dockerfile best practices and examples

Others 2019-12-14 16:58:56 views: null

Dockerfile best practices have emerged in the official document addresses Best Practices for Writing Dockerfiles . If you write a best practice, somewhat Guan Gong in front of the masters of Italy. So this article is a translation of the official document, understand, extend and complement the example

Container should be short-lived

By Dockerfilecontainer constructed mirroring start should be as brief (ephemeral). Short means that you can quickly start and termination

Use .dockerignore exclude unrelated to build file

.dockerignoreGrammar and .gitignoreconsistent syntax. Use it to build files and directories to exclude unrelated, such asnode_modules

Construction of multi-stage

Construction of multi-stage can effectively reduce the volume of the mirror, in particular for the required language compiler, the application of a build process often follows

  1. Installation compilation tools
  2. Install third-party library dependencies
  3. Compile build applications

The first two steps have a lot of redundant volume mirroring, using a multi-stage build avoid this problem

This building is Goan example of application of

FROM golang:1.11-alpine AS build

# Install tools required for project
# Run `docker build --no-cache .` to update dependencies
RUN apk add --no-cache git
RUN go get github.com/golang/dep/cmd/dep

# List project dependencies with Gopkg.toml and Gopkg.lock
# These layers are only re-built when Gopkg files are updated
COPY Gopkg.lock Gopkg.toml /go/src/project/
WORKDIR /go/src/project/
# Install library dependencies
RUN dep ensure -vendor-only

# Copy the entire project and build it
# This layer is rebuilt when a file changes in the project directory
COPY . /go/src/project/
RUN go build -o /bin/project

# This results in a single layer image
FROM scratch
COPY --from=build /bin/project /bin/project
ENTRYPOINT ["/bin/project"]
CMD ["--help"]

This is an example of constructing a front end application, you can refer to how to efficiently deploy the distal end application docker

FROM node:10-alpine as builder

ENV PROJECT_ENV production
ENV NODE_ENV production

# http-server 不变动也可以利用缓存
WORKDIR /code

ADD package.json /code
RUN npm install --production

ADD . /code
RUN npm run build

# 选择更小体积的基础镜像
FROM nginx:10-alpine
COPY --from=builder /code/public /usr/share/nginx/html

Avoid unnecessary installation package

Reduced size, reduced build time. The front-end application using the npm install --productionapparatus depends only production package.

Do one thing at a container

As a web application will contain three parts, web services, database and cache. Decoupling them into a plurality of containers, convenient scale. If you need to network traffic, you can bring them as to the next network.

As in my personal server, I used traefikto do load balancing and service discovery, applications and databases are all traefik_defaultunder the network, details refer to the use of traefik do load balancing and service discovery

version: '3'

services:
  # 该镜像会暴露出自身的 `header` 信息
  whoami:
    image: containous/whoami
    restart: always
    labels:
      # 设置Host 为 whoami.docker.localhost 进行域名访问
      - "traefik.http.routers.whoami.rule=Host(`whoami.docker.localhost`)"

# 使用已存在的 traefik 的 network
networks:
  default:
    external:
      name: traefik_default

Mirroring reduce the number of layers

  • Only RUN, COPY, ADDwill create a number of layers, other instructions will not increase the volume mirroring
  • Whenever possible, use multi-stage build

Installation depends the following methods

RUN yum install -y node python go

Mounting the wrong way dependent, this will increase the number of layers of the mirror

RUN yum install -y node
RUN yum install -y python
RUN yum install -y go

The multi-line ordering parameters

And ease of readability accidentally repeating dispenser package

RUN apt-get update && apt-get install -y \
  bzr \
  cvs \
  git \
  mercurial \
  subversion

Full use of the building Cache

During the construction of the mirror dockertraverses Dockerfileall of the instructions in the file, sequentially. For each instruction, dockerwill find whether the existing reusable mirrored in the cache, otherwise it will create a new image

We can use the docker build --no-cacheskip caching

  • ADDAnd COPYwill calculate the file checksumhas changed to decide whether to use the cache
  • RUNJust to see if the command string cache hit, as RUN apt-get -y updatethere may be a problem

As an nodeapplication, first copy can package.jsonbe dependent on the installation, and then add the entire directory, can be done to fully utilize the cache.

FROM node:10-alpine as builder

WORKDIR /code

ADD package.json /code
# 此步将可以充分利用 node_modules 的缓存
RUN npm install --production

ADD . /code

RUN npm run build

Guess you like

Origin www.cnblogs.com/xianwang/p/12039922.html
Recommended
Arc Browser for Windows 1.0 officially GA
A programmer born in the 1990s developed a video porting software and made over 7 million in less than a year. The ending was very punishing!
Ranking
1. Select Sort
Create a thread thread
3 press to play ball that reach 6
Programmation CUDA (4) : gestion de la mémoire
SpringBoot database connection pool Druid error
E Diudiu App redesign summary
4EVERLAND Hosting now supports SNS+IPFS
About HTTPS
[vue3+vite+ts+element-plu+sass] uses bug records in sass
Interpretation of HUAWEI CLOUD GaussDB (for Influx): Best Practice Data Modeling
Daily
More
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)

Code World

© 2018 codetd.com