官方dockerfile:https://github.com/play-with-docker/play-with-docker
Has been written according to the Mirror, the study dockerfile
dockerfile related commands
copy from: https://www.cnblogs.com/linguoguo/p/10754756.html
FROM
For the specified base image, and it must be the first instruction.
If not in any mirror-based, then the wording is: FROM scratch.
At the same time means that the next instruction will be written as the start of the first mirror layer
grammar:
FROM <image>
FROM <image>:<tag>
FROM <image>:<digest>
Three kinds of writing, where <tag> and <digest> is optional, if not selected, the default value is latest
RUN
Function to run the specified command
RUN command takes two forms
1. RUN <command>
2. RUN ["executable", "param1", "param2"]
The first direct order with shell behind
-
The default / bin / sh -c on the linux operating system
-
Default cmd / S / C in the windows operating system
The second is similar to a function call.
executable can be understood as an executable file, it is behind the two parameters.
Both versions comparison:
-
RUN /bin/bash -c 'source $HOME/.bashrc; echo $HOME
-
RUN ["/bin/bash", "-c", "echo hello"]
Note: Do not write more multi-line commands RUN, because each instruction will be established in one Dockerfile.
How many how many layers RUN to build a mirror, the mirror will cause a bloated, multi-layer, not only increases the time component deployment, but also prone to error.
RUN line breaks when writing is \
CMD
Command function for the container start to run
There are three written grammar
1. CMD ["executable","param1","param2"]
2. CMD ["param1","param2"]
3. CMD command param1 param2
The third is better understood, it is executed when the shell this way and writing
The first and second are actually an executable file with the parameters of the form
Illustrate two way:
-
CMD [ "sh", "-c", "echo $HOME"
-
CMD [ "echo", "$HOME" ]
Additional details: This side must use double quotes including parameter is "not a single quotation mark must not be written in single quotes.
The reason is that the transmission parameters, docker parsing a JSON array
RUN & CMD
Do not RUN CMD and confused.
RUN command is run, and member of the container to submit operating results
CMD is a command to execute when the container starts, does not run in the components, component tightly specified when this command in the end what it is like
LABEL
Function is to specify a label for the mirror
grammar:
LABEL <key>=<value> <key>=<value> <key>=<value> ...
Can have a plurality of kinds Dockerfile LABEL, as follows:
LABEL "com.example.vendor"="ACME Incorporated"
LABEL com.example.label-with-value="foo"
LABEL version="1.0"
LABEL description="This text illustrates \
that label-values can span multiple lines."
But I do not recommend this writing, it is best to write a line, such as the need to change the line is too long, then use \ symbol
as follows:
LABEL multi.label1="value1" \
multi.label2="value2" \
other="value3"
Description: LABEL will inherit the base image species LABEL, such as encountering the same key, the values override
MAINTAINER
Specifies the author
grammar:
MAINTAINER <name>
EXPOSE
Listen on a port functions as a storm drain running to the outside of the container
But EXPOSE does not make the container port access hosts
If you want to make the container and the host port mapping relation, must be added -P parameter when the vessel started
ENV
Function to set the environment variable
There are two grammar
1. ENV <key> <value>
2. ENV <key>=<value> ...
The difference is that the first one is the time to set up a second is set more than
ADD
A copy command to copy the file to the scene. Compressed file will automatically unzip
If the virtual machine container imagine two linux server, then this command is similar to scp, scp just need to add permissions to a user name and password authentication, but without ADD.
The syntax is as follows:
1. ADD <src>... <dest>
2. ADD ["<src>",... "<dest>"]
Fill <dest> path can be absolute in the vessel may be a path relative to the working directory
<Src> may be a local file or a local archive, it can also be a url
If <src> written a url, then the ADD command is similar to wget
As in the following versions are possible:
-
ADD test relativeDir/
-
ADD test /relativeDir
-
ADD http://example.com/foobar /
Try not to <scr> written in a folder, if <src> is a folder, and copy the contents of an entire directory, including file system metadata
COPY
Look at this name to know, but also a copy command, does not automatically unzip compressed files
The syntax is as follows:
1. COPY <src>... <dest>
2. COPY ["<src>",... "<dest>"]
The difference between ADD
COPY of <src> is a local file only, and does not automatically unzip the file, consistent with other uses
ENTRYPOINT
Function is the default command at startup
The syntax is as follows:
1. ENTRYPOINT ["executable", "param1", "param2"]
2. ENTRYPOINT command param1 param2
If you see here from top to bottom, then you should be familiar with the syntax of these two friends.
The second is to write shell
The first is an executable file additional parameters
And CMD comparison shows (maybe too much like a command, but can also be used in conjunction):
1. The same point:
-
Only write one, if you write a multiple, then only the last one to take effect
-
When the container up and running, running the same opportunity
2. Different points:
-
ENTRYPOINT will not be covered by operational command, and will be covered CMD
-
If we also wrote ENTRYPOINT and CMD in Dockerfile species, and CMD command is not a complete executable command, CMD will be specified as a parameter ENTRYPOINT of content
as follows:
FROM ubuntu
ENTRYPOINT ["top", "-b"]
CMD ["-c"]
-
If we also write Dockerfile planted ENTRYPOINT and CMD, and CMD is a complete command, then they two will cover each other who is who in the final to take effect
as follows:
FROM ubuntu
ENTRYPOINT ["top", "-b"]
CMD ls -al
It will execute ls -al, top -b will not be executed.
Docker official use a table to show the implementation of ENTRYPOINT and different combinations of CMD
(Table below from the docker's official website)
VOLUME
Mounting capabilities can be realized, Mainland folder can be container or other kind of have to hang on to this folder container species
The syntax is:
VOLUME ["/data"]
Description:
[ "/ Data"] may be a JsonArray, may be a plurality of values. So are several versions are correct
VOLUME ["/var/log/"]
VOLUME / var / log
VOLUME / var / log / var / db
When the scene is generally used for the persistent storage of data
Container using AUFS, this kind of data the file system can not be sustained, when the container is closed, all changes will be lost.
Therefore, use this command when the data needs to be persisted.
USER
Set user-initiated container may be a user name or UID, so that only the following two written is correct
-
USER daemo
-
USER UID
Note: If you set a container to a user daemon to run, then RUN, CMD and ENTRYPOINT would go running to the user
WORKDIR
grammar:
WORKDIR /path/to/workdir
Set the working directory, the entry into force of the RUN, CMD, ENTRYPOINT, COPY, ADD. If there is created, you can also set multiple times.
Such as:
WORKDIR / a
WORKDIR b
WORKDIR c
POLICY pwd
Pwd result of execution is / a / b / c
WORKDIR can resolve environment variables
Such as:
ENV DIRPATH /path
WORKDIR $DIRPATH/$DIRNAME
RUN pwd
The results pwd is / path / $ DIRNAME
ARG
grammar:
ARG <name>[=<default value>]
Set variable command, ARG command defines a variable, build create mirrored docker when using --build-arg <varname> = <value> specify the parameters
If the user specifies a parameter not defined in the mirror when the build Dockerfile species, then there will be a Warning
Tips are as follows:
[Warning] One or more build-args [foo] were not consumed.
We can define one or more parameters, as follows:
FROM busybox
ARG user1
ARG buildno
...
It can also be a default value to the parameter:
FROM busybox
ARG user1=someuser
ARG buildno=1
...
If we give the parameter default values ARG definition, then the parameter value is not specified when the build image, will use the default value
ONBUILD
grammar:
ONBUILD [INSTRUCTION]
This command takes effect only on the current sub-mirror image.
Such as the current mirror is A, in Dockerfile species adding:
ONBUILD RUN ls -al
Time will not start or build in the mirror A ls -al command
At this time, there is a mirror image B is constructed based on A, then the command is executed ls -al B when the mirror construction.
stoplight
grammar:
stoplight signal
STOPSIGNAL command role when the container is introduced to the system what kind of command transmission
HEALTHCHECK
Container health check command
There are two syntax:
1. HEALTHCHECK [OPTIONS] CMD command
2. HEALTHCHECK NONE
The first function is to run a command inside the container to check the health of container
The second function is to cancel the order on the basis of health checks in the mirror
[OPTIONS] The option supports the following three options:
--interval = DURATION checked twice default time interval is 30 seconds
--timeout = DURATION command runs a health check timeout duration, default 30 seconds
--retries = N when the continuous number of times specified after the failure, then the container is considered to be unhealthy state Unhealthy, default is 3 times
note:
HEALTHCHECK command can only appear once, if there has been several times, only the last one will work.
The return value of CMD command behind the decision of this health check is successful, specific return values are as follows:
0: success - represents a container is healthy
1: unhealthy - represents a container has been unable to work
2: reserved - retention
example:
HEALTHCHECK --interval=5m --timeout=3s \
CMD curl -f http://localhost/ || exit 1
Health check command is: curl -f http: // localhost / || exit 1
Two inspection interval is 5 seconds
Command timeout time is 3 seconds