305-998-7702 | 415-800-2922 info@rx-m.com

Define, Build, and Modify Container Images

Learn how to put the latest open source technology into practice with hands-on training, delivered by industry experts, aligned to your desired business outcomes

All workloads on Kubernetes run as containers created from container images. With containers, the deployment of applications becomes fast, reliable, and repeatable. It is up to the developer to know how to define, build, and modify container images meant to run on a Kubernetes cluster.

In addition to the ability to easily run applications within containers, most container runtimes like Docker or Podman include build tools that allow developers to create images. Container images are immutable files containing metadata and (usually) a filesystem that encapsulates all of the code, libraries, and other dependencies needed to run an application.

To create container images, one must start by defining a series of instructions in a text file commonly referred to as a Dockerfile. Dockerfiles allow developers to:

  • Define a “base” image that provides the appropriate environment to build or run an application
  • Run arbitrary commands during the build process to prepare the image’s included filesystem to run an application
  • Define environment variables to be consumed by the containerized application
  • Inject additional metadata into the image to inform users of used ports or authorship
  • Define binaries that will be run when a container is first created

A simple Dockerfile typically looks like this:

FROM debian:10
RUN apt update & apt install -y vim
CMD while true; do which vim; sleep 2; done

After defining the instructions to create a container image, the image must be built. Tools like Docker and Podman (through buildah) usually have an accompanying “build” instruction that parses a Dockerfile, executes its steps in order, and produces a tagged image.

$ docker build -t debian-vim:latest .

Sending build context to Docker daemon  2.048kB
Step 1/3 : FROM debian:10
10: Pulling from library/debian
b281ebec60d2: Pull complete
Digest: sha256:1b236b48c1ef66fa08535a5153266f4959bf58f948db3e68f7d678b651d8e33a
Status: Downloaded newer image for debian:10
 ---> 76e02db62235
Step 2/3 : RUN apt update && apt install -y vim
 ---> Running in f0c2f64f0c0c


Removing intermediate container f0c2f64f0c0c
 ---> 3d4fab39fd72
Step 3/3 : CMD while true; do which vim; sleep 2; done
 ---> Running in 8e624b5991b2
Removing intermediate container 8e624b5991b2
 ---> 479bf18f5ca2
Successfully built 479bf18f5ca2
Successfully tagged debian-vim:latest

Each “build” invocation results in a single tagged image that can the be:

  • Pushed to a repository referred to in the tag like DockerHub or a locally hosted solution with a “push” command
  • Have its contents to a tarball using a command like “save”
  • Create containers to run applications with a “create” or “run” command

The commands available to you for building, pushing, or even saving images will vary depending on your choice of container runtime tool. The “help” outputs and man pages of such tools typically display such commands:

$ docker image build -h

Flag shorthand -h has been deprecated, please use --help

Usage:  docker image build [OPTIONS] PATH | URL | -

Build an image from a Dockerfile

      --add-host list           Add a custom host-to-IP mapping (host:ip)
      --build-arg list          Set build-time variables
      --cache-from strings      Images to consider as cache sources


Learn more about how Kubernetes CLI commands map to a tool like Docker here.