Dockerfile
基本结构
Dockerfile 是一个文本格式的配置文件,用户可以使用 Dockerfile 快速创建自定义镜像。
Dockerfile 由一行行命令语句组成,并且支持以 # 开头的注释行。
Docker分为四部分:
- 基础镜像信息
- 维护者信息
- 镜像操作指令
- 容器启动时默认要执行的指令
例如:
[root@localhost ~]# mkdir nginx
[root@localhost ~]# ls
anaconda-ks.cfg nginx
[root@localhost ~]# cd nginx/
[root@localhost nginx]# vi Dockerfile // 这个D必须大写
[root@localhost nginx]# cat Dockerfile
# This dockerfile uses the ubuntu image
# VERSION 2 - EDITION 1
# Author: seancheng
# Command format: Instruction [arguments / command] ...
# 第一行必须指定基于的基础镜像
FROM ubuntu
# 维护者信息
LABEL MAINTAINER='seancheng xianshangxian@126.com'
# 镜像操作指令
RUN echo "deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse" >> /etc/apt/sources.list && \
apt-get update && apt-get install -y nginx && \
echo "\ndaemon off;" >> /etc/nginx/nginx.conf
# 容器启动时默认要执行的指令
CMD /usr/sbin/nginx // CMD是用来指定容器启动的时候要启动什么程序
其中,一开始必须指明所基于的镜像名称,接下来一般会说明维护者信息。
后面则是镜像操作指令,例如RUN指令,RUN指令将对镜像执行跟随的命令。每运行一条RUN指令,镜像添加新的一层,并提交。
最后是CMD指令来指定运行容器时的操作指令。
创建镜像
编写完成Dockerfile后,可以通过docker build命令来创建镜像。
基本的格式为docker build [选项] 路径
,该命令将读取指定路径下(包括子目录)的Dockerfile,并将该路径下所有内容发送给Docker服务端,由服务端来创建镜像。因此一般建议放置Dockerfile的目录为空目录。
另外,可以通过 .dockerignore
文件(每一行添加一条匹配模式)来让Docker忽略路径下的目录和文件。
要指定镜像的标签信息,可以通过-t选项。
例如,指定Dockerfile所在路径为/tmp/docker_builder/,并且希望生成镜像标签为build_repo/first_image,可以使用下面的命令:
[root@localhost ~]# docker build nginx
[root@localhost ~]# docker tag 20282efe05a2 wjj200112/myapp:v0.1 // 给镜像取名字
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
wjj200112/myapp v0.1 20282efe05a2 About a minute ago 185MB
ubuntu latest ba6acccedd29 7 weeks ago 72.8MB
[root@localhost ~]# docker login
Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one.
Username: wjj200112
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@localhost ~]# docker push wjj200112/myapp:v0.1
The push refers to repository [docker.io/wjj200112/myapp]
d9e2e47db2a4: Pushed
2a270de0c211: Pushed
b25637d4baf9: Pushed
9f54eef41275: Mounted from library/ubuntu
v0.1: digest: sha256:f2d48f46f446f793f172c71b7726b735526b13b3c1348d0f1ddff1c67d4f8bab size: 1155
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
wjj200112/myapp v0.2 d83c65c205bc 2 seconds ago 185MB
wjj200112/myapp v0.1 20282efe05a2 9 minutes ago 185MB
ubuntu latest ba6acccedd29 7 weeks ago 72.8MB
[root@localhost ~]# docker push wjj200112/myapp:v0.2
// 使用新创建的镜像创建容器
[root@localhost ~]# docker run -d -p 80:80 --rm --name web wjj200112/myapp:v0.1
8961a99d111a427e6f5d677cd7c282aa8552798d49a4ef5081ccb34af6d95960
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8961a99d111a wjj200112/myapp:v0.1 "/bin/sh -c /usr/sbi…" 6 seconds ago Up 5 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp web
指令
指令的一般格式为INSTRUCTION arguments,指令包括:
- FROM
- LABEL
- MAINTAINER
- RUN
- CMD
- EXPOSE
- ENV
- ADD
- COPY
- ENTRYPOINT
- VOLUME
- USER
- WORKDIR
- ONBUILD
FROM
格式为FROM <image>
(没有跟上版本号就是镜像最新版)或FROM <image>:<tag>
(指定镜像版本)。
第一条指令必须为FROM指令。并且,如果在同一个Dockerfile中创建多个镜像时,可以使用多个FROM指令(每个镜像一次)。
LABEL MAINTAINER
格式为LABEL MAINTAINER <name email_address>
,指定维护者信息
RUN
格式为RUN <command>
或RUN ["executable","param1","param2"]
。
前者将在shell终端中运行命令,即/bin/sh -c;后者则使用exec执行。指定使用其他终端可以通过第二种方式实现,例如:
[root@localhost ~]# mkdir test
[root@localhost ~]# cd test/
[root@localhost test]# vim Dockerfile
FROM centos
RUN rm -rf /etc/yum.repos.d/* && \
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-$(awk -F '"' 'NR==5{print $2}' /etc/os-release).repo && \
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo && \
yum clean all && \
yum -y install httpd
[root@localhost ~]# docker build -t test:v0.1 test
[root@localhost test]# vim Dockerfile
FROM centos
RUN rm -rf /etc/yum.repos.d/* && \
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-$(awk -F '"' 'NR==5{print $2}' /etc/os-release).repo && \
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo && \
yum clean all
RUN ["yum", "-y", "install", "httpd"]
[root@localhost ~]# docker build -t test:v0.4 test
........此处省略多行
Complete!
Removing intermediate container 70d463ad6db9
---> c32bb2d5d4c3
Step 4/4 : CMD ["httpd", "-D", "FOREGROUND"]
---> Running in f5d73a64ebc4
Removing intermediate container f5d73a64ebc4
---> 3b0228221fb1
Successfully built 3b0228221fb1
Successfully tagged test:v0.4
每条RUN指令将在当前镜像基础上执行指定命令,并提交为新的镜像。当命令较长时可以使用 \ 来换行,例如:
RUN rm -rf /etc/yum.repos.d/* && \
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-$(awk -F '"' 'NR==5{print $2}' /etc/os-release).repo && \
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo && \
yum clean all && \
yum -y install httpd
CMD
CMD支持三种格式:
CMD ["executable","param1","param2"]
使用exec执行,推荐方式CMD command param1 param2
在/bin/sh中执行,提供给需要交互的应用CMD ["param1","param2"]
提供给ENTRYPOINT的默认参数
CMD用于指定启动容器时默认要执行的命令,每个Dockerfile只能有一条CMD命令。如果指定了多条命令,只有最后一条会被执行。
如果用户启动容器时指定了运行的命令,则会覆盖掉CMD指定的命令。
[root@localhost test]# vim Dockerfile
FROM centos
RUN rm -rf /etc/yum.repos.d/* && \
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-$(awk -F '"' 'NR==5{print $2}' /etc/os-release).repo && \
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo && \
yum clean all && \
yum -y install httpd
CMD httpd -D FOREGROUND
[root@localhost ~]# docker run -it --rm test:v0.2
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1ee54abccbbb test:v0.2 "/bin/sh -c 'httpd -…" 15 seconds ago Up 14 seconds magical_bassi
[root@localhost ~]# docker inspect 1ee54abccbbb
.......此处省略多行
"Cmd": [
"/bin/sh",
"-c",
"httpd -D FOREGROUND"
],
"Image": "test:v0.2",
.......此处省略多行
[root@localhost ~]# vim test/Dockerfile
FROM centos
RUN rm -rf /etc/yum.repos.d/* && \
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-$(awk -F '"' 'NR==5{print $2}' /etc/os-release).repo && \
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo && \
yum clean all && \
yum -y install httpd
CMD ["httpd", "-D", "FOREGROUND"]
[root@localhost ~]docker build -t test:v0.3 test
[root@localhost ~]# docker run -it --rm test:v0.3
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e54c81cf5f09 test:v0.3 "httpd -D FOREGROUND" About a minute ago Up About a minute great_ramanujan
[root@localhost ~]# docker inspect e54c81cf5f09
..........此处省略多行
"Cmd": [
"httpd",
"-D",
"FOREGROUND"
],
"Image": "test:v0.3",
.......此处省略多行
[root@localhost ~]# cat test/Dockerfile
FROM centos
CMD sleep 600
[root@localhost ~]# docker build -t test:v0.6 test
Sending build context to Docker daemon 2.048kB
Step 1/2 : FROM centos
---> 5d0da3dc9764
Step 2/2 : CMD sleep 600
---> Running in 5efed673b8cc
Removing intermediate container 5efed673b8cc
---> 32d553ee1623
Successfully built 32d553ee1623
Successfully tagged test:v0.6
[root@localhost ~]# docker run -it --rm --name web test:v0.6
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
066cee2504f8 test:v0.6 "/bin/sh -c 'sleep 6…" 9 seconds ago Up 8 seconds web
[root@localhost ~]# docker inspect web
.........此处省略多行
"Cmd": [
"/bin/sh",
"-c",
"sleep 600"
],
"Image": "test:v0.6",
..........此处省略多行
如果指定了多条命令,只有最后一条会被执行
[root@localhost ~]# cat test/Dockerfile
FROM centos
CMD sleep 600
CMD sleep 700
CMD sleep 800
CMD sleep 900
CMD sleep 500
[root@localhost ~]# docker build -t test:v0.7 test
[root@localhost ~]# docker run -it --rm --name web test:v0.7
[root@localhost ~]# docker inspect web
.........此处省略多行
"Cmd": [
"/bin/sh",
"-c",
"sleep 500"
],
"Image": "test:v0.7",
.........此处省略多行
如果用户启动容器时指定了运行的命令,则会覆盖掉CMD指定的命令。
[root@localhost ~]# docker run -it --rm --name web test:v0.7 sleep 700
[root@localhost ~]# docker inspect web
.........此处省略多行
"Cmd": [
"sleep",
"700"
],
"Image": "test:v0.7",
.........此处省略多行
EXPOSE
格式为EXPOSE <port> [<port>...]
。
例如:
EXPOSE 22 80 8443
[root@localhost ~]# vim test/Dockerfile
FROM centos
RUN rm -rf /etc/yum.repos.d/* && \
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-$(awk -F '"' 'NR==5{print $2}' /etc/os-release).repo && \
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo && \
yum clean all && \
yum -y install httpd
CMD ["httpd", "-D", "FOREGROUND"]
EXPOSE 80
[root@localhost ~]# docker build -t test:v0.9 test
[root@localhost ~]# docker run -it --rm --name web test:v0.9
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3c89403e6dc9 test:v0.9 "httpd -D FOREGROUND" 3 seconds ago Up 2 seconds 80/tcp web
EXPOSE用于告诉Docker服务器容器暴露的端口号,供互联系统使用。
在启动容器时通过-P,Docker主机会自动分配一个端口转发到指定的端口;
使用-p则可以具体指定哪个本地端口映射过来。
ENV(environment)
格式为ENV <key> <value>
。指定一个环境变量,会被后续RUN指令使用,并在容器运行时保持。例如:
ENV PG_MAJOR 9.3
ENV version 2.4.51
RUN curl -SL http://example.com/postgres-$PG_VERSION.tar.xz | tar -xJC /usr/src/postgress && ...
ENV PATH /usr/local/apache/bin:$PATH // 这样配置环境变量后不用source,而且子进程也可以看见
[root@localhost ~]# vim test/Dockerfile
FROM centos
ENV name lisa
[root@localhost ~]# docker build -t test:v0.10 test
[root@localhost ~]# docker run -it --rm --name web test:v0.10
[root@b3546449ce4b /]# echo $name
lisa
// 这样配置环境变量后不用source,而且子进程也可以看见
[root@localhost ~]# cat test/Dockerfile
FROM centos
ENV PATH /usr/local/apache/bin:$PATH
[root@localhost ~]# docker build -t test:v0.11 test
[root@localhost ~]# docker run -it --rm --name web test:v0.11
[root@bd446ce170b6 /]# echo $PATH
/usr/local/apache/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
[root@bd446ce170b6 /]# bash
[root@bd446ce170b6 /]# bash
[root@bd446ce170b6 /]# bash
[root@bd446ce170b6 /]# bash
[root@bd446ce170b6 /]# echo $PATH
/usr/local/apache/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
[root@bd446ce170b6 /]# exit
exit
[root@bd446ce170b6 /]# exit
exit
[root@bd446ce170b6 /]# exit
exit
[root@bd446ce170b6 /]# exit
exit
[root@bd446ce170b6 /]# exit
exit
[root@localhost ~]#
ADD
格式为ADD <src> <dest>
。
该命令将复制指定的到容器中的。其中可以是Dockerfile所在目录的一个相对路径(文件或目录);也可以是一个URL;还可以是一个tar文件(会自动解压为目录)。
把文件弄到容器里面
[root@localhost ~]# cd test/
[root@localhost test]# echo "hello world" > abc
[root@localhost test]# ls
abc Dockerfile
[root@localhost test]# mkdir files
[root@localhost test]# wget https://archive.apache.org/dist/httpd/httpd-2.4.51.tar.gz
[root@localhost test]# cp httpd-2.4.51.tar.gz files/
[root@localhost test]# ls
abc Dockerfile files httpd-2.4.51.tar.gz
[root@localhost test]# vim Dockerfile
FROM centos
ADD abc /opt
[root@localhost ~]# docker build -t test:v0.12 test
[root@localhost ~]# docker run -it --rm --name web test:v0.12
[root@184ab6407b81 /]# ls /opt/
abc
[root@184ab6407b81 /]# cat /opt/abc
hello world
把目录弄到容器里面
[root@localhost test]# vim Dockerfile
FROM centos
ADD files /opt
[root@localhost ~]# docker build -t test:v0.13 test
[root@localhost ~]# docker run -it --rm --name web test:v0.13
[root@0bf832565242 /]# ls /opt/
httpd-2.4.51.tar.gz
把tar文件弄到容器里面
[root@localhost test]# vim Dockerfile
FROM centos
ADD httpd-2.4.51.tar.gz /opt
[root@localhost ~]# docker build -t test:v0.14 test
[root@localhost ~]# docker run -it --rm --name web test:v0.14
[root@4dc8da341a7d /]# ls /opt/
httpd-2.4.51
[root@4dc8da341a7d /]# ls /opt/httpd-2.4.51/
ABOUT_APACHE Makefile.win build include
Apache-apr2.dsw NOTICE buildconf libhttpd.dep
Apache.dsw NWGNUmakefile changes-entries libhttpd.dsp
BuildAll.dsp README config.layout libhttpd.mak
BuildBin.dsp README.CHANGES configure modules
CHANGES README.cmake configure.in os
CMakeLists.txt README.platforms docs server
INSTALL ROADMAP emacs-style srclib
InstallBin.dsp VERSIONING httpd.dep support
LAYOUT acinclude.m4 httpd.dsp test
LICENSE ap.d httpd.mak
Makefile.in apache_probes.d httpd.spec
把URL文件弄到容器里面
[root@localhost test]# vim Dockerfile
FROM centos
ADD https://archive.apache.org/dist/httpd/httpd-2.4.51.tar.gz /opt
[root@localhost ~]# docker build -t test:v0.15 test
[root@localhost ~]# docker run -it --rm --name web test:v0.15
[root@741d3dedb406 /]# ls /opt/
httpd-2.4.51.tar.gz
[root@localhost test]# vim Dockerfile
FROM centos
ENV version 2.4.51
ADD https://archive.apache.org/dist/httpd/httpd-${version}.tar.gz /opt
[root@localhost ~]# docker build -t test:v0.16 test
[root@localhost ~]# docker run -it --rm --name web test:v0.16
[root@678bfaf1668f /]# ls /opt/
httpd-2.4.51.tar.gz
COPY
格式为COPY <src> <dest>
。
复制本地主机的(为Dockerfile所在目录的相对路径,文件或目录)为容器中的<dest>
。目标路径不存在时会自动创建。
当使用本地目录为源目录时,推荐使用COPY。
[root@localhost test]# vim Dockerfile
FROM centos
COPY httpd-2.4.51.tar.gz /files
RUN echo "alias ls='ls --color'" >> ~/.bashrc && \
source ~/.bashrc
[root@localhost ~]# docker build -t test:v0.20 test
[root@localhost ~]# docker run -it --rm --name web test:v0.20
[root@7bb12950dc96 /]# ls
bin etc home lib64 media opt root sbin sys usr
dev files lib lost+found mnt proc run srv tmp var
ENTRYPOINT(入口点)
ENTRYPOINT有两种格式:
- ENTRYPOINT [“executable”,“param1”,“param2”]
- ENTRYPOINT command param1 param2(在shell中执行)
配置容器启动后执行的命令,并且不可被docker run提供的参数覆盖。而且,如果在docker run的后面提供了参数,这些命令行参数会被当作参数传递给ENTRYPOINT指定的程序。
每个Dockerfile中只能有一个ENTRYPOINT,当指定多个ENTRYPOINT时,只有最后一个生效。
[root@localhost test]# vim Dockerfile
FROM centos
RUN echo "alias ls='ls --color'" >> ~/.bashrc && \
source ~/.bashrc
ENTRYPOINT sleep 600
[root@localhost ~]# docker build -t test:v0.21 test
[root@localhost ~]# docker run -it --rm --name web test:v0.21
[root@localhost test]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
cd5a4c15be46 test:v0.21 "/bin/sh -c 'sleep 6…" 11 seconds ago Up 11 seconds web
[root@localhost test]# docker kill web
web
[root@localhost ~]# docker run -it --rm --name web test:v0.21 sleep 900
[root@localhost test]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f35fe240554c test:v0.21 "/bin/sh -c 'sleep 6…" 6 seconds ago Up 5 seconds web
[root@localhost test]# vim Dockerfile
FROM centos
RUN echo "alias ls='ls --color'" >> ~/.bashrc && \
source ~/.bashrc && \
rm -rf /etc/yum.repos.d/* && \
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-$(awk -F '"' 'NR==5{print $2}' /etc/os-release).repo && \
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo && \
yum clean all && \
yum -y install httpd
CMD ["-D","FOREGROUND"]
ENTRYPOINT ["httpd"]
EXPOSE 80
[root@localhost ~]# docker build -t test:v0.22 test
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
265e557635b7 test:v0.22 "httpd -D FOREGROUND" 17 seconds ago Up 16 seconds 80/tcp web
[root@localhost ~]# docker inspect web
...........此处省略多行
"Cmd": [
"-D",
"FOREGROUND"
],
"Image": "test:v0.22",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": [
"httpd"
...........此处省略多行
[root@localhost ~]# docker run -it --rm --name web test:v0.22 -X
[root@localhost ~]# docker inspect web
...........此处省略多行
"Cmd": [
"-X"
],
"Image": "test:v0.22",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": [
"httpd"
],
...........此处省略多行
VOLUME(不常用)
格式为VOLUME ["/data"]
。了解一下就可以了,不常用。
创建一个可以从本地主机或其他容器挂载的挂载点,一般用来存放数据库和需要保持的数据等。
[root@localhost ~]# vim test/Dockerfile
FROM centos
VOLUME ["/data"]
RUN echo "alias ls='ls --color'" >> ~/.bashrc && \
source ~/.bashrc && \
rm -rf /etc/yum.repos.d/* && \
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-$(awk -F '"' 'NR==5{print $2}' /etc/os-release).repo && \
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo && \
yum clean all && \
yum -y install httpd
CMD ["-D","FOREGROUND"]
ENTRYPOINT ["httpd"]
EXPOSE 80
[root@localhost ~]# docker build -t test:v0.23 test
[root@localhost ~]# docker run -it --rm --name web test:v0.23
[root@localhost ~]# docker exec -it web /bin/bash
[root@5941fc843492 /]# ls
bin dev home lib64 media opt root sbin sys usr
data etc lib lost+found mnt proc run srv tmp var
[root@5941fc843492 /]# ls data/
[root@5941fc843492 /]# exit
exit
[root@localhost ~]# docker inspect web
...........此处省略多行
"Cmd": [
"-D",
"FOREGROUND"
],
"Image": "test:v0.23",
"Volumes": {
"/data": {}
},
"WorkingDir": "",
"Entrypoint": [
"httpd"
],
...........此处省略多行
[root@localhost ~]# docker run -it --rm --name web -v /var/www/htm/data test:v0.23
[root@localhost ~]# docker exec -it web /bin/bash
[root@f14aacb29b2a /]# ls data/
test web
[root@localhost ~]# docker run -it --rm --name web -v /container_data:/data test:v0.23
[root@localhost ~]# docker exec -it web /bin/bash
[root@e0df7762eacb /]# cd data/
[root@e0df7762eacb data]# ls
[root@e0df7762eacb data]# ln -s /etc/httpd/conf /data/
[root@e0df7762eacb data]# ls -l /data/
total 0
lrwxrwxrwx. 1 root root 15 Dec 9 10:19 conf -> /etc/httpd/conf
[root@localhost html]# cp -r /var/www/html/* /container_data/html/
[root@localhost html]# cd /container_data/
[root@localhost container_data]# ls html/
test web
[root@localhost container_data]# ls -l
总用量 0
lrwxrwxrwx. 1 root root 15 12月 9 18:19 conf -> /etc/httpd/conf
lrwxrwxrwx. 1 root root 14 12月 9 18:20 html -> /var/www/html/
USER(不常用)
格式为USER daemon
。
指定运行容器时的用户名或UID,后续的RUN也会使用指定用户。
当服务不需要管理员权限时,可以通过该命令指定运行用户。并且可以在之前创建所需要的用户,例如:
RUN groupadd -r postgres && useradd -r -g postgres postgres
要临时获取管理员权限可以使用gosu,而不推荐sudo。如果不指定,容器默认是root运行。
WORKDIR
格式为WORKDIR /path/to/workdir
。
为后续的RUN、CMD、ENTRYPOINT指令配置工作目录。
可以使用多个WORKDIR指令,后续命令如果参数是相对路径,则会基于之前命令指定的路径。例如:
WORKDIR /a
WORKDIR b
WORKDIR c
RUN pwd
则最终路径为/a/b/c。
ONBUILD
格式为ONBUILD [INSTRUCTION]
。
配置当所创建的镜像作为其他镜像的基础镜像时,所执行的操作指令。
例如,Dockerfile使用如下的内容创建了镜像image-A
[...]
ONBUILD ADD . /app/src
ONBUILD RUN /usr/local/bin/python-build --dir /app/src
[...]
此时,如果基于image-A创建新的镜像时,新的Dockerfile中使用FROM image-A指定基础镜像时,会自动执行ONBUILD指令的内容,等价于在后面添加了两条指令。
FROM image-A
# Automatically run the following
ADD . /app/src
RUN /usr/local/bin/python-build --dir /app/src
使用ONBUILD指令的镜像,推荐在标签中注明,例如ruby:1.9-onbuild。