# Unraveling Docker: Key Concepts of Docker Files and Registries

In our previous blog post, we delved into the [Docker](https://towardsdatascience.com/learn-enough-docker-to-be-useful-b0b44222eef5) engine and [Dockerfiles](https://faun.pub/dockerfile-and-its-components-a4fafbc838f1). If you missed that article, I highly recommend checking it out before continuing with this one. In this blog post, we'll provide a brief overview and correction of the concepts covered in the previous post.

The [Docker](https://www.pluralsight.com/blog/software-development/how-to-build-custom-containers-docker) engine, the core of the [Docker](https://semgrep.dev/p/dockerfile) platform, enables the creation and management of lightweight, isolated environments for running applications. These containers are crucial for modern software development and deployment, offering consistency and portability across different environments.

<div data-node-type="callout">
<div data-node-type="callout-emoji">🔍</div>
<div data-node-type="callout-text"><a target="_blank" rel="noopener noreferrer nofollow" href="https://blog.bytescrum.com/mastering-docker-understanding-docker-engine-and-docker-images" style="pointer-events: none">https://blog.bytescrum.com/mastering-docker-understanding-docker-engine-and-docker-images</a></div>
</div>

Today's blog is about [Dockerfiles](https://www.geeksforgeeks.org/docker-concept-of-dockerfile/) and [Docker registries](https://containers.dev/guide/dockerfile).

## [Dockerfile](https://docs.docker.com/develop/develop-images/dockerfile_best-practices/)

*"*[*Dockerfiles*](https://www.cloudbees.com/blog/what-is-a-dockerfile) *are a set of instructions that define how a* [*Docker*](https://learn.microsoft.com/en-us/virtualization/windowscontainers/manage-docker/manage-windows-dockerfile) *image should be built. They serve as a blueprint for creating containerized applications.* [*Dockerfiles*](https://www.geeksforgeeks.org/what-is-dockerfile-syntax/) *are written in a simple and human-readable format, making it easy for developers to define the environment and dependencies required for their applications."*

A [Dockerfile](https://www.simplilearn.com/tutorials/docker-tutorial/what-is-dockerfile) is a container that includes

* **Base image**
    
* **Instructions**
    
* **Working directory**
    
* **Exposing ports**
    
* **Comments**
    
* **COPY or ADD**
    
* **ENV**
    
* **RUN**
    
* **USER**
    
* **VOLUME**
    
* **ARG**
    

**Base Image**: Typically, a [Dockerfile](https://geekflare.com/dockerfile-tutorial/) begins with the specification of a base image, which acts as the basis for your container. You can, for example, choose a simple Linux distribution such as Alpine or a more feature-rich one such as Ubuntu.

**Instructions**: [Dockerfiles](https://www.tutorialspoint.com/docker/docker_file.htm) are made up of a set of instructions that are performed in order. These steps may include transferring files into the image, installing software packages, configuring environment variables, and other activities.

**Working Directory:** Within the container, you may provide a working directory where commands and files should be executed and stored.

**Exposing Ports:** If your application requires particular ports to be available, you can use the '**<mark>EXPOSE</mark>**' instruction to make those ports available.

**Comments**: [Dockerfiles](https://www.educative.io/answers/how-do-you-write-a-dockerfile) are primarily instructions, but they should include comments to explain their purpose, starting with a `#` symbol, for better documentation and understanding of the [Dockerfile](https://spacelift.io/blog/dockerfile)'s logic.

```dockerfile
 # Use a base image
 FROM ubuntu:20.04

 # Install necessary packages
 RUN apt-get update && apt-get install -y python3

 # Set the working directory
 WORKDIR /app

 # Expose port 80
 EXPOSE 80

 # Define the command to run when the container starts
 CMD ["python3", "app.py"]
```

**COPY or ADD:** The '**COPY' or 'ADD**' commands enable the transfer of files or directories from your local machine to the container, enabling the inclusion of application code, configuration files, and other assets.

```dockerfile
# Copy application code into the container
COPY . /app
```

**ENV:** The `ENV` instruction enables setting environment variables within a container, which is crucial for configuring application settings and providing information to scripts and processes.

```dockerfile
# Set environment variable
ENV APP_ENV=production
```

**RUN**: The `RUN` command is utilized during the image build process to execute commands for installing dependencies, running build scripts, or configuring the image environment.

```dockerfile
# Install software using package manager
RUN apt-get update && apt-get install -y software-package
```

**USER:** The `USER` instruction allows you to specify the user or UID for running commands within a container, thereby enhancing security by restricting processes to non-root users.

```dockerfile
# Create a non-root user
RUN useradd -ms /bin/bash myuser

# Switch to the non-root user
USER myuser
```

**VOLUME:** The `VOLUME` instruction creates a mount point for external volumes, enabling data persistence outside the container, commonly used for storing databases or logs that can survive container restarts.

```dockerfile
 # Create a volume mount point
 VOLUME /data
```

**ARG:** The `ARG` instruction enables the transfer of build-time arguments to the [Dockerfile](https://thenewstack.io/docker-basics-how-to-use-dockerfiles/), thereby enhancing its flexibility and customization.

```dockerfile
# Define a build-time argument
ARG APP_VERSION=1.0

# Use the argument in the Dockerfile
ENV VERSION=$APP_VERSION
```

**CMD or ENTRYPOINT:** These instructions provide the command that should be executed when the container starts. You can use **<mark>'CMD</mark>**' to provide the command and its parameters, or '**<mark>ENTRYPOINT</mark>**' to create an entry point script.

```dockerfile
# Use an official Node.js runtime as the base image
FROM node:14

# Set the working directory inside the container
WORKDIR /app

# Copy package.json and package-lock.json to the container
COPY package*.json ./

# Install project dependencies
RUN npm install

# Copy the rest of the application source code to the container
COPY . .

# Specify the command to run the application
CMD ["node", "app.js"]
```

After preparing a [Dockerfile](https://dev.to/aws-builders/understanding-the-dockerfile-format-3cc6), the [docker](https://medium.com/containers-101/building-docker-images-with-dockerfiles-361d1d0a4047) build command may be used to generate an image from it.

```dockerfile
docker build -t my-node-app .
```

### Example 1: [Docker file](https://www.suse.com/suse-defines/definition/dockerfile/) official [Python](https://blog.bytescrum.com/essential-python-functions-unlocking-the-power-of-tuples) runtime as the base image

```dockerfile
# Use an official Python runtime as the base image
FROM python:3.9

# Set the working directory inside the container
WORKDIR /app

# Copy the current directory contents into the container at /app
COPY . /app

# Install any needed packages specified in requirements.txt
RUN pip install -r requirements.txt

# Define the default command to run when the container starts
CMD ["python", "app.py"]9
```

* `FROM`: Specifies the base image, in this case, [Python](https://blog.bytescrum.com/functions-in-python-a-comprehensive-guide) 3.9.
    
* `WORKDIR`: Sets the working directory within the container to `/app`.
    
* `COPY`: Copies the local files and directories into the container.
    
* `RUN`: Installs [Python](https://blog.bytescrum.com/python-list-fundamentals-syntax-operations-and-examples) dependencies defined in `requirements.txt`.
    
* `CMD`: Specifies the default command to run the [Python](https://blog.bytescrum.com/tuples-in-python) application when a container is started.
    

<div data-node-type="callout">
<div data-node-type="callout-emoji">💡</div>
<div data-node-type="callout-text">A <a target="_blank" rel="noopener noreferrer nofollow" href="https://fly.io/docs/languages-and-frameworks/dockerfile/" style="pointer-events: none">docker file</a> is used to create a container, specify a base image, instructions, and working directory, and enable or disable specific ports. The 'EXPOSE' instruction allows for port listening, and the 'CMD' or 'ENTRYPOINT' instructions define the command to be executed when the container starts.</div>
</div>

## [Docker](https://bluelight.co/blog/how-to-choose-a-container-registry) [Registries](https://www.checkov.io/5.Policy%20Index/dockerfile.html): Sharing and Managing Images

[Docker](https://github.com/vercel/next.js/blob/canary/examples/with-docker/Dockerfile) [registries](https://blog.knoldus.com/docker-dockerfile/) are repositories where [Docker](https://docs.sevenbridges.com/docs/upload-your-docker-image-with-a-dockerfile) images may be stored and distributed. They act as a central point for the distribution of containerized applications among teams, companies, and the larger community. [Docker](https://kapeli.com/cheat_sheets/Dockerfile.docset/Contents/Resources/Documents/index) Hub and [Docker Registry](https://docs.docker.com/registry/introduction/) (open-source) are two of the most popular [Docker](https://jenkov.com/tutorials/docker/dockerfile.html) [registries.](https://www.scaler.com/topics/docker/creating-a-dockerfile/)

### How [Docker Registries](https://kinsta.com/docs/dockerfiles/) Work

* **Pushing Images**
    
* **Pulling Images**
    
* **Versioning**
    
* **Private** [**Registries**](https://developer-archives.toradex.com/getting-started/module-3-creating-my-own-container/writing-your-first-dockerfile-windows)
    
* **Content Trust**
    

**Pushing Images:** After creating a [Docker image](https://www.educative.io/answers/how-do-you-write-a-dockerfile?utm_campaign=brand_educative&utm_source=google&utm_medium=ppc&utm_content=performance_max_india&eid=5082902844932096&utm_term=&utm_campaign=%5BNew%5D+Performance+Max&utm_source=adwords&utm_medium=ppc&hsa_acc=5451446008&hsa_cam=18931439518&hsa_grp=&hsa_ad=&hsa_src=x&hsa_tgt=&hsa_kw=&hsa_mt=&hsa_net=adwords&hsa_ver=3&gclid=CjwKCAjw38SoBhB6EiwA8EQVLon1vMoVsC7BBW6q3LGsgsWrHoYbCk87DzY0X6LrWHi5_OtOGURzVBoCzeAQAvD_BwE), use the '[**docker**](https://www.digitalocean.com/community/tutorials/how-to-set-up-a-private-docker-registry-on-ubuntu-20-04) **push**' command to upload it to a [Docker](https://hub.qovery.com/guides/tutorial/how-to-write-a-dockerfile/) [registry](https://www.techrepublic.com/article/how-to-build-docker-image-dockerfile/).

```bash
docker push my-node-app:latest
```

**Pulling Images:** After creating a [Docker image](https://collabnix.com/what-is-a-dockerfile-a-step-by-step-guide/), use the '[**docker**](https://www.educba.com/dockerfile/) **push**' command to upload it to a [Docker](https://www.youtube.com/watch?v=WmcdMiyqfZs&ab_channel=TechWorldwithNana) [registry.](https://www.aquasec.com/cloud-native-academy/docker-container/docker-registry/)

```bash
docker pull my-node-app:latest
```

**Versioning:** [Docker](https://betterprogramming.pub/what-goes-into-a-dockerfile-ff0ace591060) [images](https://jfrog.com/integration/docker-registry/) can contain many versions, which are frequently identifiable by tags. Tags like '**latest**', which denotes the most current version, and version-specific tags like '**v1.0**' are common.

**Private** [**Registries**](https://www.paigeniedringhaus.com/blog/docker-101-fundamentals-the-dockerfile): Private [Docker](https://docs.doppler.com/docs/dockerfile) [registries](https://learning-ocean.com/tutorials/docker/docker-dockerfile-labelenvworkdir) may be set up by organizations to host proprietary or sensitive images, ensuring control and security over their containers.

**Content Trust:** [Docker](https://www.digitalocean.com/community/tutorials/docker-explained-using-dockerfiles-to-automate-building-of-images) content trust enables you to validate the validity and integrity of images downloaded from a [registry](https://www.bitovi.com/academy/learn-docker/writing-a-dockerfile.html), hence increasing security.

### Example 2: Commands for Working with [Docker Registry](https://www.java4coding.com/contents/docker/docker-dockerfile)

```bash
docker push username/repository:tag
```

To retrieve an image from a private container [registry](https://jfrog.com/help/r/jfrog-artifactory-documentation/docker-registry) such as '**myregistry.example.com**,' normally follow these steps.

**Authentication:** You must verify your identity with the private [register](https://sysdig.com/learn-cloud-native/container-security/what-is-a-docker-registry/). This normally entails entering a login and password or supplying some kind of token. [**Docker**](https://www.ionos.com/digitalguide/server/know-how/dockerfile/) **Login:** To authenticate with the private [registry](https://www.java4coding.com/contents/docker/docker-dockerfile), use the '[**docker l**](https://www.linode.com/docs/guides/how-to-use-dockerfiles/)**ogin**' command.

```bash
docker login myregistry.example.com
```

You will be required to provide your credentials (username and password or token) after running this program.

**Pull the Image:** Once authorized, execute the '[**<mark>docker</mark>**](https://hsf-training.github.io/hsf-training-docker/05-dockerfiles/index.html) **pull**' command to retrieve the image from the private [registry](https://docs.docker.com/registry/).

```bash
 docker pull myregistry.example.com/your-image-name:tag
```

Replace '**your-image-name**' with the name of the picture to be pulled, and '**tag**' with the version or tag to be used.

**Run the Container:** After downloading the image, you may use '**docker run**' to launch a container using the image.

```bash
docker login myregistry.example.com
docker pull myregistry.example.com/your-image-name:tag
docker run myregistry.example.com/your-image-name:tag
```

Check that you have the appropriate permissions and credentials to access the private [registry](https://hub.docker.com/_/registry) and that your [Docker](https://cto.ai/blog/docker-image-vs-container-vs-dockerfile/) environment is configured correctly.

Remember to replace 'my [registry](https://docs.docker.com/registry/deploying/).example.com', 'your-image-name', and 'tag' with the actual [registry](https://www.geeksforgeeks.org/what-is-docker-registry/) URL, image name, and tag you're working with.

<details data-node-type="hn-details-summary"><summary>Summary</summary><div data-type="detailsContent"><a target="_blank" rel="noopener noreferrer nofollow" href="https://www.analyticsvidhya.com/blog/2022/06/writing-dockerfile-is-simple/" style="pointer-events: none">Dockerfiles</a> are crucial for building containerized applications within <a target="_blank" rel="noopener noreferrer nofollow" href="https://docs.fedoraproject.org/en-US/iot/build-docker/" style="pointer-events: none">Docker</a>. They provide clear instructions for defining the environment, dependencies, and behaviors. Key components include comments, COPY or ADD instructions, environment variables, RUN commands, user context, mount points, and build-time arguments. By following best practices, <a target="_blank" rel="noopener noreferrer nofollow" href="https://cloudacademy.com/course/introduction-to-docker-2/images-from-the-dockerfile-1/?utm_feeditemid=&amp;utm_device=c&amp;utm_term=&amp;utm_campaign=%5BSearch%5D+DSA+-+All+Website+-+India&amp;utm_source=google&amp;utm_medium=ppc&amp;hsa_acc=5890858304&amp;hsa_cam=13996404894&amp;hsa_grp=128133670034&amp;hsa_ad=651406237901&amp;hsa_src=g&amp;hsa_tgt=aud-870266194550:dsa-19959388920&amp;hsa_kw=&amp;hsa_mt=&amp;hsa_net=adwords&amp;hsa_ver=3&amp;gclid=CjwKCAjw38SoBhB6EiwA8EQVLliJZcQkamY6YUo_NWr2w5WcnvQPC_TNmjcWXvqJ-OaU2wS3xK0fcBoCB-MQAvD_BwE" style="pointer-events: none">Dockerfiles</a> enhances the efficiency, security, and maintainability of containerized applications. <a target="_blank" rel="noopener noreferrer nofollow" href="https://dzone.com/articles/understanding-dockerfile" style="pointer-events: none">Docker registries</a> enable image sharing across teams and organizations, making them essential for efficient application development.</div></details>

Stay tuned for the upcoming articles in the series, where we'll discuss more interesting topics related to [Docker](https://docs.appsmith.com/getting-started/setup/installation-guides/docker). Subscribe to our channel to ensure you don't miss any part of this enlightening journey!

Thank you for reading our blog. Our top priority is your success and satisfaction. We are ready to assist with any questions or additional help.

Warm regards,

[**Kamilla Preeti Samuel,**](https://www.linkedin.com/in/preeti-samuel-kamilla-5a247962/)

**Content Editor**

[**ByteScrum Technologies Private Limited!**](https://www.bytescrum.com/) 🙏