

RUN <command>

• Purpose:
  Executes a command while building the image. Commonly used to install software or libraries.
• Example:

RUN apt-get update && apt-get install -y git

This updates the package list and installs Git inside the image.

• Exam Tip:
  RUN commands execute during image build, not when the container starts.

---

4. COPY and ADD – Copy Files

• COPY Syntax:

COPY <source> <destination>

• ADD Syntax:

ADD <source> <destination>

• Purpose:
  Both commands copy files from your local machine into the Docker image.
• ADD can also extract tar files and fetch files from URLs.
• COPY is simpler and preferred if you only need local files.
• Example:

COPY requirements.txt /app/requirements.txt
ADD app.tar.gz /app/

• Exam Tip:
  Remember: COPY = copy files, ADD = copy + more features (like auto-extracting).

---

5. WORKDIR – Set Working Directory

• Syntax:

WORKDIR /app

• Purpose:
  Sets the current working directory inside the container for the following commands.
• Example:

WORKDIR /app
COPY . .
RUN pip install -r requirements.txt

All commands now operate in /app.

• Exam Tip:
  Helps prevent writing long paths for every command.

---

6. ENV – Environment Variables

• Syntax:

ENV <key>=<value>

• Purpose:
  Defines environment variables inside the container.
• Example:

ENV APP_ENV=production

• Exam Tip:
  Useful for configuring the application behavior inside the container.

---

7. EXPOSE – Open Ports

• Syntax:

EXPOSE <port>

• Purpose:
  Indicates which network port the container listens on.
• Example:

EXPOSE 5000

This tells Docker (and other developers) that the app uses port 5000.

• Exam Tip:
  Does not actually publish the port to the host — that happens with docker run -p.

---

8. CMD – Default Command

• Syntax:

CMD ["executable","param1","param2"]

• Purpose:
  Specifies the default command to run when the container starts.
• Example:

CMD ["python", "app.py"]

• Exam Tip:
• Only one CMD is allowed per Dockerfile; later ones override earlier ones.
• Use CMD for the main process of your container.

---

9. ENTRYPOINT – Fixed Command

• Syntax:

ENTRYPOINT ["executable","param1"]

• Purpose:
  Similar to CMD, but cannot be easily overridden when running the container.
• Often used when the container should always run the same executable.
• Example:

ENTRYPOINT ["python"]
CMD ["app.py"]

Here, python is fixed, but app.py can be overridden.

• Exam Tip:
  Understand the difference: ENTRYPOINT is mandatory, CMD is default/optional.

---

10. USER – Set the User

• Syntax:

USER <username>

• Purpose:
  Runs container commands as a specific user (not root).
• Example:

USER appuser

• Exam Tip:
  Important for security; always prefer running apps as a non-root user.

---

11. VOLUME – Mount Data

• Syntax:

VOLUME ["/data"]

• Purpose:
  Creates a persistent storage location inside the container that can map to the host machine.
• Exam Tip:
  Used to save data that persists even after the container stops.

---

Key Exam Takeaways

For Cisco DevNet Associate, you should be able to:

1. Identify Dockerfile instructions: FROM, RUN, COPY, WORKDIR, CMD, ENTRYPOINT, ENV, EXPOSE, USER, VOLUME, LABEL.
2. Understand the purpose of each instruction.
3. Interpret a Dockerfile to know how the container environment is built.
4. Recognize differences between CMD and ENTRYPOINT, and between COPY and ADD.
5. Understand build-time vs run-time instructions:
   • Build-time: RUN, COPY, ADD, WORKDIR, ENV
   • Run-time: CMD, ENTRYPOINT, EXPOSE, USER, VOLUME

---

Sample Dockerfile

Here’s a complete example you might see in the exam:

# Base image
FROM python:3.11# Metadata
LABEL maintainer="pooja@example.com"# Set working directory
WORKDIR /app# Copy files
COPY requirements.txt .# Install dependencies
RUN pip install -r requirements.txt# Copy application code
COPY . .# Set environment variable
ENV APP_ENV=production# Expose port
EXPOSE 5000# Default command
CMD ["python", "app.py"]

• This tells Docker:
  1. Start with Python 3.11
  2. Set /app as the working directory
  3. Install dependencies from requirements.txt
  4. Copy application code into the container
  5. Expose port 5000
  6. Run python app.py when the container starts

---

✅ Tip for Students:
If you can read a Dockerfile and explain each instruction, you’re ready for this exam topic. Focus on purpose + timing (build-time vs run-time).