526互联

Dockerfile

发布时间 2023-10-23 14:55:40作者: 龙泉寺老方丈

五. Dockerfile

目录

1. Dockerfile指令

指令 描述
FROM 构建的新镜像是基于哪个镜像。例如:FROM centos:6
MAINTAINER 镜像维护者姓名或邮箱地址。例如:MAINTAINER Shao
LABEL LABEL是一个更灵活的版本,可以替代MAINTAINER
RUN 构建镜像时运行的Shell命令。例如:RUN ["yum","install","httpd"]或者RUN yum install httpd
ADD 拷贝文件或目录到镜像(可以自动解压缩或者下载)例如:ADD ["src","dest"]或者ADD https://xxx.com/html.tar.gz /var/www/html或者:ADD html.tar.gz /var/www/html #注意src只能使用相对路径
COPY 拷贝文件或目录到镜像(不能自动解压缩)。例如:COPY ./start.sh /start.sh
HEALTHCHECK 健康检查。例如:HEALTHCHECK --interval=5m --timeout=3s --retries=3CMD curl -f http://localhost/
EXPOSE 声明容器运行的服务端口。例如:EXPOSE 80 443,通过 docker run -P 会自动将容器端口 80443 暴露在宿主机的随机端口
ENV 设置容器内环境变量。例如:ENV MYSQL_ROOT_PASSWORD 123456ENV MYSQL_ROOT_PASSWORD=123456 区别:有=能设置多个环境变量,没有只能设置一个
VOLUME 挂载匿名卷,指定容器挂载点到宿主机自动生成的目录或其他容器例如:VOLUME ["volume01","volume02"]
USER 为RUN,CMD和ENTRYPOINT执行命令指定运行用户例如:USER Mr_chen
WORKDIR 为RUN,CMD,ENTRYPOINT,COPY和ADD设置工作目录(指定进入容器中默认被切换的目录)。例如:WORKDIR /usr/local/tomcat
CMD 运行容器时执行的Shell命令(可以被运行时传递的参数覆盖)。例如:CMD ["-c","/start.sh"] 或者CMD ["/usr/sbin/sshd","-D"]或者`CMD /usr/sbin/sshd -D
ENTRYPOINT 运行容器时执行的Shell命令(不能被运行时传递的参数覆盖)。例如:ENTRYPOINT ["/bin/bash","-c","/start.sh"]或者ENTRYPOINT /bin/bash -c "/start.sh" [ ]代表直接运行mysql命令, 或者该执行文件,没有中括号等于在内部起了个shell进程,相当于用sh -c "command"这种方式

  • RUN

    
# shell格式:
        RUN yum clean all && yum makecache && yum -y install nginx
# exec格式:
        RUN ["/usr/bin/yum", "-y", "install", "nginx"]

# 区别 shell和exec格式区别在于启动的时候(CMD或者ENTRYPOINT),如果用shell模式程序的PID就不是1了,在docker stop的时候可能停不掉进程

  • ARG

    ARG 用于指定传递给构建运行时的变量

FROM busybox
USER ${user:-some_user}
ARG user
USER $user


docker build --build-arg user=what_user

2. 构建

2.1 构建方法

  • 尽量使用体积较小的基础镜像
  • 将所需文件和dockerfile准备好: docker build -f dockerfile文件 -t 标签 .
REPOSITORY SIZE
ubuntu 73.9MB
alpine 5.61MB
debian 114MB
centos 237MB

2.2 使用脚本构建

[root@shaochong docker]# cat docker_build.sh 
#!/bin/bash
TIMENOW=`date +%Y%m%d-%H%M`
IMAGE_NAME=$1
DOCFILE_DIR=$2

if [ $# -eq 2 ];
then
  [ ! -d $2 ] && echo "Dockerfile  file does not exist";exit 1
  cd $2
  docker build -f ./dockerfile -t $1:${TIMENOW} .
else
  echo "Please enter the image name parameter and the Dockerfile path"
fi

3. Dockerfile

  • 检查一个镜像的dockerfile

    #!/bin/bash
export PATH=$PATH

if [ $# -eq 1 ];then
    docker history --format {{.CreatedBy}} --no-trunc=true $1 |sed "s/\/bin\/sh\ -c\ \#(nop)\ //g"|sed "s/\/bin\/sh\ -c/RUN/g" | sed -r 's/^\s+//g;G' | tac
else
    echo "run  $0 DOCKER_IMAGE:tag"
fi

  • 构建一个基础镜像用于初始化环境,其它应用可在这个基础镜像上构建

    FROM centos:7
LABEL MAINTAINER="shaochong" EMAIL="lvdan0427@163.com"
RUN rm -f /etc/localtime && ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && rm -rf /etc/yum.repo.d/* && \
    curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo && \
    yum makecache && yum -y install unzip iproute net-tools && yum -y clean all && rm -rf /var/cache/yum/*
        
# docker build -f dockerfile  -t os/centos:v1 .

3.1 tomcat 应用示例

FROM os/centos:v1
LABEL MAINTAINER="shaochong" EMAIL="lvdan0427@163.com"
ENV WORKPATH=/usr/local/tomcat VERSION=8.5.78
ENV PATH $PATH:/usr/local/tomcat/bin
ADD apache-tomcat-${VERSION}.tar.gz /usr/local/
RUN yum -y install java-1.8.0-openjdk && yum -y clean all && rm -rf /var/cache/yum/* && \
    mv /usr/local/apache-tomcat-${VERSION} /usr/local/tomcat && \
    sed -i '1a JAVA_OPTS="-Djava.security.egd=file:/dev/./urandom"' ${WORKPATH}/bin/catalina.sh
WORKDIR ${WORKPATH}
EXPOSE 8080
CMD ["catalina.sh", "run"]

# docker build -f dockerfile  -t app/tomcat:v1 .

3.2 springboot应用示例

# java
FROM java:8-jdk-alpine
LABEL MAINTAINER="shaochong" EMAIL="lvdan0427@163.com"
ENV JAVA_OPTS="$JAVA_OPTS -Dfile.encoding=UTF8 -Duser.timezone=GMT+08"
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories && \
    apk add -U tzdata && \
    ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
COPY hello.jar /
EXPOSE 8888
CMD ["/bin/sh", "-c", "java -jar $JAVA_OPTS /hello.jar"]

3.3 nginx应用示例

# nginx
FROM centos:7
LABEL MAINTAINER="shaochong" EMAIL="lvdan0427@163.com"
RUN yum install -y gcc gcc-c++ make \
    openssl-devel pcre-devel gd-devel \
    iproute net-tools telnet wget curl && \
    yum clean all && \
    rm -rf /var/cache/yum/*
ADD nginx-1.15.5.tar.gz /
RUN cd nginx-1.15.5 && \
    ./configure --prefix=/usr/local/nginx \
    --with-http_ssl_module \
    --with-http_stub_status_module && \
    make -j 4 && make install && \
    mkdir /usr/local/nginx/conf/vhost && \
    cd / && rm -rf nginx* && \
    ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
ENV PATH $PATH:/usr/local/nginx/sbin
COPY nginx.conf /usr/local/nginx/conf/nginx.conf
WORKDIR /usr/local/nginx
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]

3.4 php应用示例

FROM centos:7
LABEL MAINTAINER="shaochong" EMAIL="lvdan0427@163.com"
RUN yum install epel-release -y && \
    yum install -y gcc gcc-c++ make gd-devel libxml2-devel \
    libcurl-devel libjpeg-devel libpng-devel openssl-devel \
    libmcrypt-devel libxslt-devel libtidy-devel autoconf \
    iproute net-tools telnet wget curl && \
    yum clean all && \
    rm -rf /var/cache/yum/*
ADD php-5.6.36.tar.gz /
RUN cd php-5.6.36 && \
    ./configure --prefix=/usr/local/php \
    --with-config-file-path=/usr/local/php/etc \
    --enable-fpm --enable-opcache \
    --with-mysql --with-mysqli --with-pdo-mysql \
    --with-openssl --with-zlib --with-curl --with-gd \
    --with-jpeg-dir --with-png-dir --with-freetype-dir \
    --enable-mbstring --with-mcrypt --enable-hash && \
    make -j 4 && make install && \
    cp php.ini-production /usr/local/php/etc/php.ini && \
    cp sapi/fpm/php-fpm.conf /usr/local/php/etc/php-fpm.conf && \
    sed -i "90a \daemonize = no" /usr/local/php/etc/php-fpm.conf && \
    mkdir /usr/local/php/log && \
    cd / && rm -rf php* && \
    ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
ENV PATH $PATH:/usr/local/php/sbin
COPY php.ini /usr/local/php/etc/
COPY php-fpm.conf /usr/local/php/etc/
WORKDIR /usr/local/php
EXPOSE 9000
CMD ["php-fpm"]

4. 推送镜像

4.1 推送到dockerhub

https://hub.docker.com/

我的邮箱:lvdan0427@163.com

# 登陆到dockerhub
docker login -u lvdan0427 -p 密码 https://registry-1.docker.io/v2/

# 将镜像名改成仓库标准的名称
docker tag os/centos:v1 lvdan0427/centos:7
docker tag app/tomcat:v1 lvdan0427/tomcat:8.5.78

# 删除重复镜像名 (注意使用"镜像名:tag删除", 不要使用id删除)
docker rmi os/centos:v1
docker rmi os/tomcat:v1

# 推送镜像到dockerhub
docker push lvdan0427/tomcat:8.5.78
docker push lvdan0427/centos:7

# 退出登陆
docker logout

4.2 推送到阿里云

镜像加速器:https://cr.console.aliyun.com/cn-hangzhou/instances/mirrors

实例列表:https://cr.console.aliyun.com/reposipory

账户:淘宝扫码

实例列表 ==> 个人实例 ==> 创建命名空间 ==> 创建镜像仓库

  • 推荐创建的命名空间用来对应一个公司、组织或个人用户,例如Aliyun、Obama。不推荐用来对应一个模块或系统,例如Tomcat、CentOS,应用或模块推荐使用仓库进行管理。
# 登陆到阿里云镜像服务
docker login  -u lvdan0427 -p 密码 registry.cn-hangzhou.aliyuncs.com

# 将镜像名改成仓库标准的名称
docker tag lvdan0427/centos:7 registry.cn-hangzhou.aliyuncs.com/shaochong/centos:7
docker tag lvdan0427/tomcat:8.5.78 registry.cn-hangzhou.aliyuncs.com/shaochong/tomcat:8.5.78

# 删除重复镜像名 (注意使用"镜像名:tag删除", 不要使用id删除)
docker rmi lvdan0427/centos:7
docker rmi lvdan0427/tomcat:8.5.78

# 推送
docker push registry.cn-hangzhou.aliyuncs.com/shaochong/centos:7
docker push registry.cn-hangzhou.aliyuncs.com/shaochong/tomcat:8.5.78