Docke--Dockerfile实践

Posted yanjieli

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Docke--Dockerfile实践相关的知识,希望对你有一定的参考价值。

Dockerfile 实践 nginx镜像构建

先查看下本地的镜像,选取官网的centos作为base image:

[[email protected] ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
centos              latest              1e1148e4cc2c        5 weeks ago         202MB

创建一个目录用于专门存放此demo的目录,也就是Dockerfile所在的目录

[[email protected] ~]# mkdir myNginx
[[email protected] ~]# cd myNginx/
[[email protected] myNginx]# touch Dockerfile
[[email protected] myNginx]# ll
总用量 0
-rw-r--r-- 1 root root 0 1月  10 17:34 Dockerfile

下面开始编写Dockerfile 文件,(注意Dockerfile的D需要大写)

v1版:

[[email protected] myNginx]# cat Dockerfile
# 指定基础镜像
FROM centos

# MAINTAINER
MAINTAINER 381347268@qq.com

# 安装基础工具包
RUN yum -y install wget gcc gcc-c++ glibc make autoconf openssl openssl-devel libxml2 libxml2-dev libxslt-devel gd-devel GeoIP GeoIP-devel GeoIP-data

# 下载nginx
ADD http://nginx.org/download/nginx-1.12.2.tar.gz /opt/nginx/

# 解压nginx 并创建用户
RUN tar -xvzf /opt/nginx/nginx-1.12.2.tar.gz -C /usr/local/src/     && useradd -M -s /sbin/nologin nginx

# 更改工作目录
WORKDIR /usr/local/src/nginx-1.12.2

# 编译安装nginx
RUN ./configure --user=nginx --group=nginx --prefix=/usr/local/nginx --with-file-aio --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module --with-http_image_filter_module --with-http_geoip_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_auth_request_module --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_stub_status_module && make && make install

# 删除多余安装包 
RUN rm -rf /opt/nginx/nginx-1.12.2.tar.gz

# 设置环境变量
ENV PATH=/usr/local/nginx/sbin:$PATH

# 设置端口
EXPOSE 80

执行docker build 进行构建:

[[email protected] myNginx]# ll
总用量 4
-rw-r--r-- 1 root root 1268 1月  10 17:40 Dockerfile
[[email protected] myNginx]# docker build -t centos_nginx:v1 .

此处构建有点慢,因为需要安装编译nginx需要用到的软件,及下载nginx;后面的.代表的是相对路径的当前目录,如果需要全路径则为/root/myNginx(就是找到Dockerfile文件)

构建成功后,查看新构建的镜像:

[[email protected] myNginx]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED              SIZE
centos_nginx        v1                  13d959cbec2b        About a minute ago   504MB
centos              latest              1e1148e4cc2c        5 weeks ago          202MB

使用v1版本的镜像启动一个容器:

[[email protected] myNginx]# docker run -d -p 80:80 centos_nginx:v1 nginx -g "daemon off;"
961ef4274078b61a56667293ef69ee881fbf4171156c7990c94225eb508a172c

查看容器运行状态:

[[email protected] myNginx]# docker ps 
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                NAMES
961ef4274078        centos_nginx:v1     "nginx -g ‘daemon of…"   39 seconds ago      Up 38 seconds       0.0.0.0:80->80/tcp   mystifying_goldberg

进行访问:

技术分享图片

这样基于Dockerfile的一个简单的实例构建完成,现在基于这个Dockerfile文件依次添加其它指令进行构建

 

添加CMD 指令:

[[email protected] myNginx]# cat Dockerfile 
# 指定基础镜像
FROM centos

# MAINTAINER
MAINTAINER 381347268@qq.com

# 安装基础工具包
RUN yum -y install wget gcc gcc-c++ glibc make autoconf openssl openssl-devel libxml2 libxml2-dev libxslt-devel gd-devel GeoIP GeoIP-devel GeoIP-data

# 下载nginx
ADD http://nginx.org/download/nginx-1.12.2.tar.gz /opt/nginx/

# 解压nginx 并创建用户
RUN tar -xvzf /opt/nginx/nginx-1.12.2.tar.gz -C /usr/local/src/     && useradd -M -s /sbin/nologin nginx

# 更改工作目录
WORKDIR /usr/local/src/nginx-1.12.2

# 编译安装nginx
RUN ./configure --user=nginx --group=nginx --prefix=/usr/local/nginx --with-file-aio --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module --with-http_image_filter_module --with-http_geoip_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_auth_request_module --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_stub_status_module && make && make install

# 删除多余安装包 
RUN rm -rf /opt/nginx/nginx-1.12.2.tar.gz

# 设置环境变量
ENV PATH=/usr/local/nginx/sbin:$PATH

# 设置端口
EXPOSE 80

CMD /bin/sh -c nginx -g "daemon off;"

然后进行构建v2版本:

[[email protected] myNginx]# docker build -t centos_nginx:v2 .
Sending build context to Docker daemon  3.072kB
Step 1/11 : FROM centos
 ---> 1e1148e4cc2c
Step 2/11 : MAINTAINER 381347268@qq.com
 ---> Using cache
 ---> d41475691003
Step 3/11 : RUN yum -y install wget gcc gcc-c++ glibc make autoconf openssl openssl-devel libxml2 libxml2-dev libxslt-devel gd-devel GeoIP GeoIP-devel GeoIP-data
 ---> Using cache
 ---> 7739a6cdd37c
Step 4/11 : ADD http://nginx.org/download/nginx-1.12.2.tar.gz /opt/nginx/
Downloading [==================================================>]  981.7kB/981.7kB
 ---> Using cache
 ---> a58676d797ad
Step 5/11 : RUN tar -xvzf /opt/nginx/nginx-1.12.2.tar.gz -C /usr/local/src/     && useradd -M -s /sbin/nologin nginx
 ---> Using cache
 ---> 7f671453fc20
Step 6/11 : WORKDIR /usr/local/src/nginx-1.12.2
 ---> Using cache
 ---> be296a9725ea
Step 7/11 : RUN ./configure --user=nginx --group=nginx --prefix=/usr/local/nginx --with-file-aio --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module --with-http_image_filter_module --with-http_geoip_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_auth_request_module --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_stub_status_module && make && make install
 ---> Using cache
 ---> fcbc1da221cc
Step 8/11 : RUN rm -rf /opt/nginx/nginx-1.12.2.tar.gz
 ---> Using cache
 ---> 2189ac28a36f
Step 9/11 : ENV PATH=/usr/local/nginx/sbin:$PATH
 ---> Using cache
 ---> 70faf0a90e9f
Step 10/11 : EXPOSE 80
 ---> Using cache
 ---> 13d959cbec2b
Step 11/11 : CMD /bin/sh -c nginx -g "daemon off;"
 ---> Running in d07896b5ba56
Removing intermediate container d07896b5ba56
 ---> 3b71646263d3
Successfully built 3b71646263d3
Successfully tagged centos_nginx:v2

由于在构建的过程中docker 会采用缓存机制,上面构建过程中包含很多using cache,所以这次构件非常快,如果需要重新构建,不想使用cache 需要添加 --no-cache

查看v2版本的镜像:

[[email protected] myNginx]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
centos_nginx        v2                  3b71646263d3        6 minutes ago       504MB

使用v2版本的镜像启动一个容器:

[[email protected] myNginx]# docker run -d -p 81:80 centos_nginx:v2
934ddc6f56a48f59b405c75c19b40ce5156388e34de37c078a56abc7c08a0602

然后查看容器状态:

[[email protected] myNginx]# docker ps -l
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                NAMES
934ddc6f56a4        centos_nginx:v2     "/bin/sh -c ‘/bin/sh…"   43 seconds ago      Up 42 seconds       0.0.0.0:81->80/tcp   pedantic_cocks

进行访问:

技术分享图片

新增加的CMD /bin/sh -c ‘nginx -g "daemon off;"‘ 表示

当启动一个容器时候默认运行的命令,如果在启动容器时赋予了command的话,那么定义的CMD中的命令将不会被执行,而会去执行command的命令

 

添加ENTRYPOINT 指令:

[[email protected] myNginx]# cat Dockerfile 
# 指定基础镜像
FROM centos

# MAINTAINER
MAINTAINER 381347268@qq.com

# 安装基础工具包
RUN yum -y install wget gcc gcc-c++ glibc make autoconf openssl openssl-devel libxml2 libxml2-dev libxslt-devel gd-devel GeoIP GeoIP-devel GeoIP-data

# 下载nginx
ADD http://nginx.org/download/nginx-1.12.2.tar.gz /opt/nginx/

# 解压nginx 并创建用户
RUN tar -xvzf /opt/nginx/nginx-1.12.2.tar.gz -C /usr/local/src/     && useradd -M -s /sbin/nologin nginx

# 更改工作目录
WORKDIR /usr/local/src/nginx-1.12.2

# 编译安装nginx
RUN ./configure --user=nginx --group=nginx --prefix=/usr/local/nginx --with-file-aio --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module --with-http_image_filter_module --with-http_geoip_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_auth_request_module --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_stub_status_module && make && make install

# 删除多余安装包 
RUN rm -rf /opt/nginx/nginx-1.12.2.tar.gz

# 设置环境变量
ENV PATH=/usr/local/nginx/sbin:$PATH

# 设置端口
EXPOSE 80

ENTRYPOINT ["nginx"]

CMD ["-g", "daemon off;"]

当ENTRYPOINT和CMD连用时,CMD的命令是ENTRYPOINT命令的参数,两者连用相当于nginx -g "daemon off;" ;而当一起连用的命令格式最好一致(此处选择的都是json格式)

然后进行构建v3版本:

[[email protected] myNginx]# docker build -t centos_nginx:v3 .

查看v3版本的镜像:

[[email protected] myNginx]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
centos_nginx        v3                  1aeba273c0af        21 seconds ago      504MB

使用v3版本的镜像启动一个容器:

[[email protected] myNginx]# docker run -d -p 82:80 centos_nginx:v3
2932d58ee8969587b04fa0155aadeb4b63a1934962d384624a8d7359725dfad3

然后查看容器状态:

[[email protected] myNginx]# docker ps -l
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                NAMES
2932d58ee896        centos_nginx:v3     "nginx -g ‘daemon of…"   2 minutes ago       Up 2 minutes        0.0.0.0:82->80/tcp   boring_gauss

进行访问:

技术分享图片

 

这里示例一个默认将nginx关闭的示例v3.1版:

[[email protected] myNginx]# cat Dockerfile 
# 指定基础镜像
FROM centos

# MAINTAINER
MAINTAINER 381347268@qq.com

# 安装基础工具包
RUN yum -y install wget gcc gcc-c++ glibc make autoconf openssl openssl-devel libxml2 libxml2-dev libxslt-devel gd-devel GeoIP GeoIP-devel GeoIP-data

# 下载nginx
ADD http://nginx.org/download/nginx-1.12.2.tar.gz /opt/nginx/

# 解压nginx 并创建用户
RUN tar -xvzf /opt/nginx/nginx-1.12.2.tar.gz -C /usr/local/src/     && useradd -M -s /sbin/nologin nginx

# 更改工作目录
WORKDIR /usr/local/src/nginx-1.12.2

# 编译安装nginx
RUN ./configure --user=nginx --group=nginx --prefix=/usr/local/nginx --with-file-aio --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module --with-http_image_filter_module --with-http_geoip_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_auth_request_module --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_stub_status_module && make && make install

# 删除多余安装包 
RUN rm -rf /opt/nginx/nginx-1.12.2.tar.gz

# 设置环境变量
ENV PATH=/usr/local/nginx/sbin:$PATH

# 设置端口
EXPOSE 80

ENTRYPOINT ["nginx"]

CMD ["-g", "daemon on;"]

CMD 的命令修改为了后台,我们知道如果容器内的进程在后台运行那么容器将不会运行,构建v3.1版本:

[[email protected] myNginx]# docker build -t centos_nginx:v3.1 .

查看v3.1版本的镜像:

[[email protected] myNginx]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
centos_nginx        v3.1                ec17ab98a424        12 seconds ago      504MB

使用v3.1版本的镜像启动一个容器,但是在启动的时候添加后面的command:

[[email protected] myNginx]# docker run -d -p 83:80 centos_nginx:v3.1 -g "daemon off;"
0143d4b91ca1f97be31f0427140dfb17bb4ad9530d4a4a19b70c93044f6332c5

可以看见在后面新增了 -g "daemon off;",前面提过如果在启动容器时增加了命令,那么Dockerfile中的CMD中的命令将不会生效

查看容器运行状态:

[[email protected] myNginx]# docker ps -l
CONTAINER ID        IMAGE               COMMAND                  CREATED              STATUS              PORTS                NAMES
0143d4b91ca1        centos_nginx:v3.1   "nginx -g ‘daemon of…"   About a minute ago   Up About a minute   0.0.0.0:83->80/tcp   loving_burnell

可以看见容器的运行丝毫没有问题,于是nginx 的服务依然还是在前台运行,没有被影响,而新增的command (-g "daemon off;")将作为ENTRYPOINT的新的参数以此为准,于是进行访问:

技术分享图片

 

添加VOLUME指令:

[[email protected] myNginx]# cat Dockerfile 
# 指定基础镜像
FROM centos

# MAINTAINER
MAINTAINER 381347268@qq.com

# 安装基础工具包
RUN yum -y install wget gcc gcc-c++ glibc make autoconf openssl openssl-devel libxml2 libxml2-dev libxslt-devel gd-devel GeoIP GeoIP-devel GeoIP-data

# 下载nginx
ADD http://nginx.org/download/nginx-1.12.2.tar.gz /opt/nginx/

# 解压nginx 并创建用户
RUN tar -xvzf /opt/nginx/nginx-1.12.2.tar.gz -C /usr/local/src/     && useradd -M -s /sbin/nologin nginx

# 挂载数据目录
VOLUME ["/usr/local/nginx/html"] 

# 更改工作目录
WORKDIR /usr/local/src/nginx-1.12.2

# 编译安装nginx
RUN ./configure --user=nginx --group=nginx --prefix=/usr/local/nginx --with-file-aio --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module --with-http_image_filter_module --with-http_geoip_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_auth_request_module --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_stub_status_module && make && make install

# 删除多余安装包 
RUN rm -rf /opt/nginx/nginx-1.12.2.tar.gz

# 设置环境变量
ENV PATH=/usr/local/nginx/sbin:$PATH

# 设置端口
EXPOSE 80

ENTRYPOINT ["nginx"]

CMD ["-g"]

然后进行构建v4版本:

[[email protected] myNginx]# docker build -t centos_nginx:v4 .

查看v4版本的镜像:

[[email protected] myNginx]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
centos_nginx        v4                  b142047c1a6e        19 seconds ago      504MB

使用v4版本的镜像启动一个容器:

[[email protected] myNginx]# docker run -d -p 84:80 --name nginx4 centos_nginx:v4 -g "daemon off;"
1d191f9bc49dc01ee2657508eba94ff1d02e5b4304eaf6ed5161e4b9000577ea

然后查看容器状态:

[[email protected] myNginx]# docker ps -l
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                NAMES
1d191f9bc49d        centos_nginx:v4     "nginx -g ‘daemon of…"   36 seconds ago      Up 34 seconds       0.0.0.0:84->80/tcp   nginx4

通过docker inspect 可以看到宿主机上面的挂载目录路径:

[[email protected] ~]# docker inspect nginx4
        "Mounts": [
            {
                "Type": "volume",
                "Name": "5c4b8ec0bf7e4f243ea643af4af559617c89c43933768a1b4b45caef237251bf",
                "Source": "/var/lib/docker/volumes/5c4b8ec0bf7e4f243ea643af4af559617c89c43933768a1b4b45caef237251bf/_data",
                "Destination": "/usr/local/nginx/html",
                "Driver": "local",
                "Mode": "",
                "RW": true,
                "Propagation": ""
            }
        ],

进入到宿主机的挂载目录并且查看目录内的文件:

[[email protected] ~]# cd /var/lib/docker/volumes/5c4b8ec0bf7e4f243ea643af4af559617c89c43933768a1b4b45caef237251bf/_data
[[email protected] _data]# pwd 
/var/lib/docker/volumes/5c4b8ec0bf7e4f243ea643af4af559617c89c43933768a1b4b45caef237251bf/_data
[[email protected] _data]# ll
总用量 8
-rw-r--r-- 1 1001 1001 537 10月 17 2017 50x.html
-rw-r--r-- 1 1001 1001 612 10月 17 2017 index.html

利用docker exec 进入到容器中,查看卷:

[[email protected] myNginx]# docker exec -it nginx4 /bin/bash
[[email protected] nginx-1.12.2]# cd /usr/local/nginx/html/
[[email protected] html]# pwd
/usr/local/nginx/html
[[email protected] html]# ll
total 8
-rw-r--r-- 1 1001 1001 537 Oct 17  2017 50x.html
-rw-r--r-- 1 1001 1001 612 Oct 17  2017 index.html

现在在本地宿主机上的这个目录修改index.html文件内容:

[[email protected] _data]# echo "<h1>Hello Docker.</h1>" > index.html 
[[email protected] _data]# cat index.html
<h1>Hello Docker.</h1>

然后切换到容器中查看这个文件是否发生改变:

[[email protected] html]# cat index.html
<h1>Hello Docker.</h1>

进行访问:

技术分享图片

通过访问发现,在宿主机上面进行了更改,容器内部也发生了变化,这样就动态的实现网站数据动态更改。

 

添加ONBUILD 指令:

  Dockerfile1中base image 为A镜像,并在Dockefile1中定义ONBUILD指令,构建成新的镜像B镜像

  Dockerfile2中base image 为B镜像,构建成新镜像C

  当使用镜像B启动容器1不会执行OBNUILD中定义的内容,而使用C镜像启动的容器2则会执行ONBUILD定义的内容

[[email protected] myNginx]# cat Dockerfile 
# 指定基础镜像
FROM centos

# MAINTAINER
MAINTAINER 381347268@qq.com

# 安装基础工具包
RUN yum -y install wget gcc gcc-c++ glibc make autoconf openssl openssl-devel libxml2 libxml2-dev libxslt-devel gd-devel GeoIP GeoIP-devel GeoIP-data

# 下载nginx
ADD http://nginx.org/download/nginx-1.12.2.tar.gz /opt/nginx/

# 解压nginx 并创建用户
RUN tar -xvzf /opt/nginx/nginx-1.12.2.tar.gz -C /usr/local/src/     && useradd -M -s /sbin/nologin nginx

# 挂载数据目录
ONBUILD VOLUME ["/data"] 

# 更改工作目录
WORKDIR /usr/local/src/nginx-1.12.2

# 编译安装nginx
RUN ./configure --user=nginx --group=nginx --prefix=/usr/local/nginx --with-file-aio --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module --with-http_image_filter_module --with-http_geoip_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_auth_request_module --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_stub_status_module && make && make install

# 删除多余安装包 
RUN rm -rf /opt/nginx/nginx-1.12.2.tar.gz

# 设置环境变量
ENV PATH=/usr/local/nginx/sbin:$PATH

# 设置端口
EXPOSE 80

ENTRYPOINT ["nginx"]

CMD ["-g"]

然后进行构建v5版本:

[[email protected] myNginx]# docker build -t centos_nginx:v5 .

使用v5版本的镜像启动一个容器:

[[email protected] myNginx]# docker run -d -p 85:80 --name nginx5 centos_nginx:v5 -g "daemon off;"
1f3c1672cce45e6f0f4e8d927de017fbe0a16f30858427d5cb3c2ec7f7b55d98

现在进入到nginx5容器内查看是否存在/data:

[[email protected] myNginx]# docker exec -it nginx5 /bin/bash
[[email protected] nginx-1.12.2]# ll /data
ls: cannot access /data: No such file or directory

现在修改上面的Dockerfile的FROM基于的base image:

[[email protected] myNginx]# cat Dockerfile 
# 指定基础镜像
FROM centos_nginx:v5

# MAINTAINER
MAINTAINER 381347268@qq.com

然后进行构建v6版本:

[[email protected] myNginx]# docker build -t centos_nginx:v6 .
Sending build context to Docker daemon  4.096kB
Step 1/2 : FROM centos_nginx:v5
# Executing 1 build trigger
 ---> Running in a34359a1107d
Removing intermediate container a34359a1107d
 ---> b1e2a7e80907
Step 2/2 : MAINTAINER 381347268@qq.com
 ---> Running in 901fa3500f51
Removing intermediate container 901fa3500f51
 ---> a32bd0c300e2
Successfully built a32bd0c300e2
Successfully tagged centos_nginx:v6

使用v6版本的镜像启动一个容器:

[[email protected] myNginx]# docker run -d -p 86:80 --name nginx6 centos_nginx:v6 -g "daemon off;"
f8ccf7ff63f875742ac93b54cc25a629e7df14c8e676e202def1191baf0b3c1f

查看容器状态,并进入容器验证/data/目录:

[[email protected] myNginx]# docker ps -l
CONTAINER ID        IMAGE               COMMAND                  CREATED              STATUS              PORTS                NAMES
f8ccf7ff63f8        centos_nginx:v6     "nginx -g ‘daemon of…"   About a minute ago   Up About a minute   0.0.0.0:86->80/tcp   nginx6
[[email protected] myNginx]# docker exec -it nginx6 /bin/bash
[[email protected] nginx-1.12.2]# ll /data
total 0

由此可见镜像v6包含了v5所有的内容,并且增加了ONBUILD的内容

 

以上是关于Docke--Dockerfile实践的主要内容,如果未能解决你的问题,请参考以下文章

Docke--Dockerfile 构建LNMP环境

逆向及Bof基础实践

更新片段参数的最佳实践?

在片段和活动之间进行通信 - 最佳实践

android片段-数据传递-最佳实践[重复]

20155201 李卓雯 《网络对抗技术》实验一 逆向及Bof基础