使用Dockerfile的构建与编译

  |   0 评论   |   0 浏览

方法概述

使用三步骤:编写docker文件、构建镜像、运行容器

关键字字母必须大写,后面必须有一个空格,以及至少一个参数。每条指令都会创建一个新的镜像层,并对镜像层进行提交。

dockerfile是docker镜像的原材料,docker容器是运行着的镜像

注意,以下dockerfile中,#后面均为注释,编译时需要去掉所有注释

例子

自定义centos的dockerfile

from centos  # 指定此dockerfile是基于哪个镜像的,至少基于scratch
ENV mypath /tmp  # 定义环境变量WORKDIR $mypath  # 定义工作目录
RUN yum -y install vim  # 执行命令
RUN yum -y install net-toolsEXPOSE 80  # 暴露端口号
CMD /bin/bash  # 执行最终命令,也可以使用json字符串的形式,比如CMD ["/bin/bash"]

然后编译,-f指定dockerfile,-t指定新的镜像名,.表示当前路径

$ docker build -f my_centos_dockerfile -t szc_centos .

构建完成,然后运行此镜像的一个容器

$ docker run -it szc_centos

[root@32a8169c4044 tmp]#
会发现默认路径就是我们在dockerfile里指定的工作目录/tmp,并且ifconfig、vim命令是可用的

[root@32a8169c4044 tmp]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42🇦🇨11:00:02 txqueuelen 0 (Ethernet)
RX packets 14 bytes 1116 (1.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

[root@32a8169c4044 tmp]# vim test.txt
[root@32a8169c4044 tmp]#
我们也可以查看这个镜像的历史

$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
szc_centos latest 57bd622f6cb2 5 minutes ago 327MB
...

$ docker history 57bd622f6cb2

IMAGE CREATED CREATED BY SIZE COMMENT
57bd622f6cb2 6 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "/bin… 0B
86ff656eb4cb 6 minutes ago /bin/sh -c #(nop) EXPOSE 80 0B
654c150a48f3 6 minutes ago /bin/sh -c yum -y install net-tools 26.5MB
e7e3f6dfc31b 6 minutes ago /bin/sh -c yum -y install vim 63.2MB
c014d4c29e27 6 minutes ago /bin/sh -c #(nop) WORKDIR /tmp 0B
8157d08e287e 6 minutes ago /bin/sh -c #(nop) ENV mypath=/tmp 0B
470671670cac 7 weeks ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B
<missing> 7 weeks ago /bin/sh -c #(nop) LABEL org.label-schema.sc… 0B
<missing> 7 weeks ago /bin/sh -c #(nop) ADD file:aa54047c80ba30064… 237MB
CMD与ENDTRYPOINT
CMD:dockerfile中可以有多个CMD指令,但只有最后一个生效,并且CMD会被docker run之后的参数替换

$ docker run -it -p 7777:8080 tomcat ls -l

total 156
-rw-r--r-- 1 root root 19318 Feb 5 22:30 BUILDING.txt
-rw-r--r-- 1 root root 5408 Feb 5 22:30 CONTRIBUTING.md
-rw-r--r-- 1 root root 57011 Feb 5 22:30 LICENSE
-rw-r--r-- 1 root root 1726 Feb 5 22:30 NOTICE
-rw-r--r-- 1 root root 3255 Feb 5 22:30 README.md
-rw-r--r-- 1 root root 7136 Feb 5 22:30 RELEASE-NOTES
-rw-r--r-- 1 root root 16262 Feb 5 22:30 RUNNING.txt
drwxr-xr-x 2 root root 4096 Feb 27 07:56 bin
drwxr-xr-x 2 root root 4096 Feb 5 22:30 conf
drwxr-xr-x 2 root root 4096 Feb 27 07:56 include
drwxr-xr-x 2 root root 4096 Feb 27 07:56 lib
drwxrwxrwx 2 root root 4096 Feb 5 22:26 logs
drwxr-xr-x 3 root root 4096 Feb 27 07:56 native-jni-lib
drwxrwxrwx 2 root root 4096 Feb 27 07:56 temp
drwxr-xr-x 2 root root 4096 Feb 27 07:56 webapps
drwxr-xr-x 7 root root 4096 Feb 5 22:28 webapps.dist
drwxrwxrwx 2 root root 4096 Feb 5 22:26 work
所以上面的命令根本没有启动tomcat,只是列出了tomcat根目录下的文件

ENTRYPOINT:docker run之后的参数会被传递给ENTRYPOINT指令,形成新的指令组合

例如,以下是用ENTRYPOINT访问http://ip.cn的dockerfile

FROM centos

RUN yum install -y curl

ENTRYPOINT ["curl", "-s", "http://ip.cn"]
而后编译

$ docker build -f myip_docker -t myip .

Sending build context to Docker daemon 6.144kB
Step 1/3 : FROM centos
---> 470671670cac
Step 2/3 : RUN yum install -y curl
---> Running in 1b3f6d832cfc
CentOS-8 - AppStream 807 kB/s | 6.5 MB 00:08
CentOS-8 - Base 161 kB/s | 5.0 MB 00:31
CentOS-8 - Extras 734 B/s | 2.1 kB 00:02
Last metadata expiration check: 0:00:01 ago on Sun Mar 8 09:00:19 2020.
Package curl-7.61.1-11.el8.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!
Removing intermediate container 1b3f6d832cfc
---> e1fe1b0a21a5
Step 3/3 : ENTRYPOINT ["curl", "-s", "http://ip.cn"]
---> Running in b6dbd548d2f0
Removing intermediate container b6dbd548d2f0
---> d144c16678cd
Successfully built d144c16678cd
Successfully tagged myip:latest
SECURITY WARNING: You are building a Docker image from Windows against a non-Windows Docker host. All files and directories added to build context will have '-rwxr-xr-x' permissions. It is recommended to double check and reset permissions for sensitive files and directories.
运行myip容器时可以加上新的选项,来传给dockerfile里的curl命令

$ docker run -it myip -i

HTTP/1.1 403 Forbidden
Date: Sun, 08 Mar 2020 09:01:12 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d1143a1df005fa16e02870ec8c10c51811583658072; expires=Tue, 07-Apr-20 09:01:12 GMT; path=/; domain=.ip.cn; HttpOnly; SameSite=Lax; Secure
Cache-Control: max-age=15
Expires: Sun, 08 Mar 2020 09:01:27 GMT
Alt-Svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
Server: cloudflare
CF-RAY: 570b5ec859dfd93a-HKG

error code: 1020

ONBUILD案例
ONBUILD关键字用来指定当此dockerfile被引用时执行的命令。

以下是案例:先构建myip_docker

FROM centos

RUN yum install -y curl

ENTRYPOINT ["curl", "-s", "https://www.uestc.edu.cn/"]

ONBUILD RUN echo "Father image onbuild finished.."
然后构建镜像

$ docker build -f myip_docker -t myip .
再编写mydocker_son,引用镜像myip

FROM myip

RUN yum install -y curl

CMD ["curl", "-s", "http://www.baidu.com"]
使用此文件构建镜像时,myip的dockerfile中的ONBUILD语句就会执行

$ docker build -f myip_son -t myip_son .

...
Father image onbuild finished..
...
Successfully built 770b567e828f
Successfully tagged myip_son:latest
...
自定义tomcat
dockerfile内容如下,编译此文件需要其所在目录下有c.txt、jdk-8u171-linux-x64.tar.gz和apache-tomcat-9.0.8.tar.gz三个文件

FROM centos
MAINTAINER songzeceng

COPY c.txt /usr/local/c_s.txt # 把文件复制到镜像指定文件中

ADD jdk-8u171-linux-x64.tar.gz /usr/local/ # 把压缩包解压后复制到镜像指定目录中
ADD apache-tomcat-9.0.8.tar.gz /usr/local/

RUN yum -y install vim

ENV MYPATH /usr/local
WORKDIR $MYPATH

ENV JAVA_HOME /usr/local/jdk1.8.0_171
ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
ENV CATALINA_HOME /usr/local/apache-tomcat-9.0.8
ENV CATALINA_BASE /usr/local/apache-tomcat-9.0.8
ENV PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/lib:$CATALINA_HOME/bin

EXPOSE 8080

CMD $CATALINA_HOME/bin/startup.sh && tail -F $CATALINA_HOME/bin/logs/logs.txt # 输出日志
而后编译

$ docker build -f my_tomcat_docker -t szc_tomcat .
最后运行

$ docker run -d -p 9080:8080 --name szc_tomcat_00 -v /c/Users/songzeceng/tomcat/out:/usr/local/apache-tomcat-9.0.8/webapps/test -v /c/Users/songzeceng.tomcat/logs:/usr/local/apache-tomcat-9.0.8/logs --privileged=true szc_tomcat
-d表示后台运行容器,然后指定端口映射、容器名字,以及两个数据卷,最后--privileged=true确保容器可写

原文链接:https://blog.csdn.net/qq_37475168/article/details/105028678


标题:使用Dockerfile的构建与编译
作者:zytops
地址:https://zytops.com/articles/2023/02/15/1676447358062.html