Docker learning Dockerfile command Detailed
HTTPS: // it.baiked.com/system/docker/2436.html
map in very good shape
Foreword
Before, mirrored pseudo posture build've seen, tell us about today making Docker mirrored correct posture.
The first step is to make Dockerfile Docker entry-learning. Dockerfile is a text configuration file format, you can use Dockerfile quickly create a custom image. We will first introduce the basic structure and the support of numerous Dockerfile instruction, and explain the specific Dockerfile to write customized image by executing instructions.
The following is the text, enter the following learning posture it!
Dockerfile command
FROM
For the specified base image, and it must be the first instruction.
If not in any mirror-based, then the wording is: FROM scratch.
At the same time it means that the next instruction will be written as the start of the first mirror layer
grammar:
FROM <image> FROM <image>:<tag> FROM <image>:<digest>
Three kinds of writing, where <tag> and <digest> is optional, if not selected, the default value is latest
RUN
Function to run the specified command
RUN command takes two forms
- RUN <command>
- RUN [ "executable", "param1 ", "param2"]
first back with the direct command shell
The default / bin / sh -c on the linux operating system
Default cmd / S / C in the windows operating system
The second is similar to a function call.
executable can be understood as an executable file, it is behind the two parameters.
Both versions comparison:
RUN /bin/bash -c 'source $HOME/.bashrc; echo $HOME RUN ["/bin/bash", "-c", "echo hello"]
Note: Do not write more multi-line commands RUN, because each instruction will be established in one Dockerfile.
How many how many layers RUN to build a mirror, the mirror will cause a bloated, multi-layer, not only increases the time component deployment, but also prone to error.
RUN line breaks when writing is \
CMD
Command function for the container start to run
There are three written grammar
- CMD ["executable","param1","param2"]
- CMD ["param1","param2"]
- CMD command param1 param2
third better understand, when you execute shell this way and writing
The first and second are actually an executable file with the parameters of the form
Illustrate two way:
CMD [ "sh", "-c", "echo $HOME" CMD [ "echo", "$HOME" ]
Additional details: This side must use double quotes including parameter is "not a single quotation mark must not be written in single quotes.
The reason is that the transmission parameters, Docker parsing a JSON array
RUN & CMD
Do not RUN CMD and confused.
RUN command is run, and member of the container to submit operating results
CMD is a command to execute when the container starts, does not run in the components, component tightly specified when this command in the end what it is like
LABEL
Function is to specify a label for the mirror
grammar:
LABEL <key> = <value> <key> = <value> <key> = <value> ...
a plurality thereof may Dockerfile LABEL, as follows:
LABEL "com.example.vendor"="ACME Incorporated" LABEL com.example.label-with-value="foo" LABEL version="1.0" LABEL description="This text illustrates \ that label-values can span multiple lines."
But do not recommend this writing, it is best to write a line, such as the need to change the line is too long, then the use of symbols
as follows:
LABEL multi.label1="value1" \ multi.label2="value2" \ other="value3"
Description: LABEL will inherit the base image species LABEL, such as encountering the same key, the values override
MAINTAINER
Specifies the author
grammar:
MAINTAINER <name>
EXPOSE
Listen on a port functions as a storm drain running to the outside of the container
But EXPOSE does not make the container port access hosts
If you want to make the container and the host port mapping relation, must be added -P parameter when the vessel started
ENV
Function to set the environment variable
There are two grammar
- ENV <key> <value>
- ENV <key>=<value> ...
The difference is that the first one is the time to set up a second is set more than
ADD
A copy command to copy the file to the scene.
If the virtual machine container imagine two linux server, then this command is similar to scp, scp just need to add permissions to a user name and password authentication, but without ADD.
The syntax is as follows:
- ADD <src>... <dest>
- ADD ["<src>",... "<dest>"]
Fill <dest> path can be absolute in the vessel may be a path relative to the working directory
<Src> may be a local file or a local archive, it can also be a url
If <src> written a url, then the ADD command is similar to wget
As in the following versions are possible:
The Test relativeDir the ADD /
the ADD the Test / relativeDir
the ADD http://example.com/foobar /
Try not to <scr> written in a folder, if <src> is a folder, and copy the contents of an entire directory, including file system metadata data
COPY
Look at this name to know, but also a copy command
The syntax is as follows:
- COPY <src>... <dest>
- COPY ["<src>",... "<dest>"]
The difference between ADD
COPY of <src> can be a local file, in line with other uses
ENTRYPOINT
Function is the default command at startup
The syntax is as follows:
- ENTRYPOINT ["executable", "param1", "param2"]
- ENTRYPOINT command param1 param2
If you see here from top to bottom, then you should be familiar with the syntax of these two friends.
The second is to write shell
The first is an executable file additional parameters
And CMD comparison shows (maybe too much like a command, but can also be used in conjunction):
Same point:
- Only write one, if you write a multiple, then only the last one to take effect
- When the container up and running, running the same opportunity
difference:
- ENTRYPOINT will not be covered by operational command, and will be covered CMD
If we also wrote ENTRYPOINT and CMD in Dockerfile species, and CMD command is not a complete executable command, CMD will be specified as a parameter ENTRYPOINT of content
as follows:
FROM ubuntu ENTRYPOINT ["top", "-b"] CMD ["-c"]
If we also write Dockerfile planted ENTRYPOINT and CMD, and CMD is a complete command, then they two will cover each other who is who in the final to take effect
as follows:
FROM ubuntu ENTRYPOINT ["top", "-b"] CMD ls -al
It will execute ls -al, top -b will not be executed.
VOLUME
Mounting capabilities can be realized, Mainland folder can be container or other kind of have to hang on to this folder container species
The syntax is:
VOLUME ["/data"]
Description:
[ "/ data"] may be a JsonArray, may be a plurality of values. So are several versions are correct the VOLUME [ "/ var / log /"] the VOLUME / var / log the VOLUME / var / log / var / DB
When the scene is generally used for the persistent storage of data
Container using AUFS, this kind of data the file system can not be sustained, when the container is closed, all changes will be lost.
Therefore, use this command when the data needs to be persisted.
USER
Set user-initiated container may be a user name or UID, so that only the following two written is correct
Daemo the USER
the USER UID
Note: If you set a container to a user daemon to run, then RUN, CMD and ENTRYPOINT would go running to the user
WORKDIR
grammar:
WORKDIR /path/to/workdir
Set the working directory, the entry into force of the RUN, CMD, ENTRYPOINT, COPY, ADD. If there is created, you can also set multiple times.
Such as:
The WORKDIR / A the WORKDIR B the WORKDIR C the RUN pwd results was performed pwd / A / B / C the WORKDIR environment variables may be resolved
Such as:
Dirpath ENV / path WORKDIR $ dirpath / $ DIRNAME RUN pwd execution result is pwd / path / $ DIRNAME
ARG
grammar:
ARG <name> [= <default value>]
set variable command, ARG command defines a variable, Docker Build image creation time, using --build-arg <varname> = < value> specify the parameters
If the user specifies a parameter not defined in the mirror when the build Dockerfile species, then there will be a Warning
Tips are as follows:
[Warning] One or more build-args [foo] were not consumed.
We can define one or more parameters, as follows:
FROM busybox ARG user1 ARG buildno ...
It can also be a default value to the parameter:
FROM busybox ARG user1=someuser ARG buildno=1 ...
If we give the parameter default values ARG definition, then the parameter value is not specified when the build image, will use the default value
ONBUILD
grammar:
ONBUILD [INSTRUCTION]
This command takes effect only on the current sub-mirror image.
Such as the current mirror is A, in Dockerfile species adding:
ONBUILD RUN ls -al
Time will not start or build in the mirror A ls -al command
At this time, there is a mirror image B is constructed based on A, then the command is executed ls -al B when the mirror construction.
stoplight
grammar:
Signal StopSignal
StopSignal command role when the container is introduced to the system what kind of command transmission
HEALTHCHECK
Container health check command
There are two syntax:
- HEALTHCHECK [OPTIONS] CMD command
- HEALTHCHECK NONE
The first function is to run a command inside the container to check the health of container
The second function is to cancel the order on the basis of health checks in the mirror
[OPTIONS] The option supports the following three options:
- interval = DURATION checked twice default time interval is 30 seconds
- timeout = DURATION command runs a health check timeout duration, default 30 seconds
- retries = N when the continuous number of times specified after the failure, then the container is considered to be unhealthy state Unhealthy, default is 3 times
note:
HEALTHCHECK command can only appear once, if there has been several times, only the last one will work.
The return value of CMD command behind the decision of this health check is successful, specific return values are as follows:
- 0: success - represents a container is healthy
- 1: unhealthy - represents a container has been unable to work
- 2: reserved - retention
example:
HEALTHCHECK --interval=5m --timeout=3s \
CMD curl -f http://localhost/ || exit 1
Health check command is: curl -f HTTP: // localhost / || Exit 1
Two inspection interval is 5 seconds
Command timeout time is 3 seconds
Dockerfile Case
JavaWeb deployment project
Create and edit Dockerfile:
# Specified container based mirroring the FROM Tomcat # maintainer information, the MAINTAINER on "itstyle <[email protected]>" # items are copied into the specified directory Tomcat ADD test.war / usr / local / tomcat / webapps / executed when the container # start command CMD [ "catalina.sh", "run" ]
Construction of the mirror:
docker build -t itstyle/tomcat .
- -t: expressed as a current mirror name.
- . (The last point): the current directory
Run-time image:
docker run -d -p 8888:8080 --name app itstyle/tomcat
- -d: indicates that the specified container background
- -p: 8080 represents a host of mapping the ports of exposure to port 8888
- -name: that the implementation of the container name
Digression:
The actual production, we generally do not do so, the process of running the project could upload some pictures or audio files that can not perish with Docker containers. Generally, we will do:
Create and edit Dockerfile:
# Specified container based mirroring the FROM Tomcat # maintainer information MAINTAINER "itstyle <[email protected]>" execute instruction # container starts CMD [ "catalina.sh", "run "]
Construction of the mirror:
docker build -t itstyle/tomcat .
Run-time image:
docker run -d -p 8888:8080 -v /home/docker/web:/usr/local/tomcat/webapps --name app itstyle/tomcat
- War items stored under / home / docker / web directory
Micro service deployment SpringBoot
Base image #: warehouse Java the FROM Java: JRE. 7- # current mirror maintainer and contact the MAINTAINER on itstyle [email protected] # Volume Mount the VOLUME / tmp # packaged springBoot the program copied to the specified location in the container itstyle_stats.jar /opt/app.jar the ADD # Foreign exposed container port eXPOSE 8080 # command to be executed after the vessel started CMD java -Djava.security.egd = file: / dev /./ urandom -jar /opt/app.jar # ENTRYPOINT [ "java", " - Djava.security.egd = file: / dev /./ urandom", "- jar", "- Denv = dEV", "/ opt / app.jar"]
- Djava.security.egd = file: / dev /./ urandom, and a random number and entropy pool policy on the relevant JVM, to accelerate the launch service