dockerfile自动构建docker镜像
特点:
1: dockerfile 类似ansible的playbook剧本
2: dockerfile 更适合传输,实现更多的定制化
3:dockerfile 可以指定镜像的初始命令
dockerfile主要组成部分:
基础镜像信息 FROM centos:6.8
制作镜像操作指令 RUN yum install openssh-server -y
容器启动时执行指令 CMD ["/bin/bash"]
dockerfile常用指令:
FROM 这个镜像的妈妈是谁?(指定基础镜像)
MAINTAINER (指定维护者信息,可以没有)
RUN 你想让它干啥(在命令前面加上RUN即可)
ADD 给它点创业资金(COPY文件,会自动解压)
WORKDIR 我是cd,今天刚化了妆(设置当前工作目录)
VOLUME 给它一个存放行李的地方(设置卷,挂载主机目录)
EXPOSE 它要打开的门是啥(指定对外的端口)(-P 随机端口)
CMD 奔跑吧,兄弟!(指定容器启动后的要干的事情)(容易被替换)
dockerfile其他指令:
COPY 复制文件
ENV 环境变量
ENTRYPOINT 容器启动后执行的命令(无法被替换,启容器的时候指定的命令,会被当成参数)
生产中如何编写dockerfile:
1: 参考其他的dockerfile
2: 官方dockerfile或者时速云镜像广场
小试牛刀:写一个加单的dockerfile,构建ssh的镜像
(前面我们是手动的yum安装ssh,打包成ssh的镜像的)
1: 创建dockerfile 的centos_ssh目录
[root@k8s129 opt]# mkdir dockerfile
[root@k8s129 opt]# cd dockerfile/
[root@k8s129 dockerfile]# mkdir centos_ssh
[root@k8s129 dockerfile]# cd centos_ssh/
2: 获取系统镜像列表,找到基础镜像(centos:latest)
[root@k8s129 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos_ssh v1.2 275e0f02e6b1 9 days ago 265MB
nginx latest 5a9061639d0a 12 days ago 126MB
centos latest 0f3e07c0138f 3 weeks ago 220MB
busybox latest 19485c79a9bb 7 weeks ago 1.22MB
[root@k8s129 ~]#
3:编写dockerfile
#注意,文件名必须叫dockerfile ,否则系统不识别
[root@k8s129 centos_ssh]# vim dockerfile
FROM centos:latest
RUN yum install -y openssh-server
RUN yum install -y net-tools
RUN yum install -y passwd
RUN ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N ''
RUN ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''
RUN ssh-keygen -t dsa -f /etc/ssh/ssh_host_ed25519_key -N ''
RUN sed -i "s/#UsePrivilegeSeparation.*/UsePrivilegeSeparation no/g" /etc/ssh/sshd_config
RUN sed -i "s/UsePAM.*/UsePAM no/g" /etc/ssh/sshd_config
RUN echo "123456"|passwd --stdin root
CMD ["/usr/sbin/sshd","-D"]
4:执行dockerfile ,自动构建镜像
#docker build -t 构建后的镜像名字 . 代表从当前路径下的dockerfile构建(/opt/dockerfile/centos_ssh)
[root@k8s129 centos_ssh]# docker build -t dockerfile_centos:v1.1 .
Sending build context to Docker daemon 2.048kB
Step 1/10 : FROM centos:latest
---> 0f3e07c0138f
Step 2/10 : RUN yum install -y openssh-server
---> Running in 858766ea9002
...
Removing intermediate container 633e756e6040
---> fb540a4947a1
Successfully built fb540a4947a1
Successfully tagged dockerfile_centos:v1.1
#查看镜像已经制作出来了
[root@k8s129 centos_ssh]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
dockerfile_centos v1.1 fb540a4947a1 6 seconds ago 296MB
centos_ssh v1.2 275e0f02e6b1 9 days ago 265MB
nginx latest 5a9061639d0a 12 days ago 126MB
centos latest 0f3e07c0138f 3 weeks ago 220MB
busybox latest 19485c79a9bb 7 weeks ago 1.22MB
[root@k8s129 centos_ssh]#
5: 测试docker镜像是否可用
[root@k8s129 centos_ssh]# docker run -d -p 222:22 dockerfile_centos:v1.1
c5bbc44d2ac704c69ba197a58f25ccbcafa9371bfe2972f033b8293a1861a400
[root@k8s129 centos_ssh]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c5bbc44d2ac7 dockerfile_centos:v1.1 "/usr/sbin/sshd -D" 5 seconds ago Up 4 seconds 0.0.0.0:222->22/tcp gracious_driscoll
[root@k8s129 centos_ssh]#
6:ssh 连接222端口,看是否能进入容器(容器的root密码是123456)
[root@k8s129 centos_ssh]# ssh root@192.168.6.129 -p 222
The authenticity of host '[192.168.6.129]:222 ([192.168.6.129]:222)' can't be established.
ECDSA key fingerprint is SHA256:xP6/H8rCv0vwW9B9FJxCjw/a5yejteFtINNxt886f1s.
ECDSA key fingerprint is MD5:f7:73:97:9c:96:6c:09:9f:f8:c4:d5:57:c5:07:08:54.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[192.168.6.129]:222' (ECDSA) to the list of known hosts.
root@192.168.6.129's password:
[root@c5bbc44d2ac7 ~]# hostname
c5bbc44d2ac7
[root@c5bbc44d2ac7 ~]#
总结:
dockerfile构建docker镜像,三部曲:
1:编写dockerfile
2:docker build 构建镜像
3:启动容器测试
======扩展=========
dockerfile 启动多个服务
[root@k8s129 centos_ssh]# vim dockerfile
FROM centos:latest
RUN yum install -y openssh-server httpd
RUN yum install -y net-tools
RUN yum install -y passwd
RUN ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N ''
RUN ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''
RUN ssh-keygen -t dsa -f /etc/ssh/ssh_host_ed25519_key -N ''
RUN sed -i "s/#UsePrivilegeSeparation.*/UsePrivilegeSeparation no/g" /etc/ssh/sshd_config
RUN sed -i "s/UsePAM.*/UsePAM no/g" /etc/ssh/sshd_config
RUN echo "123456"|passwd --stdin root
ADD init.sh /init.sh # 把dockerfile所在目录,init.sh copy到容器的init.sh,在init.sh里面启动httpd和sshd -D
CMD ["/bin/bash","/init.sh"]
编写:vim init.sh
#!/bin/bash
systemctl start httpd
/usr/sbin/sshd -D
[root@k8s129 centos_ssh]# ls
dockerfile init.sh
[root@k8s129 centos_ssh]#
之后构建:
docker build -t dockerfile_centos:v2.1 .