Skip to main content

Dockerfile and container images

Building container images using a Dockerfile.

Here's a Dockerfile example that runs a simple nmap.


# Start with a base image
FROM redhat/ubi8
# Maintainer information
LABEL org.opencontainers.image.authors=""
LABEL description="Simple Network scan"

# Run commands to build the container
# Do as much with the fewest RUN lines
RUN dnf -y update && \
dnf -y install \
nmap iproute procps-ng && \
bash && \
dnf clean all

# Entrypoint is the command that run when the ccontainer starts
ENTRYPOINT ["/usr/bin/nmap"]
#  The arguments for the entrypoint
CMD ["-sn", ""]

What to know about the file:

  • FROM

The FROM is the base used for the new image.


LABEL adds metadata to an image

  • RUN

The run command is that steps taken to build the image. Each RUN command will build an additional layer to the image. It is best to use the fewest RUN entries as possible.


This is the what the container will run when it first starts. This might be a binary or a script that starts jobs or services.

  • CMD

These are the arguments to the ENTRYPOINT. The CMD can be overwritten on the command line.

See for more detais.

Build, run, tag, and push

Build with a tag.

podman build -t nmap:latest .

Run the image with the built in CMD.

podman run nmap

Run with different CMD

podman run nmap -sT -Pn -p80

Tag for a repository

podman tag localhost/nmap:latest

Push to repository

podman push