dockerfile引用自建dns服务

一、Dockerfile引用自建dns服务

一)指定DNS服务器

1、docker 启动容器dns会读取宿主机的配置
复制代码
]# cat /etc/resolv.conf
# Generated by NetworkManager
search test.com
nameserver 114.114.114.114
 
# docker images|grep centos
centos                                                   7                              eeb6ee3f44bd        2 weeks ago         204MB

基于centos7打了一个镜像,dockerfile如下:

复制代码
FROM centos:7
RUN echo -e "search test.com\nnameserver 8.8.8.8">/etc/resolv.conf && echo "`sed 'p' -n /etc/resolv.conf`"
RUN echo "`sed 'p' -n /etc/resolv.conf`"
RUN yum install -y wget && yum clean all 
2、尝试使用RUN 直接修改resolv.conf文件失败,因为在容器启动时的操作,会被docker run指定的参数覆盖

这里指定了dns配置,然后再下面打印了一下,效果如下:

复制代码
# docker build -t test:dns .
Sending build context to Docker daemon  2.048kB
Step 1/4 : FROM centos:7
---> eeb6ee3f44bd
Step 2/4 : RUN echo "search test.com\nnameserver 8.8.8.8">/etc/resolv.conf && echo "`sed 'p' -n /etc/resolv.conf`"
---> Running in f3ec71d93b5f
search test.com
nameserver 8.8.8.8
Removing intermediate container f3ec71d93b5f
---> c2a5a9f9985f
Step 3/4 : RUN echo "`sed 'p' -n /etc/resolv.conf`"
---> Running in 08d22ef982d6
# Generated by NetworkManager
search test.com
nameserver 114.114.114.114
Removing intermediate container 08d22ef982d6
---> 9c01241bad24
Step 4/4 : RUN yum install -y wget
---> Running in e831037cf89b
Loaded plugins: fastestmirror, ovl
Determining fastest mirrors
* base: mirrors.tuna.tsinghua.edu.cn
* extras: mirrors.bupt.edu.cn
* updates: mirrors.tuna.tsinghua.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package wget.x86_64 0:1.14-18.el7_6.1 will be installed
--> Finished Dependency Resolution
 
 
Dependencies Resolved
 
 
================================================================================
Package        Arch             Version                   Repository      Size
================================================================================
Installing:
wget           x86_64           1.14-18.el7_6.1           base           547 k
 
 
Transaction Summary
================================================================================
Install  1 Package
 
 
Total download size: 547 k
Installed size: 2.0 M
Downloading packages:
warning: /var/cache/yum/x86_64/7/base/packages/wget-1.14-18.el7_6.1.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for wget-1.14-18.el7_6.1.x86_64.rpm is not installed
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
Userid     : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
Package    : centos-release-7-9.2009.0.el7.centos.x86_64 (@CentOS)
From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : wget-1.14-18.el7_6.1.x86_64                                  1/1
install-info: No such file or directory for /usr/share/info/wget.info.gz
  Verifying  : wget-1.14-18.el7_6.1.x86_64                                  1/1
 
 
Installed:
  wget.x86_64 0:1.14-18.el7_6.1                                                 
 
 
Complete!
Removing intermediate container e831037cf89b
---> 747d8f4768dd
Successfully built 747d8f4768dd
Successfully tagged test:dns
 
 
# docker run --rm -it --name testdns test:dns /bin/sh -c "cat /etc/resolv.conf"
# Generated by NetworkManager
search test.com
nameserver 114.114.114.114

从这可以看到,在第二步设置dns,第三步打印出的结果还是读取的宿主机的配置。

**  这里分析了一下原因:由于以Dockerfile的形式构建镜像,其中每一个指令都是一层,它的过程是基于基础镜像运行一个容器,然后按指令执行,第一个指令完毕后,commit为一个新的镜像层,docker再运行一个基于新镜像的容器,执行下一步指令,直到结束。这样的好处是,假如共有四个指令,第三个失败了,那么可以基于第二个指令生成的镜像继续操作,不需要再从头操作一遍,节省资源。**

**  那么,由此可见,我在第二步设置完,docker提交一个镜像,docker接下来运行这个镜像的时候,会读取宿主机配置,所以我的设置也就不生效了。使用docker commit构建镜像也是一样的效果。**

**  如果想让它生效,需要在启动命令里指定。**

3、使用ENTRYPOINT在容器启动时的操作,而且不会被docker run指定的参数覆盖。
复制代码
]# cat Dockerfile
FROM centos:7
ENTRYPOINT echo -e "search test.com\nnameserver 8.8.8.8">/etc/resolv.conf && echo "`sed 'p' -n /etc/resolv.conf`" && tail -f /dev/null
RUN echo "`sed 'p' -n /etc/resolv.conf`"
RUN yum install -y wget && yum clean all
 
 
使用entrypoint指令,这个指令的作用是在容器启动时的操作,而且不会被docker run指定的参数覆盖。(当然也可以覆盖,在启动的时候docker run --entrypoint=
可以这样指定临时的启动命令来覆盖dockerfile里的entrypoint)
# docker build -t test:dns .
Sending build context to Docker daemon  2.048kB
Step 1/4 : FROM centos:7
---> eeb6ee3f44bd
Step 2/4 : ENTRYPOINT echo -e "search test.com\nnameserver 8.8.8.8">/etc/resolv.conf && echo "`sed 'p' -n /etc/resolv.conf`" && tail -f /dev/null
---> Running in 361ec0e4cf3b
Removing intermediate container 361ec0e4cf3b
---> e062358b2b4d
Step 3/4 : RUN echo "`sed 'p' -n /etc/resolv.conf`"
---> Running in 1272cc8f69cb
# Generated by NetworkManager
search test.com
nameserver 114.114.114.114
Removing intermediate container 1272cc8f69cb
---> 08b7026e183e
Step 4/4 : RUN yum install -y wget
---> Running in 5346d673e0b7
Loaded plugins: fastestmirror, ovl
Determining fastest mirrors
* base: mirrors.tuna.tsinghua.edu.cn
* extras: mirrors.bfsu.edu.cn
* updates: mirrors.tuna.tsinghua.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package wget.x86_64 0:1.14-18.el7_6.1 will be installed
--> Finished Dependency Resolution
 
 
Dependencies Resolved
 
 
================================================================================
Package        Arch             Version                   Repository      Size
================================================================================
Installing:
wget           x86_64           1.14-18.el7_6.1           base           547 k
 
 
Transaction Summary
================================================================================
Install  1 Package
 
 
Total download size: 547 k
Installed size: 2.0 M
Downloading packages:
warning: /var/cache/yum/x86_64/7/base/packages/wget-1.14-18.el7_6.1.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for wget-1.14-18.el7_6.1.x86_64.rpm is not installed
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
Userid     : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
Package    : centos-release-7-9.2009.0.el7.centos.x86_64 (@CentOS)
From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : wget-1.14-18.el7_6.1.x86_64                                  1/1
install-info: No such file or directory for /usr/share/info/wget.info.gz
  Verifying  : wget-1.14-18.el7_6.1.x86_64                                  1/1
 
 
Installed:
  wget.x86_64 0:1.14-18.el7_6.1                                                 
 
 
Complete!
Removing intermediate container 5346d673e0b7
---> e8c04c88aed2
Successfully built e8c04c88aed2
Successfully tagged test:dns
 
 
 
# docker run --rm -it --name testdns test:dns /bin/sh -c "cat /etc/resolv.conf"
search test.com
nameserver 8.8.8.8

可以看到,使用entrypoint之后,这个指定的配置便生效了。

相关推荐
梅见十柒21 分钟前
wsl2中kali linux下的docker使用教程(教程总结)
linux·经验分享·docker·云原生
O&REO3 小时前
单机部署kubernetes环境下Overleaf-基于MicroK8s的Overleaf应用部署指南
云原生·容器·kubernetes
运维小文3 小时前
K8S资源限制之LimitRange
云原生·容器·kubernetes·k8s资源限制
登云时刻4 小时前
Kubernetes集群外连接redis集群和使用redis-shake工具迁移数据(二)
redis·容器·kubernetes
wuxingge12 小时前
k8s1.30.0高可用集群部署
云原生·容器·kubernetes
志凌海纳SmartX13 小时前
趋势洞察|AI 能否带动裸金属 K8s 强势崛起?
云原生·容器·kubernetes
锅总13 小时前
nacos与k8s service健康检查详解
云原生·容器·kubernetes
BUG弄潮儿14 小时前
k8s 集群安装
云原生·容器·kubernetes
意疏14 小时前
【Linux 篇】Docker 的容器之海与镜像之岛:于 Linux 系统内探索容器化的奇妙航行
linux·docker
墨鸦_Cormorant14 小时前
使用docker快速部署Nginx、Redis、MySQL、Tomcat以及制作镜像
redis·nginx·docker