Please refer to the Docker basis Bowen: summary Docker learning (using centos7-1804)
Construction of the mirror 1. Docker
Sometimes Docker image downloaded from the warehouse in the mirror can not meet the requirements, we can build a mirror image of their own based on a base image in two ways:
- Update Mirror: Use docker commit command
- Construction of the mirror: Use docker build command, you need to create Dockerfile file
1.1 update image
Create a container using a base image, and then make changes to the content of the container, and then use the docker commit command to submit a new image (for example to tomcat).
According base image, create a container
docker run --name mytomcat -p 80:8080 -d tomcat
Modify the contents of the container
docker exec -it mytomcat /bin/bash
cd webapps/ROOT
rm -f index.jsp
echo hello world > index.html exit
Submit a new image
# docker commit -m="描述消息" -a="作者" 容器ID或容器名 镜像名:TAG
docker commit -m="修改了首页" -a="andy" mytomcat qqxhb/tomcat:v1.0
Use new mirror run container
docker run --name tomcatv1 -p 8080:8080 -d qqxhb/tomcat:v1.0
1.2 Construction mirror Dockerfile
What is Dockerfile?
Dockerfile IS Nothing But The Source code for Building Docker Images;
Docker CAN Build Images Automatically by Reading The Instructions from A Dockerfile;
A Dockerfile IS A text Document that the contains All The Commands A User Could Call ON The Command Line to Assemble AN Image;
the Using docker build users can create an automated build that executes several command-line instructions in succession;
in short Dockerfile script is a series of commands and parameters constituted these commands to the base image and ultimately create a new image.
Dockerfile format
Format:
#Comment
INSTRUCTION arguments
The instruction is not case-sensitive
However,convention is for them to be UPPERCASE to distinguish them from arguments more easily
Docker runs instructions in a Dockerfile in order
The first instruction must be 'FROM' in order to specify the Base Image from which you are building
Dockerfile common commands
| command | effect |
|---|---|
| FROM image_name:tag | Which defines the use of the base image to start the process of building |
| MAINTAINER user_name | Disclaimer mirror creator |
| ENV key value | Set Environment Variables (you can write multiple) |
| RUN command | Dockerfile is a core part (you can write multiple) |
| ADD source_dir / file dest_dir / file | Copy the file to the host of the container, if it is a compressed file, it will automatically extract after replication |
| COPY source_dir / file dest_dir / file | And like ADD, but if there is not a compressed file and unzip |
| WORKDIR path_dir | Set the working directory |
- The FROM
the FROM instruction is one of the most important and must be a non-comment line as the first opening of Dockerfile file, image file used to build the base image specified procedure, the subsequent operation instructions thereto based operating environment that provides the mirror image may be based any available mirror, default docker build will find from the local warehouse designated image file in the case, if there is no will pull syntax from Docker Hub:
FROM <image>
FROM <image>:<tag>
FROM <image>@<digest>
- MAINTAINER (depreacted)
I Dockerfile detailed information provided by the producer, Dockerfile does not limit the position MAINTAINER appear, but then put FROM instruction is recommended. Syntax: name can be any text message, usually with author name or email
MAINTAINER <name>
- LABEL
mirror is assigned various metadata, a Dockerfile can write multiple LABEL, but this is not recommended, Dockerfile each instruction will generate a layer image, if LABEL is too long you can use \ symbol wrap. Construction mirror base image LABEL will inherit, and will remove repeated, but if the values are different, the following values will cover the front
face value. grammar:
LABEL <key>=<value> <key>=<value> <key>=<value>...
- COPY
for the new image file to copy files from the host to the creation of
Note: If there is a blank character in your path, often use the second format
rules:
must be a path to build context, can not be the parent directory of the file
if it is a directory, its internal file or subdirectory will be recursive copy, but the directory itself will not be copied
if multiple, or use wildcards, you must be a directory, you must end / symbol
, if not present, will be created, including the parent directory path
COPY <src>...<dest>
COPY ["<src>",..."<dest>"]
# <src>:要复制的源文件或者目录,可以使用通配符 # <dest>:目标路径,即正在创建的image的文件系统路径;建议<dest>使用绝对路径,否则COPY指令则以WORKDIR为 其起始路径
- ADD
basic usage and COPY command, like, ADD supports the use of TAR files and URL path, syntax:
: Rules
identical and COPY rule
if a URL and does not end with a /, the specified file will be downloaded to
if the tar file compression format on a local system, it expands to a directory; however obtained through URL tar file does not will automatically unzip
/ end if there is more, direct or indirect use of wildcards to specify multiple resources, it must be a directory and are
ADD <src>...<dest>
ADD ["<src>",..."<dest>"]
- WORKDIR
used to Dockerfile all RUN, CMD, ENTRYPOINT, COPY and ADD designated set the working directory, it will only affect the instruction after the current WORKDIR. In Dockerfile file, WORKDIR can appear multiple times, the path may be a relative path, but it is relative to the previous instruction WORKDIR specified path. In addition, WORKDIR ENV variable can be specified definition. grammar:
WORKDIR <dirpath>
- VOLUME
to create a mount point on the roll can be mounted on the host volume or other container, which can not specify the directory of the host, the host mounted directory is generated automatically. grammar:
VOLUME <mountpoint>
VOLUME ["<mountpoint>"]
- EXPOSE
used to open the container specified port and to listen to enable external communication, protocol specifies the transport protocol, either TCP or the UDP, TCP protocol is default; EXPOSE disposable can specify multiple ports, for example: EXPOSE 80 / tcp 80 / udp. grammar:
EXPOSE <port>[/<protocol>] [<port>[/<protocol>]...]
- ENV
used to define the environment variable image desired, and may be other instructions Dockerfile file (e.g., ENV, ADD, COPY, etc.) located behind the call, call format: {variable_name}
The first format, everything after will be regarded as an integral part of, so you can only set a variable
second format can set multiple variables once, if there is a space which can be used \ to escape or quotes identified; additional \ continuation line can also be used
ENV <key> <value>
ENV <key>=<value>...
- ARG
usage with ENV, specify a variable, you can create a mirror in the docker build when using --build-arg varname = value to specified parameters. grammar:
ARG <name>[=<default value>]
- RUN
is used to specify docker build process runs the specified command syntax:
RUN <command>
RUN ["<executable>","<param1>","<param2>"]
The first parameter format which typically is a shell command to / bin / sh -c it to run
a second format is an array of JSON format, which is executable command to run, followed by a command passed to the the option or argument; but this format does not use / bin / sh -c to initiate, so common operations like shell variable substitution and the replacement will not be a wildcard; if you run a command shell properties dependence, can be replaced with the following types format:
RUN ["/bin/bash","-c","<executable>","<param1>"]
- CMD
command to run when the starting container, the same as the first two and the RUN grammar, syntax third default parameters for providing instructions to ENTRYPOINT
RUN and CMD differences:
RUN instructions operate in the image file build process, CMD run-based Dockerfile build a new image file to start a container when; primary object CMD command that the vessel is initiated specify the default program to be run and at the end of the run, the container will be terminated; however, CMD command can be docker run command-line options to cover
Dockerfile can contain multiple CMD command, but only the last one will take effect.
CMD <command>
CMD ["<executable>","<param1>","<param2>"]
CMD ["<param1>","<param2>"]
- ENTRYPOINT
similar CMD command functions, to run the program to specify the default container. CMD and the difference is ENTRYPOINT start of the program will not be covered by docker run the command specified parameters, and these command-line parameters are passed as parameters ENTRYPOINT specified program (however, -entrypoint docker run command parameter can be covered ENTRYPOINT );
Docker RUN command CMD incoming instruction will overwrite the contents of the command parameters and additionally to ENTRYPOINT last used as its argument;
Similarly, Dockerfile ENTRYPOINT can contain multiple commands, but only the last one would take effect;
Dockerfile If both CMD there ENTRYPOINT, and CMD is a complete executable command, then who in the end who enter into force. grammar:
ENTRYPOINT<command>
ENTRYPOINT["<executable>","<param1>","<param2>"]
- ONBUILD
used to define a trigger in Dockerfile. Dockerfile used to build the image file, the image file may be treated as another parameter is the base image as Dockerfile FROM command, when the latter Dockerfile FROM instruction to be executed during the build process, will trigger the base image inside ONBUILD not self-instruction ONBUILD nest, ONBUILD not trigger FROM MAINTAINER instructions and use the ADD and COPY command in ONBUILD to be careful, because the context of the new build process in the absence of the specified source files when it will fail. grammar:
ONBUILD <instruction>
Create a mirror using a script
step:
(1) Create a directory
mkdir –p /usr/local/dockerjdk8
(2) Download jdk-8u211-linux-x64.tar.gz and uploaded to the server (virtual machine) in the / usr / local / dockerjdk8 directory (yum install lrzsz)
(3) create a file Dockerfile vi Dockerfile
#依赖镜像名称和ID
FROM centos:7
#指定镜像创建者信息
MAINTAINER qqxhb
#切换工作目录
WORKDIR /usr
RUN mkdir /usr/local/java
#ADD 是相对路径jar,把java添加到容器中
ADD jdk-8u211-linux-x64.tar.gz /usr/local/java/
#配置java环境变量
ENV JAVA_HOME /usr/local/java/jdk1.8.0_211
ENV JRE_HOME $JAVA_HOME/jre
ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar:$JRE_HOME/lib:$CLASSPATH
ENV PATH $JAVA_HOME/bin:$PATH
(4) Construction of the mirror Run
docker build -t='jdk1.8' .
Note the back of the spaces and points, do not omit
(5) whether to establish a complete view mirror
docker images
2. Docker private warehouse
2.1 private warehouse set up and configuration
(1) Pull private repository mirroring
docker pull registry
(2) Start private container warehouse
docker run -di --name=registry -p 5000:5000 registry
(3) Open the browser and enter the address http://192.168.17.129:5000/v2/_catalog see {"repositories":[]}representation of private warehouse and build a successful content is empty
(4) modified daemon.json
vi /etc/docker/daemon.json
Add insecure-registries, save and exit.
{
"registry-mirrors": ["https://docker.mirrors.ustc.edu.cn"],
"insecure-registries":["192.168.17.129:5000"]
}
This step allows docker trust for private warehouse address
(5) Restart docker Service
systemctl restart docker
Easier way is to open its own free private warehouse on Ali cloud services. Registration open service address (Ali need to have an account): https://cr.console.aliyun.com/cn-beijing/instances/repositories
2.2 Mirroring uploaded to a private warehouse
(1) This marked as private mirror image warehouse
docker tag jdk1.8 192.168.17.129:5000/jdk1.8
(2) container to start again PW
docker start registry
(3) labeled image upload
docker push 192.168.17.129:5000/jdk1.8
(4) view the last image
Access to the private address of the warehouse, display the uploaded image
{"repositories":["jdk1.8"]}
