一、手动构建Docker镜像
| 容器不会继承镜像中的/etc/hosts文件内容; |
校正容器时区:/bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
1.Docker单服务镜像
本例示范制作基于CentOS 6的Nginx服务镜像
step 1 启动纯净的Linux发行版容器
| docker run -it -p 宿主机端口:容器端口 镜像名称:版本 初始命令 |
[root@docker01 ~]# docker run -p 80:80 -it centos:6.9 /bin/bash
[root@6cf6bca9da7e /]# cat /etc/redhat-release
CentOS release 6.9 (Final)
[root@6cf6bca9da7e /]# curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-6.repo
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 2523 100 2523 0 0 6125 0 --:--:-- --:--:-- --:--:-- 37656
[root@6cf6bca9da7e /]# yum install -y wget
Loaded plugins: fastestmirror, ovl
Setting up Install Process
......
Installed:
wget.x86_64 0:1.12-10.el6
Complete!
[root@6cf6bca9da7e /]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
100%[=========================================================================>] 664 --.-K/s in 0s
2020-06-02 02:08:21 (173 MB/s) - `/etc/yum.repos.d/epel.repo' saved [664/664]step 2 安装应用服务
| yum install -y nginx |
[root@6cf6bca9da7e /]# cat /etc/yum.repos.d/nginx.repo
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=0
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
[root@6cf6bca9da7e /]# yum install -y nginx
Loaded plugins: fastestmirror, ovl
Setting up Install Process
Determining fastest mirrors
......
Complete!
[root@6cf6bca9da7e /]# exit
exit#测试
[root@6cf6bca9da7e /]# service nginx start
Starting nginx: [ OK ]
[root@6cf6bca9da7e /]# curl -I 127.0.0.1
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 02 Jun 2020 02:16:14 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 21 Apr 2020 15:07:42 GMT
Connection: keep-alive
ETag: "5e9f0c3e-264"
Accept-Ranges: bytesstep 3 将容器提交为镜像
| docker container commit 容器ID 镜像名称:版本 |
[root@docker01 ~]# docker container commit 6cf6bca9da7e nginx_on_centos6.9:v1
sha256:3423707d689f16814a103cb1fea968a9b352525689dd50aa75968d93bc6123c5
[root@docker01 ~]# docker images| head -3
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx_on_centos6.9 v1 3423707d689f 52 seconds ago 368MB
nginx latest 540a289bab6c 7 months ago 126MBstep 4 测试镜像功能
| docker run -p 宿主机端口:容器端口 镜像名称:版本 初始命令 |
[root@docker01 ~]# docker run -d -p 81:80 nginx_on_centos6.9:v1 nginx -g 'daemon off;'
c7a3094c5e11d6bf560cbfc11ef215d822a46e3c860817949c01d8fde422b633
[root@docker01 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c7a3094c5e11 nginx_on_centos6.9:v1 "nginx -g 'daemon of…" 3 seconds ago Up 2 seconds 0.0.0.0:81->80/tcp goofy_colden
6cf6bca9da7e centos:6.9 "/bin/bash" About an hour ago Exited (0) 14 minutes ago relaxed_easley#测试
[root@docker01 ~]# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 7176/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 7277/master
tcp6 0 0 :::81 :::* LISTEN 14802/docker-proxy
tcp6 0 0 :::22 :::* LISTEN 7176/sshd
tcp6 0 0 ::1:25 :::* LISTEN 7277/master
[root@docker01 ~]# curl -I 127.0.0.1:81
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 02 Jun 2020 03:25:45 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 21 Apr 2020 15:07:42 GMT
Connection: keep-alive
ETag: "5e9f0c3e-264"
Accept-Ranges: bytes2.Docker多服务镜像
本例示范制作基于CentOS 6的KOD网盘镜像
|
可道云Explorer 文件提取码:rl1q 官网发布的新版可道云Box需要依赖数据库,因此我们借助旧版。 |
step 1 启动基于Cent OS 6系统的Nginx服务镜像
| docker run -it -p 宿主机端口:容器端口 镜像名称:版本 初始命令 |
[root@docker01 ~]# docker run -it -p 80:80 nginx_on_centos6.9:v1 /bin/bashstep 2 安装和配置应用服务
| yum install -y php-fpm php-gd php-mbstring |
[root@4df34e8f468e /]# yum install -y php-fpm php-gd php-mbstring
Loaded plugins: fastestmirror, ovl
Setting up Install Process
......
Dependency Installed:
freetype.x86_64 0:2.3.11-19.el6_10 libX11.x86_64 0:1.6.4-3.el6 libX11-common.noarch 0:1.6.4-3.el6
libXau.x86_64 0:1.0.6-4.el6 libXpm.x86_64 0:3.5.10-2.el6 libjpeg-turbo.x86_64 0:1.2.1-3.el6_5
libpng.x86_64 2:1.2.49-2.el6_7 libxcb.x86_64 0:1.12-4.el6 php-common.x86_64 0:5.3.3-50.el6_10
Complete![root@4df34e8f468e /]# awk '/^user/' /etc/nginx/nginx.conf
user nginx;
[root@4df34e8f468e /]# grep nginx /etc/php-fpm.d/www.conf
user = nginx
group = nginx
[root@4df34e8f468e /]# service php-fpm start
Starting php-fpm: [ OK ]
[root@4df34e8f468e /]# cd /etc/nginx/conf.d/
[root@4df34e8f468e conf.d]# cat default.conf
server {
listen 80;
server_name localhost;
root /usr/share/nginx/html;
location / {
index index.php index.html index.htm;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
[root@4df34e8f468e /]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@4df34e8f468e /]# cd /usr/share/nginx/html/
[root@4df34e8f468e html]# rm -rf ./*
[root@4df34e8f468e html]# ll
total 0
[root@4df34e8f468e html]# yum install -y unzip lrzsz
Loaded plugins: fastestmirror, ovl
......
Installed:
lrzsz.x86_64 0:0.12.20-27.1.el6
Complete![root@4df34e8f468e html]# rz -E
rz waiting to receive.
[root@4df34e8f468e html]# ls
kodexplorer4.40.zip
[root@4df34e8f468e html]# unzip kodexplorer4.40.zip
Archive: kodexplorer4.40.zip
creating: app/
creating: app/core/
......
creating: data/session/
inflating: data/session/index.html
[root@4df34e8f468e html]# ls
app ChangeLog.md config data index.php kodexplorer4.40.zip plugins README.MD static
[root@4df34e8f468e html]# chown -R nginx. .
[root@4df34e8f468e html]# ll
total 13676
drwxr-xr-x 10 nginx nginx 115 Mar 21 2019 app
-rw-r--r-- 1 nginx nginx 91248 Mar 21 2019 ChangeLog.md
drwxr-xr-x 3 nginx nginx 74 Mar 21 2019 config
drwxr-xr-x 7 nginx nginx 72 Mar 21 2019 data
-rw-r--r-- 1 nginx nginx 118 Mar 21 2019 index.php
-rw-r--r-- 1 nginx nginx 13894810 Dec 14 10:44 kodexplorer4.40.zip
drwxr-xr-x 15 nginx nginx 218 Mar 21 2019 plugins
-rw-r--r-- 1 nginx nginx 7718 Mar 21 2019 README.MD
drwxr-xr-x 6 nginx nginx 57 Mar 21 2019 static
[root@4df34e8f468e html]# nginx
[root@4df34e8f468e html]# netstat -lntup
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 59/php-fpm
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 99/nginx #php-fpm 前台启动命令
[root@docker02 ~]# systemctl cat php-fpm | awk '/^ExecStart/'
ExecStart=/usr/sbin/php-fpm --nodaemonize默认管理员账户名称:admin
step 3 编写多服务启动脚本
[root@4df34e8f468e html]# cd /
[root@4df34e8f468e /]# cat init.sh
#!/bin/bash
nginx
/usr/sbin/php-fpm --nodaemonizestep 4 将容器提交为镜像
| docker container commit 容器ID 镜像名称:版本 |
[root@docker01 ~]# docker commit 4df34e8f468e kod:v1
sha256:ca527ddfca58d456c4fd0f630d862338c3ab9b166e1dc6206daa208b55687412
[root@docker01 ~]# docker images |head -3
REPOSITORY TAG IMAGE ID CREATED SIZE
kod v1 ca527ddfca58 19 seconds ago 558MB
nginx_on_centos6.9 v1 3423707d689f 7 hours ago 368MBstep 5 测试镜像功能
| docker run -it -p 宿主机端口:容器端口 镜像名称:版本 /bin/bash 脚本 |
[root@docker01 ~]# docker run -d -p 83:80 kod:v1 /bin/bash /init.sh
1a8d09d9e865ba5d1013c463c0ab5244619c86acc1d87f56f2b86ae92baca2a7
[root@docker01 ~]# docker ps -al
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1a8d09d9e865 kod:v1 "/bin/bash /init.sh" 26 seconds ago Up 23 seconds 0.0.0.0:83->80/tcp sharp_haibt
3. Cent OS 7镜像应用
|
CentOS 7的镜像中,默认没有启动D-BUS服务,无法使用systemctl管理服务; 因此在CentOS 7镜像中,所有服务均需手工启动。 |
step 1 启动Cent OS 7系统镜像
| docker run -it centos:7 |
[root@docker01 ~]# docker run -it centos:7
[root@ff1a65bf18ee /]# cat /etc/redhat-release
CentOS Linux release 7.6.1810 (Core)
[root@ff1a65bf18ee /]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 2523 100 2523 0 0 24731 0 --:--:-- --:--:-- --:--:-- 24980
[root@ff1a65bf18ee /]# curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 664 100 664 0 0 6681 0 --:--:-- --:--:-- --:--:-- 6640step 2 安装和配置应用服务
以Nginx服务和SSH服务为例
| yum install -y nginx openssh-server |
#Nginx
[root@ff1a65bf18ee /]# cat /etc/yum.repos.d/nginx.repo
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=0
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
[root@ff1a65bf18ee /]# yum install -y nginx
Loaded plugins: fastestmirror, ovl
......
Complete!#sshd
[root@ff1a65bf18ee /]# yum install -y openssh-server
Loaded plugins: fastestmirror, ovl
......
Complete!
[root@ff1a65bf18ee /]# systemctl cat sshd
# /usr/lib/systemd/system/sshd.service
[Unit]
Description=OpenSSH server daemon
......
Wants=sshd-keygen.service #生成密钥对服务
[Service]
Type=notify
EnvironmentFile=/etc/sysconfig/sshd
ExecStart=/usr/sbin/sshd -D $OPTIONS #sshd服务启动命令
ExecReload=/bin/kill -HUP $MAINPID
......
[Install]
WantedBy=multi-user.target
[root@ff1a65bf18ee /]# systemctl cat sshd-keygen
# /usr/lib/systemd/system/sshd-keygen.service
[Unit]
Description=OpenSSH Server Key Generation
......
[Service]
ExecStart=/usr/sbin/sshd-keygen
Type=oneshot
RemainAfterExit=yes
[root@ff1a65bf18ee /]# /usr/sbin/sshd-keygen
/usr/sbin/sshd-keygen: line 10: /etc/rc.d/init.d/functions: No such file or directory
Generating SSH2 RSA host key: /usr/sbin/sshd-keygen: line 63: success: command not found
Generating SSH2 ECDSA host key: /usr/sbin/sshd-keygen: line 105: success: command not found
Generating SSH2 ED25519 host key: /usr/sbin/sshd-keygen: line 126: success: command not found
[root@ff1a65bf18ee /]# ls /etc/ssh
moduli sshd_config[root@docker02 ~]# rpm -qf /etc/rc.d/init.d/functions
initscripts-9.49.46-1.el7.x86_64[root@ff1a65bf18ee /]# yum install -y initscripts
Loaded plugins: fastestmirror, ovl
......
Complete!
[root@ff1a65bf18ee /]# /usr/sbin/sshd-keygen
[root@ff1a65bf18ee /]# ls /etc/ssh
moduli ssh_host_ecdsa_key.pub ssh_host_ed25519_key.pub ssh_host_rsa_key.pub
ssh_host_ecdsa_key ssh_host_ed25519_key ssh_host_rsa_key sshd_config
[root@ff1a65bf18ee /]# echo '123456' | passwd --stdin root
Changing password for user root.
passwd: all authentication tokens updated successfully.
[root@ff1a65bf18ee /]# ip a show eth0
5: eth0@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@ff1a65bf18ee /]# /usr/sbin/sshd -D
[root@docker01 ~]# ssh root@172.17.0.2
The authenticity of host '172.17.0.2 (172.17.0.2)' can't be established.
ECDSA key fingerprint is SHA256:/08hPScWkY7eOmltDn89R/sjNVEgNr69+ZJhqk1jpPg.
ECDSA key fingerprint is MD5:8a:d8:58:7c:f3:97:b6:74:ae:75:6a:07:4e:e6:07:a2.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.17.0.2' (ECDSA) to the list of known hosts.
root@172.17.0.2's password:
[root@ff1a65bf18ee ~]# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 01:40 pts/0 00:00:00 /bin/bash
root 235 1 0 02:55 pts/0 00:00:00 /usr/sbin/sshd -D
root 236 235 0 02:56 ? 00:00:00 sshd: root@pts/1
root 238 236 0 02:56 pts/1 00:00:00 -bash
root 251 238 0 02:57 pts/1 00:00:00 ps -efstep 3 编写多服务启动脚本
[root@ff1a65bf18ee ~]# cat /init.sh
#!/bin/bash
/usr/sbin/sshd
nginx -g 'daemon off;'step 4 将容器提交为镜像
| docker commit 容器ID 镜像名称:版本 |
[root@docker01 ~]# docker commit ff1a65bf18ee nginx_on_centos7:v1
sha256:e39b909410c612a96b7b2e6a3bd4ad4faa433b0424c72171ab3db5962f345916
[root@docker01 ~]# docker images | head -2
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx_on_centos7 v1 e39b909410c6 13 seconds ago 324MBstep 5 测试镜像功能
| docker run -p 宿主机端口1:容器端口1 -p 宿主机端口2:容器端口2 镜像名称:版本 /bin/bash 脚本 |
[root@docker01 ~]# docker run -d -p 8080:80 -p 2222:22 nginx_on_centos7:v1 /bin/bash /init.sh
a925351dce6110de8b64de7ef1179f74357fd98c1d2c3e621f88228c19028f64
[root@docker01 ~]# docker ps -al
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a925351dce61 nginx_on_centos7:v1 "/bin/bash /init.sh" 2 seconds ago Up 2 seconds 0.0.0.0:2222->22/tcp, 0.0.0.0:8080->80/tcp bold_wing#测试ssh服务
[D:\~]$ ssh root@10.0.0.110:2222
Connecting to 10.0.0.110:2222...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.
WARNING! The remote SSH server rejected X11 forwarding request.
Last login: Wed Jun 3 02:56:13 2020 from gateway
[root@a925351dce61 ~]# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 03:38 ? 00:00:00 /bin/bash /init.sh
root 7 1 0 03:38 ? 00:00:00 /usr/sbin/sshd
root 8 1 0 03:38 ? 00:00:00 nginx: master process nginx -g daemon off;
nginx 9 8 0 03:38 ? 00:00:00 nginx: worker process
root 10 7 0 03:39 ? 00:00:00 sshd: root@pts/0
root 12 10 0 03:39 pts/0 00:00:00 -bash
root 27 12 0 03:39 pts/0 00:00:00 ps -ef#测试nginx服务
[root@docker02 ~]# curl 10.0.0.110:8080 -I
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Wed, 03 Jun 2020 03:42:24 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 21 Apr 2020 15:07:31 GMT
Connection: keep-alive
ETag: "5e9f0c33-264"
Accept-Ranges: bytes二、DockerFile自动构建镜像
| 自动构建镜像,DockerFile文件名称必须为dockerfile,否则不能被识别。 |
1.构建思路
-
手动构建Docker镜像,记录历史命令
-
根据历史命令,编写dockerfile文件
-
构建docker镜像
-
测试镜像
2.常用指令
- FROM 指定基础镜像
| FROM是必要指令;所有DockerFile文件第一条指令必须是FROM; |
|
FROM 镜像名称:版本 FROM scratch #指定空镜像 |
FROM centos:7- RUN 指定执行命令(制作镜像过程中需要执行的命令)
RUN指定的命令必须是非交互式命令
| RUN 命令 |
RUN yum install -y nginx openssh-server initscripts php-fpm php-gd php-mbstring unzip- ADD 将DockerFile目录下的指定文件拷贝到镜像中的指定目录
ADD指令会自动解压tar包,且仅能解压tar包
| ADD 文件 /目录/文件 |
ADD kodexplorer4.40.zip /usr/share/nginx/html/kodexplorer4.40.zip- COPY 将DockerFile目录下的指定文件拷贝到镜像中的指定目录
COPY指令不会自动解压tar包
| COPY 文件 /目录/文件 |
COPY nginx.repo /etc/yum.repos.d/nginx.repo- WORKDIR 指定镜像默认工作 目录
| WORKDIR 目录 |
WORKDIR /usr/share/nginx/html/- ENV
| ENV 变量名 变量值 |
- EXPOSE 指定所需暴漏的端口
| EXPOSE 端口 |
EXPOSE 80- CMD 指定镜像启动的初始命令
初始镜像必须具有CMD指令,CMD指令可以被手动指定的初始命令替换
| CMD ["指令","参数1","参数2"......] |
CMD ["nginx","-g","daemon off;"]- ENTRYPOINT
ENTRYPOINT指令不可被手动指定初始命令替换,手动指定的初始命令会被自动替换为指定初始命令的参数
| ENTRYPOINT ["指令","参数1","参数2"......] |
ENTRYPOINT ["/bin/bash","/init.sh"]利用DockerFile构建多服务镜像(KOD+SSH)
FROM centos:7
RUN curl -so /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
RUN curl -so /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
COPY nginx.repo /etc/yum.repos.d/nginx.repo
RUN yum install -y nginx openssh-server initscripts php-fpm php-gd php-mbstring unzip
COPY www.conf /etc/php-fpm.d/www.conf
ADD default.conf /etc/nginx/conf.d/default.conf
ADD kodexplorer4.40.zip /usr/share/nginx/html/kodexplorer4.40.zip
WORKDIR /usr/share/nginx/html/
RUN unzip ./kodexplorer4.40.zip
RUN rm -f kodexplorer4.40.zip
RUN chown -R nginx: .
RUN /usr/sbin/sshd-keygen
ADD init.sh /init.sh
EXPOSE 80
EXPOSE 22
ENTRYPOINT ["/bin/bash","/init.sh"][root@docker01 ~]# cd DockerFile/kod+ssh_on_centos7/
[root@docker01 ~/DockerFile/kod+ssh_on_centos7]# ls
dockerfile init.sh kodexplorer4.40.zip nginx.repo
[root@docker01 ~/DockerFile/kod+ssh_on_centos7]# docker run -d kod:v1
db659bcef9423090ef50fcea8f3d4d2b569e2be27aff19d6bfa26cb59c93551d
[root@docker01 ~/DockerFile/kod+ssh_on_centos7]# docker ps -al
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
db659bcef942 kod:v1 "/bin/bash" 10 seconds ago Exited (0) 8 seconds ago intelligent_raman
[root@docker01 ~/DockerFile/kod+ssh_on_centos7]# docker cp db659bcef942:/etc/nginx/conf.d/default.conf .
[root@docker01 ~/DockerFile/kod+ssh_on_centos7]# docker cp db659bcef942:/etc/php-fpm.d/www.conf .
[root@docker01 ~/DockerFile/kod+ssh_on_centos7]# ls
default.conf dockerfile init.sh kodexplorer4.40.zip nginx.repo www.conf[root@docker01 ~/DockerFile/kod+ssh_on_centos7]# cat init.sh
#!/bin/bash
if [ -z $SSH_Passwd ];then
SSH_Passwd=$1
fi
echo $SSH_Passwd |passwd --stdin root
/usr/sbin/php-fpm --daemonize
nginx
/usr/sbin/sshd -D
[root@docker01 ~/DockerFile/kod+ssh_on_centos7]# docker build -t kod:v7.1 .
Sending build context to Docker daemon 13.91MB
Step 1/17 : FROM centos:7
......
Successfully built 93d1d4b2723a
Successfully tagged kod:v7.1
[root@docker01 ~/DockerFile/kod+ssh_on_centos7]# docker images |head -2
REPOSITORY TAG IMAGE ID CREATED SIZE
kod v7.1 93d1d4b2723a About a minute ago 455MB
[root@docker01 ~/DockerFile/kod+ssh_on_centos7]# docker run -d --env "SSH_Passwd=123456" -P kod:v7.1
6f89359f826bc90969df90b4c4695109d7f459d4352b44534f5691837794e54c
[root@docker01 ~/DockerFile/kod+ssh_on_centos7]# docker ps -al
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6f89359f826b kod:v7.1 "/bin/bash /init.sh" 6 seconds ago Up 5 seconds 0.0.0.0:32769->22/tcp, 0.0.0.0:32768->80/tcp laughing_zhukovsky#测试
[root@docker01 ~/DockerFile/kod+ssh_on_centos7]# curl -I 127.0.0.1:32768
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.18.0
Date: Fri, 05 Jun 2020 01:08:57 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Set-Cookie: KOD_SESSION_ID_bdc5e=bsgp2sghfpekau0hdm9o5dd6a6; path=/
Set-Cookie: KOD_SESSION_ID_bdc5e=bsgp2sghfpekau0hdm9o5dd6a6; path=/
Set-Cookie: KOD_SESSION_ID_bdc5e=bsgp2sghfpekau0hdm9o5dd6a6; path=/
Set-Cookie: KOD_SESSION_SSO=h5uketu3qt1ljcp12uqfuvkot1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: KOD_SESSION_ID_bdc5e=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Set-Cookie: kod_name=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT
Set-Cookie: kodToken=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT
Set-Cookie: X-CSRF-TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT
Location: ./index.php?user/login
[root@docker01 ~/DockerFile/kod+ssh_on_centos7]# ssh root@10.0.0.110 -p 32769
The authenticity of host '[10.0.0.110]:32769 ([10.0.0.110]:32769)' can't be established.
ECDSA key fingerprint is SHA256:3M3MgE8oSGJNnLAMn/iG3UBhaUab/TXVryM5QpczIy0.
ECDSA key fingerprint is MD5:92:43:c2:3d:c3:6b:83:2a:d0:35:0e:77:16:2d:77:8c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[10.0.0.110]:32769' (ECDSA) to the list of known hosts.
root@10.0.0.110's password:
[root@6f89359f826b ~]# cat /etc/os-release
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"
CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"| 若CMD指令和ENTRYPOINT指令同时使用,则CMD指令指定的初始命令将会成为ENTRYPOINT指令初始命令的参数。 |
利用DockerFile构建系镜像
# 获取系统包
[root@docker01 ~]# mkdir ./DockerFile/alpine
[root@docker01 ~]# cd DockerFile/alpine/
[root@docker01 ~/DockerFile/alpine]# mkdir rootfs && cd rootfs
[root@docker01 ~/DockerFile/alpine/rootfs]# wget https://mirrors.tuna.tsinghua.edu.cn/lxc-images/images/alpine/3.11/amd64/default/20200530_13%3A00/rootfs.tar.xz
......
2020-06-04 11:10:32 (507 KB/s) - ‘rootfs.tar.xz’ saved [2466216/2466216]
[root@docker01 ~/DockerFile/alpine/rootfs]# ls
rootfs.tar.xz
[root@docker01 ~/DockerFile/alpine/rootfs]# tar xf rootfs.tar.xz
[root@docker01 ~/DockerFile/alpine/rootfs]# rm -f rootfs.tar.xz
[root@docker01 ~/DockerFile/alpine/rootfs]# ls
bin etc lib mnt proc run srv tmp var
dev home media opt root sbin sys usr
[root@docker01 ~/DockerFile/alpine/rootfs]# tar zcf ../rootfs.tar.gz .
[root@docker01 ~/DockerFile/alpine/rootfs]# ls ../
rootfs rootfs.tar.gz
[root@docker01 ~/DockerFile/alpine/rootfs]# tar tf ../rootfs.tar.gz
......
./sbin/inotifyd
./mnt/# 编写DokcerFile文件
[root@docker01 ~/DockerFile/alpine/rootfs]# cd ..
[root@docker01 ~/DockerFile/alpine]# vim dockerfile
FROM scratch
ADD rootfs.tar.gz /
CMD ["/bin/sh"]# 构建镜像
[root@docker01 ~/DockerFile/alpine]# docker build -t alpine:3.11 .
Sending build context to Docker daemon 11.44MB
......
Successfully built db1315fd0fe5
Successfully tagged alpine:3.11
[root@docker01 ~/DockerFile/alpine]# docker images | head -2
REPOSITORY TAG IMAGE ID CREATED SIZE
alpine 3.11 db1315fd0fe5 24 seconds ago 7.77MB
[root@docker01 ~/DockerFile/alpine]# docker run -it alpine:3.11
/ # cat /etc/os-release
NAME="Alpine Linux"
ID=alpine
VERSION_ID=3.11.0
PRETTY_NAME="Alpine Linux v3.11"
HOME_URL="https://alpinelinux.org/"
BUG_REPORT_URL="https://bugs.alpinelinux.org/"2.制作镜像
|
docker image bulid dockerfile文件目录 docker bulid dockerfile文件目录
-t 名称 #指定镜像名称
|
[root@docker01 ~/DockerFile/kod+ssh_on_centos7]# docker build -t kod:v7.1 .
[root@docker01 ~/DockerFile/kod+ssh_on_centos7]# docker images |head -2
REPOSITORY TAG IMAGE ID CREATED SIZE
kod v7.1 93d1d4b2723a About a minute ago 455MB3. 镜像分层
| 镜像分层的核心优势:镜像复用,节省磁盘空间。 |
查看镜像文件变化
| docker image history 镜像名称:镜像版本 |
[root@docker01 ~/DockerFile/kod+ssh_on_centos7]# docker image history nginx_on_centos6.9:v2
IMAGE CREATED CREATED BY SIZE COMMENT
0381e31c2096 44 hours ago /bin/sh -c #(nop) CMD ["nginx" "-g" "daemon… 0B
1feab85282c1 44 hours ago /bin/sh -c yum install -y nginx 265MB
fdf68dcaeeaa 44 hours ago /bin/sh -c curl -o /etc/yum.repos.d/epel.rep… 664B
81654132e8df 44 hours ago /bin/sh -c curl -o /etc/yum.repos.d/CentOS-B… 2.52kB
adf829198a7f 22 months ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B
<missing> 22 months ago /bin/sh -c #(nop) LABEL name=CentOS Base Im… 0B
<missing> 22 months ago /bin/sh -c #(nop) ADD file:b99efdfca7b4df4ef… 195MB
[root@docker01 ~]#docker save nginx_on_centos6.9:v2 -o nginx_on_centos6.9.tar.gz
[root@docker01 ~]# scp nginx_on_centos6.9.tar.gz 10.0.0.120:/root
root@10.0.0.120's password:
nginx_on_centos6.9.tar.gz 100% 449MB 24.1MB/s 00:18 [root@docker02 ~]# ls
anaconda-ks.cfg docker_centos6.9.tar.gz nginx_on_centos6.9.tar.gz
[root@docker02 ~]# docker load -i docker_centos6.9.tar.gz
b5e11aae8a8e: Loading layer 202.9MB/202.9MB
Loaded image: centos:6.9
[root@docker02 ~]# docker load -i docker_centos6.9.tar.gz
b5e11aae8a8e: Loading layer 202.9MB/202.9MB
Loaded image: centos:6.9
[root@docker02 ~]# docker load -i nginx_on_centos6.9.tar.gz
d85daa6e2b9e: Loading layer 5.12kB/5.12kB
446b33ce2525: Loading layer 3.584kB/3.584kB
a31c1b65112f: Loading layer 267.8MB/267.8MB
Loaded image: nginx_on_centos6.9:v2[root@docker02 ~]# docker rmi nginx_on_centos6.9:v2
Untagged: nginx_on_centos6.9:v2
Deleted: sha256:0381e31c20960e61eb86ca7dfa0a12857e51b34324603dbeb353ea2ef8bc3036
Deleted: sha256:3f4ab41b2a6ca2ed4d5a46e377a33ec35afa646668e53bc9387672d4774dcae6
Deleted: sha256:e76cb2b290f208a23a60b7badfc13ec155a6a7a4059b526287c9e51d6fb4a34e
Deleted: sha256:6738fdcef4aef9a0d86f0e7d70dd5fed33d034ef1685eeb517d578d26129a02b
[root@docker02 ~]# docker rmi centos:6.9
Untagged: centos:6.9
Deleted: sha256:adf829198a7f556a2e4ef8982248e75294f246b999b10fee2ffaf00980f6e557
Deleted: sha256:b5e11aae8a8e8fab750bd384393aafa379e21c57c398f5dd4980cd01fcf55b9e
[root@docker02 ~]# docker load -i nginx_on_centos6.9.tar.gz
b5e11aae8a8e: Loading layer 202.9MB/202.9MB
d85daa6e2b9e: Loading layer 5.12kB/5.12kB
446b33ce2525: Loading layer 3.584kB/3.584kB
a31c1b65112f: Loading layer 267.8MB/267.8MB
Loaded image: nginx_on_centos6.9:v24.DockerFile的优化
-
选用轻量级镜像
-
清理无用缓存文件
-
尽可能将DockerFile的变化置于Dockerfile文件末尾
-
使用.dockerignore文件排除不相关文件
使用DockerFile构建镜像时,默认加载Dockerfile目录所有文件,使用该文件,可以避免在构建镜像时加载无用文件
#基于alpine镜像安装nginx-手动构建
[root@docker01 ~]# docker run -it alpine:3.11
/ # sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories
/ # apk update
fetch http://mirrors.tuna.tsinghua.edu.cn/alpine/v3.11/main/x86_64/APKINDEX.tar.gz
fetch http://mirrors.tuna.tsinghua.edu.cn/alpine/v3.11/community/x86_64/APKINDEX.tar.gz
v3.11.6-74-g271cc04541 [http://mirrors.tuna.tsinghua.edu.cn/alpine/v3.11/main]
v3.11.6-68-gf6abc2afac [http://mirrors.tuna.tsinghua.edu.cn/alpine/v3.11/community]
OK: 11271 distinct packages available
/ # apk add nginx
(1/2) Installing pcre (8.43-r0)
(2/2) Installing nginx (1.16.1-r6)
Executing nginx-1.16.1-r6.pre-install
Executing busybox-1.31.1-r9.trigger
OK: 10 MiB in 21 packages
/ # grep -Ev '^$|#' /etc/nginx/nginx.conf | tail -2
include /etc/nginx/conf.d/*.conf;
}
/ # ls /etc/nginx/conf.d/
default.conf
/ # grep -Ev '^$|#' /etc/nginx/conf.d/default.conf
server {
listen 80 default_server;
listen [::]:80 default_server;
location / {
root /html;
index index.html index.htm;
}
location = /404.html {
internal;
}
}
/ # nginx
/ # nginx: [emerg] open() "/run/nginx/nginx.pid" failed (2: No such file or directory)
/ # mkdir /run/nginx
/ # mkdir /html
/ # echo "www.aspenhan.com" >/html/index.html
/ # ls /html/
index.html
/ # nginx
/ # [root@docker01 ~]# docker commit 82ba59041bb5 nginx:a3.11-1
sha256:9407afc192ba7edcb9576a5f8e68b057e6db7b59e33b8b2aeb93f9a68ae0e2d1
[root@docker01 ~]# docker images nginx
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx a3.11-1 9407afc192ba 9 seconds ago 10.8MB
nginx latest 540a289bab6c 7 months ago 126MB
[root@docker01 ~]# docker images nginx_on_centos6.9
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx_on_centos6.9 v2 0381e31c2096 6 days ago 460MB
nginx_on_centos6.9 v1 3423707d689f 8 days ago 368MB
[root@docker01 ~]# docker run -d -p :80 nginx:a3.11-1 nginx -g "daemon off;"
7d2fbd90414b340adb77d2a1b0b56744048618e12f8522e06ff409009e2bb638
[root@docker01 ~]# docker ps -al
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7d2fbd90414b nginx:a3.11-1 "nginx -g 'daemon of…" 6 seconds ago Up 4 seconds 0.0.0.0:32768->80/tcp inspiring_ritchie
[root@docker01 ~]# curl 127.0.0.1:32768
www.aspenhan.com #基于alpine镜像安装nginx-自动构建
[root@docker01 ~/DockerFile]# mkdir nginx_on_alpine
[root@docker01 ~/DockerFile]# cd nginx_on_alpine/
[root@docker01 ~/DockerFile/nginx_on_alpine]# cat dockerfile
FROM alpine:3.11
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories
RUN apk update
RUN apk add nginx
RUN mkdir /run/nginx
RUN mkdir /html
RUN echo "www.aspenhan.com/645.html" >/html/index.html
ADD default.conf /etc/nginx/conf.d/default.conf
EXPOSE 80
ENTRYPOINT ["nginx","-g","daemon off;"]
[root@docker01 ~/DockerFile/nginx_on_alpine]# docker cp 7d2fbd90414b:/etc/nginx/conf.d/default.conf .
[root@docker01 ~/DockerFile/nginx_on_alpine]# ls
default.conf dockerfile
[root@docker01 ~/DockerFile/nginx_on_alpine]# docker build -t nginx:a3.11-2 .
Sending build context to Docker daemon 3.072kB
Step 1/10 : FROM alpine:3.11
......
Successfully built a547f59d17a3
Successfully tagged nginx:a3.11-2
[root@docker01 ~/DockerFile/nginx_on_alpine]# docker run -d -P nginx:a3.11-2
23df1d630c9cabe43d2df1f21a5efb43957cdb7b1577ddafe65094d42863b5dd
[root@docker01 ~/DockerFile/nginx_on_alpine]# docker ps -al
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
23df1d630c9c nginx:a3.11-2 "nginx -g 'daemon of…" 5 seconds ago Up 4 seconds 0.0.0.0:32770->80/tcp wonderful_wiles
[root@docker01 ~/DockerFile/nginx_on_alpine]# curl 127.0.0.1:32770
www.aspenhan.com/645.html