DockerFile
是什么
Dockerfile是用来构建Docker镜像的文本文件,是由一条条构建镜像所需的指令和参数构成的脚本。
构建步骤
- 编写Dockerfile文件
- docker build命令构建镜像
- docker run运行镜像
Dockerfile构建过程
基础知识
- 每个保留字指令都必须为大写字母且后面要跟随至少一个参数
- 指令从上到下,顺序执行
#
号表示注释- 每条指令都会创建一个新的镜像层,并对镜像进行提交
Docker执行Dockerfile的大致流程
- docker从基础镜像运行一个容器
- 执行一条指令并对容器做出修改
- 执行类似docker commit的操作提交一个新的镜像层
- docker再基于刚提交的镜像运行一个新容器
- 执行Dockerfile中下一条指令直到所有指令都执行完成
总结
从应用软件的角度来看,Dockerfile、Docker镜像与Docker容器分别代表软件的三个不同阶段,
- Dockerfile是软件的原材料
- Docker镜像是软件的交付品
- Docker容器则可以认为是软件镜像的运行态,也即依照镜像运行的容器实例
Dockerfile面向开发,Docker镜像成为交付标准,Docker容器则涉及部署与运维,三者缺一不可,合力充当Docker体系的基石。
-
Dockerfile,需要定义一个Dockerfile,Dockerfile定义了进程需要的一切东西。Dockerfile涉及的内容包括执行代码或者是文件、环境变量、依赖包、运行时环境、动态链接库、操作系统的发行版、服务进程和内核进程(当应用进程需要和系统服务和内核进程打交道,这时需要考虑如何设计namespace的权限控制)等等;
-
Docker镜像,在用Dockerfile定义一个文件之后,docker build时会产生一个Docker镜像,当运行 Docker镜像时会真正开始提供服务;
-
Docker容器,容器是直接提供服务的。
常用保留字指令
关键字 | 作用 | 备注 |
---|---|---|
FROM | 指定基础镜像 | 指定一个已经存在的镜像作为父镜像,第一条指令必须是FROM |
WAINTAINER | 指定作者信息 | 一般是姓名+邮箱(name<mail> ) |
LABEL | 标明dockerfile的标签 | 可以使用Label代替Maintainer,最终都是在docker image基本信息中可以查看 |
RUN | 构建镜像时运行的命令 | 容器构建时需要运行的命令;有两种格式:shell格式、exec格式;RUN是在docker build时运行 |
shell格式 | ||
exec格式 | ||
EXPOSE | 暴露端口 | 定义容器运行的时候监听的端口,启动容器的使用-p来绑定暴露端口,格式: EXPOSE 8080 或者 EXPOSE 8080/udp |
WORKDIR | 指定工作目录 | 指定在创建容器后,终端默认登陆的进来工作目录,一个落脚点 |
USER | 指定执行用户 | 指定build或者启动的时候 用户 在RUN CMD ENTRYPONT执行的时候的用户 |
ENV | 设置环境变量 | 指定build时候的环境变量 可以在启动的容器的时候 通过-e覆盖 格式ENV name=value |
ADD | 添加文件 | 将宿主机目录下的文件拷贝进镜像且会自动处理URL和解压tar压缩包 |
COPY | 复制文件 | 类似ADD,拷贝文件和目录到镜像中。 将从构建上下文目录中 <源路径> 的文件/目录复制到新的一层的镜像内的 <目标路径> 位置 |
VOLUME | 定义外部可以挂载的数据卷 | 用于数据保存和持久化; 指定build的image哪些目录可以启动的时候挂载到文件系统中 启动容器的时候使用 -v 绑定 格式 VOLUME ["目录"] |
CMD | 指定容器启动后的要干的事情 | Dockerfile 中可以有多个 CMD 指令,但只有最后一个生效,CMD 会被 docker run 之后的参数替换 |
ENTRYPOINT | 也是用来指定一个容器启动时要运行的命令 | 类似于 CMD 指令,但是ENTRYPOINT不会被docker run后面的命令覆盖 ,而且这些命令行参数会被当作参数送给 ENTRYPOINT 指令指定的程序 |
-
RUN和CMD的区别
- CMD是在docker run时运行
- RUN是在docker build时运行
-
ENTRYPOINT
-
命令格式:
ENTRYPOINT ["<executeable>", "<param1>", "<param2>",...]
-
ENTRYPOINT可以和CMD一起用,一般是变参 才会使用 CMD ,这里的 CMD 等于是在给 ENTRYPOINT 传参。当指定了ENTRYPOINT后,CMD的含义就发生了变化,不再是直接运行其命令而是将CMD的内容作为参数传递给ENTRYPOINT指令,他两个组合会变成
<ENTRYPOINT>"<CMD>"
-
案例:
假设已通过 Dockerfile 构建了 nginx:test 镜像:
*shellFROM nginx ENTRYPOINT ["nginx", "-c"] # 定参 CMD ["/etc/nginx/nginx.conf"] # 变参
是否传参 Docker命令 衍生出的实际命令 按照dockerfile编写执行 docker run nginx:test nginx -c /etc/nginx/nginx.conf 传参运行 docker run nginx:test -c /etc/nginx/new.conf nginx -c /etc/nginx/new.conf
-
总结:
自定义centos镜像
-
编写dockerfile文件
dockerfileFROM centos:7 MAINTAINER jiang<2790810983@qq.com> ENV MYPATH /usr/local WORKDIR $MYPATH #安装vim编辑器 RUN yum -y install vim #安装ifconfig命令查看网络IP RUN yum -y install net-tools EXPOSE 80 CMD echo $MYPATH CMD echo "------ok--------" CMD /bin/bash
shell[root@VM-4-9-centos dockerfile]# pwd /dockerfile [root@VM-4-9-centos dockerfile]# cat mydockerfile-centos FROM centos:7 MAINTAINER jiang<2790810983@qq.com> ENV MYPATH /usr/local WORKDIR $MYPATH #安装vim编辑器 RUN yum -y install vim #安装ifconfig命令查看网络IP RUN yum -y install net-tools EXPOSE 80 CMD echo $MYPATH CMD echo "------ok--------" CMD /bin/bash
-
构建
docker build -f mydockerfile-centos -t mycentos:1.0 .
(注意:. 前面有空格 ;官方命名Dockerfile,使用其编写文件,build时不需要-f指定文件)shell[root@VM-4-9-centos dockerfile]# docker build -f mydockerfile-centos -t mycentos:1.0 . [+] Building 76.7s (8/8) FINISHED docker:default => [internal] load build definition from mydockerfile-centos 0.0s => => transferring dockerfile: 318B 0.0s => [internal] load .dockerignore 0.0s => => transferring context: 2B 0.0s => [internal] load metadata for docker.io/library/centos:7 16.9s => [1/4] FROM docker.io/library/centos:7@sha256:9d4bcbbb213dfd745b58be38b13b996ebb5ac315fe75711bd618426a630e0987 11.8s => => resolve docker.io/library/centos:7@sha256:9d4bcbbb213dfd745b58be38b13b996ebb5ac315fe75711bd618426a630e0987 0.0s => => sha256:9d4bcbbb213dfd745b58be38b13b996ebb5ac315fe75711bd618426a630e0987 1.20kB / 1.20kB 0.0s => => sha256:dead07b4d8ed7e29e98de0f4504d87e8880d4347859d839686a31da35a3b532f 529B / 529B 0.0s => => sha256:eeb6ee3f44bd0b5103bb561b4c16bcb82328cfe5809ab675bb17ab3a16c517c9 2.75kB / 2.75kB 0.0s => => sha256:2d473b07cdd5f0912cd6f1a703352c82b512407db6b05b43f2553732b55df3bc 76.10MB / 76.10MB 6.6s => => extracting sha256:2d473b07cdd5f0912cd6f1a703352c82b512407db6b05b43f2553732b55df3bc 4.8s => [2/4] WORKDIR /usr/local 0.1s => [3/4] RUN yum -y install vim 40.6s => [4/4] RUN yum -y install net-tools 4.3s => exporting to image 2.8s => => exporting layers 2.7s => => writing image sha256:b7a758d3704aa39b122ac1684fd8555406a5ea213ae5907308b96a9be53cd38d 0.0s => => naming to docker.io/library/mycentos:1.0 0.0s [root@VM-4-9-centos dockerfile]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE mycentos 1.0 b7a758d3704a 27 seconds ago 666MB
-
运行(可以看到在基础的镜像上增加了vim和查看ip的功能)
shell[root@VM-4-9-centos dockerfile]# docker run -it b7a758d3704a /bin/bash [root@4f4c909635fe local]# vim a.txt [root@4f4c909635fe local]# cat a.txt aaa [root@4f4c909635fe local]# ifconfig eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.17.0.5 netmask 255.255.0.0 broadcast 172.17.255.255 ether 02:42:ac:11:00:05 txqueuelen 0 (Ethernet) RX packets 8 bytes 656 (656.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 loop txqueuelen 1000 (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
-
查看镜像生成过程
docker history 镜像ID
shell[root@VM-4-9-centos dockerfile]# docker history b7a758d3704a IMAGE CREATED CREATED BY SIZE COMMENT b7a758d3704a 28 minutes ago CMD ["/bin/sh" "-c" "/bin/bash"] 0B buildkit.dockerfile.v0 <missing> 28 minutes ago CMD ["/bin/sh" "-c" "echo \"------ok--------... 0B buildkit.dockerfile.v0 <missing> 28 minutes ago CMD ["/bin/sh" "-c" "echo $MYPATH"] 0B buildkit.dockerfile.v0 <missing> 28 minutes ago EXPOSE map[80/tcp:{}] 0B buildkit.dockerfile.v0 <missing> 28 minutes ago RUN /bin/sh -c yum -y install net-tools # bu... 189MB buildkit.dockerfile.v0 <missing> 28 minutes ago RUN /bin/sh -c yum -y install vim # buildkit 274MB buildkit.dockerfile.v0 <missing> 29 minutes ago WORKDIR /usr/local 0B buildkit.dockerfile.v0 <missing> 29 minutes ago ENV MYPATH=/usr/local 0B buildkit.dockerfile.v0 <missing> 29 minutes ago MAINTAINER jiang<2790810983@qq.com> 0B buildkit.dockerfile.v0 <missing> 23 months ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B <missing> 23 months ago /bin/sh -c #(nop) LABEL org.label-schema.sc... 0B <missing> 23 months ago /bin/sh -c #(nop) ADD file:b3ebbe8bd304723d4... 204MB [root@VM-4-9-centos dockerfile]#
自定义tomcat镜像
-
编写Dockerfile文件
dockerfileFROM centos:7 MAINTAINER jiang<2790810983@qq.com> ADD jdk-8u381-linux-x64.tar.gz /usr/local ADD apache-tomcat-9.0.78.tar.gz /usr/local RUN yum -y install vim ENV MYPATH /usr/local WORKDIR $MYPATH ENV JAVA_HOME /usr/local/jdk1.8.0_381 ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar ENV CATALINA_HOME /usr/local/apache-tomcat-9.0.78 ENV CATALINA_BASH /usr/local/apache-tomcat-9.0.78 ENV PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/lib:$CATALINA_HOME/bin EXPOSE 8080 CMD /usr/local/apache-tomcat-9.0.78/bin/startup.sh && tail -F /usr/local/apache-tomcat-9.0.78/bin/logs/catalina.out
-
构建镜像
docker build -t tomcat-jiang:1.0 .
shell[root@VM-4-9-centos dockerfile]# docker build -t tomcat-jiang:1.0 . [+] Building 0.2s (10/10) FINISHED docker:default => [internal] load build definition from Dockerfile 0.0s => => transferring dockerfile: 639B 0.0s => [internal] load .dockerignore 0.0s => => transferring context: 2B 0.0s => [internal] load metadata for docker.io/library/centos:7 0.0s => [1/5] FROM docker.io/library/centos:7 0.0s => [internal] load build context 0.0s => => transferring context: 99B 0.0s => CACHED [2/5] ADD jdk-8u381-linux-x64.tar.gz /usr/local 0.0s => CACHED [3/5] ADD apache-tomcat-9.0.78.tar.gz /usr/local 0.0s => CACHED [4/5] RUN yum -y install vim 0.0s => CACHED [5/5] WORKDIR /usr/local 0.0s => exporting to image 0.0s => => exporting layers 0.0s => => writing image sha256:a955df44eb4b65dee47a3dabdec2df4dd3af83e467d9bc6734ea9da5ebbfaf06 0.0s => => naming to docker.io/library/tomcat-jiang:1.0 [root@VM-4-9-centos dockerfile]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE tomcat-jiang 1.0 a955df44eb4b 2 hours ago 837MB mycentos 1.0 b7a758d3704a 5 hours ago 666MB
-
运行即可访问到主页
docker run -id --name=tomcat-jiang -p 8080:8080 -v /home/tomcat-jiang/webapps/test:/usr/local/apache-tomcat-9.0.78/webapps/test -v /home/tomcat-jiang/tomcatlogs/:/usr/local/apache-tomcat-9.0.78/logs tomcat-jiang:1.0
虚悬镜像
仓库名、标签信息都是
<none>
的镜像,俗称dangling image
docker image ls -f dangling=true
查看虚悬镜像docker image prune
删除
自定义一个虚悬镜像:
shell
[root@VM-4-9-centos dockerfile]# vim danglingdockerfile
[root@VM-4-9-centos dockerfile]# cat danglingdockerfile
FROM ubuntu
CMD echo'--------ok--------'
[root@VM-4-9-centos dockerfile]# docker build -f danglingdockerfile .
[+] Building 17.0s (5/5) FINISHED docker:default
=> [internal] load build definition from danglingdockerfile 0.0s
=> => transferring dockerfile: 88B 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/ubuntu:latest 16.8s
=> [1/1] FROM docker.io/library/ubuntu@sha256:626ffe58f6e7566e00254b638eb7e0f3b11d4da9675088f4781a50ae288f3322 0.1s
=> => resolve docker.io/library/ubuntu@sha256:626ffe58f6e7566e00254b638eb7e0f3b11d4da9675088f4781a50ae288f3322 0.0s
=> => sha256:626ffe58f6e7566e00254b638eb7e0f3b11d4da9675088f4781a50ae288f3322 1.42kB / 1.42kB 0.0s
=> => sha256:7cc0576c7c0ec2384de5cbf245f41567e922aab1b075f3e8ad565f508032df17 529B / 529B 0.0s
=> => sha256:ba6acccedd2923aee4c2acc6a23780b14ed4b8a5fa4e14e252a23b846df9b6c1 1.46kB / 1.46kB 0.0s
=> exporting to image 0.0s
=> => exporting layers 0.0s
=> => writing image sha256:bceab7bc196f17008c0ef5c5333dc29217c84ab0e4669b0a66021e1481eb5a86 0.0s
[root@VM-4-9-centos dockerfile]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mytomcat 1.0 85a142640f0d 33 minutes ago 837MB
mingdajiang/mytomcat 1.0 85a142640f0d 33 minutes ago 837MB
mycentos 1.0 b7a758d3704a 3 hours ago 666MB
<none> <none> bceab7bc196f 22 months ago 72.8MB
[root@VM-4-9-centos dockerfile]# docker image ls -f dangling=true
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> bceab7bc196f 22 months ago 72.8MB
[root@VM-4-9-centos dockerfile]# docker image prune
WARNING! This will remove all dangling images.
Are you sure you want to continue? [y/N] y
Deleted Images:
deleted: sha256:bceab7bc196f17008c0ef5c5333dc29217c84ab0e4669b0a66021e1481eb5a86
Total reclaimed space: 0B
[root@VM-4-9-centos dockerfile]# docker image ls -f dangling=true
REPOSITORY TAG IMAGE ID CREATED SIZE
[root@VM-4-9-centos dockerfile]#
Docker微服务实战
-
新建微服务模块
-
生成jar包
-
编写Dockerfile
vim Dockerfile
dockerfile# 基础镜像 FROM openjdk:8u102 # 作者 MAINTAINER jiang<2790810983@qq.com> # 将jar包放到容器中 COPY finance.jar finance.jar # 运行jar包 ENTRYPOINT ["java", "-jar", "finance.jar"] # 暴露端口 EXPOSE 8080
-
将微服务jar包上传到和Dockerfile同一目录
shell[root@VM-4-9-centos finance]# ls Dockerfile finance.jar [root@VM-4-9-centos finance]#
-
构建镜像
docker build -t finance:1.0 .
-
运行容器
docker run -id -p 9000:8080 --name financeapp -v /home/finance/log:/var/applogs finance:1.0
-
访问测试