dockerfile操作

一、docker镜像的两种方式

1、docker commit：将容器提交为镜像

2、Dockerfile：从读取Dokerfile里的一组指令去自动化构建镜像

二、Dockerfile的规则

1、#为注释

2、指令(大写),内容(小写)(强烈建议)

3、Docker是按顺序从上到下依次执行Dockerfile里的指令集合

4、每个Dockerfile的第一个非注释行指令必须是"FROM"指令，用于为构建镜像指定基准镜像，后续指令运行与此基准镜像提供的运行环境中

三、Dockerfile核心指令

1、USER/WORKDIR指令

USER：指定容器启动时，哪个用户启动进程

WORKDIR：启动容器后的PWD目录

例子

[root@redis-01 dockerfile]# vim Dockerfile
FROM docker.io/skychengp/nginx:1.12.2
USER nginx
WORKDIR /usr/share/nginx/html

以docker.io/skychengp/nginx:1.12.2为基准镜像，以nginx用户执行指令，将当前目录切换到/usr/share/nginx/html

构建镜像

[root@redis-01 dockerfile]# docker build . -t docker.io/skychengp/nginx:1.12.2_with_user_workdir
Sending build context to Docker daemon  2.048kB
Step 1/3 : FROM docker.io/skychengp/nginx:1.12.2
 ---> 4037a5562b03
Step 2/3 : USER nginx
 ---> Running in 340c2c31ad73
Removing intermediate container 340c2c31ad73
 ---> dcc5cb25c6dd
Step 3/3 : WORKDIR /usr/share/nginx/html
 ---> Running in 9bf8f48ace8f
Removing intermediate container 9bf8f48ace8f
 ---> 6f0cee4e00a3
Successfully built 6f0cee4e00a3
Successfully tagged skychengp/nginx:1.12.2_with_user_workdir
[root@redis-01 dockerfile]# 

查看镜像

[root@redis-01 home]# docker images
REPOSITORY                                                                                                                                  TAG                        IMAGE ID            CREATED             SIZE
skychengp/nginx                                                                                                                             1.12.2_with_user_workdir   6f0cee4e00a3        24 seconds ago      108MB

运行容器

[root@redis-01 home]# docker run -it --rm --name nginx-user skychengp/nginx:1.12.2_with_user_workdir /bin/bash
nginx@d76e073c7816:/usr/share/nginx/html$ pwd
/usr/share/nginx/html

  nginx@d76e073c7816:/usr/share/nginx/html$ whoami
  nginx

我们发现，容器已经切换到指定的WORKDIR下了,当前用户为nginx

2、ADD/EXPOSE指令

ADD：将指定的宿主机文件复制到容器里

EXPOSE：指定需要暴露的容器端口

例子：

[root@redis-01 dockerfile]# vim Dockerfile

  FROM docker.io/skychengp/nginx:1.12.2
  WORKDIR /usr/share/nginx/html
  ADD index.html /usr/share/nginx/html/index.html
  EXPOSE 80

将当前目录的index.html复制到容器的/usr/share/nginx/html/下，并将容器的80端口暴露出来

构建镜像

[root@redis-01 dockerfile]# docker build . -t skychengp/nginx:1.12.2_with_add_expose
Sending build context to Docker daemon   5.12kB
Step 1/4 : FROM docker.io/skychengp/nginx:1.12.2
 ---> 4037a5562b03
Step 2/4 : WORKDIR /usr/share/nginx/html
 ---> Running in f7d8bd79ceb5
Removing intermediate container f7d8bd79ceb5
 ---> eaceba47349e
Step 3/4 : ADD index.html /usr/share/nginx/html/index.html
 ---> a14c13a9c08b
Step 4/4 : EXPOSE 80
 ---> Running in e5654fc46f3a
Removing intermediate container e5654fc46f3a
 ---> d38127bfd87a
Successfully built d38127bfd87a
Successfully tagged skychengp/nginx:1.12.2_with_add_expose

运行容器

[root@redis-01 dockerfile]# docker run -it --rm --name nginx-add -P skychengp/nginx:1.12.2_with_add_expose /bin/bash
root@ebeb678e4a3c:/usr/share/nginx/html# pwd
/usr/share/nginx/html
root@ebeb678e4a3c:/usr/share/nginx/html# whoami
root
root@ebeb678e4a3c:/usr/share/nginx/html# ls
50x.html  index.html

可以看到index.html已经复制到容器里了

运行nginx

root@207d0109917b:/usr/share/nginx/html# nginx -g "daemon off;"

查看80端口，用netstat命令发现没有，先安装net-tools包

root@ebeb678e4a3c:/usr/share/nginx/html# apt-get update 
root@ebeb678e4a3c:/usr/share/nginx/html# apt-get install net-tools

root@207d0109917b:/usr/share/nginx/html# netstat -tunlp|grep 80
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      327/nginx: master p 

在宿主机上查看容器

[root@redis-01 ~]# docker ps -a|grep nginx
207d0109917b        skychengp/nginx:1.12.2_with_add_expose                                                                                                      "/bin/bash"              5 minutes ago       Up 5 minutes        0.0.0.0:32769->80/tcp   nginx-add

容器的80端口被随机映射到了宿主机的一个32769端口上

访问宿主机的32769

[root@redis-01 home]# curl http://172.28.5.120:32769
<!DOCTYPE html>
<!--STATUS OK--><html> <head><meta http-equiv=content-type content=text/html;charset=utf-8><meta http-equiv=X-UA-Compatible content=IE=Edge><meta content=always name=referrer><link rel=stylesheet type=text/css href=http://s1.bdstatic.com/r/www/cache/bdorz/baidu.min.css><title>百度一下，你就知道</title></head> <body link=#0000cc> <div id=wrapper> <div id=head> <div class=head_wrapper> <div class=s_form> <div class=s_form_wrapper> <div id=lg> <img hidefocus=true src=//www.baidu.com/img/bd_logo1.png width=270 height=129> </div> <form id=form name=f action=//www.baidu.com/s class=fm> <input type=hidden name=bdorz_come value=1> <input type=hidden name=ie value=utf-8> <input type=hidden name=f value=8> <input type=hidden name=rsv_bp value=1> <input type=hidden name=rsv_idx value=1> <input type=hidden name=tn value=baidu><span class="bg s_ipt_wr"><input id=kw name=wd class=s_ipt value maxlength=255 autocomplete=off autofocus></span><span class="bg s_btn_wr"><input type=submit id=su value=百度一下 class="bg s_btn"></span> </form> </div> </div> <div id=u1> <a href=http://news.baidu.com name=tj_trnews class=mnav>新闻</a> <a href=http://www.hao123.com name=tj_trhao123 class=mnav>hao123</a> <a href=http://map.baidu.com name=tj_trmap class=mnav>地图</a> <a href=http://v.baidu.com name=tj_trvideo class=mnav>视频</a> <a href=http://tieba.baidu.com name=tj_trtieba class=mnav>贴吧</a> <noscript> <a href=http://www.baidu.com/bdorz/login.gif?login&amp;tpl=mn&amp;u=http%3A%2F%2Fwww.baidu.com%2f%3fbdorz_come%3d1 name=tj_login class=lb>登录</a> </noscript> <script>document.write('<a href="http://www.baidu.com/bdorz/login.gif?login&tpl=mn&u='+ encodeURIComponent(window.location.href+ (window.location.search === "" ? "?" : "&")+ "bdorz_come=1")+ '" name="tj_login" class="lb">登录</a>');</script> <a href=//www.baidu.com/more/ name=tj_briicon class=bri style="display: block;">更多产品</a> </div> </div> </div> <div id=ftCon> <div id=ftConw> <p id=lh> <a href=http://home.baidu.com>关于百度</a> <a href=http://ir.baidu.com>About Baidu</a> </p> <p id=cp>&copy;2017&nbsp;Baidu&nbsp;<a href=http://www.baidu.com/duty/>使用百度前必读</a>&nbsp; <a href=http://jianyi.baidu.com/ class=cp-feedback>意见反馈</a>&nbsp;京ICP证030173号&nbsp; <img src=//www.baidu.com/img/gs.gif> </p> </div> </div> </div> </body> </html>

可以成功访问到index.html

3、RUN/ENV指令

RUN：构建镜像时执行命令

ENV：设置环境变量

例子：设置容器时区与宿主机一致，构建镜像时，自动下载net-tools包以及procps包

[root@redis-01 dockerfile]# vim Dockerfile
FROM docker.io/skychengp/nginx:1.12.2
WORKDIR /usr/share/nginx/html
ADD index.html /usr/share/nginx/html/index.html
ENV TZ=Asia/Shanghai

  RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone && apt-get update && apt-get install procps -y && apt-get in stall net-tools -y

设置TZ时区环境变量为Asia/Shanghai

在创建镜像时，将/usr/share/zoneinfo/Asia/Shanghai 文件软连接到/etc/localtime下，并将Asia/Shanghai写入文件/etc/timezone里

创建镜像

[root@redis-01 dockerfile]# docker build . -t skychengp/nginx:1.12.2_with_cmd
Sending build context to Docker daemon   5.12kB
Step 1/6 : FROM docker.io/skychengp/nginx:1.12.2
 ---> 4037a5562b03
Step 2/6 : WORKDIR /usr/share/nginx/html
 ---> Running in 8612c111ba58
Removing intermediate container 8612c111ba58
 ---> 93b67d852c63
Step 3/6 : ADD index.html /usr/share/nginx/html/index.html
 ---> e6901139b882
Step 4/6 : ENV TZ=Asia/Shanghai
 ---> Running in c38a494baaa1
Removing intermediate container c38a494baaa1
 ---> 4838c5ac4ac5
Step 5/6 : RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone && apt-get update && apt-get install procps -y && apt-get install net-tools -y
 ---> Running in fd6deb060d46
Get:1 http://security.debian.org/debian-security stretch/updates InRelease [53.0 kB]
Ign:2 http://deb.debian.org/debian stretch InRelease
Get:3 http://security.debian.org/debian-security stretch/updates/main amd64 Packages [799 kB]
Get:4 http://deb.debian.org/debian stretch-updates InRelease [93.6 kB]
Get:5 http://deb.debian.org/debian stretch Release [118 kB]
Get:6 http://nginx.org/packages/debian stretch InRelease [2866 B]
Get:7 http://deb.debian.org/debian stretch-updates/main amd64 Packages [2711 B]
Get:8 http://deb.debian.org/debian stretch Release.gpg [2410 B]
Get:9 http://nginx.org/packages/debian stretch/nginx amd64 Packages [25.4 kB]
Get:10 http://deb.debian.org/debian stretch/main amd64 Packages [9610 kB]
Fetched 10.7 MB in 36s (290 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
The following additional packages will be installed:
  libprocps6 psmisc
The following NEW packages will be installed:
  libprocps6 procps psmisc
0 upgraded, 3 newly installed, 0 to remove and 36 not upgraded.
Need to get 431 kB of archives.
After this operation, 1434 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian stretch/main amd64 libprocps6 amd64 2:3.3.12-3+deb9u1 [58.5 kB]
Get:2 http://deb.debian.org/debian stretch/main amd64 procps amd64 2:3.3.12-3+deb9u1 [250 kB]
Get:3 http://deb.debian.org/debian stretch/main amd64 psmisc amd64 22.21-2.1+b2 [123 kB]
debconf: delaying package configuration, since apt-utils is not installed
Fetched 431 kB in 1s (360 kB/s)
Selecting previously unselected package libprocps6:amd64.
(Reading database ... 7027 files and directories currently installed.)
Preparing to unpack .../libprocps6_2%3a3.3.12-3+deb9u1_amd64.deb ...
Unpacking libprocps6:amd64 (2:3.3.12-3+deb9u1) ...
Selecting previously unselected package procps.
Preparing to unpack .../procps_2%3a3.3.12-3+deb9u1_amd64.deb ...
Unpacking procps (2:3.3.12-3+deb9u1) ...
Selecting previously unselected package psmisc.
Preparing to unpack .../psmisc_22.21-2.1+b2_amd64.deb ...
Unpacking psmisc (22.21-2.1+b2) ...
Setting up psmisc (22.21-2.1+b2) ...
Setting up libprocps6:amd64 (2:3.3.12-3+deb9u1) ...
Setting up procps (2:3.3.12-3+deb9u1) ...
update-alternatives: using /usr/bin/w.procps to provide /usr/bin/w (w) in auto mode
update-alternatives: warning: skip creation of /usr/share/man/man1/w.1.gz because associated file /usr/share/man/man1/w.procps.1.gz (of link group w) doesn't exist
Processing triggers for libc-bin (2.24-11+deb9u3) ...
Reading package lists...
Building dependency tree...
Reading state information...
The following NEW packages will be installed:
  net-tools
0 upgraded, 1 newly installed, 0 to remove and 36 not upgraded.
Need to get 248 kB of archives.
After this operation, 963 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian stretch/main amd64 net-tools amd64 1.60+git20161116.90da8a0-1 [248 kB]
debconf: delaying package configuration, since apt-utils is not installed
Fetched 248 kB in 0s (258 kB/s)
Selecting previously unselected package net-tools.
(Reading database ... 7142 files and directories currently installed.)
Preparing to unpack .../net-tools_1.60+git20161116.90da8a0-1_amd64.deb ...
Unpacking net-tools (1.60+git20161116.90da8a0-1) ...
Setting up net-tools (1.60+git20161116.90da8a0-1) ...
Removing intermediate container fd6deb060d46
 ---> d43dd42ab96d
Step 6/6 : CMD nginx -g "daemon off;"
 ---> Running in c942c4da119a
Removing intermediate container c942c4da119a
 ---> 402ce91f3b96
Successfully built 402ce91f3b96
Successfully tagged skychengp/nginx:1.12.2_with_cmd

运行容器

[root@redis-01 dockerfile]# docker run -it --name nginx-env skychengp/nginx:1.12.2_with_env_run /bin/bash
root@d58efda0c124:/usr/share/nginx/html# pwd
/usr/share/nginx/html
root@d58efda0c124:/usr/share/nginx/html# ls
50x.html  index.html
root@d58efda0c124:/usr/share/nginx/html# printenv
TZ=Asia/Shanghai
HOSTNAME=d58efda0c124
NJS_VERSION=1.12.2.0.1.14-1~stretch
NGINX_VERSION=1.12.2-1~stretch
PWD=/usr/share/nginx/html
HOME=/root
TERM=xterm
SHLVL=1
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
_=/usr/bin/printenv
root@d58efda0c124:/usr/share/nginx/html# 

可以看到TZ环境变量设置成功，

root@d58efda0c124:/usr/share/nginx/html# cat /etc/timezone 
Asia/Shanghai

查看/etc/timezone文件为指定的时区，查看容器时间

root@d58efda0c124:/usr/share/nginx/html# date
Tue Dec  1 17:15:08 CST 2020

已经和宿主机保持一致，可以运行ps命令

root@6ba956ab2615:/usr/share/nginx/html# ps aux
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         1  0.0  0.0   4280   640 ?        Ss   22:19   0:00 /bin/sh -c nginx -g "daemon off;"
root         6  0.0  0.0  32400  3228 ?        S    22:19   0:00 nginx: master process nginx -g daemon off;
nginx        7  0.0  0.0  32872  1816 ?        S    22:19   0:00 nginx: worker process
root         8  0.0  0.0  18120  1992 pts/0    Ss   22:19   0:00 /bin/bash
root        21  0.0  0.0  36628  1580 pts/0    R+   22:24   0:00 ps aux

4、CMDENTRYPOINT指令

CMD：运行容器时指定的命令

例子：构建nginx镜像，运行容器时自动运行nginx

FROM docker.io/skychengp/nginx:1.12.2
WORKDIR /usr/share/nginx/html
ADD index.html /usr/share/nginx/html/index.html
ENV TZ=Asia/Shanghai

  RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone && apt-get update && apt-get install procps -y && apt-get install net-tools -y
 CMD nginx -g "daemon off;"

构建镜像

[root@redis-01 dockerfile]# docker build . -t skychengp/nginx:1.12.2_with_cmd
Sending build context to Docker daemon   5.12kB
Step 1/6 : FROM docker.io/skychengp/nginx:1.12.2
 ---> 4037a5562b03
Step 2/6 : WORKDIR /usr/share/nginx/html
 ---> Running in 8612c111ba58
Removing intermediate container 8612c111ba58
 ---> 93b67d852c63
Step 3/6 : ADD index.html /usr/share/nginx/html/index.html
 ---> e6901139b882
Step 4/6 : ENV TZ=Asia/Shanghai
 ---> Running in c38a494baaa1
Removing intermediate container c38a494baaa1
 ---> 4838c5ac4ac5
Step 5/6 : RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone && apt-get update && apt-get install procps -y && apt-get install net-tools -y
 ---> Running in fd6deb060d46
Get:1 http://security.debian.org/debian-security stretch/updates InRelease [53.0 kB]
Ign:2 http://deb.debian.org/debian stretch InRelease
Get:3 http://security.debian.org/debian-security stretch/updates/main amd64 Packages [799 kB]
Get:4 http://deb.debian.org/debian stretch-updates InRelease [93.6 kB]
Get:5 http://deb.debian.org/debian stretch Release [118 kB]
Get:6 http://nginx.org/packages/debian stretch InRelease [2866 B]
Get:7 http://deb.debian.org/debian stretch-updates/main amd64 Packages [2711 B]
Get:8 http://deb.debian.org/debian stretch Release.gpg [2410 B]
Get:9 http://nginx.org/packages/debian stretch/nginx amd64 Packages [25.4 kB]
Get:10 http://deb.debian.org/debian stretch/main amd64 Packages [9610 kB]
Fetched 10.7 MB in 36s (290 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
The following additional packages will be installed:
  libprocps6 psmisc
The following NEW packages will be installed:
  libprocps6 procps psmisc
0 upgraded, 3 newly installed, 0 to remove and 36 not upgraded.
Need to get 431 kB of archives.
After this operation, 1434 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian stretch/main amd64 libprocps6 amd64 2:3.3.12-3+deb9u1 [58.5 kB]
Get:2 http://deb.debian.org/debian stretch/main amd64 procps amd64 2:3.3.12-3+deb9u1 [250 kB]
Get:3 http://deb.debian.org/debian stretch/main amd64 psmisc amd64 22.21-2.1+b2 [123 kB]
debconf: delaying package configuration, since apt-utils is not installed
Fetched 431 kB in 1s (360 kB/s)
Selecting previously unselected package libprocps6:amd64.
(Reading database ... 7027 files and directories currently installed.)
Preparing to unpack .../libprocps6_2%3a3.3.12-3+deb9u1_amd64.deb ...
Unpacking libprocps6:amd64 (2:3.3.12-3+deb9u1) ...
Selecting previously unselected package procps.
Preparing to unpack .../procps_2%3a3.3.12-3+deb9u1_amd64.deb ...
Unpacking procps (2:3.3.12-3+deb9u1) ...
Selecting previously unselected package psmisc.
Preparing to unpack .../psmisc_22.21-2.1+b2_amd64.deb ...
Unpacking psmisc (22.21-2.1+b2) ...
Setting up psmisc (22.21-2.1+b2) ...
Setting up libprocps6:amd64 (2:3.3.12-3+deb9u1) ...
Setting up procps (2:3.3.12-3+deb9u1) ...
update-alternatives: using /usr/bin/w.procps to provide /usr/bin/w (w) in auto mode
update-alternatives: warning: skip creation of /usr/share/man/man1/w.1.gz because associated file /usr/share/man/man1/w.procps.1.gz (of link group w) doesn't exist
Processing triggers for libc-bin (2.24-11+deb9u3) ...
Reading package lists...
Building dependency tree...
Reading state information...
The following NEW packages will be installed:
  net-tools
0 upgraded, 1 newly installed, 0 to remove and 36 not upgraded.
Need to get 248 kB of archives.
After this operation, 963 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian stretch/main amd64 net-tools amd64 1.60+git20161116.90da8a0-1 [248 kB]
debconf: delaying package configuration, since apt-utils is not installed
Fetched 248 kB in 0s (258 kB/s)
Selecting previously unselected package net-tools.
(Reading database ... 7142 files and directories currently installed.)
Preparing to unpack .../net-tools_1.60+git20161116.90da8a0-1_amd64.deb ...
Unpacking net-tools (1.60+git20161116.90da8a0-1) ...
Setting up net-tools (1.60+git20161116.90da8a0-1) ...
Removing intermediate container fd6deb060d46
 ---> d43dd42ab96d
Step 6/6 : CMD nginx -g "daemon off;"
 ---> Running in c942c4da119a
Removing intermediate container c942c4da119a
 ---> 402ce91f3b96
Successfully built 402ce91f3b96
Successfully tagged skychengp/nginx:1.12.2_with_cmd

运行容器

[root@redis-01 dockerfile]# docker run --name=nginx-cmd -p81:80 --rm skychengp/nginx:1.12.2_with_cmd

访问http://127.0.0.1:81,成功返回页面，容器打印日志

[root@redis-01 dockerfile]# docker run --name=nginx-cmd -p81:80 --rm skychengp/nginx:1.12.2_with_cmd
172.28.5.120 - - [01/Dec/2020:22:19:17 +0800] "GET / HTTP/1.1" 200 2381 "-" "curl/7.29.0" "-"