【云原生之Docker学习】使用Dockerfile构建docker镜像
- 一、Docker镜像的分层结构
-
- 1.镜像分层示意图
- 2.镜像的组成
-
- ①.union file system
- ②.镜像层——bootfs
- ③.镜像层——rootfs
- ④.镜像层-依赖环境
- ⑤.容器层
- 3.镜像分层图
- 二、镜像与容器的关系
-
- 1.启动容器
- 2.docker镜像总结
- 3.dokcer容器组成
- 三、定义docker镜像流程
- 四、Dockerfile介绍
- 五、Dockerfile指令
- 六、build安装构造器
-
- 1.不同容器运行时build安装
- 2.下载bulid构建器
- 3.解压下载软件包
- 4.配置service服务
- 5.配置socket文件
- 6.启动服务
- 七、实战1-创建web测试网页
-
- 1.配置yum源
- 2.将repo文件复制到/docker/dockerfile/nginx/目录
- 3.编写dockerfile文件
- 4.构建镜像
- 5.检查生成的镜像
- 6.使用自制镜像生成容器
- 7.访问web
- 八、实战2-创建一个显示器IP工具容器的地址
-
- 1.enterponit简介
- 2.编写dockerfile
- 3.构建镜像
- 4.使用镜像
- 5.修改dockerfile
- 6.创建镜像和操作容器
- 7.给容器正常输入参数
一、Docker镜像的分层结构
1.镜像分层示意图
2.镜像的组成
①.union file system
docker将通过联合文件系统docker不同层次的文件系统集成,为用户隐藏多层视角。
②.镜像层——bootfs
bootfs(boot-file system)——》 Linux内核: bootfs主要包含bootloader和kernel,BootLoader主要作用是引导宿主机内核。 作用:宿主机提供内核
③.镜像层——rootfs
rootfs(root-file system)——》发行版 rootfs例如,不同操作系统的发行版本,suse,Ubuntu,centos等。 作用:docker获取基本镜像
④.镜像层-依赖环境
使用发行版提供的软件安装管理,如yum install -y mysql 功能:依赖环境
⑤.容器层
可以写入的容器,想要操作的代码程序。 功能:具体程序操作 备注:只能修改写入容器层,其余为只读层。
3.镜像分层图
二、镜像与容器的关系
1.启动容器
当下载镜像并使用镜像启动容器时,docker会在该image在顶层,添加一个可读件系统作为容器,然后操作容器。
2.docker镜像总结
1.docker镜像的本质是unionFS分层文件系统的管理。 2.因为docker镜像共享宿主机内核,所以镜像文件一般很小。 3.dockerfile功能:自定义docker镜像的每一层功能。 4.overlayfs:每次分层时,下层的所有文件都被硬链接到上层,逻辑上只有两层。
3.dokcer容器组成
三、定义docker镜像流程
定义容器镜像步骤: 1.获取基本镜像,选择发行平台(如centos/ubuntu等) 2.例如在centos安装在镜像中redis软件。 3.导出镜像,可以命名redis镜像文件。 4.docker层次概念:底层是centos镜像,上层是redis镜像,centos镜像属于父镜像
四、Dockerfile介绍
1.Dockerfile 构建镜像的文本文件可以部署和运行你需要的容器环境。 2.通过dockerfile建立软件依赖、文件依赖、网络、存储等环境。
五、Dockerfile指令
# 常用指令 FROM 制定基本镜像 MAINTAINER 制定维护者信息,可以不写 RUN 添加到命令前RUN,操作容器 ADD 将宿主机文件添加到容器中,具有自动解压功能 COPY 作用和ADD同样,将宿主机的文件复制到容器中,COPY只是拷贝 WORKDIR 设置当前工作目录 VOLUME 设置卷,挂主机目录 EXPOSE 指定外部端口 CMD 指定容器启动后要做的事情 # 其他指令 COPY 复制文件 ENV 环境变量 ENTRYPOINT 启动容器后执行的命令 六、build安装构造器
1.不同容器运行时build安装
1.在docker当容器运行时,build无需安装即可直接使用 2.在containerd当容器运行时,build需要单独安装
2.下载bulid构建器
wget 'https://oss-public.obs.cn-south-1.myhuaweicloud.com:443/docker/buildkit-v0.10.3.linux-amd64.tar.gz?AccessKeyId=8QZQXILP1SCWCCLMSGIH&Expires=1688442777&Signature=s4XXaKOJu84xzxE0dfZaRgu4ndE=' 3.解压下载软件包
tar -xzf buildkit-v0.10.3.linux-amd64.tar.gz -C /usr/local
4.配置service服务
#vim /etc/systemd/system/buildkit.service
[Unit]
Description=BuildKit
Requires=buildkit.socket
After=buildkit.socket
Documentation=https://github.com/moby/buildkit
[Service]
Type=notify
ExecStart=/usr/local/bin/buildkitd --addr fd://
[Install]
WantedBy=multi-user.target
5.配置socket文件
#vim /etc/systemd/system/buildkit.socket
[Unit]
Description=BuildKit
Documentation=https://github.com/moby/buildkit
[Socket]
ListenStream=%t/buildkit/buildkitd.sock
SocketMode=0660
[Install]
WantedBy=sockets.target
6.启动服务
[root@compute-node1 image]# systemctl daemon-reload
[root@compute-node1 image]# systemctl start buildkit
[root@compute-node1 image]# systemctl enable buildkit
Created symlink from /etc/systemd/system/multi-user.target.wants/buildkit.service to /etc/systemd/system/buildkit.service.
七、实战1——创建一个web测试网页
1.配置yum源
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
2.将repo文件拷贝到/docker/dockerfile/nginx/目录
[root@compute-node1 nginx]# cp /etc/yum.repos.d/Centos-7.repo ./
[root@compute-node1 nginx]# cp /etc/yum.repos.d/epel.repo ./
[root@compute-node1 nginx]#
3.编写dockerfile文件
vim /dokcer/dockerfile/nginx/cDockerfile
#添加引用的基础镜像
FROM centos:7
#添加注解
LABEL Author natasha<natasha@example.com> \
Time 20220709 \
functione nginx-demo
#镜像构建
RUN rm -rf /etc/yum.repos.d/* ADD CentOS-7.repo /etc/yum.repos.d/centos.repo ADD epel.repo /etc/yum.repos.d/epel.repo RUN yum install -y nginx RUN rm -rf /usr/share/nginx/html/* RUN echo "hello world" > /usr/share/nginx/html/index.html #容器启动时执行的操作 CMD ["nginx","-g","daemon off;"] 4.构建镜像
[root@compute-node1 nginx]# docker build -t nginx:v1.0 .
Sending build context to Docker daemon 6.656kB
Step 1/9 : FROM centos:7
---> eeb6ee3f44bd
Step 2/9 : LABEL Author natasha<natasha@example.com> Time 20220709 functione nginx-demo
---> Using cache
---> bff89bcb2716
Step 3/9 : RUN rm -rf /etc/yum.repos.d/* ---> Using cache ---> 54975b5b035a Step 4/9 : ADD CentOS-7.repo /etc/yum.repos.d/centos.repo ADD failed: file not found in build context or excluded by .dockerignore: stat CentOS-7.repo: file does not exist [root@compute-node1 nginx]# ls Centos-7.repo Dockerfile epel.repo [root@compute-node1 nginx]# [root@compute-node1 nginx]# vim Dockerfile [root@compute-node1 nginx]# docker build -t nginx:v1.0 . Sending build context to Docker daemon 6.656kB Step 1/9 : FROM centos:7 ---> eeb6ee3f44bd Step 2/9 : LABEL Author natasha<natasha@example.com> Time 20220709 functione nginx-demo ---> Using cache ---> bff89bcb2716 Step 3/9 : RUN rm -rf /etc/yum.repos.d/* ---> Using cache ---> 54975b5b035a Step 4/9 : ADD Centos-7.repo /etc/yum.repos.d/centos.repo ---> d313dfc6e9c9 Step 5/9 : ADD epel.repo /etc/yum.repos.d/epel.repo ---> 7b9f61b49e4a Step 6/9 : RUN yum install -y nginx ---> Running in 9408803d1a98 Loaded plugins: fastestmirror, ovl Determining fastest mirrors * base: mirrors.aliyun.com * extras: mirrors.aliyun.com * updates: mirrors.aliyun.com http://mirrors.aliyuncs.com/centos/7/os/x86_64/repodata/6d0c3a488c282fe537794b5946b01e28c7f44db79097bb06826e1c0c88bad5ef-primary.sqlite.bz2: [Errno 12] Timeout on http://mirrors.aliyuncs.com/centos/7/os/x86_64/repodata/6d0c3a488c282fe537794b5946b01e28c7f44db79097bb06826e1c0c88bad5ef-primary.sqlite.bz2: (28, 'Connection timed out after 30005 milliseconds') Trying other mirror. http://mirrors.cloud.aliyuncs.com/centos/7/os/x86_64/repodata/6d0c3a488c282fe537794b5946b01e28c7f44db79097bb06826e1c0c88bad5ef-primary.sqlite.bz2: [Errno 14] curl#6 - "Could not resolve host: mirrors.cloud.aliyuncs.com; Unknown error" Trying other mirror. Resolving Dependencies --> Running transaction check ---> Package nginx.x86_64 1:1.20.1-9.el7 will be installed --> Processing Dependency: nginx-filesystem = 1:1.20.1-9.el7 for package: 1:nginx-1.20.1-9.el7.x86_64 --> Processing Dependency: libcrypto.so.1.1(OPENSSL_1_1_0)(64bit) for package: 1:nginx-1.20.1-9.el7.x86_64 --> Processing Dependency: libssl.so.1.1(OPENSSL_1_1_0)(64bit) for package: 1:nginx-1.20.1-9.el7.x86_64 --> Processing Dependency: libssl.so.1.1(OPENSSL_1_1_1)(64bit) for package: 1:nginx-1.20.1-9.el7.x86_64 --> Processing Dependency: nginx-filesystem for package: 1:nginx-1.20.1-9.el7.x86_64 --> Processing Dependency: openssl for package: 1:nginx-1.20.1-9.el7.x86_64 --> Processing Dependency: redhat-indexhtml for package: 1:nginx-1.20.1-9.el7.x86_64 --> Processing Dependency: system-logos for package: 1:nginx-1.20.1-9.el7.x86_64 --> Processing Dependency: libcrypto.so.1.1()(64bit) for package: 1:nginx-1.20.1-9.el7.x86_64 --> Processing Dependency: libprofiler.so.0()(64bit) for package: 1:nginx-1.20.1-9.el7.x86_64 --> Processing Dependency: libssl.so.1.1()(64bit) for package: 1:nginx-1.20.1-9.el7.x86_64 --> Running transaction check ---> Package centos-indexhtml.noarch 0:7-9.el7.centos will be installed ---> Package centos-logos.noarch 0:70.0.6-3.el7.centos will be installed ---> Package gperftools-libs.x86_64 0:2.6.1-1.el7 will be installed ---> Package nginx-filesystem.noarch 1:1.20.1-9.el7 will be installed ---> Package openssl.x86_64 1:1.0.2k-25.el7_9 will be installed --> Processing Dependency: openssl-libs(x86-64) = 1:1.0.2k-25.el7_9 for package: 1:openssl-1.0.2k-25.el7_9.x86_64 --> Processing Dependency: make for package: 1:openssl-1.0.2k-25.el7_9.x86_64 ---> Package openssl11-libs.x86_64 1:1.1.1k-3.el7 will be installed --> Running transaction check ---> Package make.x86_64 1:3.82-24.el7 will be installed ---> Package openssl-libs.x86_64 1:1.0.2k-19.el7 will be updated ---> Package openssl-libs.x86_64 1:1.0.2k-25.el7_9 will be an update --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: nginx x86_64 1:1.20.1-9.el7 epel 587 k Installing for dependencies: centos-indexhtml noarch 7-9.el7.centos base 92 k centos-logos noarch 70.0.6-3.el7.centos base 21 M gperftools-libs x86_64 2.6.1-1.el7 base 272 k make x86_64 1:3.82-24.el7 base 421 k nginx-filesystem noarch 1:1.20.1-9.el7 epel 24 k openssl x86_64 1:1.0.2k-25.el7_9 updates 494 k openssl11-libs x86_64 1:1.1.1k-3.el7 epel 1.5 M Updating for dependencies: openssl-libs x86_64 1:1.0.2k-25.el7_9 updates 1.2 M Transaction Summary ================================================================================ Install 1 Package (+7 Dependent packages) Upgrade ( 1 Dependent package) Total download size: 26 M Downloading packages: Delta RPMs disabled because /usr/bin/applydeltarpm not installed. warning: /var/cache/yum/x86_64/7/base/packages/centos-indexhtml-7-9.el7.centos.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY Public key for centos-indexhtml-7-9.el7.centos.noarch.rpm is not installed Public key for openssl-1.0.2k-25.el7_9.x86_64.rpm is not installed -------------------------------------------------------------------------------- Total 960 kB/s | 26 MB 00:27 Retrieving key from http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7 Importing GPG key 0xF4A80EB5: Userid : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>" Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5 From : http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : centos-logos-70.0.6-3.el7.centos.noarch 1/10 Installing : centos-indexhtml-7-9.el7.centos.noarch 2/10 Installing : 1:openssl11-libs-1.1.1k-3.el7.x86_64 3/10 Installing : 1:make-3.82-24.el7.x86_64 4/10 Installing : gperftools-libs-2.6.1-1.el7.x86_64 5/10 Updating : 1:openssl-libs-1.0.2k-25.el7_9.x86_64 6/10 Installing : 1:openssl-1.0.2k-25.el7_9.x86_64 7/10 Installing : 1:nginx-filesystem-1.20.1-9.el7.noarch 8/10 Installing : 1:nginx-1.20.1-9.el7.x86_64 9/10 Cleanup : 1:openssl-libs-1.0.2k-19.el7.x86_64 10/10 Verifying : 1:nginx-filesystem-1.20.1-9.el7.noarch 1/10 Verifying : 1:nginx-1.20.1-9.el7.x86_64 2/10 Verifying : 1:openssl-libs-1.0.2k-25.el7_9.x86_64 3/10 Verifying : 1:openssl-1.0.2k-25.el7_9.x86_64 4/10 Verifying : gperftools-libs-2.6.1-1.el7.x86_64 5/10 Verifying : 1:make-3.82-24.el7.x86_64 6/10 Verifying : 1:openssl11-libs-1.1.1k-3.el7.x86_64 7/10 Verifying : centos-indexhtml-7-9.el7.centos.noarch 8/10 Verifying : centos-logos-70.0.6-3.el7.centos.noarch 9/10 Verifying : 1:openssl-libs-1.0.2k-19.el7.x86_64 10/10 Installed: nginx.x86_64 1:1.20.1-9.el7 Dependency Installed: centos-indexhtml.noarch 0:7-9.el7.centos centos-logos.noarch 0:70.0.6-3.el7.centos gperftools-libs.x86_64 0:2.6.1-1.el7 make.x86_64 1:3.82-24.el7 nginx-filesystem.noarch 1:1.20.1-9.el7 openssl.x86_64 1:1.0.2k-25.el7_9 openssl11-libs.x86_64 1:1.1.1k-3.el7 Dependency Updated: openssl-libs.x86_64 1:1.0.2k-25.el7_9 Complete! Removing intermediate container 9408803d1a98 ---> 678685cc0e71 Step 7/9 : RUN rm -rf /usr/share/nginx/html/* ---> Running in ecc29cbfaf40 Removing intermediate container ecc29cbfaf40 ---> 225c791cdca2 Step 8/9 : RUN echo "hello world" > /usr/share/nginx/html/index.html ---> Running in 33d90e8081f3 Removing intermediate container 33d90e8081f3 ---> 700054697617 Step 9/9 : CMD ["nginx","-g","daemon off;"] ---> Running in 5582e9d1233c Removing intermediate container 5582e9d1233c ---> 285a4712d7ed Successfully built 285a4712d7ed Successfully tagged nginx:v1.0 5.查看生成镜像
[root@compute-node1 nginx]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx v1.0 285a4712d7ed 2 minutes ago 453MB
rancher/rancher v2.6.5 f944ac578a0e 8 weeks ago 1.47GB
nginx latest 605c77e624dd 6 months ago 141MB
rancher/rancher latest f9e320b7e19c 6 months ago 1.16GB
rancher/rancher stable f9e320b7e19c 6 months ago 1.16GB
centos 7 eeb6ee3f44bd 9 months ago 204MB
registry.cn-hangzhou.aliyuncs.com/jeson/controller v1.0.0 ef43679c2cae 10 months ago 283MB
rancher/server stable 98d8bb571885 2 years ago 1.08GB
6.使用自制镜像生成容器
[root@compute-node1 nginx]# docker run --name myweb -d -p 8740:80 nginx:v1.0
11dd3cd44151093dca3c2ff798a86acd3189df6383e2f1ddbb2650bfc76af2a6
[root@compute-node1 nginx]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
11dd3cd44151 nginx:v1.0 "nginx -g 'daemon of…" 2 seconds ago Up 2 seconds 0.0.0.0:8740->80/tcp, :::8740->80/tcp myweb
7.访问web
八、实战2——创建一个可以显示IP地址的工具型容器
1.enterponit简介
1.在容器启动时执行指令,根CMD不一样的是,ENTERPONIT执行的指令是无法被覆盖的; 2.如果同时定义了CMD和ENTERPOINT,则CMD会作为enterponit的参数; 3.enterponit通常是脚本,用于容器启动时执行的初始化操作。
2.编写dockerfile
vim /dokcer/dockerfile/ip_check/cDockerfile
[root@compute-node1 ip_check]# cat Dockerfile
FROM centos:7.8.2003
RUN rpm --rebuilddb && yum install epel-release -y
RUN rpm --rebuilddb && yum install curl -y
CMD ["curl","-s","cip.cc"]
3.构建镜像
docker build -t ipcheck:v1.0 .
4.使用镜像
[root@compute-node1 ip_check]# docker run ipcheck:v1.0
IP : xx.xx.xx.195
地址 : 中国 湖北 鄂州
运营商 : 联通
数据二 : 湖北省襄阳市 | 联通
数据三 : 中国湖北鄂州 | 联通
URL : http://www.cip.cc/xx.xx.xxx.195
5.修改dockerfile
FROM centos:7.8.2003
RUN rpm --rebuilddb && yum install epel-release -y
RUN rpm --rebuilddb && yum install curl -y
CMD ["curl","-s","cip.cc"]
ENTRYPOINT ["curl","-s","cip.cc"]
6.创建镜像及运行容器
[root@compute-node1 ip_check]# docker run --rm ipcheck:v2.0
IP : xx.xx.xx.195
地址 : 中国 湖北 鄂州
运营商 : 联通
数据二 : 湖北省 | 联通
数据三 : 中国湖北鄂州 | 联通
URL : http://www.cip.cc/xx.xx.xx.195
IP : xx.xx.xx.195
地址 : 中国 湖北 鄂州
运营商 : 联通
数据二 : 湖北省 | 联通
数据三 : 中国湖北鄂州 | 联通
URL : http://www.cip.cc/xx.xx.xx.195
7.给容器正常传入参数
[root@compute-node1 ip_check]# docker run --rm ipcheck:v2.0 -I
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 09 Jul 2022 05:28:30 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Vary: Accept-Encoding
X-cip-c: H