When build docker images, sometimes we need to use some files to install some packages inside container, for example when build redhat docker image: redhat.repo
, entitlement/
and rpm-gpg/
are needed for package installation.
But we don’t want to use COPY
command in dockerfile to copy them into image, that will add layers to store them when run docker build
, not safe. The solution is mount these files in docker run
, after install then commit, docker commit
will not include any data in volumes mounted inside the container.
For example:
1 | ## mount redhat repo and keys, install packages |
You can check the layers with docker history <image>
command:
1 | IMAGE CREATED CREATED BY SIZE COMMENT |
Compare with dockerfile, no layer is for mount data after commit.