Create a Node.js Non-root Image

Joel Lord
InstructorJoel Lord

Share this video with your friends

Send Tweet

The containers you built in the previous lessons are running as root for a few reasons. First of all, we read and write files from the file system in order to install tools like jq or to change some configuration files. And second, we are running servers on ports that are restricted to the root user (such as port 80).

While the risks are very limited in your own environment, you will need to have security in mind when you are deploying those containers to a production server. Some hosts will prevent any container where the user is root to be running at all.

From the Dockerfile, we will specify the use that builds the container will be the node user that the node image gives us. To do this we will need to set permissions for the node user to add and modify specific files.