五. Dockerfile
目录
1. Dockerfile指令
指令 | 描述 |
---|---|
FROM | 构建的新镜像是基于哪个镜像。例如:FROM centos:6 |
MAINTAINER | 镜像维护者姓名或邮箱地址。例如:MAINTAINER Shao |
LABEL | LABEL是一个更灵活的版本,可以替代MAINTAINER |
RUN | 构建镜像时运行的Shell命令。例如:RUN ["yum","install","httpd"] 或者RUN yum install httpd |
ADD | 拷贝文件或目录到镜像(可以自动解压缩或者下载)例如:ADD ["src","dest"] 或者ADD https://xxx.com/html.tar.gz /var/www/html 或者:ADD html.tar.gz /var/www/html #注意src只能使用相对路径 |
COPY | 拷贝文件或目录到镜像(不能自动解压缩)。例如:COPY ./start.sh /start.sh |
HEALTHCHECK | 健康检查。例如:HEALTHCHECK --interval=5m --timeout=3s --retries=3CMD curl -f http://localhost/ |
EXPOSE | 声明容器运行的服务端口。例如:EXPOSE 80 443 ,通过 docker run -P 会自动将容器端口 80 和443 暴露在宿主机的随机端口 |
ENV | 设置容器内环境变量。例如:ENV MYSQL_ROOT_PASSWORD 123456 或ENV MYSQL_ROOT_PASSWORD=123456 区别:有= 能设置多个环境变量,没有只能设置一个 |
VOLUME | 挂载匿名卷 ,指定容器挂载点到宿主机自动生成的目录或其他容器例如:VOLUME ["volume01","volume02"] |
USER | 为RUN,CMD和ENTRYPOINT执行命令指定运行用户例如:USER Mr_chen |
WORKDIR | 为RUN,CMD,ENTRYPOINT,COPY和ADD设置工作目录(指定进入容器中默认被切换的目录)。例如:WORKDIR /usr/local/tomcat |
CMD | 运行容器时执行的Shell命令(可以被运行时传递的参数覆盖)。例如:CMD ["-c","/start.sh"] 或者CMD ["/usr/sbin/sshd","-D"] 或者`CMD /usr/sbin/sshd -D |
ENTRYPOINT | 运行容器时执行的Shell命令(不能被运行时传递的参数覆盖)。例如:ENTRYPOINT ["/bin/bash","-c","/start.sh"] 或者ENTRYPOINT /bin/bash -c "/start.sh" [ ] 代表直接运行mysql命令, 或者该执行文件,没有中括号等于在内部起了个shell进程,相当于用sh -c "command" 这种方式 |
-
RUN
# shell格式: RUN yum clean all && yum makecache && yum -y install nginx # exec格式: RUN ["/usr/bin/yum", "-y", "install", "nginx"] # 区别 shell和exec格式区别在于启动的时候(CMD或者ENTRYPOINT),如果用shell模式程序的PID就不是1了,在docker stop的时候可能停不掉进程
-
ARG
ARG 用于指定传递给构建运行时的变量 FROM busybox USER ${user:-some_user} ARG user USER $user docker build --build-arg user=what_user
2. 构建
2.1 构建方法
- 尽量使用体积较小的基础镜像
- 将所需文件和dockerfile准备好:
docker build -f dockerfile文件 -t 标签 .
REPOSITORY | SIZE |
---|---|
ubuntu | 73.9MB |
alpine | 5.61MB |
debian | 114MB |
centos | 237MB |
2.2 使用脚本构建
[root@shaochong docker]# cat docker_build.sh
#!/bin/bash
TIMENOW=`date +%Y%m%d-%H%M`
IMAGE_NAME=$1
DOCFILE_DIR=$2
if [ $# -eq 2 ];
then
[ ! -d $2 ] && echo "Dockerfile file does not exist";exit 1
cd $2
docker build -f ./dockerfile -t $1:${TIMENOW} .
else
echo "Please enter the image name parameter and the Dockerfile path"
fi
3. Dockerfile
-
检查一个镜像的dockerfile
#!/bin/bash export PATH=$PATH if [ $# -eq 1 ];then docker history --format {{.CreatedBy}} --no-trunc=true $1 |sed "s/\/bin\/sh\ -c\ \#(nop)\ //g"|sed "s/\/bin\/sh\ -c/RUN/g" | sed -r 's/^\s+//g;G' | tac else echo "run $0 DOCKER_IMAGE:tag" fi
-
构建一个基础镜像用于初始化环境,其它应用可在这个基础镜像上构建
FROM centos:7 LABEL MAINTAINER="shaochong" EMAIL="lvdan0427@163.com" RUN rm -f /etc/localtime && ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && rm -rf /etc/yum.repo.d/* && \ curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo && \ yum makecache && yum -y install unzip iproute net-tools && yum -y clean all && rm -rf /var/cache/yum/* # docker build -f dockerfile -t os/centos:v1 .
3.1 tomcat 应用示例
FROM os/centos:v1
LABEL MAINTAINER="shaochong" EMAIL="lvdan0427@163.com"
ENV WORKPATH=/usr/local/tomcat VERSION=8.5.78
ENV PATH $PATH:/usr/local/tomcat/bin
ADD apache-tomcat-${VERSION}.tar.gz /usr/local/
RUN yum -y install java-1.8.0-openjdk && yum -y clean all && rm -rf /var/cache/yum/* && \
mv /usr/local/apache-tomcat-${VERSION} /usr/local/tomcat && \
sed -i '1a JAVA_OPTS="-Djava.security.egd=file:/dev/./urandom"' ${WORKPATH}/bin/catalina.sh
WORKDIR ${WORKPATH}
EXPOSE 8080
CMD ["catalina.sh", "run"]
# docker build -f dockerfile -t app/tomcat:v1 .
3.2 springboot应用示例
# java
FROM java:8-jdk-alpine
LABEL MAINTAINER="shaochong" EMAIL="lvdan0427@163.com"
ENV JAVA_OPTS="$JAVA_OPTS -Dfile.encoding=UTF8 -Duser.timezone=GMT+08"
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories && \
apk add -U tzdata && \
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
COPY hello.jar /
EXPOSE 8888
CMD ["/bin/sh", "-c", "java -jar $JAVA_OPTS /hello.jar"]
3.3 nginx应用示例
# nginx
FROM centos:7
LABEL MAINTAINER="shaochong" EMAIL="lvdan0427@163.com"
RUN yum install -y gcc gcc-c++ make \
openssl-devel pcre-devel gd-devel \
iproute net-tools telnet wget curl && \
yum clean all && \
rm -rf /var/cache/yum/*
ADD nginx-1.15.5.tar.gz /
RUN cd nginx-1.15.5 && \
./configure --prefix=/usr/local/nginx \
--with-http_ssl_module \
--with-http_stub_status_module && \
make -j 4 && make install && \
mkdir /usr/local/nginx/conf/vhost && \
cd / && rm -rf nginx* && \
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
ENV PATH $PATH:/usr/local/nginx/sbin
COPY nginx.conf /usr/local/nginx/conf/nginx.conf
WORKDIR /usr/local/nginx
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]
3.4 php应用示例
FROM centos:7
LABEL MAINTAINER="shaochong" EMAIL="lvdan0427@163.com"
RUN yum install epel-release -y && \
yum install -y gcc gcc-c++ make gd-devel libxml2-devel \
libcurl-devel libjpeg-devel libpng-devel openssl-devel \
libmcrypt-devel libxslt-devel libtidy-devel autoconf \
iproute net-tools telnet wget curl && \
yum clean all && \
rm -rf /var/cache/yum/*
ADD php-5.6.36.tar.gz /
RUN cd php-5.6.36 && \
./configure --prefix=/usr/local/php \
--with-config-file-path=/usr/local/php/etc \
--enable-fpm --enable-opcache \
--with-mysql --with-mysqli --with-pdo-mysql \
--with-openssl --with-zlib --with-curl --with-gd \
--with-jpeg-dir --with-png-dir --with-freetype-dir \
--enable-mbstring --with-mcrypt --enable-hash && \
make -j 4 && make install && \
cp php.ini-production /usr/local/php/etc/php.ini && \
cp sapi/fpm/php-fpm.conf /usr/local/php/etc/php-fpm.conf && \
sed -i "90a \daemonize = no" /usr/local/php/etc/php-fpm.conf && \
mkdir /usr/local/php/log && \
cd / && rm -rf php* && \
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
ENV PATH $PATH:/usr/local/php/sbin
COPY php.ini /usr/local/php/etc/
COPY php-fpm.conf /usr/local/php/etc/
WORKDIR /usr/local/php
EXPOSE 9000
CMD ["php-fpm"]
4. 推送镜像
4.1 推送到dockerhub
我的邮箱:lvdan0427@163.com
# 登陆到dockerhub
docker login -u lvdan0427 -p 密码 https://registry-1.docker.io/v2/
# 将镜像名改成仓库标准的名称
docker tag os/centos:v1 lvdan0427/centos:7
docker tag app/tomcat:v1 lvdan0427/tomcat:8.5.78
# 删除重复镜像名 (注意使用"镜像名:tag删除", 不要使用id删除)
docker rmi os/centos:v1
docker rmi os/tomcat:v1
# 推送镜像到dockerhub
docker push lvdan0427/tomcat:8.5.78
docker push lvdan0427/centos:7
# 退出登陆
docker logout
4.2 推送到阿里云
镜像加速器:https://cr.console.aliyun.com/cn-hangzhou/instances/mirrors
实例列表:https://cr.console.aliyun.com/reposipory
账户:淘宝扫码
实例列表 ==> 个人实例 ==> 创建命名空间 ==> 创建镜像仓库
- 推荐创建的命名空间用来对应一个公司、组织或个人用户,例如Aliyun、Obama。不推荐用来对应一个模块或系统,例如Tomcat、CentOS,应用或模块推荐使用仓库进行管理。
# 登陆到阿里云镜像服务
docker login -u lvdan0427 -p 密码 registry.cn-hangzhou.aliyuncs.com
# 将镜像名改成仓库标准的名称
docker tag lvdan0427/centos:7 registry.cn-hangzhou.aliyuncs.com/shaochong/centos:7
docker tag lvdan0427/tomcat:8.5.78 registry.cn-hangzhou.aliyuncs.com/shaochong/tomcat:8.5.78
# 删除重复镜像名 (注意使用"镜像名:tag删除", 不要使用id删除)
docker rmi lvdan0427/centos:7
docker rmi lvdan0427/tomcat:8.5.78
# 推送
docker push registry.cn-hangzhou.aliyuncs.com/shaochong/centos:7
docker push registry.cn-hangzhou.aliyuncs.com/shaochong/tomcat:8.5.78