dockerfile实践
需求:通过dockerfile,构建nginx镜像,且容器运行后,生成的页面显示“书季,要攒劲哦~”
#1、穿件dockerfile,注意文件名必须是这个。
[root@Hadoop2 learn_docker]# cat dockerfile
FROM nginx
RUN echo '<meta charset=utf8>书季,要攒劲哦~' > /usr/share/nginx/html/index.html
#运行该镜像
docker run -d -p 80:80 my-nginx
构建dockerfile
[root@Hadoop2 learn_docker]# docker build .
[+] Building 0.2s (4/5) docker:default
[+] Building 0.3s (4/5) docker:default
[+] Building 0.5s (4/5) docker:default
[+] Building 0.6s (4/5) docker:default
[+] Building 0.6s (6/6) FINISHED docker:default
=> [internal] load build definition from dockerfile 0.0s
=> => transferring dockerfile: 136B 0.0s
=> [internal] load .dockerignore 0.0s => => transferring context: 2B 0.0s => [internal] load metadata for docker.io/library/nginx:latest 0.0s => [1/2] FROM docker.io/library/nginx 0.0s => [2/2] RUN echo '<meta charset=utf8>书季,要攒劲哦~' > /usr/share/nginx/html/index.html 0.6s
=> exporting to image 0.0s
=> => exporting layers 0.0s
=> => writing image sha256:a11bcc0eb36abea562c257ded795d2906e4e709bed7deb1f510e452c11afd05f 0.0s
[root@Hadoop2 learn_docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> a11bcc0eb36a 2 minutes ago 187MB
shujidockerhuzhangao/jingxiangming latest e2ce129f8ae8 35 hours ago 559MB
<none> <none> b57d813f9e5d 3 days ago 559MB
redis latest da63666bbe9a 6 days ago 138MB
nginx latest f5a6b296b8a2 2 weeks ago 187MB
centos latest 5d0da3dc9764 2 years ago 231MB
[root@Hadoop2 learn_docker]# 更换镜像名称
[root@Hadoop2 learn_docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> a11bcc0eb36a 2 minutes ago 187MB
shujidockerhuzhangao/jingxiangming latest e2ce129f8ae8 35 hours ago 559MB
<none> <none> b57d813f9e5d 3 days ago 559MB
redis latest da63666bbe9a 6 days ago 138MB
nginx latest f5a6b296b8a2 2 weeks ago 187MB
centos latest 5d0da3dc9764 2 years ago 231MB
更换镜像名称
[root@Hadoop2 learn_docker]# docker tag a11bcc0eb36a my_nginx
[root@Hadoop2 learn_docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
my_nginx latest a11bcc0eb36a 11 minutes ago 187MB
shujidockerhuzhangao/jingxiangming latest e2ce129f8ae8 35 hours ago 559MB
<none> <none> b57d813f9e5d 3 days ago 559MB
redis latest da63666bbe9a 6 days ago 138MB
nginx latest f5a6b296b8a2 2 weeks ago 187MB
centos latest 5d0da3dc9764 2 years ago 231MB
构建出的镜像如下
[root@Hadoop2 learn_docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
my_nginx latest a11bcc0eb36a 11 minutes ago 187MB
运行该镜像
[root@Hadoop2 learn_docker]# docker run -d -p 80:80 my_nginx
bed35ba39a9259941777659603e2098051ea2365686191ac4c5b73097a093341
[root@Hadoop2 learn_docker]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
bed35ba39a92 my_nginx "/docker-entrypoint.…" About a minute ago Up About a minute 0.0.0.0:80->80/tcp, :::80->80/tcp thirsty_tesla
查看宿主机的80端口。用的虚拟机ip进去看的。
如何下指令该怎么用
#COPY
copy chaoge.py /home/
#支持多个文件,以及通配符形式复制,语法要满足Golang的filepath.Match
copy chaoge& /tmp/cc?.text. /home/
#ADD
ADD chaoge.tgz
RUN Linux命令(XXX修改命令)
#CMD在容器内运行某个命令,启动程序
CMD["参数1",“参数2”]
docker不是虚拟机,容器就是一个进程,既然是进程,那么程序在启动的时候就需要指定某些运行参数,这就是CMD指令的作用
[root@Hadoop2 learn_docker]# docker run -it centos
[root@321efadff6f0 /]# exit
exit
[root@Hadoop2 learn_docker]# docker run -it centos bash
[root@3d9f6273908d /]#exit
exit
CMD["/bin/bash"]
[root@Hadoop2 learn_docker]# docker run -it centos /bin/bash
[root@6a4053428167 /]#
#该容器运行时,执行的命令:
CMD["cat","/etc/os-release"]
#等同于命令行的直接操作:
[root@Hadoop2 learn_docker]# docker run -it centos cat /etc/os-release容器内运行程序
把宿主机安装,启动nginx的理念放到dockerfile
1、RUN yum install nginx
2、RUN 配置文件修改 sed
3、RUN systemctl start nginx 错,容器内的程序必须在前台执行,你的容器是启动不了的
4、正确的应该是CMD[“nginx”,"-g",“daemon of;”]
用dockerfile制作镜像
[root@Hadoop2 learn_docker]# vim dockerfile
[root@Hadoop2 learn_docker]# cat dockerfile
FROM centos:7.8.2003
RUN rpm --rebuilddb && yum install epel-release -y
RUN rpm --rebuilddb && yum install curl -y
CMD ["curl","-S","http:"//ipinfo.io/ip"]
[root@Hadoop2 learn_docker]# docker build .
[+] Building 59.2s (7/7) FINISHED docker:default
=> [internal] load build definition from dockerfile 0.0s
=> => transferring dockerfile: 196B 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/centos:7.8.2003 6.8s
=> [1/3] FROM docker.io/library/centos:7.8.2003@sha256:8540a199ad51c6b7b51492fa9fee27549fd11b3bb913e888ab2ccf77cbb72cc1 15.9s
=> => resolve docker.io/library/centos:7.8.2003@sha256:8540a199ad51c6b7b51492fa9fee27549fd11b3bb913e888ab2ccf77cbb72cc1 0.0s
=> => sha256:afb6fca791e071c66276202f8efca5ce3d3dc4fb218bcddff1bc565d981ddd1e 2.79kB / 2.79kB 0.0s
=> => sha256:9b4ebb48de8dbb85a3d9fbdec4d28a3e2e14912f27b7234c10c1658a05c320a5 75.84MB / 75.84MB 12.6s
=> => sha256:8540a199ad51c6b7b51492fa9fee27549fd11b3bb913e888ab2ccf77cbb72cc1 319B / 319B 0.0s
=> => sha256:50b9a3bc27378889210f88d6d0695938e45a912aa99b3fdacfb9a0fef511f15a 529B / 529B 0.0s
=> => extracting sha256:9b4ebb48de8dbb85a3d9fbdec4d28a3e2e14912f27b7234c10c1658a05c320a5 3.0s
=> [2/3] RUN rpm --rebuilddb && yum install epel-release -y 22.2s
=> [3/3] RUN rpm --rebuilddb && yum install curl -y 13.7s
=> exporting to image 0.6s
=> => exporting layers 0.6s
=> => writing image sha256:4864d24a31c6a8da2a646ae4aece4dbaf8c4e0dd55feed18eda1c24e5db4c2ff 0.0s检查镜像:
[root@Hadoop2 learn_docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos_curl latest 4864d24a31c6 31 minutes ago 635MB
centos latest 4864d24a31c6 31 minutes ago 635MB
运行镜像,生成容器记录,没有前台运行,因此前台立即挂了
运行此镜像
[root@Hadoop2 learn_docker]# docker run centos_shuji
221.237.228.177[root@Hadoop2 learn_docker]#
[root@Hadoop2 learn_docker]# curl -s http://ipinfo.io/
{
"ip": "221.237.228.177",
"hostname": "177.228.237.221.broad.cd.sc.dynamic.163data.com.cn",
"city": "Chengdu",
"region": "Sichuan",
"country": "CN",
"loc": "30.6667,104.0667",
"org": "AS4134 CHINANET-BACKBONE",
"timezone": "Asia/Shanghai",
"readme": "https://ipinfo.io/missingauth"
}[root@Hadoop2 learn_docker]# 上述运行正确,但是我想传入一个参数,该怎么办?
发现是无法直接传入参数的,该形式会覆盖镜像中的cmd
就好比把docker镜像,当做一个环境,去执行后面的命令
[root@Hadoop2 learn_docker]# docker run centos_shuji
221.237.228.177[root@Hadoop2 learn_docker]#
[root@Hadoop2 learn_docker]# docker run centos_shuji pwd
/
想要正确的给容器传入一个-I参数该怎么办?
希望容器内能够正确完整执行以下命令
curl -s http://ipinfo.io/ -i解决方法一:给容器传入新的完整的命令。有违dockerfile精神的方法。
[root@Hadoop2 learn_docker]# docker run centos_shuji curl -s http://ipinfo.io/ -I
HTTP/1.1 200 OK
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-type: application/json; charset=utf-8
content-length: 302
date: Thu, 28 Sep 2023 08:25:32 GMT
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
Via: 1.1 google
[root@Hadoop2 learn_docker]#
解决方法二:正确的方法应该使用ENTRYPOINT
修改dockerfile,如下:
FROM centos:7.2.1511
RUN rpm --rebuilddb && yum install epel-release -y
RUN rpm --rebuilddb && yum install curl -y
ENTRYPOINT ["curl","-s","http://ipinfo.io/ip"]重新构建镜像
[root@Hadoop2 learn_docker]# docker build .
[+] Building 2.8s (7/7) FINISHED docker:default
=> [internal] load build definition from dockerfile 0.0s
=> => transferring dockerfile: 204B 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/centos:7.2.1511 2.7s
=> [1/3] FROM docker.io/library/centos:7.2.1511@sha256:50cca1e74da4b6a4eb4ade029c8fdd4ee8564776801914d9bd89df8c6344add0 0.0s
=> CACHED [2/3] RUN rpm --rebuilddb && yum install epel-release -y 0.0s
=> CACHED [3/3] RUN rpm --rebuilddb && yum install curl -y 0.0s
=> exporting to image 0.0s
=> => exporting layers 0.0s
=> => writing image sha256:e1050cc4a79dd1425121661373ebbd1b81aae944caf9c630475ae962d3ed3fed 重新运行该镜像,看结果,以及传入新的参数
[root@Hadoop2 learn_docker]# docker tag e1050cc4a79d centos_curl_new
[root@Hadoop2 learn_docker]# docker run centos_curl_new
221.237.228.177[root@Hadoop2 learn_docker]#
此时传入的CMD指令,当做了ENTRYPOINT的参数
221.237.228.177[root@Hadoop2 learn_docker]# docker run centos_curl_new -I
HTTP/1.1 405 Method Not Allowed
server: fasthttp
date: Thu, 28 Sep 2023 08:53:09 GMT
content-type: text/plain; charset=utf-8
content-length: 18
allow: GET, OPTIONS
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=2592000; includeSubDomains
Via: 1.1 google
