Shell form is just a string.
Exec form - JSON array syntax.
| Term | What it really means |
|---|---|
| Shell form | String → runs via a shell (/bin/sh -c) |
| Exec form | JSON array → runs directly (no shell) |
Shell form:
DOCKER
CMD node app.jsIs equivalent to:
BASH
/bin/sh -c "node app.js"The bourn shell is default for Linux containers. Windows containers have cmd.exe as default.
People also use powershell rather than the default.
General guidelines
RUN, use shell
DOCKER
RUN apt-get install jqRule of thumb (this is what industry follows)
Use exec form for:
CMDENTRYPOINT- production containers
Use shell form for:
RUN(because chaining is convenient)
Other notes
- Exec form ensures that the long running process you specify executes as PID 1,
/bin/sh -c(PID 1). Imp forENTRYPOINT&CMD
Takeaways
- The
RUN,ENTRYPOINT&CMDinstructions can be specified in shell form or exec form. - Shell form will inject
/bin/sh -cat the beginning of the command. - Override the Docker default shell usingDOCKER
SHELL ["/bin/bash", "-c"] - Shell form is required if you need variable substitution, chaining commands, piping output, I/O redirection.
- Exec form (JSON syntax) runs the command without a shell.
- Exec form ensures ENTRYPOINT/CMD binary is PID 1 and receives signals.
- Exec form passes ENVs from Dockerfile to processes started with
RUN,ENTRYPOINT&CMD.
ENTRYPOINT is an overwrite statement. Only the last one in the DOckerfile is used.
Use CMD for long running process.