Docker RUN vs CMD vs ENTRYPOINT

Differences between three Docker build instructions

In Docker build, the three instructions RUN , CMD and ENTRYPOINT look similar and all are instructions used in a Dockerfile to define various aspects of a Docker image. Sometimes it can easily cause confusions. Let’s discuss their differences in this article.

RUN vs CMD vs ENTRYPOINT

• RUN executes commands and creates new image layers.
• CMD sets the command and its parameters to be executed by default after the container is started. However CMD can be replaced by docker run command line parameters.
• ENTRYPOINT configures the command to run when the container starts, similar to CMD from a functionality perspective.

Shell Format vs Exec Format

We can specify the command to be run by RUN, CMD and ENTRYPOINT in two ways: Shell format and Exec format, which have subtle differences in usage.

Shell Format

Shell format has the following form:

<instruction> <command>

For example:

RUN apt-get install python3
CMD echo "Hello world"
ENTRYPOINT echo "Hello world"

When the command is executed, the bottom layer of the shell format will call /bin/sh -c <command>. When you run commands in Shell format, the environment variable that defined in ENV command will be inherited.

ENV name Cloud Man
ENTRYPOINT echo "Hello, $name"

# Output
Hello, Cloud Man

Exec Format

Exec format has the following form:

<instruction> ["executable", "param1", "param2", ...]

For example:

RUN ["apt-get", "install", "python3"]
CMD ["/bin/echo", "Hello world"]
ENTRYPOINT ["/bin/echo", "Hello world"]

When the command is executed, <command> will be called directly and will not be parsed by the shell. The environment variable that defined in ENV will not be passed as well.

ENV name Cloud Man

ENTRYPOINT ["/bin/echo", "Hello, $name"]

# Output
Hello, $name