前奏
rambo@debian:~$ cat /etc/issue
Debian GNU/Linux 12 \n \l
基于当前OS创建自己的镜像
rambo@debian:~$ mkdir myimage
rambo@debian:~$ sudo cp -a /usr/lib /usr/lib32/ /usr/lib64/ /usr/bin/ myimage
rambo@debian:~$ sudo chroot myimage bash
bash-5.2# pwd
/
bash-5.2# ls -al
total 92
drwxr-xr-x 6 1000 1000 4096 Oct 7 02:15 .
drwxr-xr-x 6 1000 1000 4096 Oct 7 02:15 ..
drwxr-xr-x 2 0 0 69632 Oct 7 01:25 bin
drwxr-xr-x 85 0 0 4096 Oct 6 09:08 lib
drwxr-xr-x 2 0 0 4096 Aug 3 10:37 lib32
drwxr-xr-x 2 0 0 4096 Oct 4 00:19 lib64
bash-5.2# exit
# 新建一个包含一些随机字符串的secret.txt文件
rambo@debian:~$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/nginx latest 61395b4c586d 2 weeks ago 191 MB
docker.io/library/debian latest 2657a4a0a6d5 2 weeks ago 121 MB
rambo@debian:~$ echo $(openssl rand -base64 32) > myimage/secret.txt # 也可以是echo 123 > 1.txt
rambo@debian:~$ sudo tar -C myimage/ -c . -f myimage.tar
# docker import使用需要tar存档文件和映像名称的命令导入文件,而后会看到image的 sha256 哈希摘要
rambo@debian:~$ docker import myimage.tar myimage:latest
rambo@debian:~$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
localhost/myimage latest 0b5fc43f8711 3 minutes ago 3.72 GB
注:这里是因为我的Debian环境不是新装的,装了很多其他的
# 用新创建的镜像运行容器
rambo@debian:~$ docker run -itd --rm --entrypoint /bin/bash myimage:latest
rambo@debian:~$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0db97c97a7e7 localhost/myimage:latest bash 13 seconds ago Up 13 seconds pensive_yalow
rambo@debian:~$ docker exec -it 0db97 /bin/bash
bash-5.2# ls
bin dev etc lib lib32 lib64 proc run secret.txt sys
bash-5.2# cat secret.txt
YA+UeqdKtZv36ZvMnqDsGHC0wxEWD2bUVdnNW4NOCpU=
让Alpine不再是Alpine
参考1、参考2
在Alpine里面安装glibc,让Alpine不再是Alpine
对镜像alpine有偏执的,可以通过这种方式来实现glibc的,当然直接使用支持glibc的linux发行版的镜像就没有这篇文章了
rambo@debian:~$ mkdir opop && cd opop/
rambo@debian:~/opop$ vim Dockerfile
FROM alpine:3.18
ENV LANG=C.UTF-8
# install GNU libc (aka glibc) C.UTF-8 locale and set timezone
RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases/download" && \
ALPINE_GLIBC_PACKAGE_VERSION="2.29-r0" && \
ALPINE_GLIBC_BASE_PACKAGE_FILENAME="glibc-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \
ALPINE_GLIBC_BIN_PACKAGE_FILENAME="glibc-bin-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \
ALPINE_GLIBC_I18N_PACKAGE_FILENAME="glibc-i18n-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \
apk add --no-cache --virtual=.build-dependencies wget ca-certificates && \
wget -q -O /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub && \
wget \
"$ALPINE_GLIBC_BASE_URL/$ALPINE_GLIBC_PACKAGE_VERSION/$ALPINE_GLIBC_BASE_PACKAGE_FILENAME" \
"$ALPINE_GLIBC_BASE_URL/$ALPINE_GLIBC_PACKAGE_VERSION/$ALPINE_GLIBC_BIN_PACKAGE_FILENAME" \
"$ALPINE_GLIBC_BASE_URL/$ALPINE_GLIBC_PACKAGE_VERSION/$ALPINE_GLIBC_I18N_PACKAGE_FILENAME" && \
apk add --no-cache \
"$ALPINE_GLIBC_BASE_PACKAGE_FILENAME" \
"$ALPINE_GLIBC_BIN_PACKAGE_FILENAME" \
"$ALPINE_GLIBC_I18N_PACKAGE_FILENAME" && \
\
rm "/etc/apk/keys/sgerrand.rsa.pub" && \
/usr/glibc-compat/bin/localedef --force --inputfile POSIX --charmap UTF-8 "$LANG" || true && \
echo "export LANG=$LANG" > /etc/profile.d/locale.sh && \
\
apk del glibc-i18n && \
\
rm "/root/.wget-hsts" && \
apk del .build-dependencies && \
rm \
"$ALPINE_GLIBC_BASE_PACKAGE_FILENAME" \
"$ALPINE_GLIBC_BIN_PACKAGE_FILENAME" \
"$ALPINE_GLIBC_I18N_PACKAGE_FILENAME" && \
echo 'http://mirrors.ustc.edu.cn/alpine/v3.18/main' > /etc/apk/repositories \
&& echo 'http://mirrors.ustc.edu.cn/alpine/v3.18/community' >>/etc/apk/repositories \
&& apk update && apk add tzdata \
&& ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
&& echo "Asia/Shanghai" > /etc/timezone
# 构建alpine-base:3.18镜像
docker build -t alpine-base:3.18 .
docker run --name alpine-base --rm -it alpine-base:3.9 sh
防走丢
QQ群1:905201396
QQ群2:756805267
QQ群3:912567610