DevOps Interview Sample Dockerfile with Explanations

1. Multi-Stage Dockerfile for Node.js

This multi-stage build separates the build environment from the runtime environment, resulting in a smaller, more secure production container.

# Stage 1: Build environment
FROM node:14 AS build

# Set working directory
WORKDIR /app

# Copy package files and install dependencies
COPY package*.json ./
RUN npm install

# Copy application code
COPY . .

# Build the application
RUN npm run build

# Stage 2: Production environment
FROM node:14-alpine

# Set working directory
WORKDIR /app

# Copy only necessary files from build stage
COPY --from=build /app/package*.json ./
COPY --from=build /app/node_modules ./node_modules
COPY --from=build /app/dist ./dist

# Expose application port
EXPOSE 3000

# Start the application
CMD ["npm", "start"]

Line-by-Line Explanation

Stage 1: Build Environment

1. FROM node:14 AS build
   • Specifies the base image for the first stage (Node.js version 14)
   • AS build names this stage “build” so we can reference it later
   • This stage will include all the tools needed for building the application
2. WORKDIR /app
   • Sets the working directory inside the container to /app
   • All subsequent commands will run from this directory
   • Creates the directory if it doesn’t exist
3. COPY package*.json ./
   • Copies only the package.json and package-lock.json files first
   • This takes advantage of Docker’s layer caching
   • Dependencies won’t be reinstalled if package files haven’t changed
4. RUN npm install
   • Installs all dependencies specified in package.json
   • Creates a separate layer in the Docker image for dependencies
5. COPY . .
   • Copies the rest of the application code into the container
   • The first dot is the source (everything in the current directory on your host)
   • The second dot is the destination (the current working directory in the container, which is /app)
6. RUN npm run build
   • Runs the build script defined in package.json
   • Typically compiles, minifies, and optimizes the code
   • Creates production-ready files (usually in a dist or build directory)

Stage 2: Production Environment

1. FROM node:14-alpine
   • Starts a new stage with a fresh base image
   • Uses the Alpine variant, which is much smaller than the standard Node image
   • Alpine Linux is a security-focused, lightweight Linux distribution
2. WORKDIR /app
   • Sets the working directory for this stage
   • Similar to the first stage, but this is a completely separate container
3. COPY --from=build /app/package*.json ./
   • Copies files from the previous “build” stage
   • Only copies the package files, not the entire node_modules directory
4. COPY --from=build /app/node_modules ./node_modules
   • Copies only the production node_modules from the build stage
   • This is often smaller than what was used during development
5. COPY --from=build /app/dist ./dist
   • Copies only the compiled application code
   • Excludes source code, tests, and other development files
6. EXPOSE 3000
   • Documents that the container listens on port 3000
   • This is metadata and does not actually publish the port
   • Ports still need to be published when running the container
7. CMD ["npm", "start"]
   • Defines the default command to run when the container starts
   • Uses array syntax which avoids shell processing
   • Runs the “start” script defined in package.json

Why This Dockerfile Works Well for Interviews

• Multi-stage builds demonstrate advanced Docker knowledge
• Reduced image size shows understanding of Docker best practices
• Security improvements by excluding build tools from the final image
• Caching optimization with strategic layer ordering
• Using Alpine Linux shows awareness of container size and security implications