← Back to Blog
Developer Tools2026-03-219 min read

Dockerfile Best Practices: 15 Rules for Production

15 essential Dockerfile best practices: layer ordering, .dockerignore, non-root user, health checks, and security scanning.

15 Rules

  1. Use specific base image tags, not latest
  2. Use Alpine or distroless images
  3. Order layers by change frequency (package.json before source)
  4. Use .dockerignore
  5. npm ci not npm install
  6. Multi-stage builds
  7. Run as non-root (USER)
  8. Add HEALTHCHECK
  9. One process per container
  10. Use COPY not ADD
  11. Clean up in the same layer (apt-get clean)
  12. Pin dependency versions
  13. Scan for vulnerabilities (docker scout)
  14. Use --no-cache in CI
  15. Label images with metadata

Try It Free

Use our free online tool — 100% client-side, no data leaves your browser.

Open YAML Validator

Related Tools & Articles