【Docker】Docker学习④ - Docker镜像与制作
- 四、Docker镜像与制作
-
- [1. 手动制作yum版nginx镜像](#1. 手动制作yum版nginx镜像)
- [2. DockerFile制作yum版nginx镜像](#2. DockerFile制作yum版nginx镜像)
- [3. 手动制作编译版本nginx镜像](#3. 手动制作编译版本nginx镜像)
- [4. 自定义tomcat镜像](#4. 自定义tomcat镜像)
- [5. 构建haproxy镜像](#5. 构建haproxy镜像)
- [6. 本地镜像上传至官方docker仓库](#6. 本地镜像上传至官方docker仓库)
四、Docker镜像与制作
docker镜像有没有内核?
- 从镜像大小上面来说,一个比较小的镜像只有十几MB,而内核文件需要一百多兆,因此镜像里面是没有内核的,镜像在被启动为容器后将直接使用宿主机的内核,而镜像本身则只提供相应的rootfs,即系统正常运行所必须的用户空间的文件系统,比如/dev,/proc,/bin,/etc等目录,所以容器当中基本是没有/boot目录的,而/boot当中保存的就是与内核相关的文件和目录。
为什么没有内核?
- 由于容器启动和运行过程中是直接使用了宿主机的内核,所以没有直接调用过物理硬件,所以也不会涉及到硬件驱动,因此也用不上内核和驱动,另外有内核的那是虚拟机。
1. 手动制作yum版nginx镜像
Docker制作类似于虚拟机的镜像制作,即按照公司的实际业务需求将需要安装的软件、相关配置等基础环境配置完成,然后将其做成镜像,最后再批量从镜像批量生产实例,这样可以极大的简化相同环境的部署工作,Docker的镜像制作分为手动制作和自动制作(基于DockerFile),企业通常都是基于Dockerfile制作精细,其中手动制作镜像步骤具体如下:
-
1.1 下载镜像并初始化系统
基于某个基础镜像之上重新制作,因此需要先有一个基础镜像,本次使用官方提供的centos镜像为基础:docker pull centos docker run -it docker.io/centos /bin/bash yum install wget -y cd /etc/yum.repos.d/ rm -rf ./* #更改yum源 wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-8.repo wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo -
1.2 yum安装并配置nginx
yum install nginx -y yum install -y vim wget pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop -
1.3 关闭nginx后台运行
vim /etc/nginx/nginx.conf user nginx; worker_processes auto; error_log /var/log/nginx/error.log; pid /run/nginx.pid; daemon off;#关闭后台运行 -
1.4 自定义web页面
vim /usr/share/nginx/html/index.html cat /usr/share/nginx/html/index.html Docker Yum Nginx #自定义web界面 -
1.5 提交为镜像
在宿主机基于容器ID提交为镜像
docker commit --help
日志:[root@gbase8c_private ~]# docker commit --help Usage: docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]] Create a new image from a container's changes Options: -a, --author string Author (e.g., "John Hannibal Smith <hannibal@a-team.com>") -c, --change list Apply Dockerfile instruction to the created image -m, --message string Commit message -p, --pause Pause container during commit (default true)
docker commit -a "123456789@qq.com" -m "nginx yum v1" --change="EXPOSE 80 443" 容器ID centos-nginx:v1
日志:
[root@gbase8c_private ~]# docker commit -a "123456789@qq.com" -m "nginx yum v1" --change="EXPOSE 80 443" 6806eb0bfd6b centos-nginx:v1
sha256:a93983db5db7f14b028edf94407ed1352efadf62dac88f6806366379a943403e
-
1.6 带tag的镜像提交
提交的时候标记tag号,标记tag号,生产当中比较常用,后期可以根据tag标记创建不同版本的镜像以及创建不同版本的容器
docker commit -m "nginx image" 容器ID jack/centos-nginx:v1
日志:[root@gbase8c_private ~]# docker commit -m "nginx image" 6806eb0bfd6b jack/centos-nginx:v1 sha256:cd4faded8f63c375fbc924ab20173f00cecb4cb52ea0fbfb3041d41fb327c343 [root@gbase8c_private ~]# docker images -a REPOSITORY TAG IMAGE ID CREATED SIZE jack/centos-nginx v1 cd4faded8f63 59 seconds ago 431MB centos-nginx v1 a93983db5db7 2 minutes ago 431MB -
1.7 从自己镜像启动容器
docker run -d -p 80:80 --name my-centos-nginx jack/centos-nginx /usr/sbin/nginx
日志:[root@gbase8c_private ~]# docker run -d -p 80:80 --name my-centos-nginx centos-nginx:v1 /usr/sbin/nginx 6cbb96e413b80336172714736302bdae09e5351e844a209518e09160fb9cb5c5
2. DockerFile制作yum版nginx镜像
DockerFile可以说是一种可以被Docker程序解释的脚本,DockerFile是由一条条的命令组成的,每条命令对应linux下面的一条命令,Docker程序将这些DockerFile指令再翻译成真正的linux命令,其有自己的书写方式和支持的命令,Docker程序读取DockerFile并根据指令生成Docker镜像,相比手动制作镜像的方式,DockerFile更能直观的展示镜像是怎么产生的,有了DockerFile,当后期有额外的需求时,只要在之前的DockerFile添加或者修改相应的命令即可重新生成新的Docker镜像,避免了重复手动制作镜像的麻烦,具体如下:
-
2.1 下载镜像并初始化系统
docker pull centos docker run -it docker.io/centos /bin/bash cd /opt/ mkdir dockerfile/{web/{nginx,tomcat,jdk,apache},system/{centos,ubuntu,redhat}} -pv
目录结构按照业务类型或系统类型等方式划分,方便后期镜像比较多的时候进行分类
-
2.2 编写Dockerfile
cd /opt/dockerfile/web/nginx
vim ./Dockerfile #生成镜像的时候,会在执行命令的当前目录查找Dockerfile文件,所以名称不可写错,而且D必须大写#My Dockerfile
#"#"为注释,等于shell脚本中的#
#除了注释行之外的第一行,必须是From xxx(xxx是基础镜像)
#第一行先定义基础镜像,后面的本地有效的镜像名,如果本地没有会从远程仓库下载,第一行很重要
From centos#镜像维护者的信息
MAINTAINER jack.Zhang 123456@qq.com#########其他可选参数###########
#USER #指定该容器运行时的用户名和UID,后续的RUN命令也会使用这里指定的用户执行
#WORKDIR /a
#WORKDIR b #指定工作目录,最终为/a/b
#VOLUME ["/dir_1","/dir_2"] #设置容器挂载主机目录
#ENV name jack #设置容器变量,常用于向容器内传递用户密码等################################
#执行的命令,将编译安装nginx的步骤执行一遍
RUN rpm -ivh http://mirrors.aliyun.com/epel/epel-release-latest-8.noarch.rpm
#以下为centos8需要
RUN sed -i -e "s|mirrorlist=|#mirrorlist=|g" /etc/yum.repos.d/CentOS-*
RUN sed -i -e "s|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g" /etc/yum.repos.d/CentOS-*
RUN yum install -y vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop make
#自动解压压缩包
ADD nginx-1.22.1.tar.gz /usr/local/src/
RUN cd /usr/local/src/nginx-1.22.1 && ./configure --prefix=/usr/local/nginx --with-http_sub_module && make && make install
RUN cd /usr/local/nginx
ADD nginx.conf /usr/local/nginx/conf/nginx.conf
RUN useradd nginx -s /sbin/nologin
RUN ln -sv /usr/local/nginx/sbin/nginx /usr/sbin/nginx
RUN echo "test nginx page" > /usr/local/nginx/html/index.html
EXPOSE 80 443
#向外开放的端口,多个端口用空格做间隔,启动容器时候-p需要使用此端口向外映射,如-p 8081:80,则80就是这里的80
CMD ["nginx"]
#运行的命令,每个Dockerfile只能有一条,如果有多条则只有最后一条被执行
#如果再从该镜像启动容器的时候也指定了命令,那么指定的命令会覆盖Dockerfile构建的镜像里面的CMD命令,即指定的命令优先级更高,Dockerfile的优先级较低一些 -
2.3 准备源码包与配置文件
[root@gbase8c_private nginx]# cp /usr/local/nginx/conf/nginx.conf . #配置文件关闭后台运行
[root@gbase8c_private nginx]# cp /usr/local/src/nginx-1.22.1.tar.gz . #nginx 源码包 -
2.4 执行镜像构建
docker build -t jack/nginx-1.22.1:v1 /opt/dockerfile/web/nginx
日志:[root@gbase8c_private nginx]# docker build -t jack/nginx-1.22.1:v1 /opt/dockerfile/web/nginx Sending build context to Docker daemon 1.082MB Step 1/15 : From centos ---> 5d0da3dc9764 Step 2/15 : MAINTAINER jack.Zhang 123456@qq.com ---> Using cache ---> 43ec73180728 Step 3/15 : RUN rpm -ivh http://mirrors.aliyun.com/epel/epel-release-latest-8.noarch.rpm ---> Using cache ---> e143ccac7d7d Step 4/15 : RUN sed -i -e "s|mirrorlist=|#mirrorlist=|g" /etc/yum.repos.d/CentOS-* ---> Using cache ---> b844d534721f Step 5/15 : RUN sed -i -e "s|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g" /etc/yum.repos.d/CentOS-* ---> Using cache ---> 9e3a042b490c Step 6/15 : RUN yum install -y vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop make ---> Using cache ---> df76eecdf09f Step 7/15 : ADD nginx-1.22.1.tar.gz /usr/local/src/ ---> Using cache ---> 98025681ea35 Step 8/15 : RUN cd /usr/local/src/nginx-1.22.1 && ./configure --prefix=/usr/local/nginx --with-http_sub_module && make && make install ---> Using cache ---> 96186cea028e Step 9/15 : RUN cd /usr/local/nginx ---> Using cache ---> 4156022d8485 Step 10/15 : ADD nginx.conf /usr/local/nginx/conf/nginx.conf ---> Using cache ---> 1c048d8e231e Step 11/15 : RUN useradd nginx -s /sbin/nologin ---> Using cache ---> b354065c9fc2 Step 12/15 : RUN ln -sv /usr/local/nginx/sbin/nginx /usr/sbin/nginx ---> Using cache ---> a5b3a6e665f3 Step 13/15 : RUN echo "test nginx page" > /usr/local/nginx/html/index.html ---> Running in 7d4595c415e8 Removing intermediate container 7d4595c415e8 ---> 242a23ccac4c Step 14/15 : EXPOSE 80 443 ---> Running in 7fd3a8e9c72d Removing intermediate container 7fd3a8e9c72d ---> 280671c13521 Step 15/15 : CMD ["nginx"] ---> Running in 866bfe9c8e53 Removing intermediate container 866bfe9c8e53 ---> fdfce08f491f Successfully built fdfce08f491f Successfully tagged jack/nginx-1.22.1:v1 [root@gbase8c_private nginx]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE jack/nginx-1.22.1 v1 fdfce08f491f 30 seconds ago 638MB -
2.5 从镜像启动容器
docker run -d -p 80:80 --name yum-nginx jack/nginx-1.22.1:v1 /usr/sbin/nginx
日志:[root@gbase8c_private nginx]# docker run -d -p 80:80 --name yum-nginx jack/nginx-1.22.1:v1 /usr/sbin/nginx 2649a84740d66098c1841387d306a245ee618f12a0df143ab0be5d7ab93c9c9d [root@gbase8c_private nginx]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 2649a84740d6 jack/nginx-1.22.1:v1 "/usr/sbin/nginx" 16 seconds ago Exited (1) 15 seconds ago yum-nginx
↑容器并未成功启动,问题原因:
[root@gbase8c_private nginx]# docker logs cb332665fbdf
nginx: [emerg] open() "/var/log/nginx/error.log" failed (2: No such file or directory)
nginx: [emerg] open() "/var/log/nginx/error.log" failed (2: No such file or directory)
nginx: [emerg] open() "/var/log/nginx/error.log" failed (2: No such file or directory)
[root@gbase8c_private nginx]# head -n 10 nginx.conf
#user nobody;
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log; - 》》》 /run/error.log
pid /run/nginx.pid;
daemon off;
- ❗原因:在 Docker 容器里面使用 root 用户的话,是不安全的,很容易出现越权的安全问题,所以一般情况下,我们都会使用普通用户来代替 root 进行服务的启动和管理的。
- ❗解决办法:发现还是 nginx.conf 配置文件,配置的有问题,需要将 Nginx 服务启动时候需要的文件都配置到一个无权限的目录,即可解决
3. 手动制作编译版本nginx镜像
过程为在centos基础镜像之上手动安装nginx,然后再提交为镜像
-
3.1 下载镜像并初始化系统
docker pull centos docker run -it docker.io/centos /bin/bash yum install wget -y cd /etc/yum/repos.d/ sed -i -e "s|mirrorlist=|#mirrorlist=|g" /etc/yum.repos.d/CentOS-* sed -i -e "s|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g" /etc/yum.repos.d/CentOS-*
❗不行再慎用↓
rm -rf ./* #更改yum源
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-8.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
-
3.2 编译安装nginx
yum install -y vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop make cd /usr/local/src/ wget http://nginx.org/download/nginx-1.22.1.tar.gz tar xvf nginx-1.22.1.tar.gz cd nginx-1.22.1 ./configure --prefix=/usr/local/nginx --with-http_sub_module make && make install -
3.3 关闭nginx后台运行
vim /usr/local/nginx/conf/nginx.conf user nginx; worker_processes auto; daemon off; ln -sv /usr/local/nginx/sbin/nginx /usr/sbin/nginx #创建软连 -
3.4 创建用户及授权
useradd nginx -s /sbin/nologin chown nginx.nginx /usr/local/nginx -R -
3.5 自定义web界面
echo "My Nginx Test Page" > /usr/local/nginx/html/index.html -
3.6 提交为镜像
docker commit -m "test nginx" 88c367f1f97f jack/nginx-test-image:v1 -
3.7 从自己的镜像启动容器
docker run -d -p 80:80 --name my-centos-nginx jack/nginx-test-image:v1 /usr/sbin/nginx -
3.8 查看nginx访问日志
日志:[root@gbase8c_private nginx]# docker run -d -p 80:80 --name my-centos-nginx jack/nginx-test-image:v1 /usr/sbin/nginx e21b3af797570e7cd0a1426a74fa2953e282175e0793df70dc351fdf8767a036 [root@gbase8c_private nginx]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e21b3af79757 jack/nginx-test-image:v1 "/usr/sbin/nginx" 4 seconds ago Up 3 seconds 0.0.0.0:80->80/tcp my-centos-nginx 88c367f1f97f centos "/bin/bash" 9 minutes ago Exited (0) 2 minutes ago naughty_noyce 7929901f31c9 jack/nginx-1.22.1:v1 "/usr/sbin/nginx" 27 minutes ago Exited (0) 19 seconds ago yum-nginx [root@gbase8c_private nginx]# docker inspect -f "{{.State.Pid}}" e21b3af79757 16623 [root@gbase8c_private nginx]# nsenter -t 16623 -m -u -i -n -p [root@e21b3af79757 /]# tail -f /usr/local/nginx/logs/access.log 192.168.56.1 - - [28/Nov/2023:14:33:18 +0000] "GET / HTTP/1.1" 200 19 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 192.168.56.1 - - [28/Nov/2023:14:35:02 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 192.168.56.1 - - [28/Nov/2023:14:35:03 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 192.168.56.1 - - [28/Nov/2023:14:35:03 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
4. 自定义tomcat镜像
基于官方提供的centos 基础镜像构建JDK和tomcat镜像,先构建JDK镜像,然后再基于JDK镜像构建tomcat镜像
-
4.1 构建JDK镜像
docker pull centos mkdir /opt/dockerfile/{web/{nginx,tomcat,jdk,apache},system/{centos,ubuntu,redhat}} -pv cd /opt/dockerfile/web/jdk vim Dockerfile#JDK Base Image
FROM centos:latest
MAINTAINER jack.Zhang 123456@qq.com
ADD jdk-8u391-linux-x64.tar.gz /usr/local/src/
RUN ln -sv /usr/local/src/jdk1.8.0_391 /usr/local/jdk
ADD profile /etc/profile
ENV JAVA_HOME /usr/local/jdk
ENV JRE_HOME $JAVA_HOME/jre
ENV CLASSPATH JAVA_HOME/lib/:JRE_HOME/lib/
ENV PATH PATH:JAVA_HOME/bin
RUN rm -rf /etc/localtime && ln -snf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && echo "Asia/Shanghai" > /etc/timezone -
4.2 上传JDK压缩包和profile文件
将JDK压缩包上传到Dockerfile当前目录,然后执行构建: -
4.3 执行构建镜像
cat build-command.sh#!/bin/bash
docker build -t centos-8-jdk:v1 .
日志:
[root@gbase8c_private jdk]# bash build-command.sh
Sending build context to Docker daemon 141.9MB
Step 1/10 : FROM centos-7.5:latest
pull access denied for centos-7.5, repository does not exist or may require 'docker login'
[root@gbase8c_private jdk]# vim Dockerfile
[root@gbase8c_private jdk]# bash build-command.sh
Sending build context to Docker daemon 141.9MB
Step 1/10 : FROM centos:latest
---> 5d0da3dc9764
Step 2/10 : MAINTAINER jack.Zhang 123456@qq.com
---> Using cache
---> 43ec73180728
Step 3/10 : ADD jdk-8u391-linux-x64.tar.gz /usr/local/src/
---> 21764746d490
Step 4/10 : RUN ln -sv /usr/local/src/jdk-8u391-linux-x64/usr/local/jdk
---> Running in a22ecd27e9f8
'./jdk' -> '/usr/local/src/jdk-8u391-linux-x64/usr/local/jdk'
Removing intermediate container a22ecd27e9f8
---> 2f99e9a548c1
Step 5/10 : ADD profile /etc/profile
---> aef302c8a3da
Step 6/10 : ENV JAVA_HOME /usr/local/jdk
---> Running in 47c346592718
Removing intermediate container 47c346592718
---> da9972f86cd2
Step 7/10 : ENV JRE_HOME $JAVA_HOME/jre
---> Running in c83345919c81
Removing intermediate container c83345919c81
---> 460916698ef9
Step 8/10 : ENV CLASSPATH $JAVA_HOME/lib/:$JRE_HOME/lib/
---> Running in 5114c8a4b7d9
Removing intermediate container 5114c8a4b7d9
---> d1d448d0c77c
Step 9/10 : ENV PATH $PATH:$JAVA_HOME/bin
---> Running in ae28d4c66b9e
Removing intermediate container ae28d4c66b9e
---> 3ae8ad1733b5
Step 10/10 : RUN rm -rf /etc/localtime && ln -snf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && echo "Asia/Shanghai" > /etc/timezone
---> Running in 2690a5bb592f
Removing intermediate container 2690a5bb592f
---> 2db525ca3854
Successfully built 2db525ca3854
Successfully tagged centos-8-jdk:v1
-
4.4 从镜像启动容器
docker run -it centos-8-jdk bash docker run -it --rm centos-8-jdk:v1 bash [root@gbase8c_private jdk]# docker run -it --rm centos-8-jdk:v1 bash [root@76ab942d4101 /]# java -version java version "1.8.0_391" Java(TM) SE Runtime Environment (build 1.8.0_391-b13) Java HotSpot(TM) 64-Bit Server VM (build 25.391-b13, mixed mode) [root@76ab942d4101 /]# date Thu Dec 7 21:48:47 CST 2023 -
4.5 将镜像上传到harbor
docker push centos-8-jdk:v1 docker tag centos-8-jdk:v1 192.168.56.199/jdk/centos-8-jdk:v1
日志:
[root@gbase8c_private harbor]# docker push 192.168.56.199/jdk/centos-8-jdk:v1
The push refers to repository [192.168.56.199/jdk/centos-8-jdk]
7fea194b5bd5: Pushed
fd55b5f95a06: Pushed
9bf99e4f3d89: Pushed
a74f8d8f2d28: Pushed
74ddd0ec08fa: Pushed
v1: digest: sha256:d43557182e4e243522036f884d79d7b8c3ccc3eaf727a3bdd56a44ce20976583 size: 1363
-
4.6 下载镜像并启动JDK容器
日志:[root@gbase8c_private harbor]# docker pull 192.168.56.199/jdk/centos-8-jdk:v1 v1: Pulling from jdk/centos-8-jdk Digest: sha256:d43557182e4e243522036f884d79d7b8c3ccc3eaf727a3bdd56a44ce20976583 Status: Image is up to date for 192.168.56.199/jdk/centos-8-jdk:v1 [root@gbase8c_private harbor]# docker run -it --rm 192.168.56.199/jdk/centos-8-jdk:v1 bash [root@5b4cfa6cbf5a /]# date Sun Dec 10 20:38:53 CST 2023 [root@5b4cfa6cbf5a /]# java -version java version "1.8.0_391" Java(TM) SE Runtime Environment (build 1.8.0_391-b13) Java HotSpot(TM) 64-Bit Server VM (build 25.391-b13, mixed mode) -
4.7 从JDK镜像构建tomcat 8 Base 镜像:
-
4.7.1 编辑DockerFile:
cd /opt/dockerfile/system/centos/tomcat8-base vim Dockerfile#Tomcat Base Image
From 192.168.56.199/jdk/centos-8-jdk:v1
RUN useradd www -u 2000#ADD del_tomcatlog.sh /root/script
#RUN echo "0 2 * * * /bin/bash /root/script/del_tomcatlog.sh &> /dev/null" >> /var/spool/cron/root#env settinf
ENV TZ "Asiz/Shanghai"
ENV LANG en_US.UTF-8
ENV TERM xterm
ENV TOMCAT_MAJOR_VERSION 8
ENV TOMCAT_MINOR_VERSION 8.5.96
ENV CATALINA_HOME /apps/tomcat
ENV APP_DIR ${CATALINA_HOME}/webapps#tomcat settinf
RUN mkdir /apps
ADD apache-tomcat-8.5.96.tar.gz /apps
RUN ln -sv /apps/apache-tomcat-8.5.96 /apps/tomcat
-
-
4.7.2 通过脚本构建tomcat基础镜像
cat build-command.sh #!/bin/bash docker build -t tomcat8-base:v1 .
日志:
[root@gbase8c_private tomcat8-base]# bash build-command.sh
Sending build context to Docker daemon 10.78MB
Step 1/12 : From 192.168.56.199/jdk/centos-8-jdk:v1
---> a2b742b94015
Step 2/12 : RUN useradd www -u 2000
---> Running in d19d27df0448
Removing intermediate container d19d27df0448
---> 1bf6e78dc7c7
Step 3/12 : ENV TZ "Asiz/Shanghai"
---> Running in a99f9eb322cc
Removing intermediate container a99f9eb322cc
---> 95c6a3cefc7f
Step 4/12 : ENV LANG en_US.UTF-8
---> Running in 805840b54de5
Removing intermediate container 805840b54de5
---> 7aab23b04eef
Step 5/12 : ENV TERM xterm
---> Running in 4ae0182d2195
Removing intermediate container 4ae0182d2195
---> 0804043c7b14
Step 6/12 : ENV TOMCAT_MAJOR_VERSION 8
---> Running in c825fe92e42d
Removing intermediate container c825fe92e42d
---> 4d6fcd259f9c
Step 7/12 : ENV TOMCAT_MINOR_VERSION 8.5.96
---> Running in b4b7a0ed2797
Removing intermediate container b4b7a0ed2797
---> 626d7d9d2478
Step 8/12 : ENV CATALINA_HOME /apps/tomcat
---> Running in 37e5aff7d23c
Removing intermediate container 37e5aff7d23c
---> eb992444e7f6
Step 9/12 : ENV APP_DIR ${CATALINA_HOME}/webapps
---> Running in de3421e3d164
Removing intermediate container de3421e3d164
---> 03766db8ca90
Step 10/12 : RUN mkdir /apps
---> Running in 5ba348fd64b4
Removing intermediate container 5ba348fd64b4
---> 5d60c75f47ec
Step 11/12 : ADD apache-tomcat-8.5.96.tar.gz /apps
---> cac315a6fd1b
Step 12/12 : RUN ln -sv /apps/apache-tomcat-8.5.96 /apps/tomcat
---> Running in 919329b80388
'/apps/tomcat' -> '/apps/apache-tomcat-8.5.96'
Removing intermediate container 919329b80388
---> 2ab037a507a7
Successfully built 2ab037a507a7
Successfully tagged tomcat8-base:v1
[root@gbase8c_private tomcat8-base]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat8-base v1 2ab037a507a7 8 seconds ago 597MB
-
4.8 构建业务镜像1、2
创建tomcat-app1 和 tomcat-app2两个目录,代表不同的两个基于tomcat的业务。-
4.8.1 准备Dockerfile
cd /opt/dockerfile/system/centos/tomcat-app1 vim Dockerfile#Tomcat Web Image
FROM tomcat8-base:v1
ADD run_tomcat.sh /apps/tomcat/bin/run_tomcat.sh
ADD myapp/* /apps/tomcat/webapps/myapp/
RUN chown www.www /apps/ -R
CMD ["/apps/tomcat/bin/run_tomcat.sh"]
EXPOSE 8080 8009
-
-
4.8.2 准备自定义myapp页面
mkdir myapp echo "Tomcat Web Page1" > myapp/index.html cat myapp/index.html -
4.8.3 准备容器启动执行脚本
cat run_tomcat.sh#!/bin/bash
echo "1.1.1.1 abc.test.com" >> /etc/hosts
echo "nameserver 223.5.5.5" > /etc/resolv.conf
su - www -c "export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/jdk/bin && export JAVA_HOME=/usr/local/jdk && export JRE_HOME=/usr/local/jdk/jre && export CLASSPATH=/usr/local/jdk/lib/:/usr/local/jdk/jre/lib/ && /apps/tomcat/bin/catalina.sh start && tail -f /etc/hosts"
#这里没有继承主机的环境变量,有没有懂哥。。。。
#su - www -c "/apps/tomcat/bin/catalina.sh start"
#su - www -c "tail -f /etc/hosts"
-
4.8.4 准备构建脚本
vim build-command.sh#!/bin/bash
docker build -t tomcat-web:app1 .
日志:
[root@gbase8c_private tomcat-app1]# bash build-command.sh
Sending build context to Docker daemon 5.632kB
Step 1/6 : FROM tomcat8-base:v1
---> 2ab037a507a7
Step 2/6 : ADD run_tomcat.sh /apps/tomcat/bin/run_tomcat.sh
---> 09983a7133b8
Step 3/6 : ADD myapp/* /apps/tomcat/webapps/myapp/
---> c5a2afd16dc5
Step 4/6 : RUN chown www.www /apps/ -R
---> Running in 869d5623188c
Removing intermediate container 869d5623188c
---> c481b86618b4
Step 5/6 : CMD ["/apps/tomcat/bin/run_tomcat.sh"]
---> Running in a90ab30a9c8e
Removing intermediate container a90ab30a9c8e
---> e5742f33c2bd
Step 6/6 : EXPOSE 8080 8009
---> Running in 15dea2dd3a7a
Removing intermediate container 15dea2dd3a7a
---> 891a81d08424
Successfully built 891a81d08424
Successfully tagged tomcat-web:app1
[root@gbase8c_private tomcat-app2]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat-web app2 1c4e68330d53 3 seconds ago 612MB
tomcat-web app1 891a81d08424 About a minute ago 612MB
-
4.8.5 从镜像启动容器测试
docker run -it -d -p 8888:8080 tomcat-web:app1 docker run -it -d -p 8889:8080 tomcat-web:app2
5. 构建haproxy镜像
-
5.1 准备Dockerfile
cd /opt/dockerfile/system/centos/haproxy vim Dockerfile#Haproxy Base Image
FROM centos:latest
MAINTAINER zhangshijie "zhangshijie@300.cm"
RUN yum install gcc gcc-c++ glibc glibc-devel pcre pcre-devel openssl openssl-devel systemd-devel net-tools vim iotop bc zip unzip zlib-devel lrzsz tree screen lsof tcpdump wget ntpdate -y
ADD haproxy-1.8.31.tar.gz /usr/lib/src/
RUN cd /usr/local/src/haproxy-1.8.31 && make ARCH=x86_64 TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 USE_SYSTEMD=1 USE_CPU_AFFINITY=1 PREFIX=/usr/local/haproxy && make install PRFEIX=/usr/local/haproxy && cp haproxy /usr/sbin/ && mkdir /usr/local/haproxy/run
ADD haproxy.cfg /etc/haproxyADD run_haproxy.sh /usr/bin
EXPOSE 80 9999
CMD ["/usr/bin/run_haproxy.sh"] -
5.2 准备haproxy配置文件
cat haproxy.cfgglobal
chroot /usr/local/haproxy
#stats socket /var/lib/haproxy/haproxy.sock mode 600 level admin
uid 99
gid 99
daemon
nbproc 1
pidfile /usrs/local/haproxy/run/haproxy.pid
log 127.0.0.1 local3 infodefaults
option http-keep-alive
option forwardfor
mode http
timeout connect 300000ms
timeout client 300000ms
timeout server 300000mslisten stats
mode http
bind 0.0.0.0:9999
stats enable
log global
stats uri /haproxy-status
stats auth haadmin:q1w2e3r4yslisten web_port
bind 0.0.0.0:80
mode http
log global
balance roundrobin
server web1 192.168.56.199:8888 check inter 3000 fall 2 rise 5
server web2 192.168.56.199:8889 check inter 3000 fall 2 rise 5 -
5.3 准备构建脚本
cat build-command.sh#!/bin/bash
docker build -t centos-haproxy-bash:7.5-1.8.31 . -
5.4 执行构建haproxy镜像
-
5.5 从镜像启动容器
docker run -it -d -p80:80 -p9999:9999 centos-haproxy-bash:7.5-1.8.31
6. 本地镜像上传至官方docker仓库
将自制的镜像上传至docker仓库,https://hub.docker.com/
-
6.1 准备账户
登录到docker hub 官网创建账户,登陆后点击settings完善账户信息 -
6.2 在虚拟机使用自己的账号登录
docker login https://hub.docker.com/ -
6.3 查看认证信息
登录成功之后会在当前目录生成一个隐藏文件用户保存登录认证信息cat .docker/config.json
-
6.4 给镜像做tag并开始上传
docker images docker tag xxxx docker.io/ck/centos-nginx docker login docker push xxxxx -
6.5 到官方验证
-
6.6 更换到其他docker服务器下载镜像,并启动