Docker is easy to learn but hard to master. Here are 10 mistakes almost everyone makes.

1. Using :latest Tag¶

❌ FROM node:latest¶

✅ FROM node:20.11-alpine¶

2. Running as Root¶

RUN addgroup -S app && adduser -S app -G app
USER app

3. Huge Images¶

Use multi-stage builds and Alpine:

FROM node:20 AS build
WORKDIR /app
COPY package*.json ./
RUN npm ci
COPY . .
RUN npm run build

FROM node:20-alpine
COPY –from=build /app/dist ./dist
CMD [“node”, “dist/index.js”]

4. Wrong Layer Order (Cache)¶

✅ Dependencies first, then code¶

COPY package*.json ./
RUN npm install
COPY . .

5. Missing .dockerignore¶

node_modules
.git
.env
Dockerfile

6. Secrets in Image¶

Never put passwords in Dockerfile. Use runtime env or Docker secrets.

7. Multiple Processes in One Container¶

One container = one process. Don’t turn containers into VMs.

8. No Health Check¶

HEALTHCHECK –interval=30s –timeout=3s CMD curl -f http://localhost:3000/health || exit 1

9. No Volumes for Data¶

docker run -v pgdata:/var/lib/postgresql/data postgres:16

10. No Resource Limits¶

docker run –memory=512m –cpus=1.0 myapp

Summary¶

Follow best practices from the start. Fixing bad habits is harder than not learning them.