Dockerfile Essentials#
You may deploy your application as a Docker application for more flexibility. Refer to this section to learn how Docker deployments can help.
Here are some tips on writing a good Dockerfile
for Python applications:
Use a Minimal Base Image: Whenever possible, opt for a minimal base image to reduce the size of your Docker image, e.g.,
python:3.11-slim-bookworm
.Set the Working Directory: Use the
WORKDIR
instruction to set the working directory inside the Docker image. This simplifies subsequent commands and ensures that relative paths are resolved correctly.Leverage layer caching: Docker caches each step (or layer) to speed up subsequent builds. When a step changes, the cache will be invalidated not only for that particular step but all succeeding steps. It’s important to keep the files that frequently change towards the end of the Dockerfile. Since the dependencies are unlikely to change very often, installing the dependencies step should be added before copying the application files. Here’s an example:
COPY requirements.txt /srv/
RUN pip install -r requirements.txt --no-cache-dir
COPY . /srv
Prefer
COPY
overADD
: According to Docker’s official documentation, it is recommended to prioritize the use ofCOPY
overADD
due to its clearer and simpler functionality.Array Over String Syntax: As per the Docker documentation make sure you’re using the exec form of
CMD
andENTRYPOINT
in your Dockerfile. So,CMD ["voila", "--port=80", "--no-browser", "app.ipynb", "--Voila.ip='0.0.0.0'"]
is preferable overCMD "voila --port=80 --no-browser app.ipynb --Voila.ip='0.0.0.0'"
.CMD vs ENTRYPOINT: Both these instructions define what command gets executed when running a container. The
ENTRYPOINT
specifies a command that will always be executed when the container starts. TheCMD
specifies arguments that will be fed to theENTRYPOINT
. For more details refer to the documentation.Do not store secrets in images: Do not add secrets to your Dockerfiles in plaintext, e.g.,
ENV DATABASE_PASSWORD "SomethingSuperSecret"
. Refer to the guide on secrets to learn about securely setting secrets.