We can convert a specific container into a base Docker image, but that's not the recommended way to create images because these could include useless cached or session data.
The easiest way to control the data stored in the Docker layers is using the
🧠 Remember that a Docker image has a read-only filesystem based on layers which works as a template to start containers in a preinstalled environment, and a Docker container uses this "template" to run isolated applications into a virtualized run-time environment with a normal filesystem.
No, you can run commands with other users using the
Dockerfile as well. You can see an example here.
When you are testing a random software within a container you might need to publish a port on the host OS, or into another computer. In this case you can't add a forwarding port rule to an already existing container, so here is when docker commit comes to save us:
$ docker commit my_container my_image $ docker run -p 8080:80 -it my_image
Now we can access to the port
80 in the container using
http://localhost:8080 in the host OS.
docker commit can also be used to attach new volumes to the container.
Remember that it's a good practice to keep your Docker images as minimalist as possible. Also the reproducible way to create and ship images is the
💡 You can inspect the layers of a Docker image using Dive, to optimize the size of your images.