目录
基于已有容器创建镜像
Dockerfile构建SSHD镜像
构建镜像
测试容器 可以登陆
Dockerfile构建httpd镜像
构建镜像
测试容器
Dockerfile构建nginx镜像
构建镜像
概述:
Docker 镜像是Docker容器技术中的核心,也是应用打包构建发布的标准格式。一个完整的镜像可以支撑多个容器的运行,在Docker的整个使用过程中,进入一个已经定型的容器之后,就可以在容器中进行操作,最常见的操作就是在容器中安装应用服务。
如果想要把已经安装的服务容器进行迁移,就需要把环境以及部署的服务生成新的镜像。
程序打包方式:
- 打包成Tar包
- 打包成rpm包
- 打包成镜像
构建方式
1、基于已有的容器创建镜像
2、基于本地模板创建镜像
3、基于Dockerfile创建镜像
基于已有容器创建镜像
基于现有镜像创建主要使用 docker commit 命令,即把一个容器里面运行的程序以及该程序的运行环境打包起来生成新的镜像。
命令格式:
docker commit [选项] 容器ID/名称 仓库名称:[标签]
常用选项:
- -m 说明信息;
- -a 作者信息;
- -p 生成过程中停止容器的运行。
首先启动一个镜像,在容器里做相应的修改,然后将修改后的容器提交为新的镜像。需要记住该容器的ID号。
[root@localhost ~]# cat centos-7-x86_64.tar.gz |docker import - centos:7
sha256:790d0b6eb9de3d7ba8df7d91a54d236b381f4800ac751205a1fb6b77cc0c7efd
[root@localhost sshd]# docker run -it centos:7 /bin/bash
WARNING: IPv4 forwarding is disabled. Networking will not work.
[root@d80919f3c00c /]# ls
bin dev fastboot lib lost+found mnt proc run srv tmp var
boot etc home lib64 media opt root sbin sys usr
[root@d80919f3c00c /]# touch lifenghai 创建测试文件
[root@d80919f3c00c /]# ls
bin dev fastboot lib lifenghai media opt root sbin sys usr
boot etc home lib64 lost+found mnt proc run srv tmp var
[root@d80919f3c00c /]# exit
exit
[root@localhost sshd]# docker commit -m "crushlinux test images" -a "crushlinux" d80919f3c00c centos7:ddd
sha256:595d590702ffc0ca7e23f11f552266c924261c5966f7634de96ba7dfe6a547c3
[root@localhost sshd]# docker images centos7:ddd
REPOSITORY TAG IMAGE ID CREATED SIZE
centos7 ddd 595d590702ff 25 seconds ago 589 MB
[root@localhost sshd]# docker run -it centos7:ddd /bin/bash
WARNING: IPv4 forwarding is disabled. Networking will not work.
[root@14ad9a706c54 /]# ls
bin dev fastboot lib lifenghai media opt root sbin sys usr
boot etc home lib64 lost+found mnt proc run srv tmp var
这是一个Docker命令,用于将一个容器的更改保存为新的镜像。具体解释如下:
docker commit:Docker命令,用于提交容器的更改。-m "crushlinux test images":使用-m参数指定提交的消息,这里是"crushlinux test images"。-a "crushlinux":使用-a参数指定作者,这里是"crushlinux"。d281f905fb30:容器的ID或名称,表示要提交更改的容器。centos7:new:新镜像的名称和标签,这里是"centos7:new"。因此,该命令的意思是将容器ID为
d281f905fb30的容器的更改保存为名为"centos7:new"的新镜像,并指定了提交消息为"crushlinux test images",作者为"crushlinux"。
Dockerfile构建SSHD镜像
关闭防火墙规则
iptables -F
setenforce 0
systemctl stop firewalld修改配置
[root@localhost ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 8.8.8.8
search localdomain
创建备用目录
[root@localhost ~]# mkdir sshd
获取密钥
[root@localhost ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:6j2zE3PzgNt4sQdpeR0BUSO4NCrtnissqN4xHJZVoLE root@localhost.localdomain
The key's randomart image is:
+---[RSA 2048]----+
| . ... .++o |
| + . + ... |
| E . . o o . |
| o . o . . |
| + oS. o . . |
| o . .= X . . |
| = ... X O |
| o +.o.O + o |
|oo . ...+B . |
+----[SHA256]-----+
拷贝文件
[root@localhost ~]# cp .ssh/id_rsa.pub sshd/
[root@localhost ~]# cd sshd/
[root@localhost ~]# ll
总用量 591996
-rw-------. 1 root root 1415 7月 31 19:02 anaconda-ks.cfg
-rw-r--r--. 1 root root 221692852 7月 17 2020 centos-7-x86_64.tar.gz
-rw-r--r--. 1 root root 238594048 7月 31 14:26 centos-exp
-rw-------. 1 root root 145905152 7月 31 14:36 nginx-images
drwxr-xr-x. 2 root root 47 8月 2 13:57 sshd
导入镜像
[root@localhost ~]# cat centos-7-x86_64.tar.gz |docker import - centos:7
sha256:790d0b6eb9de3d7ba8df7d91a54d236b381f4800ac751205a1fb6b77cc0c7efd
编写Dockerfile文件
[root@localhost sshd]# vim Dockerfile
#基于的基础镜像
FROM centos:7
#镜像作者信息
MAINTAINER Crushlinux <crushlinux@163.com>
#镜像执行的命令
RUN yum -y install openssh-server net-tools openssh-devel lsof telnet
RUN sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
RUN ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
ADD id_rsa.pub /root/.ssh/authorized_keys
#定义时区
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
#开启 22 端口
EXPOSE 22
#启动容器时执行指令
CMD ["/usr/sbin/sshd" , "-D"]
~
~
重启
[root@localhost sshd]# systemctl restart network
[root@localhost sshd]# systemctl restart docker
构建镜像
[root@localhost sshd]# docker build -t sshd:new .
Sending build context to Docker daemon 3.584 kB
Step 1/9 : FROM centos:7
---> 790d0b6eb9de
Step 2/9 : MAINTAINER Crushlinux <crushlinux@163.com>
---> Using cache
---> f5d4ad40d1df
Step 3/9 : RUN yum -y install openssh-server net-tools openssh-devel lsof telnet
---> Running in bdb9cc0dfb6c
Loaded plugins: fastestmirror
Determining fastest mirrors
* base: mirrors.bfsu.edu.cn
* extras: mirrors.ustc.edu.cn
* updates: mirrors.ustc.edu.cn
No package openssh-devel available.
Resolving Dependencies
--> Running transaction check
---> Package lsof.x86_64 0:4.87-4.el7 will be updated
---> Package lsof.x86_64 0:4.87-6.el7 will be an update
---> Package net-tools.x86_64 0:2.0-0.25.20131004git.el7 will be installed
---> Package openssh-server.x86_64 0:6.6.1p1-25.el7_2 will be updated
---> Package openssh-server.x86_64 0:7.4p1-22.el7_9 will be an update
--> Processing Dependency: openssh = 7.4p1-22.el7_9 for package: openssh-server-7.4p1-22.el7_9.x86_64
--> Processing Dependency: libcrypto.so.10(OPENSSL_1.0.2)(64bit) for package: openssh-server-7.4p1-22.el7_9.x86_64
---> Package telnet.x86_64 1:0.17-59.el7 will be updated
---> Package telnet.x86_64 1:0.17-66.el7 will be an update
--> Running transaction check
---> Package openssh.x86_64 0:6.6.1p1-25.el7_2 will be updated
--> Processing Dependency: openssh = 6.6.1p1-25.el7_2 for package: openssh-clients-6.6.1p1-25.el7_2.x86_64
---> Package openssh.x86_64 0:7.4p1-22.el7_9 will be an update
---> Package openssl-libs.x86_64 1:1.0.1e-51.el7_2.5 will be updated
--> Processing Dependency: openssl-libs(x86-64) = 1:1.0.1e-51.el7_2.5 for package: 1:openssl-1.0.1e-51.el7_2.5.x86_64
---> Package openssl-libs.x86_64 1:1.0.2k-26.el7_9 will be an update
--> Running transaction check
---> Package openssh-clients.x86_64 0:6.6.1p1-25.el7_2 will be updated
---> Package openssh-clients.x86_64 0:7.4p1-22.el7_9 will be an update
---> Package openssl.x86_64 1:1.0.1e-51.el7_2.5 will be updated
---> Package openssl.x86_64 1:1.0.2k-26.el7_9 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
net-tools x86_64 2.0-0.25.20131004git.el7 base 306 k
Updating:
lsof x86_64 4.87-6.el7 base 331 k
openssh-server x86_64 7.4p1-22.el7_9 updates 459 k
telnet x86_64 1:0.17-66.el7 updates 64 k
Updating for dependencies:
openssh x86_64 7.4p1-22.el7_9 updates 510 k
openssh-clients x86_64 7.4p1-22.el7_9 updates 655 k
openssl x86_64 1:1.0.2k-26.el7_9 updates 494 k
openssl-libs x86_64 1:1.0.2k-26.el7_9 updates 1.2 M
Transaction Summary
================================================================================
Install 1 Package
Upgrade 3 Packages (+4 Dependent packages)
Total download size: 4.0 M
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
warning: /var/cache/yum/x86_64/7/base/packages/lsof-4.87-6.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for lsof-4.87-6.el7.x86_64.rpm is not installed
Public key for openssh-server-7.4p1-22.el7_9.x86_64.rpm is not installed
Importing GPG key 0xF4A80EB5:
Userid : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
Package : centos-release-7-2.1511.el7.centos.2.10.x86_64 (installed)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
--------------------------------------------------------------------------------
Total 622 kB/s | 4.0 MB 00:06
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Updating : 1:openssl-libs-1.0.2k-26.el7_9.x86_64 1/15
Updating : openssh-7.4p1-22.el7_9.x86_64 2/15
Updating : openssh-server-7.4p1-22.el7_9.x86_64 3/15
warning: /etc/ssh/sshd_config created as /etc/ssh/sshd_config.rpmnew
Updating : openssh-clients-7.4p1-22.el7_9.x86_64 4/15
Updating : 1:openssl-1.0.2k-26.el7_9.x86_64 5/15
Installing : net-tools-2.0-0.25.20131004git.el7.x86_64 6/15
Updating : lsof-4.87-6.el7.x86_64 7/15
Updating : 1:telnet-0.17-66.el7.x86_64 8/15
Cleanup : openssh-clients-6.6.1p1-25.el7_2.x86_64 9/15
Cleanup : openssh-server-6.6.1p1-25.el7_2.x86_64 10/15
Cleanup : openssh-6.6.1p1-25.el7_2.x86_64 11/15
Cleanup : 1:openssl-1.0.1e-51.el7_2.5.x86_64 12/15
Cleanup : 1:openssl-libs-1.0.1e-51.el7_2.5.x86_64 13/15
Cleanup : lsof-4.87-4.el7.x86_64 14/15
Cleanup : 1:telnet-0.17-59.el7.x86_64 15/15
Verifying : 1:telnet-0.17-66.el7.x86_64 1/15
Verifying : openssh-server-7.4p1-22.el7_9.x86_64 2/15
Verifying : 1:openssl-libs-1.0.2k-26.el7_9.x86_64 3/15
Verifying : lsof-4.87-6.el7.x86_64 4/15
Verifying : net-tools-2.0-0.25.20131004git.el7.x86_64 5/15
Verifying : openssh-clients-7.4p1-22.el7_9.x86_64 6/15
Verifying : openssh-7.4p1-22.el7_9.x86_64 7/15
Verifying : 1:openssl-1.0.2k-26.el7_9.x86_64 8/15
Verifying : 1:telnet-0.17-59.el7.x86_64 9/15
Verifying : openssh-6.6.1p1-25.el7_2.x86_64 10/15
Verifying : 1:openssl-1.0.1e-51.el7_2.5.x86_64 11/15
Verifying : openssh-server-6.6.1p1-25.el7_2.x86_64 12/15
Verifying : openssh-clients-6.6.1p1-25.el7_2.x86_64 13/15
Verifying : lsof-4.87-4.el7.x86_64 14/15
Verifying : 1:openssl-libs-1.0.1e-51.el7_2.5.x86_64 15/15
Installed:
net-tools.x86_64 0:2.0-0.25.20131004git.el7
Updated:
lsof.x86_64 0:4.87-6.el7 openssh-server.x86_64 0:7.4p1-22.el7_9
telnet.x86_64 1:0.17-66.el7
Dependency Updated:
openssh.x86_64 0:7.4p1-22.el7_9 openssh-clients.x86_64 0:7.4p1-22.el7_9
openssl.x86_64 1:1.0.2k-26.el7_9 openssl-libs.x86_64 1:1.0.2k-26.el7_9
Complete!
---> 4d1711b1891c
Removing intermediate container bdb9cc0dfb6c
Step 4/9 : RUN sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
---> Running in c6bcc01f445e
---> 20b01ccf2a71
Removing intermediate container c6bcc01f445e
Step 5/9 : RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
---> Running in 8d573e2d3e45
Generating public/private rsa key pair.
Your identification has been saved in /etc/ssh/ssh_host_rsa_key.
Your public key has been saved in /etc/ssh/ssh_host_rsa_key.pub.
The key fingerprint is:
SHA256:Q9t9zoZ4iE/eCmeKuyUqmUt1IRvPo34wrWN5wbo8ypE root@bdb9cc0dfb6c
The key's randomart image is:
+---[RSA 2048]----+
| |
| |
| o . . |
| * o o . |
| oo= S . . . |
| ooo+. o o = |
| Eo.*..+ * o + |
| o++B.o+ O o . |
| +==*+o. +.. |
+----[SHA256]-----+
Enter passphrase (empty for no passphrase): Enter same passphrase again: ---> 14dd7eb2256f
Removing intermediate container 8d573e2d3e45
Step 6/9 : ADD id_rsa.pub /root/.ssh/authorized_keys
---> 99984eb1e50e
Removing intermediate container 369022575e01
Step 7/9 : RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
---> Running in b0056bbc027e
---> 950f0c260a79
Removing intermediate container b0056bbc027e
Step 8/9 : EXPOSE 22
---> Running in 190b29e65718
---> c6a476cb31b4
Removing intermediate container 190b29e65718
Step 9/9 : CMD /usr/sbin/sshd -D
---> Running in 0b76956add3a
---> a600eb2f7bad
Removing intermediate container 0b76956add3a
Successfully built a600eb2f7bad
测试容器 可以登陆
[root@localhost sshd]# docker images sshd:new
REPOSITORY TAG IMAGE ID CREATED SIZE
sshd new a600eb2f7bad 3 minutes ago 821 MB
[root@localhost sshd]# docker run -d -p 2222:22 --name sshd-test --restart=always sshd:new
61a2bbb409288f6d1e0c95dfe8ef9b732b77bcd35129972700d181fefa08631e
[root@localhost sshd]# ssh localhost -p 2222
The authenticity of host '[localhost]:2222 ([::1]:2222)' can't be established.
RSA key fingerprint is SHA256:Q9t9zoZ4iE/eCmeKuyUqmUt1IRvPo34wrWN5wbo8ypE.
RSA key fingerprint is MD5:1e:97:2c:02:4d:35:1e:3f:68:a0:30:9c:cc:53:a2:cf.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[localhost]:2222' (RSA) to the list of known hosts.
[root@61a2bbb40928 ~]#
[root@61a2bbb40928 ~]# exit
登出
Connection to localhost closed.
Dockerfile构建httpd镜像
创建工作目录
[root@localhost ~]# mkdir httpd
[root@localhost ~]# cd httpd/
编写Dockerfile文件
[root@localhost httpd]# vim Dockerfile
[root@localhost httpd]# cat Dockerfile
FROM centos:7
MAINTAINER hhh <hhh@163.com>
RUN yum -y install httpd
RUN echo "crushlinux" >/var/www/html/index.html
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
EXPOSE 80
CMD ["httpd","-DFOREGROUND"]
构建镜像
[root@localhost httpd]# docker build -t httpd:new .
Sending build context to Docker daemon 2.048 kB
Step 1/7 : FROM centos:7
---> 790d0b6eb9de
Step 2/7 : MAINTAINER hhh <hhh@163.com>
---> Using cache
---> 25eef094ceba
Step 3/7 : RUN yum -y install httpd
---> Running in 8324e3b4b5c7
Loaded plugins: fastestmirror
Determining fastest mirrors
* base: mirrors.bfsu.edu.cn
* extras: mirrors.bfsu.edu.cn
* updates: mirrors.bfsu.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package httpd.x86_64 0:2.4.6-40.el7.centos.1 will be updated
---> Package httpd.x86_64 0:2.4.6-99.el7.centos.1 will be an update
--> Processing Dependency: httpd-tools = 2.4.6-99.el7.centos.1 for package: httpd-2.4.6-99.el7.centos.1.
--> Running transaction check
---> Package httpd-tools.x86_64 0:2.4.6-40.el7.centos.1 will be updated
---> Package httpd-tools.x86_64 0:2.4.6-99.el7.centos.1 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Updating:
httpd x86_64 2.4.6-99.el7.centos.1 updates 2.7 M
Updating for dependencies:
httpd-tools x86_64 2.4.6-99.el7.centos.1 updates 94 k
Transaction Summary
================================================================================
Upgrade 1 Package (+1 Dependent package)
Total download size: 2.8 M
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
Public key for httpd-tools-2.4.6-99.el7.centos.1.x86_64.rpm is not installed
warning: /var/cache/yum/x86_64/7/updates/packages/httpd-tools-2.4.6-99.el7.centos.1.x86_64.rpm: Header V
--------------------------------------------------------------------------------
Total 1.6 MB/s | 2.8 MB 00:01
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
Userid : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
Package : centos-release-7-2.1511.el7.centos.2.10.x86_64 (installed)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Updating : httpd-tools-2.4.6-99.el7.centos.1.x86_64 1/4
Updating : httpd-2.4.6-99.el7.centos.1.x86_64 2/4
Cleanup : httpd-2.4.6-40.el7.centos.1.x86_64 3/4
Cleanup : httpd-tools-2.4.6-40.el7.centos.1.x86_64 4/4
Verifying : httpd-2.4.6-99.el7.centos.1.x86_64 1/4
Verifying : httpd-tools-2.4.6-99.el7.centos.1.x86_64 2/4
Verifying : httpd-2.4.6-40.el7.centos.1.x86_64 3/4
Verifying : httpd-tools-2.4.6-40.el7.centos.1.x86_64 4/4
Updated:
httpd.x86_64 0:2.4.6-99.el7.centos.1
Dependency Updated:
httpd-tools.x86_64 0:2.4.6-99.el7.centos.1
Complete!
---> 2214fb4006c9
Removing intermediate container 8324e3b4b5c7
Step 4/7 : RUN echo "crushlinux" >/var/www/html/index.html
---> Running in badb364c7e55
---> a9b433c350e4
Removing intermediate container badb364c7e55
Step 5/7 : RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
---> Running in d0081e48aa43
---> ffaf678f3cfc
Removing intermediate container d0081e48aa43
Step 6/7 : EXPOSE 80
---> Running in 3bd620f29826
---> 89d665eda838
Removing intermediate container 3bd620f29826
Step 7/7 : CMD httpd -DFOREGROUND
---> Running in 2dea705ece43
---> 7f5e5dc62d40
Removing intermediate container 2dea705ece43
Successfully built 7f5e5dc62d40
查看
[root@localhost httpd]# docker images httpd
REPOSITORY TAG IMAGE ID CREATED SIZE
httpd new 7f5e5dc62d40 2 minutes ago 819 MB
测试容器
[root@localhost httpd]# docker run -d -p 8080:80 --name httpd-test --restart=always httpd:new
90bc8641fbefdf722c5d5842931d776bcbef0a6766c66f3fbc92d966d5752460
Dockerfile构建nginx镜像
建立工作目录
[root@localhost ~]# mkdir nginx
[root@localhost ~]# cd nginx
编写Dockerfile文件
[root@localhost nginx]# vim run.sh
[root@localhost nginx]# cat run.sh
#!/bin/bash
/usr/local/nginx/sbin/nginx
[root@localhost nginx]# cat Dockerfile
#基于的基础镜像
FROM centos:7
#镜像作者信息
MAINTAINER hhh <hhh@163.com>
#安装相关依赖包
RUN yum install -y wget proc-devel net-tools gcc zlib zlib-devel make openssl-devel
#下载并解压nginx源码包
RUN wget http://nginx.org/download/nginx-1.19.0.tar.gz && tar zxf nginx-1.19.0.tar.gz
#编译安装nginx
RUN cd nginx-1.19.0 && ./configure --prefix=/usr/local/nginx && make && make install
#开启 80 和 443 端口
EXPOSE 80
#修改 Nginx 配置文件,以非 daemon 方式启动
RUN echo "daemon off;">>/usr/local/nginx/conf/nginx.conf
#定义时区
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
#复制服务启动脚本并设置权限
ADD run.sh /run.sh
RUN chmod 775 /run.sh
#启动容器时执行脚本
CMD ["/run.sh"]
构建镜像
[root@localhost nginx]# docker build -t nginx:new
