通过Dockerfile文件可以很方便的构建我们所需的镜像
实例应用
一.容器内构建sshd服务镜像
创建sshd文件夹
[root@localhost ~]# mkdir sshd
[root@localhost ~]# cd sshd/
编辑 Dockerfile
[root@localhost sshd]# vi Dockerfile
FROM centos:7
MAINTAINER This is my sshd service
RUN yum -y update
RUN yum -y install openssh* net-tools lsof telnet passwd ##安装所需工具
RUN echo '123456' | passwd --stdin root ##设置root密码
RUN sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config ##修改sshd配置文件,禁用PAM认证
RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key ##生成密钥
RUN sed -i '/^session\s\+required\s\+pam_loginuid_so/s/^/#/' /etc/pam.d/sshd
RUN mkdir -p /root/.ssh && chown root.root /root && chmod 700 /root/.ssh
EXPOSE 22
CMD ["/usr/sbin/sshd","-D"] ##启动服务
生成镜像,运行容器
[root@localhost sshd]# docker build -t sshd:new . ##生成镜像
Successfully built 63b5892f67bf
Successfully tagged sshd:new
[root@localhost sshd]# docker run -d -P sshd:new ##运行容器
7a043a1ef89186345815a547ae9379e93a73de99e215c269ef921564cf686466
[root@localhost sshd]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7a043a1ef891 sshd:new "/usr/sbin/sshd -D" 21 seconds ago Up 21 seconds 0.0.0.0:32768->22/tcp stoic_bell
[root@localhost sshd]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
sshd new 63b5892f67bf About a minute ago 540MB
验证sshd服务
[root@localhost sshd]# ssh localhost -p 32768
The authenticity of host '[localhost]:32768 ([::1]:32768)' can't be established.
RSA key fingerprint is SHA256:zDkm6zX8sIs9RbJizWmdpuvigAa4SLJ6e2xcA2iD6ws.
RSA key fingerprint is MD5:4b:2d:d1:77:a2:ed:3b:31:13:de:cb:6a:68:aa:24:e4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[localhost]:32768' (RSA) to the list of known hosts.
root@localhost's password:
[root@7a043a1ef891 ~]#
二.构建systemctl镜像
创建systemctl文件夹
[root@localhost ~]# mkdir systemctl
[root@localhost ~]# cd systemctl/
编辑 Dockerfile
[root@localhost systemctl]# vi Dockerfile
FROM sshd:new #基于sshd:new镜像
ENV container docker ##定义环境变量
RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == \ ##删除不需要的配置文件
systemd-tmpfiles-setup.service ] || rm -f $i; done); \
rm -f /lib/systemd/system/multi-user.target.wants/*; \
rm -f /etc/systemd/system/*.wants/*; \
rm -f /lib/systemd/system/local-fs.target.wants/*; \
rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
rm -f /lib/systemd/system/basic.target.wants/*; \
rm -f /lib/systemd/system/anaconda.target.wants/*;
VOLUME ["/sys/fs/cgroup"]
CMD ["/usr/sbin/init"]
生成镜像,运行容器
[root@localhost systemctl]# docker build -t systemctl:new .
[root@localhost systemctl]# docker run --privileged -it -v /sys/fs/cgroup:/sys/fs/cgroup:ro systemctl:new /sbin/init &
#privileged container内的root拥有真正的root权限,否则,container内的root只是外部的一个普通用户权限
[root@localhost systemctl]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9c399b98f6eb systemctl:new "/sbin/init" 26 seconds ago Up 25 seconds
验证systemctl服务
[root@localhost systemctl]# docker exec -it 9c399b98f6eb /bin/bash
[root@9c399b98f6eb /]# systemctl start sshd
三.nginx服务搭建
创建nginx文件夹
[root@localhost ~]# mkdir nginx
[root@localhost ~]# cd nginx/
编辑 Dockerfile
[root@localhost nginx]# vi Dockerfile
FROM centos:7 ##基于centos7镜像创建
RUN yum -y update
RUN yum -y install gcc gcc-c++ make pcre-devel zlib-devel
ADD nginx-1.12.2.tar.gz /opt ##解压nginx包到opt目录
WORKDIR /opt/nginx-1.12.2
RUN ./configure \
--prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-http_stub_status_module && make && make install
RUN useradd -M -s /sbin/nologin nginx
ENV PATN /usr/local/nginx/sbin:$PATH ##导入环境变量
EXPOSE 80 暴露服务端口
EXPOSE 443
RUN echo 'daemon off;' >> /usr/local/nginx/conf/nginx.conf 关闭服务守护进程 ,防止容器启动时进程冲突
ADD run.sh /run.sh
RUN chmod 755 /run.sh
CMD ["/run.sh"]
编辑run脚本
[root@localhost nginx]# vi run.sh
#!/bin/bash
/usr/local/nginx/sbin/nginx
生成镜像,运行容器
[root@localhost nginx]# docker build -t nginx:new .
[root@localhost nginx]# docker run -d -P nginx:new
[root@localhost nginx]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
27e00536cf01 nginx:new "/run.sh" 12 seconds ago Up 10 seconds
测试
四.构建Tomcat
创建Tomcat目录
[root@localhost ~]# mkdir Tomcat
[root@localhost ~]# cd Tomcat/
编辑 Dockerfile
[root@localhost Tomcat]# vi Dockerfile
FROM centos:7
MAINTAINER tomcat
ADD jdk-8u91-linux-x64.tar.gz /usr/local
WORKDIR /usr/local
RUN mv jdk1.8.0_91 /usr/local/java
ENV JAVA_HOME /usr/local/java
ENV JAVA_BIN /usr/local/java/bin
ENV JRE_HOME /usr/local/java/jre
ENV PATH $PATH:/usr/local/java/bin:/usr/local/java/jre/bin
ENV CLASSPATH /usr/local/java/jre/bin:/usr/local/java/lib:/usr/local/java/jre/lib/charsets.jar
ADD apache-tomcat-8.5.16.tar.gz /usr/local
WORKDIR /usr/local
RUN mv apache-tomcat-8.5.16 /usr/local/tomcat8
EXPOSE 8080
ENTRYPOINT ["/usr/local/tomcat8/bin/catalina.sh","run"]
生成镜像,运行容器
[root@localhost Tomcat]# docker build -t tomcat:new .
[root@localhost Tomcat]# docker run -dit --name tomcat -p 1234:8080 tomcat:new
[root@localhost Tomcat]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
71d816f0dcce tomcat:new "/usr/local/tomcat8/…" 8 seconds ago Up 7 seconds 0.0.0.0:1234->8080/tcp
测试