一、docker镜像的两种方式
1、docker commit:将容器提交为镜像
2、Dockerfile:从读取Dokerfile里的一组指令去自动化构建镜像
二、Dockerfile的规则
1、#为注释
2、指令(大写),内容(小写)(强烈建议)
3、Docker是按顺序从上到下依次执行Dockerfile里的指令集合
4、每个Dockerfile的第一个非注释行指令必须是"FROM"指令,用于为构建镜像指定基准镜像,后续指令运行与此基准镜像提供的运行环境中
三、Dockerfile核心指令
1、USER/WORKDIR指令
USER:指定容器启动时,哪个用户启动进程
WORKDIR:启动容器后的PWD目录
例子
[root@redis-01 dockerfile]# vim Dockerfile FROM docker.io/skychengp/nginx:1.12.2 USER nginx WORKDIR /usr/share/nginx/html
以docker.io/skychengp/nginx:1.12.2为基准镜像,以nginx用户执行指令,将当前目录切换到/usr/share/nginx/html
构建镜像
[root@redis-01 dockerfile]# docker build . -t docker.io/skychengp/nginx:1.12.2_with_user_workdir Sending build context to Docker daemon 2.048kB Step 1/3 : FROM docker.io/skychengp/nginx:1.12.2 ---> 4037a5562b03 Step 2/3 : USER nginx ---> Running in 340c2c31ad73 Removing intermediate container 340c2c31ad73 ---> dcc5cb25c6dd Step 3/3 : WORKDIR /usr/share/nginx/html ---> Running in 9bf8f48ace8f Removing intermediate container 9bf8f48ace8f ---> 6f0cee4e00a3 Successfully built 6f0cee4e00a3 Successfully tagged skychengp/nginx:1.12.2_with_user_workdir [root@redis-01 dockerfile]#
查看镜像
[root@redis-01 home]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE skychengp/nginx 1.12.2_with_user_workdir 6f0cee4e00a3 24 seconds ago 108MB
运行容器
[root@redis-01 home]# docker run -it --rm --name nginx-user skychengp/nginx:1.12.2_with_user_workdir /bin/bash nginx@d76e073c7816:/usr/share/nginx/html$ pwd /usr/share/nginx/html
nginx@d76e073c7816:/usr/share/nginx/html$ whoami
nginx
我们发现,容器已经切换到指定的WORKDIR下了,当前用户为nginx
2、ADD/EXPOSE指令
ADD:将指定的宿主机文件复制到容器里
EXPOSE:指定需要暴露的容器端口
例子:
[root@redis-01 dockerfile]# vim Dockerfile
FROM docker.io/skychengp/nginx:1.12.2
WORKDIR /usr/share/nginx/html
ADD index.html /usr/share/nginx/html/index.html
EXPOSE 80
将当前目录的index.html复制到容器的/usr/share/nginx/html/下,并将容器的80端口暴露出来
构建镜像
[root@redis-01 dockerfile]# docker build . -t skychengp/nginx:1.12.2_with_add_expose Sending build context to Docker daemon 5.12kB Step 1/4 : FROM docker.io/skychengp/nginx:1.12.2 ---> 4037a5562b03 Step 2/4 : WORKDIR /usr/share/nginx/html ---> Running in f7d8bd79ceb5 Removing intermediate container f7d8bd79ceb5 ---> eaceba47349e Step 3/4 : ADD index.html /usr/share/nginx/html/index.html ---> a14c13a9c08b Step 4/4 : EXPOSE 80 ---> Running in e5654fc46f3a Removing intermediate container e5654fc46f3a ---> d38127bfd87a Successfully built d38127bfd87a Successfully tagged skychengp/nginx:1.12.2_with_add_expose
运行容器
[root@redis-01 dockerfile]# docker run -it --rm --name nginx-add -P skychengp/nginx:1.12.2_with_add_expose /bin/bash root@ebeb678e4a3c:/usr/share/nginx/html# pwd /usr/share/nginx/html root@ebeb678e4a3c:/usr/share/nginx/html# whoami root root@ebeb678e4a3c:/usr/share/nginx/html# ls 50x.html index.html
可以看到index.html已经复制到容器里了
运行nginx
root@207d0109917b:/usr/share/nginx/html# nginx -g "daemon off;"
查看80端口,用netstat命令发现没有,先安装net-tools包
root@ebeb678e4a3c:/usr/share/nginx/html# apt-get update root@ebeb678e4a3c:/usr/share/nginx/html# apt-get install net-tools
root@207d0109917b:/usr/share/nginx/html# netstat -tunlp|grep 80 tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 327/nginx: master p
在宿主机上查看容器
[root@redis-01 ~]# docker ps -a|grep nginx 207d0109917b skychengp/nginx:1.12.2_with_add_expose "/bin/bash" 5 minutes ago Up 5 minutes 0.0.0.0:32769->80/tcp nginx-add
容器的80端口被随机映射到了宿主机的一个32769端口上
访问宿主机的32769
[root@redis-01 home]# curl http://172.28.5.120:32769 <!DOCTYPE html> <!--STATUS OK--><html> <head><meta http-equiv=content-type content=text/html;charset=utf-8><meta http-equiv=X-UA-Compatible content=IE=Edge><meta content=always name=referrer><link rel=stylesheet type=text/css href=http://s1.bdstatic.com/r/www/cache/bdorz/baidu.min.css><title>百度一下,你就知道</title></head> <body link=#0000cc> <div id=wrapper> <div id=head> <div class=head_wrapper> <div class=s_form> <div class=s_form_wrapper> <div id=lg> <img hidefocus=true src=//www.baidu.com/img/bd_logo1.png width=270 height=129> </div> <form id=form name=f action=//www.baidu.com/s class=fm> <input type=hidden name=bdorz_come value=1> <input type=hidden name=ie value=utf-8> <input type=hidden name=f value=8> <input type=hidden name=rsv_bp value=1> <input type=hidden name=rsv_idx value=1> <input type=hidden name=tn value=baidu><span class="bg s_ipt_wr"><input id=kw name=wd class=s_ipt value maxlength=255 autocomplete=off autofocus></span><span class="bg s_btn_wr"><input type=submit id=su value=百度一下 class="bg s_btn"></span> </form> </div> </div> <div id=u1> <a href=http://news.baidu.com name=tj_trnews class=mnav>新闻</a> <a href=http://www.hao123.com name=tj_trhao123 class=mnav>hao123</a> <a href=http://map.baidu.com name=tj_trmap class=mnav>地图</a> <a href=http://v.baidu.com name=tj_trvideo class=mnav>视频</a> <a href=http://tieba.baidu.com name=tj_trtieba class=mnav>贴吧</a> <noscript> <a href=http://www.baidu.com/bdorz/login.gif?login&tpl=mn&u=http%3A%2F%2Fwww.baidu.com%2f%3fbdorz_come%3d1 name=tj_login class=lb>登录</a> </noscript> <script>document.write('<a href="http://www.baidu.com/bdorz/login.gif?login&tpl=mn&u='+ encodeURIComponent(window.location.href+ (window.location.search === "" ? "?" : "&")+ "bdorz_come=1")+ '" name="tj_login" class="lb">登录</a>');</script> <a href=//www.baidu.com/more/ name=tj_briicon class=bri style="display: block;">更多产品</a> </div> </div> </div> <div id=ftCon> <div id=ftConw> <p id=lh> <a href=http://home.baidu.com>关于百度</a> <a href=http://ir.baidu.com>About Baidu</a> </p> <p id=cp>©2017 Baidu <a href=http://www.baidu.com/duty/>使用百度前必读</a> <a href=http://jianyi.baidu.com/ class=cp-feedback>意见反馈</a> 京ICP证030173号 <img src=//www.baidu.com/img/gs.gif> </p> </div> </div> </div> </body> </html>
可以成功访问到index.html
3、RUN/ENV指令
RUN:构建镜像时执行命令
ENV:设置环境变量
例子:设置容器时区与宿主机一致,构建镜像时,自动下载net-tools包以及procps包
[root@redis-01 dockerfile]# vim Dockerfile FROM docker.io/skychengp/nginx:1.12.2 WORKDIR /usr/share/nginx/html ADD index.html /usr/share/nginx/html/index.html ENV TZ=Asia/Shanghai
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone && apt-get update && apt-get install procps -y && apt-get in stall net-tools -y
设置TZ时区环境变量为Asia/Shanghai
在创建镜像时,将/usr/share/zoneinfo/Asia/Shanghai 文件软连接到/etc/localtime下,并将Asia/Shanghai写入文件/etc/timezone里
创建镜像
[root@redis-01 dockerfile]# docker build . -t skychengp/nginx:1.12.2_with_cmd Sending build context to Docker daemon 5.12kB Step 1/6 : FROM docker.io/skychengp/nginx:1.12.2 ---> 4037a5562b03 Step 2/6 : WORKDIR /usr/share/nginx/html ---> Running in 8612c111ba58 Removing intermediate container 8612c111ba58 ---> 93b67d852c63 Step 3/6 : ADD index.html /usr/share/nginx/html/index.html ---> e6901139b882 Step 4/6 : ENV TZ=Asia/Shanghai ---> Running in c38a494baaa1 Removing intermediate container c38a494baaa1 ---> 4838c5ac4ac5 Step 5/6 : RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone && apt-get update && apt-get install procps -y && apt-get install net-tools -y ---> Running in fd6deb060d46 Get:1 http://security.debian.org/debian-security stretch/updates InRelease [53.0 kB] Ign:2 http://deb.debian.org/debian stretch InRelease Get:3 http://security.debian.org/debian-security stretch/updates/main amd64 Packages [799 kB] Get:4 http://deb.debian.org/debian stretch-updates InRelease [93.6 kB] Get:5 http://deb.debian.org/debian stretch Release [118 kB] Get:6 http://nginx.org/packages/debian stretch InRelease [2866 B] Get:7 http://deb.debian.org/debian stretch-updates/main amd64 Packages [2711 B] Get:8 http://deb.debian.org/debian stretch Release.gpg [2410 B] Get:9 http://nginx.org/packages/debian stretch/nginx amd64 Packages [25.4 kB] Get:10 http://deb.debian.org/debian stretch/main amd64 Packages [9610 kB] Fetched 10.7 MB in 36s (290 kB/s) Reading package lists... Reading package lists... Building dependency tree... Reading state information... The following additional packages will be installed: libprocps6 psmisc The following NEW packages will be installed: libprocps6 procps psmisc 0 upgraded, 3 newly installed, 0 to remove and 36 not upgraded. Need to get 431 kB of archives. After this operation, 1434 kB of additional disk space will be used. Get:1 http://deb.debian.org/debian stretch/main amd64 libprocps6 amd64 2:3.3.12-3+deb9u1 [58.5 kB] Get:2 http://deb.debian.org/debian stretch/main amd64 procps amd64 2:3.3.12-3+deb9u1 [250 kB] Get:3 http://deb.debian.org/debian stretch/main amd64 psmisc amd64 22.21-2.1+b2 [123 kB] debconf: delaying package configuration, since apt-utils is not installed Fetched 431 kB in 1s (360 kB/s) Selecting previously unselected package libprocps6:amd64. (Reading database ... 7027 files and directories currently installed.) Preparing to unpack .../libprocps6_2%3a3.3.12-3+deb9u1_amd64.deb ... Unpacking libprocps6:amd64 (2:3.3.12-3+deb9u1) ... Selecting previously unselected package procps. Preparing to unpack .../procps_2%3a3.3.12-3+deb9u1_amd64.deb ... Unpacking procps (2:3.3.12-3+deb9u1) ... Selecting previously unselected package psmisc. Preparing to unpack .../psmisc_22.21-2.1+b2_amd64.deb ... Unpacking psmisc (22.21-2.1+b2) ... Setting up psmisc (22.21-2.1+b2) ... Setting up libprocps6:amd64 (2:3.3.12-3+deb9u1) ... Setting up procps (2:3.3.12-3+deb9u1) ... update-alternatives: using /usr/bin/w.procps to provide /usr/bin/w (w) in auto mode update-alternatives: warning: skip creation of /usr/share/man/man1/w.1.gz because associated file /usr/share/man/man1/w.procps.1.gz (of link group w) doesn't exist Processing triggers for libc-bin (2.24-11+deb9u3) ... Reading package lists... Building dependency tree... Reading state information... The following NEW packages will be installed: net-tools 0 upgraded, 1 newly installed, 0 to remove and 36 not upgraded. Need to get 248 kB of archives. After this operation, 963 kB of additional disk space will be used. Get:1 http://deb.debian.org/debian stretch/main amd64 net-tools amd64 1.60+git20161116.90da8a0-1 [248 kB] debconf: delaying package configuration, since apt-utils is not installed Fetched 248 kB in 0s (258 kB/s) Selecting previously unselected package net-tools. (Reading database ... 7142 files and directories currently installed.) Preparing to unpack .../net-tools_1.60+git20161116.90da8a0-1_amd64.deb ... Unpacking net-tools (1.60+git20161116.90da8a0-1) ... Setting up net-tools (1.60+git20161116.90da8a0-1) ... Removing intermediate container fd6deb060d46 ---> d43dd42ab96d Step 6/6 : CMD nginx -g "daemon off;" ---> Running in c942c4da119a Removing intermediate container c942c4da119a ---> 402ce91f3b96 Successfully built 402ce91f3b96 Successfully tagged skychengp/nginx:1.12.2_with_cmd
运行容器
[root@redis-01 dockerfile]# docker run -it --name nginx-env skychengp/nginx:1.12.2_with_env_run /bin/bash root@d58efda0c124:/usr/share/nginx/html# pwd /usr/share/nginx/html root@d58efda0c124:/usr/share/nginx/html# ls 50x.html index.html root@d58efda0c124:/usr/share/nginx/html# printenv TZ=Asia/Shanghai HOSTNAME=d58efda0c124 NJS_VERSION=1.12.2.0.1.14-1~stretch NGINX_VERSION=1.12.2-1~stretch PWD=/usr/share/nginx/html HOME=/root TERM=xterm SHLVL=1 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin _=/usr/bin/printenv root@d58efda0c124:/usr/share/nginx/html#
可以看到TZ环境变量设置成功,
root@d58efda0c124:/usr/share/nginx/html# cat /etc/timezone Asia/Shanghai
查看/etc/timezone文件为指定的时区,查看容器时间
root@d58efda0c124:/usr/share/nginx/html# date Tue Dec 1 17:15:08 CST 2020
已经和宿主机保持一致,可以运行ps命令
root@6ba956ab2615:/usr/share/nginx/html# ps aux USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.0 4280 640 ? Ss 22:19 0:00 /bin/sh -c nginx -g "daemon off;" root 6 0.0 0.0 32400 3228 ? S 22:19 0:00 nginx: master process nginx -g daemon off; nginx 7 0.0 0.0 32872 1816 ? S 22:19 0:00 nginx: worker process root 8 0.0 0.0 18120 1992 pts/0 Ss 22:19 0:00 /bin/bash root 21 0.0 0.0 36628 1580 pts/0 R+ 22:24 0:00 ps aux
4、CMDENTRYPOINT指令
CMD:运行容器时指定的命令
例子:构建nginx镜像,运行容器时自动运行nginx
FROM docker.io/skychengp/nginx:1.12.2 WORKDIR /usr/share/nginx/html ADD index.html /usr/share/nginx/html/index.html ENV TZ=Asia/Shanghai
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone && apt-get update && apt-get install procps -y && apt-get install net-tools -y
CMD nginx -g "daemon off;"
构建镜像
[root@redis-01 dockerfile]# docker build . -t skychengp/nginx:1.12.2_with_cmd Sending build context to Docker daemon 5.12kB Step 1/6 : FROM docker.io/skychengp/nginx:1.12.2 ---> 4037a5562b03 Step 2/6 : WORKDIR /usr/share/nginx/html ---> Running in 8612c111ba58 Removing intermediate container 8612c111ba58 ---> 93b67d852c63 Step 3/6 : ADD index.html /usr/share/nginx/html/index.html ---> e6901139b882 Step 4/6 : ENV TZ=Asia/Shanghai ---> Running in c38a494baaa1 Removing intermediate container c38a494baaa1 ---> 4838c5ac4ac5 Step 5/6 : RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone && apt-get update && apt-get install procps -y && apt-get install net-tools -y ---> Running in fd6deb060d46 Get:1 http://security.debian.org/debian-security stretch/updates InRelease [53.0 kB] Ign:2 http://deb.debian.org/debian stretch InRelease Get:3 http://security.debian.org/debian-security stretch/updates/main amd64 Packages [799 kB] Get:4 http://deb.debian.org/debian stretch-updates InRelease [93.6 kB] Get:5 http://deb.debian.org/debian stretch Release [118 kB] Get:6 http://nginx.org/packages/debian stretch InRelease [2866 B] Get:7 http://deb.debian.org/debian stretch-updates/main amd64 Packages [2711 B] Get:8 http://deb.debian.org/debian stretch Release.gpg [2410 B] Get:9 http://nginx.org/packages/debian stretch/nginx amd64 Packages [25.4 kB] Get:10 http://deb.debian.org/debian stretch/main amd64 Packages [9610 kB] Fetched 10.7 MB in 36s (290 kB/s) Reading package lists... Reading package lists... Building dependency tree... Reading state information... The following additional packages will be installed: libprocps6 psmisc The following NEW packages will be installed: libprocps6 procps psmisc 0 upgraded, 3 newly installed, 0 to remove and 36 not upgraded. Need to get 431 kB of archives. After this operation, 1434 kB of additional disk space will be used. Get:1 http://deb.debian.org/debian stretch/main amd64 libprocps6 amd64 2:3.3.12-3+deb9u1 [58.5 kB] Get:2 http://deb.debian.org/debian stretch/main amd64 procps amd64 2:3.3.12-3+deb9u1 [250 kB] Get:3 http://deb.debian.org/debian stretch/main amd64 psmisc amd64 22.21-2.1+b2 [123 kB] debconf: delaying package configuration, since apt-utils is not installed Fetched 431 kB in 1s (360 kB/s) Selecting previously unselected package libprocps6:amd64. (Reading database ... 7027 files and directories currently installed.) Preparing to unpack .../libprocps6_2%3a3.3.12-3+deb9u1_amd64.deb ... Unpacking libprocps6:amd64 (2:3.3.12-3+deb9u1) ... Selecting previously unselected package procps. Preparing to unpack .../procps_2%3a3.3.12-3+deb9u1_amd64.deb ... Unpacking procps (2:3.3.12-3+deb9u1) ... Selecting previously unselected package psmisc. Preparing to unpack .../psmisc_22.21-2.1+b2_amd64.deb ... Unpacking psmisc (22.21-2.1+b2) ... Setting up psmisc (22.21-2.1+b2) ... Setting up libprocps6:amd64 (2:3.3.12-3+deb9u1) ... Setting up procps (2:3.3.12-3+deb9u1) ... update-alternatives: using /usr/bin/w.procps to provide /usr/bin/w (w) in auto mode update-alternatives: warning: skip creation of /usr/share/man/man1/w.1.gz because associated file /usr/share/man/man1/w.procps.1.gz (of link group w) doesn't exist Processing triggers for libc-bin (2.24-11+deb9u3) ... Reading package lists... Building dependency tree... Reading state information... The following NEW packages will be installed: net-tools 0 upgraded, 1 newly installed, 0 to remove and 36 not upgraded. Need to get 248 kB of archives. After this operation, 963 kB of additional disk space will be used. Get:1 http://deb.debian.org/debian stretch/main amd64 net-tools amd64 1.60+git20161116.90da8a0-1 [248 kB] debconf: delaying package configuration, since apt-utils is not installed Fetched 248 kB in 0s (258 kB/s) Selecting previously unselected package net-tools. (Reading database ... 7142 files and directories currently installed.) Preparing to unpack .../net-tools_1.60+git20161116.90da8a0-1_amd64.deb ... Unpacking net-tools (1.60+git20161116.90da8a0-1) ... Setting up net-tools (1.60+git20161116.90da8a0-1) ... Removing intermediate container fd6deb060d46 ---> d43dd42ab96d Step 6/6 : CMD nginx -g "daemon off;" ---> Running in c942c4da119a Removing intermediate container c942c4da119a ---> 402ce91f3b96 Successfully built 402ce91f3b96 Successfully tagged skychengp/nginx:1.12.2_with_cmd
运行容器
[root@redis-01 dockerfile]# docker run --name=nginx-cmd -p81:80 --rm skychengp/nginx:1.12.2_with_cmd
访问http://127.0.0.1:81,成功返回页面,容器打印日志
[root@redis-01 dockerfile]# docker run --name=nginx-cmd -p81:80 --rm skychengp/nginx:1.12.2_with_cmd 172.28.5.120 - - [01/Dec/2020:22:19:17 +0800] "GET / HTTP/1.1" 200 2381 "-" "curl/7.29.0" "-"