小小程日记-笔记分享Dockerfile配置
在线浏览思维导图
-
是什么?
用来构建docker镜像的文本文件,由一条条指令和参数构成的脚本。
-
基本流程
- 编写Dockerfile文件
docker build -t 新镜像名称:TAG .构建镜像docker run xxx运行容器实例
-
基础知识
- 保留字指令都为大写,且参数至少一个
- 指令按照从上到下,顺序执行
#表示注释- 每一条指令都会创建一个新的镜像层
-
Docker执行Dockerfile的大概流程
- docker先运行一个基础镜像
- 执行一条指令并对容器进行修改
- 执行类似
docker commit的操作提交一个新的镜像层 - 基于刚刚提交的新的镜像层运行一个新的容器
- 以此类推,执行dockerfile的下一条指令
-
Dockerfile保留字
-
FROM基础镜像,指定一个已经存在的镜像的模板,且dockerfile文件第一条必须是FROM -
MAINTAINER镜像维护者的相关信息 -
RUN构建时需要运行的命令可分为
shell格式和exec格式RUN yum -y install vimRUN ['可执行文件','参数1','参数2‘]
-
EXPOSE暴露指定端口文档中说它并不实际发布端口,实际发布端口应在
docker run命令下使用-p或者-P命令进行发布,仅仅是声明容器打算使用什么端口而已,并不会自动在宿主进行端口映射,同时默认只发布TCPDockerfile reference EXPOSEThe
EXPOSEinstruction informs Docker that the container listens on the specified network ports at runtime. You can specify whether the port listens on TCP or UDP, and the default is TCP if the protocol is not specified.The
EXPOSEinstruction does not actually publish the port. It functions as a type of documentation between the person who builds the image and the person who runs the container, about which ports are intended to be published. To actually publish the port when running the container, use the-pflag ondocker runto publish and map one or more ports, or the-Pflag to publish all exposed ports and map them to high-order ports.By default,
EXPOSEassumes TCP. You can also specify UDP:EXPOSE 80/udpTo expose on both TCP and UDP, include two lines:
EXPOSE 80/tcp EXPOSE 80/udp -
WORKDIR指定终端默认登陆的落脚点 -
USER指定镜像以什么样的用户去执行,默认是root -
ENV设置运行时环境ENV MY_PATH /root -
VOLUME设置容器卷 -
ADD将宿主机目录下的文件拷贝进镜像且会自动处理URL和解压tar压缩包 -
COPY将宿主机目录下的文件拷贝进镜像 -
CMD启动容器的命令分为
shell和exec格式,如果docker run设置了参数,则该命令失效 -
ENTRPOINT与CMD类似,但是不会被替换失效同时
CDM必须使用exec这样子的格式,作为变参的形式拼接到ENTRPOINT的后面ENTRPOINT ["nginx","-c"] CMD ["/etc/nginx/nginx.conf"]相当于
nginx -c /etc/nginx/nginx.conf
参考tomcat配件文件
# # NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" # # PLEASE DO NOT EDIT IT DIRECTLY. # FROM eclipse-temurin:17-jdk-jammy ENV CATALINA_HOME /usr/local/tomcat ENV PATH $CATALINA_HOME/bin:$PATH RUN mkdir -p "$CATALINA_HOME" WORKDIR $CATALINA_HOME # let "Tomcat Native" live somewhere isolated ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR # see https://www.apache.org/dist/tomcat/tomcat-11/KEYS # see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 ENV TOMCAT_MAJOR 11 ENV TOMCAT_VERSION 11.0.0-M3 ENV TOMCAT_SHA512 3ef407fccdb077268c62c55aea466c402db3050ab84711d8bf3cd45245c19ecfeba2ab8b768d4dabe1d11e0005dc94b469b5a30d2ae766b3aff4bb6220451a0c RUN set -eux; \ \ savedAptMark="$(apt-mark showmanual)"; \ apt-get update; \ apt-get install -y --no-install-recommends \ ca-certificates \ curl \ dirmngr \ gnupg \ ; \ \ ddist() { \ local f="$1"; shift; \ local distFile="$1"; shift; \ local mvnFile="${1:-}"; \ local success=; \ local distUrl=; \ for distUrl in \ # https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 "https://www.apache.org/dyn/closer.cgi?action=download&filename=$distFile" \ # if the version is outdated (or we're grabbing the .asc file), we might have to pull from the dist/archive :/ "https://downloads.apache.org/$distFile" \ "https://www-us.apache.org/dist/$distFile" \ "https://www.apache.org/dist/$distFile" \ "https://archive.apache.org/dist/$distFile" \ # if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ ; do \ if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ success=1; \ break; \ fi; \ done; \ [ -n "$success" ]; \ }; \ \ ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ export GNUPGHOME="$(mktemp -d)"; \ for key in $GPG_KEYS; do \ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ done; \ gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ tar -xf tomcat.tar.gz --strip-components=1; \ rm bin/*.bat; \ rm tomcat.tar.gz*; \ command -v gpgconf && gpgconf --kill all || :; \ rm -rf "$GNUPGHOME"; \ \ # https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications mv webapps webapps.dist; \ mkdir webapps; \ # we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) \ nativeBuildDir="$(mktemp -d)"; \ tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ apt-get install -y --no-install-recommends \ dpkg-dev \ gcc \ libapr1-dev \ libssl-dev \ make \ ; \ ( \ export CATALINA_HOME="$PWD"; \ cd "$nativeBuildDir/native"; \ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ aprConfig="$(command -v apr-1-config)"; \ ./configure \ --build="$gnuArch" \ --libdir="$TOMCAT_NATIVE_LIBDIR" \ --prefix="$CATALINA_HOME" \ --with-apr="$aprConfig" \ --with-java-home="$JAVA_HOME" \ ; \ nproc="$(nproc)"; \ make -j "$nproc"; \ make install; \ ); \ rm -rf "$nativeBuildDir"; \ rm bin/tomcat-native.tar.gz; \ \ # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies apt-mark auto '.*' > /dev/null; \ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ | awk '/=>/ { print $(NF-1) }' \ | xargs -rt readlink -e \ | sort -u \ | xargs -rt dpkg-query --search \ | cut -d: -f1 \ | sort -u \ | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ | xargs -r apt-mark manual \ ; \ \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ rm -rf /var/lib/apt/lists/*; \ \ # sh removes env vars it doesn't support (ones with periods) # https://github.com/docker-library/tomcat/issues/77 find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ \ # fix permissions (especially for running as non-root) # https://github.com/docker-library/tomcat/issues/35 chmod -R +rX .; \ chmod 777 logs temp work; \ \ # smoke test catalina.sh version # verify Tomcat Native is working properly RUN set -eux; \ nativeLines="$(catalina.sh configtest 2>&1)"; \ nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ nativeLines="$(echo "$nativeLines" | sort -u)"; \ if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ echo >&2 "$nativeLines"; \ exit 1; \ fi EXPOSE 8080 CMD ["catalina.sh", "run"] -
-
实战练习
-
下载
jdk-8u171-linux-x64.tar.gz -
编辑
Dockerfile文件,需与jdk同一目录#底层镜像 FROM centos:centos7 #维护者信息 MAINTAINER xxcheng<developer@xxcheng.cn> #配置环境变量 ENV MYPATH /usr/local #ADD 是相对路径jar,把jdk-8u171-linux-x64.tar.gz添加到容器中,安装包必须要和Dockerfile文>件在同一位置 ADD jdk-8u171-linux-x64.tar.gz /usr/local/java/ #配置java环境变量 ENV JAVA_HOME /usr/local/java/jdk1.8.0_171 ENV JRE_HOME $JAVA_HOME/jre ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar:$JRE_HOME/lib:$CLASSPATH ENV PATH $JAVA_HOME/bin:$PATH EXPOSE 80 CMD echo $MYPATH CMD echo "success--------------ok" CMD /bin/bash -
构建
docker build -t centos_java8:1.5 .
-
运行一个实例
docker run -it centos_java8:1.5
-
推送到私有库
-
-
参考
本作品采用 知识共享署名-相同方式共享 4.0 国际许可协议 进行许可。