In the " Docker deploy your first application ," one we have been used to build Dockerfile mirror, this one will complement Dockerfile frequently used commands.
Docker image may be generated by the instruction fetch Dockerfile. Dockerfile is a text file, users all instructions on mirroring operation can be written in Dockerfile file, and finally to build the mirror using a docker build.
In the "Docker deploy your first application," we use the command "docker image build -t bulletinboard: 1.0.", Docker image build command to build the image by reading Dockerfile and specified context, there is a end of the command . "" point, the point is to build context image.
Context is recursively processed. Accordingly, i.e. including all subdirectories in this context.
Mirroring is constructed by the Docker daemon (Docker daemon) is completed, rather than by the CLI. First thing to do is build process the entire context (recursively) sent to the daemon. In most cases, it is preferable from an empty directory as the context begins, and Dockerfile stored in the directory. Add only generate the desired file Dockerfile.
Note: Do not use "/" as the context root, for example, the following command because it will host "/" under the root directory of all files to the daemon Docker, you can try to execute the following command to verify the development environment.
# docker image build /
To profile in the context of package build or construct to the mirror may be used in the COPY command Dockerfile. To improve building performance, by adding .dockerignore file in the context of the directory to exclude files and directories. Typically Dockerfile, located at the root context, a docker build -f flag in the file system can be specified anywhere docker file, can be specified using -t flag warehouse constructed mirror and VLAN tag, for example:
# cat >/tmp/centos <<EOF FROM centos:latest MAINTAINER [email protected] EOF # docker image build -f /tmp/centos -t centos:v0.1 . # docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos v0.1 7eab7b4cc6ea 38 seconds ago 220MB
You can also specify multiple warehouse build mirror and tag, for example:
# docker image build -f /tmp/centos -t t01/centos:v0.1 -t t02/centos:v0.2 . # docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos v0.1 7eab7b4cc6ea 3 minutes ago 220MB
t01/centos v0.1 7eab7b4cc6ea 3 minutes ago 220MB
t02/centos v0.2 7eab7b4cc6ea 3 minutes ago 220MB
Note: The current meaning of warehouses and tag are in the current host, on the other host, you can not get these mirror (unless you are pushed to your account at docker hub or otherwise), follow-up will be talked about docker private warehouse registry or Harobor to share our good remote mirroring.
Construction Dockerfile using mirroring steps are summarized as follows:
1, create a directory for images, such as bulletin-board-app
2, written into the bulletin-board-app directory, created under the directory and file complete Dockerfile
3, or a code image file are copied to the required bulletin-board-app directory
4, if there are unnecessary files are constructed under the bulletin-board-app directory, you can create a file and write .dockerignore to ignore unwanted files
5, performed at bulletinboard-app docker image build directory command, and specify the context of the location. "", Such as the command "docker image build -t test / bulletinboard."
Docker daemon before Dockerfile of instruction execution, will first perform Dockerfile initial verification, if the syntax is incorrect, the relevant error is returned, if the parameter is wrong, for example, the target directory does not exist are not checked, until the instruction execution throw an error.
Docker daemon individually Dockerfile of instruction execution, if necessary, will submit the results of each instruction to the new image, the final output of the new image ID. Docker daemon will automatically clean up the context that you send.
Note that, each of the instructions are run independently, thus executing a command on a finger will not have any effect on the next instruction.
Wherever possible, the intermediate image Docker be reused (cache) to significantly speed up the building process Docker. Using cache and will output message in the console.
Demo:
# cat >Dockerfile <<EOF FROM alpine:3.2 MAINTAINER [email protected] RUN apk update && apk add socat && rm -r /var/cache/ CMD env | grep _TCP= | (sed 's/.*_PORT_\([0-9]*\)_TCP=tcp:\/\/\(.*\):\(.*\)/socat -t 100000000 TCP4-LISTEN:\1,fork,reuseaddr TCP4:\2:\3 \&/' && echo wait) | sh EOF
The first building
# docker build -t demo/demo:v0.1 .
Sending build context to Docker daemon 2.048kB
Step 1/4 : FROM alpine:3.2
3.2: Pulling from library/alpine
95f5ecd24e43: Pull complete
Digest: sha256:ddac200f3ebc9902fb8cfcd599f41feb2151f1118929da21bcef57dc276975f9
Status: Downloaded newer image for alpine:3.2
---> 98f5f2d17bd1
Step 2/4 : MAINTAINER [email protected]
---> Running in fa3786732ad5
Removing intermediate container fa3786732ad5
---> 6f5007fa547d
Step 3/4 : RUN apk update && apk add socat && rm -r /var/cache/
---> Running in b157222691fb
fetch http://dl-cdn.alpinelinux.org/alpine/v3.2/main/x86_64/APKINDEX.tar.gz
g10ee65f-v3.2.3-474 [ http://dl-cdn.alpinelinux.org/alpine/v3.2/main ]
OK: 5294 distinct packages available
(1/4) Installing ncurses-terminfo-base (5.9)
(2/4) Installing ncurses-libs (5.9)
(3/4) Installing readline (6.3.008)
(4/4) Installing socat (1.7.3.0)
Executing busybox-1.23.2.trigger
OK: 7 MiB in 19 packages
Removing intermediate container b157222691fb
---> 58c5258280f7
Step 4/4 : CMD env | grep _TCP= | (sed 's/.*_PORT_\([0-9]*\)_TCP=tcp:\/\/\(.*\):\(.*\)/socat -t 100000000 TCP4-LISTEN:\1,fork,reuseaddr TCP4:\2:\3 \&/' && echo wait) | sh
---> Running in ca843dd16f02
Removing intermediate container ca843dd16f02
---> 7bf06f4ab80b
Successfully built 7bf06f4ab80b
Successfully tagged demo/demo:v0.1
The second building
# docker build -t demo/demo:v0.2 .
Sending build context to Docker daemon 2.048kB
Step 1/4 : FROM alpine:3.2
---> 98f5f2d17bd1
Step 2/4 : MAINTAINER [email protected]
---> Using cache
---> 6f5007fa547d
Step 3/4 : RUN apk update && apk add socat && rm -r /var/cache/
---> Using cache
---> 58c5258280f7
Step 4/4 : CMD env | grep _TCP= | (sed 's/.*_PORT_\([0-9]*\)_TCP=tcp:\/\/\(.*\):\(.*\)/socat -t 100000000 TCP4-LISTEN:\1,fork,reuseaddr TCP4:\2:\3 \&/' && echo wait) | sh
---> Using cache
---> 7bf06f4ab80b
Successfully built 7bf06f4ab80b
Successfully tagged demo/demo:v0.2
Generating a local cache except for the mirror having the parent chain. This also means that the cache mirroring are constructed by the previous generation, or the entire image chain is docker load loadable. If you need to specify the mirrored cache, you can use --cache from option. Use --cache from the specified mirror need not have a parent chain, you can pull from another warehouse.
After completion of the construct, can be considered the image stored in the local repository pushed to the distal end of the warehouse (for example: Harobor)
BuildKit
Beginning with version 18.09, Docker support a new build tool buildkit, moby / buildkit project ( https://github.com/moby/buildkit ). Compared with the existing implementation tools, BuildKit offers many features:
1, constructed and skips execution stage detection unused
2, independent building phase parallelization
3, during the build file transfer only incremental changes in the context of
4, in the context of detection and skip the file transmission unused
5, many new features implemented outside Dockerfile
6, to avoid the rest of the API (intermediate mirror and the container) side effects
7, automatic trim and set priorities generated cache
To use BuildKit, set the environment variable on the CLI command before calling docker build DOCKER_BUILDKIT = 1.
To understand the experiments that can be used based on BuildKit Dockerfile syntax constructs, see BuildKit documentation ( https://github.com/moby/buildkit/blob/master/frontend/dockerfile/docs/experimental.md ).
Dockerfile command syntax
The Dockerfile instruction is not case-sensitive. However, the convention is to uppercase, to make it easier to distinguish them from the parameter area.
Docker Dockerfile operation instructions sequentially. Dockerfile must "FROM" command at the beginning. Of course, before the global parameters and annotated FROM instruction. FROM instruction specifies the parent image. Front FROM ARG only one or more instructions that declare the parameter in the FROM row Dockerfile used.
Docker line will begin with # as a comment.
1, FROM mirror: Label
Specify the new image which (basic) based on image creation, to create a mirror image of each requires a FROM instruction, for example:
FROM centos:latest
2, MAINTAINER name / email
Safeguard personal information, such as:
MAINTAINER [email protected]
3, ADD source file new image directory
Copy the source file to create a new image, the source file to a directory with Dockerfile belong, ADD instruction will automatically extract the tar, tgz package, for example:
ADD example.tgz /data
4, COPY source destination directory
The source text is copied to the new image, the source file and Dockerfile belongs to the same directory, similar with ADD, such as:
COPY sources.list /etc/apt
5, ENV key value
Set variables or environmental variables, such as:
ENV foo / var / www / html
Value of the variable representing the foo / var / www / html
6, RUN command
Based on existing mirrored execute commands, and to submit to the new image, usually RUN when installing software packages, such as:
RUN yum -y install sysstat
7, WORKDIR directory
Specify the working directory, working directory by setting WORKDIR, Dockerfile in subsequent command RUN, CMD, ENTRYPOINT, ADD, COPY commands are executed in the directory, the default path subsequent logon container based mirroring is WORKDIR.
8, EXPOSE port number
Docker designated port opened container from the Mirror operation when, for example:
EXPOSE 80
9, VOLUME mount point
Docker containers from the Mirror operation when a mount point is set, for example:
VOLUME /data
10, CMD [ "program to be run", "parameter 1", "parameter 2"]
Command or script container when you start to run, Dockerfile only a CMD command, if there are many, the last execution, in addition to perform a docker run command If you use the / bin / bash, it will be covered by CMD. E.g:
CMD ["/bin/bash","/root/start.sh"]
Example shows
1. Create Dockerfile
# mdkir demo # cd demo # cat > Dockerfile <<EOF #My first image FROM ubuntu:latest MAINTAINER [email protected] ENV foo /var/www/html WORKDIR ${foo} ADD code.tgz $foo COPY sources.list /etc/apt COPY start.sh /root/ RUN chmod 755 /root/start.sh RUN mkdir /data VOLUME /data RUN apt-get -y update && apt-get -y install sysstat lsof net-tools procps vim bash RUN apt-get -y install apache2 RUN ln -fs /usr/share/zoneinfo/Asia/Shanghai /etc/localtime RUN date COPY ports.conf /etc/apache2/ports.conf ADD example.tgz /data EXPOSE 80 CMD ["/bin/bash","/root/start.sh"] EOF
Dockerfile related scripts used in the above configuration is as follows:
# cat >sources.list <<EOF deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse EOF # cat >ports.conf <<EOF ServerName localhost Listen 80 <IfModule ssl_module> Listen 443 </IfModule> <IfModule mod_gnutls.c> Listen 443 </IfModule> EOF # cat >start.sh <<EOF #!/bin/bash apache2ctl start bash EOF
2, by constructing mirror Dockerfile
# docker image build -t test/httpd:v0.1 . # docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
test/httpd v0.1 9a9a2b7dd312 2 minutes ago 165MB
httpd latest 2ae34abc2ed0 3 weeks ago 165MB
3, operation of the container based mirroring
# docker container run -idt -p 80 --name test_httpd01 test/httpd:v0.1
6e7a40ec63b618bf043b45d334c289df782f02e19617dc0686c3be41a582e047
Note: Do not add / bin / bash When you create a container, otherwise it will lead to covering CMD apache service will not start.
4, view the status and confirm that the container port in listening state
# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a919ee33ae0e test/httpd:v0.1 "/bin/bash /root/sta…" 3 minutes ago Up 3 minutes 0.0.0.0:32787->80/tcp test_httpd01
# docker exec -it test_httpd01 netstat -antp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 18/apache2
5, test
# curl http://127.0.0.1:32787
hello
6, remove the container and mirror, the end of the life cycle of container
# docker stop test_httpd01 # docker rm test_httpd01 # docker rmi $(docker images |grep "test/httpd" |awk '{print $3}')
Summary
for a certain Linux-based children's shoes, write Dockerfile is relatively simple, but still need to pay attention to some details, such as ADD, COPY command difference, RUN CMD command and differences.