Within our Dockerfile, we define a number of steps to build the image:
- FROM: This defines our starter image; for this recipe, we used nginx:latest. Rather than build the image from scratch, we simply start with the official NGINX image. If you want to manually install your own build, you could start with a base Linux, such as Debian or Alpine.
- COPY: In order to make the files part of the image, we can copy them as part of the build process. For this image, we've copied over our NGINX configuration file as well as the SSL certificates. If the files exist in the base image, they will simply be overwritten.
- RUN: We can issue commands within the build. In this instance, we symlink the default log files through to /dev/stdout and /dev/stderr so that we can view the logs from the standard Docker log tools.
- EXPOSE: In order to access network ports outside of the container, they must be exposed to the Docker networking subsystem. From here, they can be explicitly mapped using -p in the docker run command or implicitly mapped simply with -P.
- CMD: This defines the default command executed when the container starts. It's set up in the format of ['executable', 'param1', 'param2'], so for our NGINX command, it translates to nginx -g daemon off;. Because Docker requires the application to stay in the foreground, the -g option allows us to set an additional directive of daemon off to enforce this.