Home Explore Blog CI



docker
1st chunk of `content/manuals/build/building/best-practices.md`
e5f06e8c9fd833bccd94c7d69e2978c1fcaef319614e16430000000100000b09
---
title: Building best practices
linkTitle: Best practices
weight: 60
description: Hints, tips and guidelines for writing clean, reliable Dockerfiles
keywords: base images, dockerfile, best practices, hub, official image
tags: [Best practices]
aliases:
  - /articles/dockerfile_best-practices/
  - /engine/articles/dockerfile_best-practices/
  - /engine/userguide/eng-image/dockerfile_best-practices/
  - /develop/develop-images/dockerfile_best-practices/
  - /develop/develop-images/guidelines/
  - /develop/develop-images/instructions/
  - /develop/dev-best-practices/
  - /develop/security-best-practices/
---

## Use multi-stage builds

Multi-stage builds let you reduce the size of your final image, by creating a
cleaner separation between the building of your image and the final output.
Split your Dockerfile instructions into distinct stages to make sure that the
resulting output only contains the files that are needed to run the application.

Using multiple stages can also let you build more efficiently by executing
build steps in parallel.

See [Multi-stage builds](/manuals/build/building/multi-stage.md) for more
information.

### Create reusable stages

If you have multiple images with a lot in common, consider creating a reusable
stage that includes the shared components, and basing your unique stages on
that. Docker only needs to build the common stage once. This means that your derivative images use memory
on the Docker host more efficiently and load more quickly.

It's also easier to maintain a common base stage ("Don't repeat yourself"),
than it is to have multiple different stages doing similar things.

## Choose the right base image

The first step towards achieving a secure image is to choose the right base
image. When choosing an image, ensure it's built from a trusted source and keep
it small.

- [Docker Official Images](https://hub.docker.com/search?image_filter=official)
  are a curated collection that have clear documentation, promote best
  practices, and are regularly updated. They provide a trusted starting point
  for many applications.

- [Verified Publisher](https://hub.docker.com/search?image_filter=store) images
  are high-quality images published and maintained by the organizations
  partnering with Docker, with Docker verifying the authenticity of the content
  in their repositories.

- [Docker-Sponsored Open Source](https://hub.docker.com/search?image_filter=open_source)
  are published and maintained by open source projects sponsored by Docker
  through an [open source program](../../docker-hub/image-library/trusted-content.md#docker-sponsored-open-source-software-images).

When you pick your base image, look out for the badges indicating that the
image is part of these programs.
Title: Dockerfile Best Practices: Multi-Stage Builds and Base Images
Summary
This section of the Dockerfile best practices guide discusses using multi-stage builds to reduce final image size and build more efficiently. It also emphasizes the importance of choosing the right base image from trusted sources like Docker Official Images, Verified Publishers, and Docker-Sponsored Open Source projects.