本文共 13222 字,大约阅读时间需要 44 分钟。
背景
Docker文件是用来构建docker镜像的文件,由一系列命令和参数构成。
方法概述
使用三步骤:编写docker文件、构建镜像、运行容器
关键字字母必须大写,后面必须有一个空格,以及至少一个参数。每条指令都会创建一个新的镜像层,并对镜像层进行提交。
dockerfile是docker镜像的原材料,docker容器是运行着的镜像
注意,以下dockerfile中,#后面均为注释,编译时需要去掉所有注释
例子
自定义centos的dockerfile
from centos # 指定此dockerfile是基于哪个镜像的,至少基于scratch ENV mypath /tmp # 定义环境变量WORKDIR $mypath # 定义工作目录RUN yum -y install vim # 执行命令RUN yum -y install net-toolsEXPOSE 80 # 暴露端口号CMD /bin/bash # 执行最终命令,也可以使用json字符串的形式,比如CMD ["/bin/bash"]
然后编译,-f指定dockerfile,-t指定新的镜像名,.表示当前路径
$ docker build -f my_centos_dockerfile -t szc_centos .
输出如下
Sending build context to Docker daemon 4.096kBStep 1/7 : from centos---> 470671670cacStep 2/7 : ENV mypath /tmp---> Running in eaa3d946fbb4Removing intermediate container eaa3d946fbb4---> 8157d08e287eStep 3/7 : WORKDIR $mypath---> Running in 682be0d895aeRemoving intermediate container 682be0d895ae---> c014d4c29e27Step 4/7 : RUN yum -y install vim---> Running in f532a2aae2c9CentOS-8 - AppStream 1.5 MB/s | 6.5 MB 00:04CentOS-8 - Base 294 kB/s | 5.0 MB 00:17CentOS-8 - Extras 2.0 kB/s | 2.1 kB 00:01Dependencies resolved.================================================================================Package Arch Version Repository Size================================================================================Installing:vim-enhanced x86_64 2:8.0.1763-13.el8 AppStream 1.4 MInstalling dependencies:gpm-libs x86_64 1.20.7-15.el8 AppStream 39 kvim-common x86_64 2:8.0.1763-13.el8 AppStream 6.3 Mvim-filesystem noarch 2:8.0.1763-13.el8 AppStream 48 kwhich x86_64 2.21-10.el8 BaseOS 49 kTransaction Summary================================================================================Install 5 PackagesTotal download size: 7.8 MInstalled size: 31 MDownloading Packages:(1/5): gpm-libs-1.20.7-15.el8.x86_64.rpm 198 kB/s | 39 kB 00:00(2/5): vim-filesystem-8.0.1763-13.el8.noarch.rp 868 kB/s | 48 kB 00:00(3/5): vim-enhanced-8.0.1763-13.el8.x86_64.rpm 970 kB/s | 1.4 MB 00:01(4/5): vim-common-8.0.1763-13.el8.x86_64.rpm 1.7 MB/s | 6.3 MB 00:03(5/5): which-2.21-10.el8.x86_64.rpm 6.5 kB/s | 49 kB 00:07--------------------------------------------------------------------------------Total 908 kB/s | 7.8 MB 00:08warning: /var/cache/dnf/AppStream-02e86d1c976ab532/packages/gpm-libs-1.20.7-15.el8.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 8483c65d: NOKEYCentOS-8 - AppStream 1.6 MB/s | 1.6 kB 00:00Importing GPG key 0x8483C65D:Userid : "CentOS (CentOS Official Signing Key)"Fingerprint: 99DB 70FA E1D7 CE22 7FB6 4882 05B5 55B3 8483 C65DFrom : /etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficialKey imported successfullyRunning transaction checkTransaction check succeeded.Running transaction testTransaction test succeeded.Running transaction Preparing : 1/1 Installing : which-2.21-10.el8.x86_64 1/5 Installing : vim-filesystem-2:8.0.1763-13.el8.noarch 2/5 Installing : vim-common-2:8.0.1763-13.el8.x86_64 3/5 Installing : gpm-libs-1.20.7-15.el8.x86_64 4/5 Running scriptlet: gpm-libs-1.20.7-15.el8.x86_64 4/5 Installing : vim-enhanced-2:8.0.1763-13.el8.x86_64 5/5 Running scriptlet: vim-enhanced-2:8.0.1763-13.el8.x86_64 5/5 Running scriptlet: vim-common-2:8.0.1763-13.el8.x86_64 5/5 Verifying : gpm-libs-1.20.7-15.el8.x86_64 1/5 Verifying : vim-common-2:8.0.1763-13.el8.x86_64 2/5 Verifying : vim-enhanced-2:8.0.1763-13.el8.x86_64 3/5 Verifying : vim-filesystem-2:8.0.1763-13.el8.noarch 4/5 Verifying : which-2.21-10.el8.x86_64 5/5Installed: vim-enhanced-2:8.0.1763-13.el8.x86_64 gpm-libs-1.20.7-15.el8.x86_64 vim-common-2:8.0.1763-13.el8.x86_64 vim-filesystem-2:8.0.1763-13.el8.noarch which-2.21-10.el8.x86_64Complete!Removing intermediate container f532a2aae2c9---> e7e3f6dfc31bStep 5/7 : RUN yum -y install net-tools---> Running in 3fdcf50a41b2Last metadata expiration check: 0:00:15 ago on Sun Mar 8 08:33:26 2020.Dependencies resolved.================================================================================Package Architecture Version Repository Size================================================================================Installing:net-tools x86_64 2.0-0.51.20160912git.el8 BaseOS 323 kTransaction Summary================================================================================Install 1 PackageTotal download size: 323 kInstalled size: 1.0 MDownloading Packages:net-tools-2.0-0.51.20160912git.el8.x86_64.rpm 83 kB/s | 323 kB 00:03--------------------------------------------------------------------------------Total 61 kB/s | 323 kB 00:05Running transaction checkTransaction check succeeded.Running transaction testTransaction test succeeded.Running transaction Preparing : 1/1 Installing : net-tools-2.0-0.51.20160912git.el8.x86_64 1/1 Running scriptlet: net-tools-2.0-0.51.20160912git.el8.x86_64 1/1 Verifying : net-tools-2.0-0.51.20160912git.el8.x86_64 1/1Installed: net-tools-2.0-0.51.20160912git.el8.x86_64Complete!Removing intermediate container 3fdcf50a41b2---> 654c150a48f3Step 6/7 : EXPOSE 80---> Running in 7b15e7a16d5dRemoving intermediate container 7b15e7a16d5d---> 86ff656eb4cbStep 7/7 : CMD /bin/bash---> Running in 89d9605dcbecRemoving intermediate container 89d9605dcbec---> 57bd622f6cb2Successfully built 57bd622f6cb2Successfully tagged szc_centos:latestSECURITY WARNING: You are building a Docker image from Windows against a non-Windows Docker host. All files and directories added to build context will have '-rwxr-xr-x' permissions. It is recommended to double check and reset permissions for sensitive files and directories.
构建完成,然后运行此镜像的一个容器
$ docker run -it szc_centos[root@32a8169c4044 tmp]#
会发现默认路径就是我们在dockerfile里指定的工作目录/tmp,并且ifconfig、vim命令是可用的
[root@32a8169c4044 tmp]# ifconfigeth0: flags=4163mtu 1500 inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255 ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet) RX packets 14 bytes 1116 (1.0 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0lo: flags=73 mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 loop txqueuelen 1000 (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0[root@32a8169c4044 tmp]# vim test.txt[root@32a8169c4044 tmp]#
我们也可以查看这个镜像的历史
$ docker images REPOSITORY TAG IMAGE ID CREATED SIZEszc_centos latest 57bd622f6cb2 5 minutes ago 327MB...$ docker history 57bd622f6cb2IMAGE CREATED CREATED BY SIZE COMMENT57bd622f6cb2 6 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "/bin… 0B86ff656eb4cb 6 minutes ago /bin/sh -c #(nop) EXPOSE 80 0B654c150a48f3 6 minutes ago /bin/sh -c yum -y install net-tools 26.5MBe7e3f6dfc31b 6 minutes ago /bin/sh -c yum -y install vim 63.2MBc014d4c29e27 6 minutes ago /bin/sh -c #(nop) WORKDIR /tmp 0B8157d08e287e 6 minutes ago /bin/sh -c #(nop) ENV mypath=/tmp 0B470671670cac 7 weeks ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B7 weeks ago /bin/sh -c #(nop) LABEL org.label-schema.sc… 0B 7 weeks ago /bin/sh -c #(nop) ADD file:aa54047c80ba30064… 237MB
CMD与ENDTRYPOINT
CMD:dockerfile中可以有多个CMD指令,但只有最后一个生效,并且CMD会被docker run之后的参数替换
$ docker run -it -p 7777:8080 tomcat ls -ltotal 156-rw-r--r-- 1 root root 19318 Feb 5 22:30 BUILDING.txt-rw-r--r-- 1 root root 5408 Feb 5 22:30 CONTRIBUTING.md-rw-r--r-- 1 root root 57011 Feb 5 22:30 LICENSE-rw-r--r-- 1 root root 1726 Feb 5 22:30 NOTICE-rw-r--r-- 1 root root 3255 Feb 5 22:30 README.md-rw-r--r-- 1 root root 7136 Feb 5 22:30 RELEASE-NOTES-rw-r--r-- 1 root root 16262 Feb 5 22:30 RUNNING.txtdrwxr-xr-x 2 root root 4096 Feb 27 07:56 bindrwxr-xr-x 2 root root 4096 Feb 5 22:30 confdrwxr-xr-x 2 root root 4096 Feb 27 07:56 includedrwxr-xr-x 2 root root 4096 Feb 27 07:56 libdrwxrwxrwx 2 root root 4096 Feb 5 22:26 logsdrwxr-xr-x 3 root root 4096 Feb 27 07:56 native-jni-libdrwxrwxrwx 2 root root 4096 Feb 27 07:56 tempdrwxr-xr-x 2 root root 4096 Feb 27 07:56 webappsdrwxr-xr-x 7 root root 4096 Feb 5 22:28 webapps.distdrwxrwxrwx 2 root root 4096 Feb 5 22:26 work
所以上面的命令根本没有启动tomcat,只是列出了tomcat根目录下的文件
ENTRYPOINT:docker run之后的参数会被传递给ENTRYPOINT指令,形成新的指令组合
例如,以下是用ENTRYPOINT访问http://ip.cn的dockerfile
FROM centosRUN yum install -y curlENTRYPOINT ["curl", "-s", "http://ip.cn"]
而后编译
$ docker build -f myip_docker -t myip .Sending build context to Docker daemon 6.144kBStep 1/3 : FROM centos---> 470671670cacStep 2/3 : RUN yum install -y curl---> Running in 1b3f6d832cfcCentOS-8 - AppStream 807 kB/s | 6.5 MB 00:08CentOS-8 - Base 161 kB/s | 5.0 MB 00:31CentOS-8 - Extras 734 B/s | 2.1 kB 00:02Last metadata expiration check: 0:00:01 ago on Sun Mar 8 09:00:19 2020.Package curl-7.61.1-11.el8.x86_64 is already installed.Dependencies resolved.Nothing to do.Complete!Removing intermediate container 1b3f6d832cfc---> e1fe1b0a21a5Step 3/3 : ENTRYPOINT ["curl", "-s", "http://ip.cn"]---> Running in b6dbd548d2f0Removing intermediate container b6dbd548d2f0---> d144c16678cdSuccessfully built d144c16678cdSuccessfully tagged myip:latestSECURITY WARNING: You are building a Docker image from Windows against a non-Windows Docker host. All files and directories added to build context will have '-rwxr-xr-x' permissions. It is recommended to double check and reset permissions for sensitive files and directories.
运行myip容器时可以加上新的选项,来传给dockerfile里的curl命令
$ docker run -it myip -iHTTP/1.1 403 ForbiddenDate: Sun, 08 Mar 2020 09:01:12 GMTContent-Type: text/plain; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveSet-Cookie: __cfduid=d1143a1df005fa16e02870ec8c10c51811583658072; expires=Tue, 07-Apr-20 09:01:12 GMT; path=/; domain=.ip.cn; HttpOnly; SameSite=Lax; SecureCache-Control: max-age=15Expires: Sun, 08 Mar 2020 09:01:27 GMTAlt-Svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400Server: cloudflareCF-RAY: 570b5ec859dfd93a-HKGerror code: 1020
ONBUILD案例
ONBUILD关键字用来指定当此dockerfile被引用时执行的命令。
以下是案例:先构建myip_docker
FROM centosRUN yum install -y curlENTRYPOINT ["curl", "-s", "https://www.uestc.edu.cn/"]ONBUILD RUN echo "Father image onbuild finished.."
然后构建镜像
$ docker build -f myip_docker -t myip .
再编写mydocker_son,引用镜像myip
FROM myipRUN yum install -y curlCMD ["curl", "-s", "http://www.baidu.com"]
使用此文件构建镜像时,myip的dockerfile中的ONBUILD语句就会执行
$ docker build -f myip_son -t myip_son ....Father image onbuild finished.....Successfully built 770b567e828fSuccessfully tagged myip_son:latest...
自定义tomcat
dockerfile内容如下,编译此文件需要其所在目录下有c.txt、jdk-8u171-linux-x64.tar.gz和apache-tomcat-9.0.8.tar.gz三个文件
FROM centosMAINTAINER songzecengCOPY c.txt /usr/local/c_s.txt # 把文件复制到镜像指定文件中ADD jdk-8u171-linux-x64.tar.gz /usr/local/ # 把压缩包解压后复制到镜像指定目录中ADD apache-tomcat-9.0.8.tar.gz /usr/local/RUN yum -y install vimENV MYPATH /usr/localWORKDIR $MYPATHENV JAVA_HOME /usr/local/jdk1.8.0_171ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jarENV CATALINA_HOME /usr/local/apache-tomcat-9.0.8ENV CATALINA_BASE /usr/local/apache-tomcat-9.0.8ENV PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/lib:$CATALINA_HOME/binEXPOSE 8080CMD $CATALINA_HOME/bin/startup.sh && tail -F $CATALINA_HOME/bin/logs/logs.txt # 输出日志
而后编译
$ docker build -f my_tomcat_docker -t szc_tomcat .
最后运行
$ docker run -d -p 9080:8080 --name szc_tomcat_00 -v /c/Users/songzeceng/tomcat/out:/usr/local/apache-tomcat-9.0.8/webapps/test -v /c/Users/songzeceng.tomcat/logs:/usr/local/apache-tomcat-9.0.8/logs --privileged=true szc_tomcat
-d表示后台运行容器,然后指定端口映射、容器名字,以及两个数据卷,最后--privileged=true确保容器可写
转载地址:https://blog.csdn.net/qq_37475168/article/details/105028678 如侵犯您的版权,请留言回复原文章的地址,我们会给您删除此文章,给您带来不便请您谅解!