Docker CLI
docker kill $(docker ps -q)
kills all running processes without having to list ids individually
docker run --init --rm -p 3000:3000 my-node-app
Dockerfile
FROM node:12-stretch
#latest node
USER node
#not root
RUN mkdir /home/node/code
#makes sure code is owned by node and not root
WORKDIR /home/node/code
#keeps order in root directory and separates for node user
COPY --chown=node:node . .
#copy everything in directory to container
RUN npm ci
#clean instal
CMD ["node", "index.js"]
#first command (can be overwritten)
Multi Stage
# build stage
FROM node:12-stretch
WORKDIR /build
COPY package-lock.json package.json ./
RUN npm ci
COPY . .
# runtime stage
FROM alpine:3.10
RUN apk add --update nodejs
RUN addgroup -S node && adduser -S node -G node
USER node
RUN mkdir /home/node/code
WORKDIR /home/node/code
#no npm needed as copying build
COPY --from=0 --chown=node:node /build .
CMD ["node", "index.js"]
Multi Stage node to nginx
FROM node:12-stretch AS builder
WORKDIR /app
COPY . .
RUN npm ci && npm run build
# runtime stage
FROM nginx:latest
COPY --from=builder /app/build /usr/share/nginx/html
Bind Mounts
serves off host (must be built first) -useful for dev environments (no Dockerfile needed)
docker run --mount type=bind,source="$(pwd)"/build,target=/usr/share/nginx/html -p 8080:80 nginx
Volumes
Preserve state (databases, console messages)
tmpfs
secrets 😼