A, docker file command
1, the instruction 1: FROM instruction
FROM must be the first non-comment command
Specifies the base image, the image may be any
When using FROM instruction, docker daemon will automatically find the first mirror specified on this machine, if not find a mirror on it will go docker hub or other services
FROM syntax format
Format 1: FROM <repository> [: tag]
Format 2: FROM <repository> @ <digest>
note:
The first image refers to the kinds of work to do Hinako new image based on the base image, but this may be done loopholes
The second format is based on the hash code of the mirror to mirror, the mirror did so to avoid this problem
Example: to make a mirror based on the latest version of busybox
FROM busybox:latest
2, instruction 2: MAINTANIER instruction
It has been abandoned and replaced with the LABEL
Name Description for producers
Selectable options
example:
MAINTAINER "zxhk <[email protected]>"
3, the instruction 3: LABEL instruction
This is the new docker in command
This command is used to specify various metadata, specified method is to use kye value format, in fact, the author information is just one of them
Syntax
LABEL <KEY>=<VALUE> <KEY>=<VALUE> <KEY>=<VALUE>..
4, instruction 4: COPY command
Copy the host in the working directory of the file to the target file system mirroring
Syntax
Copy a file: COPY <src> <dest>
Copying the plurality of files: COPY [<src1> <src2> <src3> ... <dest>]
note:
Source file path, the path will generally be relatively
Target file path, the general is the absolute path
It supports the use of wildcards
File Replication guidelines
Guidelines 1: src must be a directory or a file in the working directory, can not be the parent directory
Rule 2: If the dest does not exist, it will automatically create passive
Rule 3: If src is a directory, then copied during the time, the entire contents will be under src are recursively copied in the past, but the past is not copied itself src
Rule 4: if If multiple src or use wildcards in src, dest it must be a directory, and the ratio to / ending
Under / data copy index.html in the current working directory to a target container file system / web / html: Examples
COPY index /data/web/html
[With these four instructions can do a mirrored]
Case; demonstrate the process to create a docker file
demand:
Create an index.html in the container
Yum good preparation in the container to profile
Implementation process
Step 1: Create a working directory
[root@host1 ~]# mkdir /img1 [root@host1 ~]# cd /img1/
Step 2: Create html file
[root@host1 img1]# echo "test page">>index.html [root@host1 img1]# ls index.html
The third step: Prepare yum configuration file
[root@host1 img1]# cp -a /etc/yum.repos.d/ ./ [root@host1 img1]# ls index.html yum.repos.d
Step Four: Write docker file file
Specify an author, can be used MAINTAINER can also use LABEL
The index.html placed under / data /
The yum.repos.d all files placed under /etc/yum.repos.d
[root@host1 img1]# vim Dockerfile #my first docker file FROM busybox:latest MAINTAINER "zxhk <[email protected]>" COPY index.html /data/ COPY yum.repos.d /etc/yum.repos.d/
Source directory only need to specify the directory name, directory files are copied in the past
Does not generate the same directory as the source directory at the target location must be assigned manually, and must / ending
Step five: mirrored
[root@host1 img1]# docker build -t miniser:v1-1 ./ Sending build context to Docker daemon 20.99kB Step 1/4 : FROM busybox:latest ---> b534869c81f0 Step 2/4 : MAINTAINER "zxhk <[email protected]>" ---> Running in 9f9f8d0793fa Removing intermediate container 9f9f8d0793fa ---> c928cd55b12c Step 3/4 : COPY index.html /data/ ---> 5fe09215a0e2 Step 4/4 : COPY yum.repos.d /etc/yum.repos.d/ ---> 679710cab9bf Successfully built 679710cab9bf Successfully tagged miniser:v1-1
-t: mirror is used to specify the tag
[root@host1 img1]# docker image ls | grep mini miniser v1-1 679710cab9bf 2 minutes ago 1.23MB
Sixth step: start a container based mirroring
[root@host1 img1]# docker run --name t123 \ > --rm miniser:v1-1 ls /etc/yum.repos.d CentOS-Base.repo CentOS-CR.repo CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Sources.repo CentOS-Vault.repo CentOS-fasttrack.repo docker.repo
This container is the implementation of a ls command, when ls executed, this vessel will stop
The results of this container is the output file name list repo
5, the instruction 5: ADD instruction
And COPY similar, except that support the use of ADD URL path, that is, if you can make a mirror of the host network, then you can download a file over the network to the local and introduced into your document.
Another effect of ADD is that if the source file is a local file, and the file is compressed tar archive file, then ADD can automatically unzip the file to expand your working directory. Need special attention, if the source file is a network file , it can not automatically unzip start.
Syntax:
ADD <src> <dest> ADD ["<src>" "<src>" ... "<dest>"]
Demo: Download nginx and placed under / mirror / var / usr src
The first step: to find nginx Download
Step 2: Edit docker file file
#my first docker file FROM busybox:latest MAINTAINER "zxhk <[email protected]>" COPY index.html /data/ COPY yum.repos.d /etc/yum.repos.d/ ADD http://nginx.org/download/nginx-1.17.6.tar.gz /var/usr/src/
Step: Construction of mirroring
[root@host1 img1]# docker build -t miniser:v1-2 ./
[root@host1 img1]# docker image ls | grep mini miniser v1-2 eaceb1156a52 2 minutes ago 2.27MB miniser v1-1 679710cab9bf 23 minutes ago 1.23MB
Note: You can first nginx downloaded to the local installation package, and then introduced to the mirror
Dockerfile document reads as follows
ADD nginx-1.17.2.tar.gz /usr/local/src/
Nginx case is extracted to / usr / local / src directory
6, Instruction 6: WORKDIR instruction
Used to set the working directory, such as the previous example, the nginx placed under / usr / loca / src, we can set the working directory to the directory, as follows
#my first docker file FROM busybox:latest MAINTAINER "zxhk <[email protected]>" COPY index.html /data/ COPY yum.repos.d /etc/yum.repos.d/ WORKDIR /var/usr/src/ ADD http://nginx.org/download/nginx-1.17.6.tar.gz ./
7, instructions 7: VOLUME command
For creating a directory in the mirror mount point for mounting the volume on the volume or other container on the host
Based dockerfile volumes created, the host is unable to specify the directory where the volume is required to automatically generate
Syntax
VOLUME <mountpoint>
If there are files that were previously under docker specified volume, then after mounting volumes, these files will appear in the container
Case: Modify Dockerfile, the / data / mysql as a volume
The first step: Modify Dockerfile file
#my first docker file FROM busybox:latest MAINTAINER "zxhk <[email protected]>" COPY index.html /data/ COPY yum.repos.d /etc/yum.repos.d/ WORKDIR /var/usr/src/ ADD http://nginx.org/download/nginx-1.17.6.tar.gz ./ VOLUME /data/mysql/
第二步:构建镜像
[root@host1 img1]# docker build -t miniser:v1-3 ./
第三步:启动容器,查看挂载情况
[root@host1 img1]# docker run --rm -it --name t100 miniser:v1-3 /var/usr/src # /var/usr/src # mount | grep mysql /dev/mapper/centos-root on /data/mysql type xfs (rw,seclabel,relatime,attr2,inode64,noquota) /var/usr/src #
也可执行docker inspect进行查看
8、指令8:EXPOSE指令
为容器打开监听的端口以实现和外部主机进行通信
语法格式:
EXPOSE <port>[/<protocol>] <port>[/<protocol>] <port>[/<protocol>] ...
protocol是指定协议,可以是tcp,也可以是udp,默认tcp
例子:暴漏多个端口
例子:EXPOSE 11211/udp 11211/tcp
注意:
写在文件中的EXPOSE指令,仅仅是说端口是可以暴漏的,但并未真正暴露出来
当需要端口暴漏出去的时候,需要在创建镜像的时候用选项 -P,这个选项会自动去读取EXPOSE的设置,来将必要的端口暴漏出来
案例:制作镜像,暴漏80端口
第一步:制作dockerfile
#my first docker file FROM busybox:latest MAINTAINER "zxhk <[email protected]>" COPY index.html /data/ COPY yum.repos.d /etc/yum.repos.d/ WORKDIR /var/usr/src/ ADD nginx-1.17.6.tar.gz ./ VOLUME /data/mysql/ EXPOSE 80/tcp 53/udp
第二步制作镜像文件
[root@host1 img1]# docker build -t miniser:v1-4 ./
第二步:启动容器,在启动的时候,运行apache
[root@host1 img1]# docker run --name t100 -it --rm miniser:v1-4 httpd -f -h /data
检查一下地址
[root@host1 img1]# docker inspect t100 -f '{{.NetworkSettings.IPAddress}}'
172.17.0.3
直接访问容器的地址
[root@host1 img1]# curl 172.17.0.3 test page
可以查看,此时是否暴漏端口了
[root@host1 img1]# docker port t100 [root@host1 img1]#
没有暴漏任何端口
接下来,重启运行一个容器,并且用-p选项
[root@host1 img1]# docker run --name t101 -p 80 -it --rm miniser:v1-4 httpd -f -h /data
再次检查暴漏的端口
[root@host1 ~]# docker port t101 80/tcp -> 0.0.0.0:32768
其实此时还可以配合-p 选项来暴漏那些镜像中没有要指定暴漏的端口
9、指令9:ENV指令
用于为镜像定义所需要的环境变量
ENV定义的环境变量可以被其后面的指令,比如COPY ADD等指令调用
ENV 可以嵌套ENV
调用变量的格式 $var 或者 ${var}
定义变量的格式:ENV <key> <value> 或者 ENV <key>=<value>
补充:
定义多个变量,需要续航的时候,可以用\
变量名中如果有空格,需要用引号引起来
案例:修改Dockerfile环境变量
#my first docker file FROM busybox:latest MAINTAINER "zxhk <[email protected]>" ENV SOFT_NGX=nginx-1.17.6.tar.gz \ DOC_ROOT=/data/ \ WORK_DIR=/var/usr/src/ \ REPO_DIR=/etc/yum.repos.d/ \ MYSQL_DIR=/data/mysql/ COPY index.html ${DOC_ROOT:-/var/www/html/} COPY yum.repos.d $REPO_DIR WORKDIR $WORK_DIR ADD $SOFT_NGX ./ VOLUME $MYSQL_DIR EXPOSE 80/tcp 53/udp
制作镜像
[root@host1 img1]# docker build -t miniser:v1-5 ./
[root@host1 img1]# docker run --name t103 --rm miniser:v1-5 printenv PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin HOSTNAME=a93864cdbbce SOFT_NGX=nginx-1.17.6.tar.gz DOC_ROOT=/data/ WORK_DIR=/var/usr/src/ REPO_DIR=/etc/yum.repos.d/ MYSQL_DIR=/data/mysql/ HOME=/root
我们要清楚,变量在从构建镜像,到启动容器的过程中,变量会传递两次,如下
在从镜像构建容器的时候,也是可以传递变量的,而这些变量是可以直接从Dockerfile中获得
也可以在创建容器的时候,手动方式传入变量
案例:启动容器的时候传递变量
[root@host1 img1]# docker run --name t103 --rm \ > --env DOC_ROOT=/data/html/ \ > miniser:v1-5 printenv PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin HOSTNAME=d76460e0f8cd DOC_ROOT=/data/html/ SOFT_NGX=nginx-1.17.6.tar.gz WORK_DIR=/var/usr/src/ REPO_DIR=/etc/yum.repos.d/ MYSQL_DIR=/data/mysql/ HOME=/root