docker file简介

Dockerfile 是由一个个的指令组成，是用于表示创建一个镜像文件的过程。

docker file 详解

环境变量env

echo ${NAME:-tom} //没值显示默认值

tom

NAME=test

echo ${NAME:-tom} //有值显示设置的值

test

echo ${NAME:+tom} //只要有值则显示tom

tom

NAME=test

tom

unset NAME

echo ${NAME:+tom} //没值显示空

Dockerfile 指令

FROM命令用法说明

FROM :tag

第一个指令必须是FROM，其指定一个构建镜像的基础源镜像，如果本地没有就会从公共库中拉取，没有指定镜像的标签会使用默认的latest标签，可以出现多次，如果需要在一个Dockerfile中构建多个镜像。

MAINTAINER命令用法说明

MAINTAINER

描述镜像的创建者，名称和邮箱

RUN命令用法说明

RUN "command" "param1" "param2"

RUN命令是一个常用的命令，执行完成之后会成为一个新的镜像，这里也是指镜像的分层构建。一句RUN就是一层，也相当于一个版本。可以通过&符号连接多个RUN语句。RUN后面的必须是双引号不能是单引号（没引号貌似也不要紧），command是不会调用shell的，所以也不会继承相应变量，要查看输入RUN "sh" "-c" "echo" "$HOME"，而不是RUN "echo" "$HOME"

CMD命令用法说明

CMD command param1 param2

CMD在Dockerfile中只能出现一次，有多个，只有最后一个会有效。其作用是在启动容器的时候提供一个默认的命令项。如果用户执行docker run的时候提供了命令项，就会覆盖掉这个命令。没提供就会使用构建时的命令

EXPOSE命令用法说明

EXPOSE [...]

Docker服务器容器对外映射的容器端口号，在docker run -p的时候生效

ENV命令用法说明

EVN 只能设置一个

EVN =允许一次设置多

设置容器的环境变量，可以让其后面的RUN命令使用，容器运行的时候这个变量也会保留

ADD命令用法说明

ADD

复制本机文件或目录或远程文件，添加到指定的容器目录，支持GO的正则模糊匹配。路径是绝对路径，不存在会自动创建。如果源是一个目录，只会复制目录下的内容，目录本身不会复制。ADD命令会将复制的压缩文件夹自动解压，这也是与COPY命令最大的不同

COPY命令用法说明

COPY

COPY除了不能自动解压，也不能复制网络文件。其它功能和ADD相同

ENTRYPOINT命令用法说明

ENTRYPOINT "command" "param1" "param2"

这个命令和CMD命令一样，唯一的区别是不能被docker run命令的执行命令覆盖，如果要覆盖需要带上选项--entrypoint，如果有多个选项，只有最后一个会生效

VOLUME命令用法说明

VOLUME ["path"]

在主机上创建一个挂载，挂载到容器的指定路径。docker run -v命令也能完成这个操作，而且更强大。这个命令不能指定主机的需要挂载到容器的文件夹路径。但docker run -v可以，而且其还可以挂载数据容器

USER命令用法说明

USER daemon

指定运行容器时的用户名或UID，后续的RUN、CMD、ENTRYPOINT也会使用指定的用户运行命令

WORKDIR命令用法说明

WORKDIR path

为RUN、CMD、ENTRYPOINT指令配置工作目录。可以使用多个WORKDIR指令，后续参数如果是相对路径，则会基于之前的命令指定的路径。如：WORKDIR /home　　WORKDIR test 。最终的路径就是/home/test。path路径也可以是环境变量，比如有环境变量HOME=/home，WORKDIR $HOME/test也就是/home/test

docker file基于tomcat例子

FROM davidcaste/alpine-tomcat:jdk8tomcat8

MAINTAINER sknife

#RUN mkdir /webapps

ADD *.war /opt/tomcat/webapps/app.war

CMD ["/opt/tomcat/bin/catalina.sh", "run"]

镜像构建实践

提供文件index.html

busybox test

编写Dockerfile

每一条指令都会生成一个镜像层

#Description: test image

FROM busybox:latest

MAINTAINER "sknife "

COPY index.html /data/web/html/

执行构建命令

docker build -h

Usage: docker build [OPTIONS] PATH | URL | -

Build an image from a Dockerfile

Options:

--add-host list Add a custom host-to-IP mapping (host:ip)

--build-arg list Set build-time variables

--cache-from strings Images to consider as cache sources

--cgroup-parent string Optional parent cgroup for the container

--compress Compress the build context using gzip

--cpu-period int Limit the CPU CFS (Completely Fair Scheduler) period

--cpu-quota int Limit the CPU CFS (Completely Fair Scheduler) quota

-c, --cpu-shares int CPU shares (relative weight)

--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)

--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)

--disable-content-trust Skip image verification (default true)

-f, --file string Name of the Dockerfile (Default is 'PATH/Dockerfile')

--force-rm Always remove intermediate containers

--iidfile string Write the image ID to the file

--isolation string Container isolation technology

--label list Set metadata for an image

-m, --memory bytes Memory limit

--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap

--network string Set the networking mode for the RUN instructions during build (default "default")

--no-cache Do not use cache when building the image

--pull Always attempt to pull a newer version of the image

-q, --quiet Suppress the build output and print image ID on success

--rm Remove intermediate containers after a successful build (default true)

--security-opt strings Security options

--shm-size bytes Size of /dev/shm

-t, --tag list Name and optionally a tag in the 'name:tag' format

--target string Set the target build stage to build.

--ulimit ulimit Ulimit options (default [])

docker build -t testhttpd:v1 ./

Sending build context to Docker daemon 3.072kB

Step 1/3 : FROM busybox:latest

---> 6d5fcfe5ff17

Step 2/3 : MAINTAINER "sknife "

---> Running in 7cfd8081a9a2

Removing intermediate container 7cfd8081a9a2

---> 01ae95e85baf

Step 3/3 : COPY index.html /data/web/html/

---> 355adbec9342

Successfully built 355adbec9342

Successfully tagged testhttpd:v1

docker images

REPOSITORY TAG IMAGE ID CREATED SIZE

testhttpd v1 355adbec9342 35 seconds ago 1.22MB

docker run --name testhttpd --rm testhttpd:v1 cat /data/web/html/index.html

busybox test

使用COPY指令

cp -r /etc/yum.repos.d/ .

vi Dockerfile //在原有文件后加一行

COPY yum.repos.d /etc/yum.repos.d/

docker build -t testhttpd:v2 ./ //重新构建

Sending build context to Docker daemon 13.31kB

Step 1/4 : FROM busybox:latest

---> 6d5fcfe5ff17

Step 2/4 : MAINTAINER "sknife "

---> Using cache

---> 01ae95e85baf

Step 3/4 : COPY index.html /data/web/html/

---> Using cache

---> 355adbec9342

Step 4/4 : COPY yum.repos.d /etc/yum.repos.d/ //新加了一层

---> 77dbb0dcb097

Successfully built 77dbb0dcb097

Successfully tagged testhttpd:v2

docker run --name testhttpd --rm testhttpd:v2 ls /etc/yum.repos.d/

CentOS-Base.repo

CentOS-Epel.repo

docker-ce.repo

epel-testing.repo

epel.repo

对比一下：v1版本镜像无yum.repos.d目录

docker run --name testhttpd --rm testhttpd:v1 ls /etc/

group

hostname

hosts

localtime

mtab

network

passwd

resolv.conf

shadow

将最后一行改一下目录名：不存在的目录将新建目录，并将目录中的文件放入新创建的目录中

COPY yum.repos.d /etc/testyum/

docker build -t testhttpd:v3 ./

docker run --name testhttpd --rm testhttpd:v3 ls /etc/

testyum

将最后一行改成已存在的目录名：将目录中的文件放入已存在的目录中

COPY yum.repos.d /etc/nework/

docker build -t testhttpd:v4 ./

docker run --name testhttpd --rm testhttpd:v4 ls /etc/

group

hostname

hosts

localtime

mtab

network

passwd

resolv.conf

shadow

docker run --name testhttpd --rm testhttpd:v4 ls -al /etc/network

CentOS-Base.repo

CentOS-Epel.repo

docker-ce.repo

epel-testing.repo

epel.repo

if-down.d

if-post-down.d

if-pre-up.d

if-up.d

使用ADD指令

ADD http://nginx.org/download/nginx-1.15.2.tar.gz /usr/local/src

docker build -t testhttpd:v5 ./

Sending build context to Docker daemon 13.31kB

Step 1/5 : FROM busybox:latest

---> 6d5fcfe5ff17

Step 2/5 : MAINTAINER "sknife "

---> Using cache

---> 01ae95e85baf

Step 3/5 : COPY index.html /data/web/html/

---> Using cache

---> 355adbec9342

Step 4/5 : COPY yum.repos.d /etc/yum.repos.d

---> fcf0ad0662ce

Step 5/5 : ADD http://nginx.org/download/nginx-1.15.2.tar.gz /usr/local/src

Downloading [==================================================>] 1.026MB/1.026MB

---> d281e4321278

Successfully built d281e4321278

Successfully tagged testhttpd:v5

docker run --name testhttpd --rm testhttpd:v5 ls -al /usr/local/src

drwxr-xr-x 8 1001 1001 4096 Jul 24 2018 nginx-1.15.2

手工下载nginx压缩包

wget http://nginx.org/download/nginx-1.15.2.tar.gz

vi Dockerfile //改一下最后一行，从本地拷贝

ADD nginx-1.15.2.tar.gz /usr/local/src

docker build -t testhttpd:v6 ./

docker run --name testhttpd --rm testhttpd:v6 ls -al /usr/local/src

使用WORKDIR

vi Dockerfile

WORKDIR /usr/local

ADD nginx-1.15.2.tar.gz ./src

docker build -t testhttpd:v7 ./

docker run --name testhttpd --rm testhttpd:v7 ls -al /usr/local/src

drwxr-xr-x 8 1001 1001 4096 Jul 24 2018 nginx-1.15.2

vi Dockerfile

WORKDIR /usr/local

WORKDIR src

ADD nginx-1.15.2.tar.gz ./

docker build -t testhttpd:v7 ./

Sending build context to Docker daemon 1.04MB

Step 1/7 : FROM busybox:latest

---> 6d5fcfe5ff17

Step 2/7 : MAINTAINER "sknife "

---> Using cache

---> 01ae95e85baf

Step 3/7 : COPY index.html /data/web/html/

---> Using cache

---> 355adbec9342

Step 4/7 : COPY yum.repos.d /etc/yum.repos.d

---> Using cache

---> fcf0ad0662ce

Step 5/7 : WORKDIR /usr/local

---> Using cache

---> d67f61741867

Step 6/7 : WORKDIR src

---> Running in ef90feec6651

Removing intermediate container ef90feec6651

---> 8ae879880c1a

Step 7/7 : ADD nginx-1.15.2.tar.gz ./

---> 73c03474cc0b

Successfully built 73c03474cc0b

Successfully tagged testhttpd:v7

docker run --name testhttpd --rm testhttpd:v7 ls -al /usr/local/src

drwxr-xr-x 8 1001 1001 4096 Jul 24 2018 nginx-1.15.2

docker exec -it testhttpd sh //直接进入容器的话，就是设置的当前工作目录

/usr/local/src # ls

nginx-1.15.2

使用VOLUME指令

VOLUME /data/mysql

docker build -t testhttpd:v8 ./

Sending build context to Docker daemon 1.04MB

Step 1/8 : FROM busybox:latest

---> 6d5fcfe5ff17

Step 2/8 : MAINTAINER "sknife "

---> Using cache

---> 01ae95e85baf

Step 3/8 : COPY index.html /data/web/html/

---> Using cache

---> 355adbec9342

Step 4/8 : COPY yum.repos.d /etc/yum.repos.d

---> Using cache

---> fcf0ad0662ce

Step 5/8 : WORKDIR /usr/local

---> Using cache

---> d67f61741867

Step 6/8 : WORKDIR src

---> Using cache

---> 8ae879880c1a

Step 7/8 : ADD nginx-1.15.2.tar.gz ./

---> Using cache

---> 73c03474cc0b

Step 8/8 : VOLUME /data/mysql

---> Running in 513715511e75

Removing intermediate container 513715511e75

---> 88e4b4860698

Successfully built 88e4b4860698

Successfully tagged testhttpd:v8

docker run --name testhttpd --rm testhttpd:v8 mount

/dev/vda1 on /data/mysql type ext4 (rw,noatime,data=ordered)

[root@VM_0_10_centos docker-file]# docker run --name testhttpd --rm testhttpd:v8 mount

rootfs on / type rootfs (rw)

overlay on / type overlay (rw,relatime,lowerdir=/var/lib/docker/overlay2/l/EWVRZUPD5C7AFBN3KLNP4TYDTB:/var/lib/docker/overlay2/l/XKLV3O2S26Z5XALZAUWBQN5LG6:/var/lib/docker/overlay2/l/6L3Q45LGX5T5QVF7GFC7MWCJ2K:/var/lib/docker/overlay2/l/QNLV4SQZFQSZKBUMNT3RH4EQ2A:/var/lib/docker/overlay2/l/KBG2I3G2X5RKJFB7M7KM7W3T2Q:/var/lib/docker/overlay2/l/ZOE5NVIM2BBPIJOXWGD73U6KDW:/var/lib/docker/overlay2/l/T7FN54GAW364KH4I6WCMED27BT,upperdir=/var/lib/docker/overlay2/08d53cf05e2480d0013fb8b15008960c5be63aadb54365194de04c16e63fe9aa/diff,workdir=/var/lib/docker/overlay2/08d53cf05e2480d0013fb8b15008960c5be63aadb54365194de04c16e63fe9aa/work)

proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)

tmpfs on /dev type tmpfs (rw,nosuid,size=65536k,mode=755)

devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=666)

sysfs on /sys type sysfs (ro,nosuid,nodev,noexec,relatime)

tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,relatime,mode=755)

cgroup on /sys/fs/cgroup/systemd type cgroup (ro,nosuid,nodev,noexec,relatime,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd)

cgroup on /sys/fs/cgroup/perf_event type cgroup (ro,nosuid,nodev,noexec,relatime,perf_event)

cgroup on /sys/fs/cgroup/freezer type cgroup (ro,nosuid,nodev,noexec,relatime,freezer)

cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (ro,nosuid,nodev,noexec,relatime,cpuacct,cpu)

cgroup on /sys/fs/cgroup/memory type cgroup (ro,nosuid,nodev,noexec,relatime,memory)

cgroup on /sys/fs/cgroup/pids type cgroup (ro,nosuid,nodev,noexec,relatime,pids)

cgroup on /sys/fs/cgroup/devices type cgroup (ro,nosuid,nodev,noexec,relatime,devices)

cgroup on /sys/fs/cgroup/hugetlb type cgroup (ro,nosuid,nodev,noexec,relatime,hugetlb)

cgroup on /sys/fs/cgroup/cpuset type cgroup (ro,nosuid,nodev,noexec,relatime,cpuset)

cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (ro,nosuid,nodev,noexec,relatime,net_prio,net_cls)

cgroup on /sys/fs/cgroup/blkio type cgroup (ro,nosuid,nodev,noexec,relatime,blkio)

mqueue on /dev/mqueue type mqueue (rw,nosuid,nodev,noexec,relatime)

shm on /dev/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=65536k)

/dev/vda1 on /data/mysql type ext4 (rw,noatime,data=ordered)

/dev/vda1 on /etc/resolv.conf type ext4 (rw,noatime,data=ordered)

/dev/vda1 on /etc/hostname type ext4 (rw,noatime,data=ordered)

/dev/vda1 on /etc/hosts type ext4 (rw,noatime,data=ordered)

proc on /proc/bus type proc (ro,relatime)

proc on /proc/fs type proc (ro,relatime)

proc on /proc/irq type proc (ro,relatime)

proc on /proc/sys type proc (ro,relatime)

proc on /proc/sysrq-trigger type proc (ro,relatime)

tmpfs on /proc/acpi type tmpfs (ro,relatime)

tmpfs on /proc/kcore type tmpfs (rw,nosuid,size=65536k,mode=755)

tmpfs on /proc/keys type tmpfs (rw,nosuid,size=65536k,mode=755)

tmpfs on /proc/timer_list type tmpfs (rw,nosuid,size=65536k,mode=755)

tmpfs on /proc/timer_stats type tmpfs (rw,nosuid,size=65536k,mode=755)

tmpfs on /proc/sched_debug type tmpfs (rw,nosuid,size=65536k,mode=755)

tmpfs on /proc/scsi type tmpfs (ro,relatime)

tmpfs on /sys/firmware type tmpfs (ro,relatime)

可以直接使用grep mysql过滤出来

docker run --name testhttpd --rm testhttpd:v8 mount|grep mysql

/dev/vda1 on /data/mysql type ext4 (rw,noatime,data=ordered)

docker run --name testhttpd --rm testhttpd:v8 sleep 3600

docker inspect testhttpd

"Mounts": [

{

"Type": "volume",

"Name": "0faa2c9f49db5e15eb96878c9f60d7ce50c5f4ce8f5a668993dee9297ff7d939",

"Source": "/var/lib/docker/volumes/0faa2c9f49db5e15eb96878c9f60d7ce50c5f4ce8f5a668993dee9297ff7d939/_data",

"Destination": "/data/mysql",

"Driver": "local",

"Mode": "",

"RW": true,

"Propagation": ""

}

],

使用EXPOSE指令

动态绑定宿主机的端口

EXPOSE 80/tcp

docker build -t testhttpd:v9 ./

Sending build context to Docker daemon 1.04MB

Step 1/9 : FROM busybox:latest

---> 6d5fcfe5ff17

Step 2/9 : MAINTAINER "sknife "

---> Using cache

---> 01ae95e85baf

Step 3/9 : COPY index.html /data/web/html/

---> Using cache

---> 355adbec9342

Step 4/9 : COPY yum.repos.d /etc/yum.repos.d

---> Using cache

---> fcf0ad0662ce

Step 5/9 : WORKDIR /usr/local

---> Using cache

---> d67f61741867

Step 6/9 : WORKDIR src

---> Using cache

---> 8ae879880c1a

Step 7/9 : ADD nginx-1.15.2.tar.gz ./

---> Using cache

---> 73c03474cc0b

Step 8/9 : VOLUME /data/mysql

---> Using cache

---> 88e4b4860698

Step 9/9 : EXPOSE 80/tcp

---> Running in 602273e7a272

Removing intermediate container 602273e7a272

---> 8059c8690a95

Successfully built 8059c8690a95

Successfully tagged testhttpd:v9

docker run --name testhttpd --rm testhttpd:v9 /bin/httpd -f -h /data/web/html

curl 172.18.0.2

busybox test

docker port testhttpd //没有暴露端口

加-P暴露任何端口

docker run --name testhttpd --rm -P testhttpd:v9 /bin/httpd -f -h /data/web/html

docker port testhttpd

80/tcp -> 0.0.0.0:32768

curl localhost:32768

busybox test

使用ENV指令

vi Dockerfile //只配置一个ENV，用空格分隔

ENV DOC_ROOT /data/web/html/

COPY index.html $DOC_ROOT

docker build -t testhttpd:v10 ./

Sending build context to Docker daemon 1.04MB

Step 1/10 : FROM busybox:latest

---> 6d5fcfe5ff17

Step 2/10 : MAINTAINER "sknife "

---> Using cache

---> 01ae95e85baf

Step 3/10 : ENV DOC_ROOT /data/web/html/

---> Running in 1827e66be015

Removing intermediate container 1827e66be015

---> 2153578b27c9

Step 4/10 : COPY index.html ${DOC_ROOT:-/data/web/html/}

---> 400df82a8a20

Step 5/10 : COPY yum.repos.d /etc/yum.repos.d

---> 117c6b72904f

Step 6/10 : WORKDIR /usr/local

---> Running in 0995fa6e6614

Removing intermediate container 0995fa6e6614

---> 9233ae06b56d

Step 7/10 : WORKDIR src

---> Running in 4c6eb91114d2

Removing intermediate container 4c6eb91114d2

---> 5723299ea4f1

Step 8/10 : ADD nginx-1.15.2.tar.gz ./

---> da05e6a56d41

Step 9/10 : VOLUME /data/mysql

---> Running in 2e1560259713

Removing intermediate container 2e1560259713

---> a77d85552a35

Step 10/10 : EXPOSE 80/tcp

---> Running in 0dc390381a32

Removing intermediate container 0dc390381a32

---> d83da711f924

Successfully built d83da711f924

Successfully tagged testhttpd:v10

vi Dockerfile // //配置多个ENV，用=分隔；多行用\分隔

ENV DOC_ROOT=/data/web/html/ \

DOC_SERVER="nginx-1.15.2.tar.gz" \

DOC_DB=/data/mysql

COPY index.html ${DOC_ROOT:-/data/web/html/}

ADD $DOC_SERVER ./

VOLUME $DOC_DB

docker build -t testhttpd:v10 ./

Sending build context to Docker daemon 1.04MB

Step 1/10 : FROM busybox:latest

---> 6d5fcfe5ff17

Step 2/10 : MAINTAINER "sknife "

---> Using cache

---> 01ae95e85baf

Step 3/10 : ENV DOC_ROOT=/data/web/html/ DOC_SERVER="nginx-1.15.2.tar.gz" DOC_DB=/data/mysql

---> Running in 217f5ebeb2ea

Removing intermediate container 217f5ebeb2ea

---> 1b8bd42dc527

Step 4/10 : COPY index.html ${DOC_ROOT:-/data/web/html/}

---> cf9999541535

Step 5/10 : COPY yum.repos.d /etc/yum.repos.d

---> 996e589f1b9c

Step 6/10 : WORKDIR /usr/local

---> Running in 2655b2f31921

Removing intermediate container 2655b2f31921

---> fd6b2bf3e69b

Step 7/10 : WORKDIR src

---> Running in 08105fa7812a

Removing intermediate container 08105fa7812a

---> 56061794d6ac

Step 8/10 : ADD $DOC_SERVER ./

---> d6118eff4822

Step 9/10 : VOLUME $DOC_DB

---> Running in fca10268efff

Removing intermediate container fca10268efff

---> 9d3fba25bb6f

Step 10/10 : EXPOSE 80/tcp

---> Running in 177b68d5ebef

Removing intermediate container 177b68d5ebef

---> 692fd83869b6

Successfully built 692fd83869b6

Successfully tagged testhttpd:v10

docker run --name testhttpd --rm -P testhttpd:v10 ls /usr/local/src

nginx-1.15.2

docker run --name testhttpd --rm -P testhttpd:v10 ls /data/web/html

index.html

docker run --name testhttpd --rm -P testhttpd:v10 printenv

PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

HOSTNAME=8e8058a20817

DOC_ROOT=/data/web/html/

DOC_SERVER=nginx-1.15.2.tar.gz

DOC_DB=/data/mysql

HOME=/root

docker run 参数设置

docker run --help

Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]

Run a command in a new container

Options:

--add-host list Add a custom host-to-IP mapping (host:ip)

-a, --attach list Attach to STDIN, STDOUT or STDERR

--blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0)

--blkio-weight-device list Block IO weight (relative device weight) (default [])

--cap-add list Add Linux capabilities

--cap-drop list Drop Linux capabilities

--cgroup-parent string Optional parent cgroup for the container

--cidfile string Write the container ID to the file

--cpu-period int Limit CPU CFS (Completely Fair Scheduler) period

--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota

--cpu-rt-period int Limit CPU real-time period in microseconds

--cpu-rt-runtime int Limit CPU real-time runtime in microseconds

-c, --cpu-shares int CPU shares (relative weight)

--cpus decimal Number of CPUs

--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)

--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)

-d, --detach Run container in background and print container ID

--detach-keys string Override the key sequence for detaching a container

--device list Add a host device to the container

--device-cgroup-rule list Add a rule to the cgroup allowed devices list

--device-read-bps list Limit read rate (bytes per second) from a device (default [])

--device-read-iops list Limit read rate (IO per second) from a device (default [])

--device-write-bps list Limit write rate (bytes per second) to a device (default [])

--device-write-iops list Limit write rate (IO per second) to a device (default [])

--disable-content-trust Skip image verification (default true)

--dns list Set custom DNS servers

--dns-option list Set DNS options

--dns-search list Set custom DNS search domains

--domainname string Container NIS domain name

--entrypoint string Overwrite the default ENTRYPOINT of the image

-e, --env list Set environment variables

--env-file list Read in a file of environment variables

--expose list Expose a port or a range of ports

--gpus gpu-request GPU devices to add to the container ('all' to pass all GPUs)

--group-add list Add additional groups to join

--health-cmd string Command to run to check health

--health-interval duration Time between running the check (ms|s|m|h) (default 0s)

--health-retries int Consecutive failures needed to report unhealthy

--health-start-period duration Start period for the container to initialize before starting health-retries countdown

(ms|s|m|h) (default 0s)

--health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s)

--help Print usage

-h, --hostname string Container host name

--init Run an init inside the container that forwards signals and reaps processes

-i, --interactive Keep STDIN open even if not attached

--ip string IPv4 address (e.g., 172.30.100.104)

--ip6 string IPv6 address (e.g., 2001:db8::33)

--ipc string IPC mode to use

--isolation string Container isolation technology

--kernel-memory bytes Kernel memory limit

-l, --label list Set meta data on a container

--label-file list Read in a line delimited file of labels

--link list Add link to another container

--link-local-ip list Container IPv4/IPv6 link-local addresses

--log-driver string Logging driver for the container

--log-opt list Log driver options

--mac-address string Container MAC address (e.g., 92:d0:c6:0a:29:33)

-m, --memory bytes Memory limit

--memory-reservation bytes Memory soft limit

--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap

--memory-swappiness int Tune container memory swappiness (0 to 100) (default -1)

--mount mount Attach a filesystem mount to the container

--name string Assign a name to the container

--network network Connect a container to a network

--network-alias list Add network-scoped alias for the container

--no-healthcheck Disable any container-specified HEALTHCHECK

--oom-kill-disable Disable OOM Killer

--oom-score-adj int Tune host's OOM preferences (-1000 to 1000)

--pid string PID namespace to use

--pids-limit int Tune container pids limit (set -1 for unlimited)

--privileged Give extended privileges to this container

-p, --publish list Publish a container's port(s) to the host

-P, --publish-all Publish all exposed ports to random ports

--read-only Mount the container's root filesystem as read only

--restart string Restart policy to apply when a container exits (default "no")

--rm Automatically remove the container when it exits

--runtime string Runtime to use for this container

--security-opt list Security Options

--shm-size bytes Size of /dev/shm

--sig-proxy Proxy received signals to the process (default true)

--stop-signal string Signal to stop a container (default "SIGTERM")

--stop-timeout int Timeout (in seconds) to stop a container

--storage-opt list Storage driver options for the container

--sysctl map Sysctl options (default map[])

--tmpfs list Mount a tmpfs directory

-t, --tty Allocate a pseudo-TTY

--ulimit ulimit Ulimit options (default [])

-u, --user string Username or UID (format: [:])

--userns string User namespace to use

--uts string UTS namespace to use

-v, --volume list Bind mount a volume

--volume-driver string Optional volume driver for the container

--volumes-from list Mount volumes from the specified container(s)

-w, --workdir string Working directory inside the container

docker run --name testhttpd --rm -P -e DOC_SERVER="tomcat" testhttpd:v10 printenv

DOC_SERVER=tomcat

使用RUN指令

vi Dockerfile

#Description: test image

FROM busybox:latest

MAINTAINER "sknife "

ENV DOC_ROOT=/data/web/html/ \

DOC_SERVER="nginx-1.15.2.tar.gz" \

DOC_DB=/data/mysql

COPY index.html ${DOC_ROOT:-/data/web/html/}

COPY yum.repos.d /etc/yum.repos.d

ADD http://nginx.org/download/${DOC_SERVER} /usr/local/src/

WORKDIR /usr/local/

#WORKDIR src

#ADD $DOC_SERVER ./

VOLUME $DOC_DB

EXPOSE 80/tcp

RUN cd /usr/local/src && \

tar xf ${DOC_SERVER}

docker build -t testhttpd:v11 ./

Sending build context to Docker daemon 1.04MB

Step 1/10 : FROM busybox:latest

---> 6d5fcfe5ff17

Step 2/10 : MAINTAINER "sknife "

---> Using cache

---> 01ae95e85baf

Step 3/10 : ENV DOC_ROOT=/data/web/html/ DOC_SERVER="nginx-1.15.2.tar.gz" DOC_DB=/data/mysql

---> Using cache

---> 1b8bd42dc527

Step 4/10 : COPY index.html ${DOC_ROOT:-/data/web/html/}

---> Using cache

---> cf9999541535

Step 5/10 : COPY yum.repos.d /etc/yum.repos.d

---> Using cache

---> 996e589f1b9c

Step 6/10 : ADD http://nginx.org/download/${DOC_SERVER} /usr/local/src/

Downloading [==================================================>] 1.026MB/1.026MB

---> Using cache

---> 530ac4541918

Step 7/10 : WORKDIR /usr/local/

---> Using cache

---> bfae03feb06d

Step 8/10 : VOLUME $DOC_DB

---> Using cache

---> b9805a6eadb0

Step 9/10 : EXPOSE 80/tcp

---> Using cache

---> 6b9045e83464

Step 10/10 : RUN cd /usr/local/src && tar xf ${DOC_SERVER}

---> Running in 350c175de9ac

Removing intermediate container 350c175de9ac

---> b21080b9b20b

Successfully built b21080b9b20b

Successfully tagged testhttpd:v11

docker run --name testhttpd --rm -P -e DOC_SERVER="tomcat" -it testhttpd:v11 ls /usr/local/src

nginx-1.15.2 nginx-1.15.2.tar.gz

vi Dockerfile

RUN cd /usr/local/src && \

tar xf ${DOC_SERVER} && \

mv nginx-1.15.2 webserver

docker build -t testhttpd:v12 ./

docker run --name testhttpd --rm -P -e DOC_SERVER="webserver" -it testhttpd:v12 ls /usr/local/src

nginx-1.15.2.tar.gz webserver

使用CMD指令

vi Dockerfile

#Description: test image

FROM busybox:latest

MAINTAINER "sknife "

ENV DOC_ROOT=/data/web/html/

RUN mkdir -p $DOC_ROOT && \

echo '
busybox test
' > $DOC_ROOT/index.html

CMD /bin/httpd -f -h ${DOC_ROOT}

docker build -t testhttpd:v12 ./

docker image inspect testhttpd:v12

"Cmd": [

"/bin/sh",

"-c",

"#(nop) ",

"CMD [\"/bin/sh\" \"-c\" \"/bin/httpd -f -h ${DOC_ROOT}\"]"

],

docker run --name testhttpd --rm -P -it testhttpd:v12

docker exec -it testhttpd sh

/ # ps

PID USER TIME COMMAND

1 root 0:00 /bin/httpd -f -h /data/web/html/

11 root 0:00 sh

16 root 0:00 ps

vi Dockerfile

#CMD /bin/httpd -f -h ${DOC_ROOT}

CMD ["/bin/httpd", "-f", "-h ${DOC_ROOT}"]

docker build -t testhttpd:v13 ./

docker image inspect testhttpd:v13

"Cmd": [

"/bin/sh",

"-c",

"{\"/bin/httpd\", \"-f\", \"-h ${DOC_ROOT}\"}"

],

docker run --name testhttpd --rm -P -it testhttpd:v13

/bin/sh: {/bin/httpd,: not found

vi Dockerfile

#CMD /bin/httpd -f -h ${DOC_ROOT}

CMD ["/bin/sh", "-c", "/bin/httpd", "-f", "-h ${DOC_ROOT}"]

docker build -t testhttpd:v13 ./

docker run --name testhttpd --rm -P -it testhttpd:v13

docker file

docker file简介

docker file 详解

环境变量env

Dockerfile 指令

FROM命令用法说明

MAINTAINER命令用法说明

RUN命令用法说明

CMD命令用法说明

EXPOSE命令用法说明

ENV命令用法说明

ADD命令用法说明

COPY命令用法说明

ENTRYPOINT命令用法说明

VOLUME命令用法说明

USER命令用法说明

WORKDIR命令用法说明

docker file基于tomcat例子

镜像构建实践

提供文件index.html

busybox test

编写Dockerfile

执行构建命令

busybox test

使用COPY指令

使用ADD指令

使用WORKDIR

使用VOLUME指令

使用EXPOSE指令

busybox test

busybox test

使用ENV指令

docker run 参数设置

使用RUN指令

使用CMD指令

busybox test

你可能感兴趣的:(docker file)