Full Docker course ► th-cam.com/video/3c-iBn73dDE/w-d-xo.html Follow me on IG for behind-the-scenes content 😊 ► bit.ly/2F3LXYJ ▬▬▬▬▬▬ T I M E S T A M P S ⏰ ▬▬▬▬▬▬ 0:00 - Intro 0:34 - BP 1: Use official and verified Docker Images as Base Image 1:13 - BP 2: Use Specific Docker Image Versions 2:12 - BP 3: Use Small-Sized Official Images 4:35 - BP 4: Optimize Caching Image Layers 10:09- BP 5: Use .dockerignore file 10:55 - BP 6: Make use of Multi-Stage Builds 14:15 - BP 7: Use the Least Privileged User 16:06 - BP 8: Scan your Images for Security Vulnerabilities 17:50 - Wrap Up ▬▬▬▬▬▬ Want to learn more? 🚀 ▬▬▬▬▬▬ Full Docker course ► th-cam.com/video/3c-iBn73dDE/w-d-xo.html Full Python course ► th-cam.com/video/t8pPdKYpowI/w-d-xo.html Full K8s course course ► th-cam.com/video/X48VuDVv0do/w-d-xo.html DevOps Tools, like Terraform, Prometheus ► bit.ly/2W9UEq6 ▬▬▬▬▬▬ Connect with me 👋 ▬▬▬▬▬▬ INSTAGRAM ► bit.ly/2F3LXYJ TWITTER ► bit.ly/3i54PUB LINKEDIN ► bit.ly/3hWOLVT FB group ► bit.ly/32UVSZP DEV ► bit.ly/3h2fqiO ▬▬▬▬▬▬ Courses & Bootcamp & Ebooks 🚀 ▬▬▬▬▬▬ ► Become a DevOps Engineer - full educational program 👉🏼 bit.ly/3gEwf4V ► Ultimate Kubernetes Course (CKA) 👉🏼 bit.ly/k8s-administrator-course ► High-Quality and Hands-On Courses 👉🏼 bit.ly/3nIouPW ► Kubernetes 101 - compact and easy-to-read ebook bundle 👉🏼 bit.ly/3mPIaiU
One thing I would like to add about the caching is that it can sometimes screw over your buiild. It is therefore actually advised by Docker to always test your Dockerfile with the --no-cache flag every once in a while (for example with Github Actions or automatated build testing, a good idea would be to use --no-cache) in case you are for example building external files. In that case, a layer like "git clone ..." can be cached, but if the files in that repository change, it will still use the cached layer because the command did not change. Great video as always
Good point! The alternative solution is to use the version references, the same as specifying a docker image tag. For example, when you clone something you should specify a tag or commit hash. Same for installing something with apt or apk, you can specify the version of the package. In this case, you need to manually manage to update all your dependencies, but you have more control over that. If you update something, the command will be changed, and docker will rebuild the cache. That will also avoid situations when something works differently for a few developers because some of them use the old cache, and some of them built their images from scratch.
@@MateuszCholewka yep, that would actually be even better. That would also be more inline with the points in this video about 'always specifying a version number'. Thanks for that!
Always win me over with her charisma ,quality display of intellect and explanations on topical issues, this is another excellent work. Thanks Nana you are easily my champion
I am surprised that nobody mentioned docker secrets and sensitive data in general; You should NOT run commands that have passwords/api tokens as parameters (as they would show up in the history) and you should also NEVER copy sensitive unnecessary files (e.g. certificates for code signing) into an image during build, as people can revert to that layer and get it out of there; mount a host directory instead and read it from there, this way it never ends up in a layer.
@@morsikpl Secrets still work in regular compose, just not much of a point compared to mounting them (which *is* what the original comment said, btw 😅)
I think another best practice good to mention is to minimize the number of layers, for example instead of write multiple `RUN` instructions which created multiple layers, we can write a single `RUN` instruction with the necessary commands by concat it with && or even backslash `\` to decorate the Dockerfile for better readability.
Wouldn’t that mess less effective caching? If you had three commands anded together and only the last need to change you would not have a cache of the previous two.
@@nathanlewis42 yes, it’s probably better to not use it in the build step and only in the run image if the missing cache Is a tradeoff (depends on how often you change a image and how many copy’s are distributed)
Awesome video! I spent tons of hours on the official documentario about caching layers and I couldn't figure out how it works, now you made me understand in three minutes, I love you!
The way you explained everything in this video is not just amazing but super easy to understand too. Thank you so much for this wonderful video. You are awesome.
Once again, very useful and high-quality content. Thanks Nana! I have a question: could you tell us some more about the tools you are using to create these videos? In particular, I am interested in what software you use to create the animations and such.
I started watching this video with a lot of skepticism, but really great practices and it responded to a lot of my question, even if I was doing some tips I didn't know why it was done like so (as I was basically copy pasting commands) great explanation thanks.
This video is fantastic. The tips go from basic to advanced so don't stop just because it seems like the tips are common sense. I'm in the middle of my docker journey and have one application in production right now. I found these tips to be useful and include things that I need to implement in my existing app and in others in the future. Thank you for this video.
Awesome. Extremely useful best practices summary. And it is so clearly explained that if you don´t understand it, probably you have to think in changing your career.
I second the best practice 2. We had CI broken because our Dockerfile did not have a tag, node 17 broke it due to a well known issue. We rolled back to previous versions.
Hi Nana!! Your videos are always a huge contribution! The way you detail the topics is fantastic! applause for your channel! At some point it would be good, best practices for docker-compose, you are well nana greetings!
If we can get the best practices for docker-compose. It will like aged wine and tasty cheese. Great video. You just level up docker game to a whole new level. Thank you
Hi Nana, could you do best practice in using docker for non development purpose, more into administration jobs, like what is the best practice in volume management, updating image, how to transfer volume between hosts, etc.??
Thank you for the video. Regarding point 3, it is not always correct to use Alpine or stripped-down versions of other distributions. These versions can bring more problems than size benefits.
I guess that we need to tag base images and push them in the company repository instead of just using a specific version, sometimes specefic image version keep being updated and having patches under the same version , which can break some of the code eventually, the best way i guess is to tag it and push it in the repo , then keep scaning it for security issues in case the original one had some security patches.
Good video! Thank you for sharing! Just one thing to mention: since you're saying in "production", maybe you wouldn't use node.js 17(odd version instead of LTS, which is unstable).
This channel is a gem. You're so good at this Nana. DO you speak german by the way? I speak it and was wondering if you have a german channel too, just curious
Thank you Luke, always happy to hear such great feedback! :) Yes, I speak German but don't have a german channel. Can't imagine how much work it would be to create videos for 2 channels and handling everything besides that 🤯
Great video!! In which stage it is a good practice o recommended to add tools to your image that helps you do the troubleshooting. Thanks! Greetings from Asuncion-Paraguay
![Docker Crash Course for Absolute Beginners [NEW]](http://i.ytimg.com/vi/pg19Z8LL06w/mqdefault.jpg)
Full Docker course ► th-cam.com/video/3c-iBn73dDE/w-d-xo.html
Follow me on IG for behind-the-scenes content 😊 ► bit.ly/2F3LXYJ
▬▬▬▬▬▬ T I M E S T A M P S ⏰ ▬▬▬▬▬▬
0:00 - Intro
0:34 - BP 1: Use official and verified Docker Images as Base Image
1:13 - BP 2: Use Specific Docker Image Versions
2:12 - BP 3: Use Small-Sized Official Images
4:35 - BP 4: Optimize Caching Image Layers
10:09- BP 5: Use .dockerignore file
10:55 - BP 6: Make use of Multi-Stage Builds
14:15 - BP 7: Use the Least Privileged User
16:06 - BP 8: Scan your Images for Security Vulnerabilities
17:50 - Wrap Up
▬▬▬▬▬▬ Want to learn more? 🚀 ▬▬▬▬▬▬
Full Docker course ► th-cam.com/video/3c-iBn73dDE/w-d-xo.html
Full Python course ► th-cam.com/video/t8pPdKYpowI/w-d-xo.html
Full K8s course course ► th-cam.com/video/X48VuDVv0do/w-d-xo.html
DevOps Tools, like Terraform, Prometheus ► bit.ly/2W9UEq6
▬▬▬▬▬▬ Connect with me 👋 ▬▬▬▬▬▬
INSTAGRAM ► bit.ly/2F3LXYJ
TWITTER ► bit.ly/3i54PUB
LINKEDIN ► bit.ly/3hWOLVT
FB group ► bit.ly/32UVSZP
DEV ► bit.ly/3h2fqiO
▬▬▬▬▬▬ Courses & Bootcamp & Ebooks 🚀 ▬▬▬▬▬▬
► Become a DevOps Engineer - full educational program 👉🏼 bit.ly/3gEwf4V
► Ultimate Kubernetes Course (CKA) 👉🏼 bit.ly/k8s-administrator-course
► High-Quality and Hands-On Courses 👉🏼 bit.ly/3nIouPW
► Kubernetes 101 - compact and easy-to-read ebook bundle 👉🏼 bit.ly/3mPIaiU
Hello Nana 👋 thanks for sharing 👍
There is no way that I can appreciate what you have done here. These free courses for Docker and other things cost thousands of dollars.
Thanks! This video was really helpful.
Thank you Gary!
One thing I would like to add about the caching is that it can sometimes screw over your buiild. It is therefore actually advised by Docker to always test your Dockerfile with the --no-cache flag every once in a while (for example with Github Actions or automatated build testing, a good idea would be to use --no-cache) in case you are for example building external files. In that case, a layer like "git clone ..." can be cached, but if the files in that repository change, it will still use the cached layer because the command did not change.
Great video as always
Thanks for sharing!
Good point! The alternative solution is to use the version references, the same as specifying a docker image tag. For example, when you clone something you should specify a tag or commit hash. Same for installing something with apt or apk, you can specify the version of the package. In this case, you need to manually manage to update all your dependencies, but you have more control over that. If you update something, the command will be changed, and docker will rebuild the cache. That will also avoid situations when something works differently for a few developers because some of them use the old cache, and some of them built their images from scratch.
@@MateuszCholewka yep, that would actually be even better. That would also be more inline with the points in this video about 'always specifying a version number'. Thanks for that!
Always win me over with her charisma ,quality display of intellect and explanations on topical issues, this is another excellent work. Thanks Nana you are easily my champion
Thanks so much for your nice words!
I love the way you present your content in such a concise, but technically accurate manner. Congratulations and thank you for sharing Nana.
I am surprised that nobody mentioned docker secrets and sensitive data in general; You should NOT run commands that have passwords/api tokens as parameters (as they would show up in the history) and you should also NEVER copy sensitive unnecessary files (e.g. certificates for code signing) into an image during build, as people can revert to that layer and get it out of there; mount a host directory instead and read it from there, this way it never ends up in a layer.
Thanks for sharing Niklas!
Because Docker Secrets are part of Docker Swarm, and this video is not about Docker Swarm ;)
@@morsikpl Touché;)
@@morsikpl Secrets still work in regular compose, just not much of a point compared to mounting them (which *is* what the original comment said, btw 😅)
Thanks!
Thanks Felix!
Thank you Nana! Perfect like always.
Thanks so much Tom!
Awesome! Thank you so much!
Really good explaination and voice tone 100% clear and perfect.
Thanks for the feedback :)
@@TechWorldwithNana Wish you continuously touch with more and more successful.
I think another best practice good to mention is to minimize the number of layers, for example instead of write multiple `RUN` instructions which created multiple layers, we can write a single `RUN` instruction with the necessary commands by concat it with && or even backslash `\` to decorate the Dockerfile for better readability.
Wouldn’t that mess less effective caching? If you had three commands anded together and only the last need to change you would not have a cache of the previous two.
@@nathanlewis42 yes, it’s probably better to not use it in the build step and only in the run image if the missing cache Is a tradeoff (depends on how often you change a image and how many copy’s are distributed)
Awesome video! I spent tons of hours on the official documentario about caching layers and I couldn't figure out how it works, now you made me understand in three minutes, I love you!
Great video, would love to see others like this one for other technologies
Thanks for your comment, good to know! :)
Thank you Nana! Never missed any of your videos on Docker or Kubernetes. You are one of the best out there!
The way you explained everything in this video is not just amazing but super easy to understand too. Thank you so much for this wonderful video. You are awesome.
I had no Idea about changes in previous layers breaking the caching of the following layers! Excellent video 👍
Absolute Saviour you are, anything i search n there u have created a video, Thanks you for the time and efforts
Thank you for the easy explaination!
Thanks Nana again from Argentina!! Very Helpful content. Regards!
Once again, very useful and high-quality content. Thanks Nana!
I have a question: could you tell us some more about the tools you are using to create these videos? In particular, I am interested in what software you use to create the animations and such.
Another great video!! Always learn a lot from your videos!! You really do a great job of simply explaining core concepts!
One of the best informative docker videos.
Very good recommendations explained concisely; I shared this with my team halfway through watching, love it
Very useful information about Docker. Thank you Nana.
Thank you Nana ..!! Best video for docker best practice explanation .
Nana always let me learn something really materials. Thanks
thanks Nana, really helpful tips for me
Timeless! thanks, Nana.
These are great videos, thank you!!
I started watching this video with a lot of skepticism, but really great practices and it responded to a lot of my question, even if I was doing some tips I didn't know why it was done like so (as I was basically copy pasting commands) great explanation thanks.
Really happy to hear, thanks Ahmed for the feedback! :)
What a awesome tips!
Thanks a lot nana🙏
Thanks for sharing best practices
This video is fantastic. The tips go from basic to advanced so don't stop just because it seems like the tips are common sense. I'm in the middle of my docker journey and have one application in production right now. I found these tips to be useful and include things that I need to implement in my existing app and in others in the future. Thank you for this video.
course completed,
thank you Ms Nana.
please recommend next, I am thinking of Jenkins
Awesome. Extremely useful best practices summary. And it is so clearly explained that if you don´t understand it, probably you have to think in changing your career.
And, of course, you can also specify the images versions for a multi-stage build.
Another great and simple digestible topic. You rock
Great docker usage shareing. Thanks!!!💕💕💕
I love the video. You might mention "FROM scratch" to keep the docker image slim.
Great video Nana, please more video on best practices !! 😊
Thanks for your feedback, glad to hear! :)
One of the most popular practice to reduce a size of a layer is deleting cache files the package managers generates during installation process.
I second the best practice 2. We had CI broken because our Dockerfile did not have a tag, node 17 broke it due to a well known issue. We rolled back to previous versions.
Yes, fixing the versions is really important. Thanks for sharing your experience!
Hi Nana!! Your videos are always a huge contribution! The way you detail the topics is fantastic! applause for your channel! At some point it would be good, best practices for docker-compose, you are well nana greetings!
Nana saving my DevOps Career.
If we can get the best practices for docker-compose. It will like aged wine and tasty cheese. Great video. You just level up docker game to a whole new level. Thank you
excellent explanation for caching layer. Ty!
Great tips! Thank you!
Love your videos Nana ... keep them going
awesome video as always
Great compilation 👍🏻
Hi Nana, could you do best practice in using docker for non development purpose, more into administration jobs, like what is the best practice in volume management, updating image, how to transfer volume between hosts, etc.??
Great video. A similar one for development setup would be awesome.
Awesomely explained! Thanks
Thanks for sharing. Your channel is an amazing resource.
She is amazing!!! Beautiful and smart!
Thank you so much! You helped me a lot with leaning Docker and Kubernetes XD
This is brilliant, huge thanks 😊
Thanks Nana ♥
good tips! 🤗👍
Great content! You have good didactics and a very good slides and examples.
Thanks a lot. This information is very valuable.
Great presentation and well explained! Keep it up Nana!
very useful video, thanks
I love your content!
Thank you Nana , another awsome work
2nd - addition: freeze version i production stage. BUT use latest in dev env - you can detect compatibility problems early on dev stage
Awesome... Can you please create one video for Jenkins pipeline code for best practices.
Thank you very very much, you have the best and the easy content, keep going please.
Nice explanation 👍
Really helpul, nicely explained things,
Loved the video... :)
Thank you so much. It's very helpful 😍
Your videos are excellent, Nana, thanks a lot.
Thanks Nana!
You did it great. Thank you for sharing
This is great. Thank you!
Amazing work mate, thank you so much for making this video, all the best to you, and Stay Strong!
Great video, as always .. 👏
great video! Learned a few things :)
Thank you for the video. Regarding point 3, it is not always correct to use Alpine or stripped-down versions of other distributions. These versions can bring more problems than size benefits.
Second to that. Especially true when using npm and package. Json. Things which are build successfully on ubuntu does not always buld on alpine
Could you be more specific?
I guess that we need to tag base images and push them in the company repository instead of just using a specific version, sometimes specefic image version keep being updated and having patches under the same version , which can break some of the code eventually, the best way i guess is to tag it and push it in the repo , then keep scaning it for security issues in case the original one had some security patches.
We can use the SHA of the image, which would solve this issue.
@@hassimnaseef yees that too, its a good solution, i just like my dockerfiles to be more readable. Thank you for your suggestion :D
Interesting.. a very useful.. thanks you Nana
Thanks Nana for your valuable information sharing 👍. Pls do one video for k8s
Thanks a lot! It is very useful for beginners.
Very usefull video, thanks!
動画のご提供ありがとうざいます!大変わかりやすく、かつ、役に立ちました。これからもどうかよろしくお願いいたします。
Informative and detailed❣️
Thank you so much, the video was helpful and informative.
Very basics, every dockeist knows this!
Good video! Thank you for sharing!
Just one thing to mention: since you're saying in "production", maybe you wouldn't use node.js 17(odd version instead of LTS, which is unstable).
@TechWorld with Nana amazing video and the k you for educating us.
excellent all time nana,
but could you make a video for CRD in kubernetes?
Thanks a lot. I wonder, what software tool was used to build and illustrate this marvelous video with so many display effects?
Thank you so much!
Great explanation Nana, thank you!
Nicely done, didn't know the details of how the caching worked / broke or the default user being root.
*scampers off to fix docker images*
I liked before watching the video :)
Fantastically presented content.
This channel is a gem. You're so good at this Nana. DO you speak german by the way? I speak it and was wondering if you have a german channel too, just curious
Thank you Luke, always happy to hear such great feedback! :) Yes, I speak German but don't have a german channel. Can't imagine how much work it would be to create videos for 2 channels and handling everything besides that 🤯
Great video!! In which stage it is a good practice o recommended to add tools to your image that helps you do the troubleshooting. Thanks! Greetings from Asuncion-Paraguay