Dockerfile by Example: Entrypoint Instruction Format
ENTRYPOINT configures the container to run as an executable. This sample code shows how to use it to create wrapper scripts or fixed commands that accept arguments.
Code
FROM python:3.9-slim
COPY my-script.py /bin/my-tool
RUN chmod +x /bin/my-tool
# 1. Exec form (Preferred)
# This runs the command directly, not inside a shell
ENTRYPOINT ["/bin/my-tool"]
# 2. Default arguments
# These are appended to the ENTRYPOINT
CMD ["--help"]
# Result:
# docker run my-image -> /bin/my-tool --help
# docker run my-image --version -> /bin/my-tool --versionExplanation
The ENTRYPOINT instruction defines the executable that will run when the container starts. Unlike CMD, which is easily overridden, ENTRYPOINT is intended to be immutable, treating the container as a binary executable. Any arguments passed to docker run are appended to the ENTRYPOINT command, allowing users to pass flags or parameters to the internal application naturally.
Differences between Exec and Shell forms:
- Exec form
["cmd", "param"]runs directly, receiving OS signals like SIGTERM - Shell form
cmd paramruns as/bin/sh -c cmd, masking signals - Exec form is preferred for graceful shutdowns and correct PID handling
- Shell form allows variable expansion but complicates signal propagation
Using the exec form (JSON array syntax) is highly recommended. In shell form, the command runs as a child process of /bin/sh, which does not forward signals. This means the container might not stop gracefully when you press Ctrl+C or when the orchestrator tries to terminate it, leading to forced kills and potential data corruption. The exec form ensures your application runs as PID 1, receiving signals directly.
Code Breakdown
ENTRYPOINT ["/bin/my-tool"] sets the fixed command.CMD ["--help"] provides default args if none are supplied by user.RUN chmod +x ... ensures the script is executable.docker run args interact with ENTRYPOINT.