Shell form is just a string.
Exec form - JSON array syntax.
| Term | What it really means |
|---|---|
| Shell form | String → runs via a shell (/bin/sh -c) |
| Exec form | JSON array → runs directly (no shell) |
Shell form:
CMD node app.jsIs equivalent to:
/bin/sh -c "node app.js"The bourn shell is default for Linux containers. Windows containers have cmd.exe as default.
People also use powershell rather than the default.
General guidelines
RUN, use shell
RUN apt-get install jqRule of thumb (this is what industry follows)
Use exec form for:
CMDENTRYPOINT- production containers
Use shell form for:
RUN(because chaining is convenient)
Other notes
- Exec form ensures that the long running process you specify executes as PID 1,
/bin/sh -c(PID 1). Imp forENTRYPOINT&CMD
Takeaways
- The
RUN,ENTRYPOINT&CMDinstructions can be specified in shell form or exec form. - Shell form will inject
/bin/sh -cat the beginning of the command. - Override the Docker default shell using
SHELL ["/bin/bash", "-c"] - Shell form is required if you need variable substitution, chaining commands, piping output, I/O redirection.
- Exec form (JSON syntax) runs the command without a shell.
- Exec form ensures ENTRYPOINT/CMD binary is PID 1 and receives signals.
- Exec form passes ENVs from Dockerfile to processes started with
RUN,ENTRYPOINT&CMD.
ENTRYPOINT is an overwrite statement. Only the last one in the DOckerfile is used.
Use CMD for long running process.