删除不需要的镜像:示例:通配符可用
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> 580260c93725 2 hours ago 4.27MB
<none> <none> 2c0be08280d2 2 hours ago 4.27MB
nginx latest 5ef79149e0ec 2 weeks ago 188MB
registry latest cfb4d9904335 11 months ago 25.4MB
nginx 1.23 a7be6198544f 15 months ago 142MB
172.25.254.5:5000/busybox latest 65ad0d468eb1 15 months ago 4.26MB
172.25.254.6:5000/busybox latest 65ad0d468eb1 15 months ago 4.26MB
busybox latest 65ad0d468eb1 15 months ago 4.26MB
timinglee/game2048 latest 19299002fdbe 7 years ago 55.5MB
timinglee/mario latest 9a35a9e43e8c 9 years ago 198MB
[root@docker ~]#
[root@docker ~]# docker rmi `docker images | awk '/none/{print $3}'` #把构建失败的镜像,为none的删除。
Deleted: sha256:580260c93725b30d440c8523e7e166e81e5b84e9647f747e4980ac1883d5afa6
Deleted: sha256:2c0be08280d2ee48ec2f1cf67685c5ccd93752b457381bf0334a4faf0739ea19
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> 580260c93725 2 hours ago 4.27MB
<none> <none> 2c0be08280d2 2 hours ago 4.27MB
nginx latest 5ef79149e0ec 2 weeks ago 188MB
registry latest cfb4d9904335 11 months ago 25.4MB
nginx 1.23 a7be6198544f 15 months ago 142MB
172.25.254.5:5000/busybox latest 65ad0d468eb1 15 months ago 4.26MB
172.25.254.6:5000/busybox latest 65ad0d468eb1 15 months ago 4.26MB
busybox latest 65ad0d468eb1 15 months ago 4.26MB
timinglee/game2048 latest 19299002fdbe 7 years ago 55.5MB
timinglee/mario latest 9a35a9e43e8c 9 years ago 198MB
[root@docker ~]#
[root@docker ~]# docker rmi 172.25.254.{5..6}:5000/busybox
Untagged: 172.25.254.5:5000/busybox:latest
Untagged: 172.25.254.6:5000/busybox:latest
[root@docker ~]#
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 5ef79149e0ec 2 weeks ago 188MB
registry latest cfb4d9904335 11 months ago 25.4MB
nginx 1.23 a7be6198544f 15 months ago 142MB
busybox latest 65ad0d468eb1 15 months ago 4.26MB
timinglee/game2048 latest 19299002fdbe 7 years ago 55.5MB
timinglee/mario latest 9a35a9e43e8c 9 years ago 198MB
如何自己构建一个nginx镜像??
示例:
工具:导入centos7系统
[root@docker ~]# docker load -i centos-7.tar.gz
174f56854903: Loading layer [==================================================>] 211.7MB/211.7MB
Loaded image: centos:7
1、建立构建目录,编写构建文件
[root@docker docker]# vim Dockerfile
[root@docker docker]# cat Dockerfile
FROM centos:7
LABEL Mail=lxm@folian.org
ADD nginx-1.26.1.tar.gz /mnt
WORKDIR /mnt/nginx-1.26.1
RUN yum install -y gcc make pcre-devel openssl-devel
RUN ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module
RUN make
RUN make install
EXPOSE 80 443
VOLUME ["/usr/local/nginx/html"]
#运行nginx
CMD ["/usr/local/nginx/sbin/nginx","-g","daemon off"]
[root@docker docker]# docker build -t nginx:v1 .
[+] Building 27.0s (8/11) docker:default
=> [internal] load build definition from Dockerfile 0.1s
=> => transferring dockerfile: 417B 0.0s
=> [internal] load metadata for docker.io/library/centos:7 0.0s
=> [internal] load .dockerignore 0.1s
=> => transferring context: 2B 0.0s
=> [internal] load build context 0.4s
=> => transferring context: 1.25MB 0.4s
=> [1/7] FROM docker.io/library/centos:7 0.1s
=> [2/7] ADD nginx-1.26.1.tar.gz /mnt 1.7s
=> [3/7] WORKDIR /mnt/nginx-1.26.1 0.4s
=> ERROR [4/7] RUN yum install gcc make pcre-devel openssl-devel 23.4s
------
> [4/7] RUN yum install gcc make pcre-devel openssl-devel:
8.886 Loaded plugins: fastestmirror, ovl
10.12 Determining fastest mirrors
22.77 Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=container error was
22.77 14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
22.78
22.78
22.78 One of the configured repositories failed (Unknown),
22.78 and yum doesn't have enough cached data to continue. At this point the only
22.78 safe thing yum can do is fail. There are a few ways to work "fix" this:
22.78
22.78 1. Contact the upstream for the repository and get them to fix the problem.
22.78
22.78 2. Reconfigure the baseurl/etc. for the repository, to point to a working
22.78 upstream. This is most often useful if you are using a newer
22.78 distribution release than is supported by the repository (and the
22.78 packages for the previous distribution release still work).
22.78
22.78 3. Run the command with the repository temporarily disabled
22.78 yum --disablerepo=<repoid> ...
22.78
22.78 4. Disable the repository permanently, so yum won't use it by default. Yum
22.78 will then just ignore the repository until you permanently enable it
22.78 again or use --enablerepo for temporary usage:
22.78
22.78 yum-config-manager --disable <repoid>
22.78 or
22.78 subscription-manager repos --disable=<repoid>
22.78
22.78 5. Configure the failing repository to be skipped, if it is unavailable.
22.78 Note that yum will try to contact the repo. when it runs most commands,
22.78 so will have to try and fail each time (and thus. yum will be be much
22.78 slower). If it is a very temporary problem though, this is often a nice
22.78 compromise:
22.78
22.78 yum-config-manager --save --setopt=<repoid>.skip_if_unavailable=true
22.78
22.78 Cannot find a valid baseurl for repo: base/7/x86_64
------
Dockerfile:5
--------------------
3 | ADD nginx-1.26.1.tar.gz /mnt
4 | WORKDIR /mnt/nginx-1.26.1
5 | >>> RUN yum install gcc make pcre-devel openssl-devel
6 | RUN ./configure --prefix=/usr/local/nginx --with-http_ssl_mode --with_http_stub_status_mode
7 | RUN make
--------------------
ERROR: failed to solve: process "/bin/sh -c yum install gcc make pcre-devel openssl-devel" did not complete successfully: exit code: 1
运行出现问题!!因为centos无仓库,不可以下载安装
换种思路:
[root@docker docker]# dnf install httpd -y
[root@docker docker]# vim /etc/httpd/conf/httpd.conf 
给所在虚拟机添加iso。
[root@docker docker]# mkdir /var/www/html/rhel7.9
[root@docker docker]# ls
Dockerfile nginx-1.26.1.tar.gz passwd test.tar.gz test.tsr.gz
[root@docker docker]# mount /dev/sr1 /var/www/html/rhel7.9/
mount: /var/www/html/rhel7.9: WARNING: source write-protected, mounted read-only.
[root@docker docker]# docker run -it --name centos centos:7
[root@23f55ee666de /]# ls
anaconda-post.log bin dev etc home lib lib64 media mnt opt proc root run sbin sr
[root@23f55ee666de /]# ls
anaconda-post.log dev home lib64 mnt proc run srv tmp var
bin etc lib media opt root sbin sys usr
[root@23f55ee666de /]#
查看容器网络:[root@docker volumes]# docker inspect centos
[root@docker ~]# ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=3.69 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.198 ms
64 bytes from 172.17.0.2: icmp_seq=3 ttl=64 time=0.112 ms
^C
--- 172.17.0.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2057ms
rtt min/avg/max/mdev = 0.112/1.333/3.689/1.666 ms
#在容器里编辑仓库
[root@23f55ee666de /]# cd /etc/yum.repos.d/
[root@23f55ee666de yum.repos.d]# ls
CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Sources.repo CentOS-fasttrack.repo
CentOS-CR.repo CentOS-Media.repo CentOS-Vault.repo CentOS-x86_64-kernel.repo
[root@23f55ee666de yum.repos.d]# rm -rf *
[root@23f55ee666de yum.repos.d]# ls
[root@23f55ee666de yum.repos.d]# vi centos7.repo
[root@23f55ee666de yum.repos.d]# cat centos7.repo
[centos7]
name=centos7
baseurl=http://172.17.0.1:8888/rhel7.9
gpgcheck=0
#在宿主机提交
[root@docker ~]# docker commit -m "add repo" centos centos:repo
sha256:eec56708c15bc0d7dbaed711f553420936cf499d0a4f99979f4e84231c514057
[root@docker ~]# 
#删除容器
[root@docker docker]# docker rm centos
centos
[root@docker docker]# vim Dockerfile
[root@docker docker]# cat Dockerfile
FROM centos:repo
LABEL Mail=lxm@folian.org
ADD nginx-1.26.1.tar.gz /mnt
WORKDIR /mnt/nginx-1.26.1
RUN yum install -y gcc make pcre-devel openssl-devel
RUN ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module
RUN make
RUN make install
EXPOSE 80 443
VOLUME ["/usr/local/nginx/html"]
#运行nginx
CMD ["/usr/local/nginx/sbin/nginx","-g","daemon off"]
[root@docker docker]# docker build -t nginx:v1 .
##构建成功
##这样构建的镜像很大
【优化】
- 选择最精简的基础镜像
- 减少镜像的层数
- 清理镜像构建的中间产物
- 选择最精简的基础镜像
- 减少镜像的层数 ##Dockerfile 文件层越多越大
- 清理镜像构建的中间产物
示例1:精简
[root@docker docker]# cat Dockerfile
FROM centos:repo
LABEL Mail=lxm@folian.org
ADD nginx-1.26.1.tar.gz /mnt
WORKDIR /mnt/nginx-1.26.1
RUN yum install -y gcc make pcre-devel openssl-devel && ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module && make && make install && rm -rf /mnt/nginx-1.26.1 && yum clean all
EXPOSE 80 443
VOLUME ["/usr/local/nginx/html"]
#运行nginx
CMD ["/usr/local/nginx/sbin/nginx","-g","daemon off"]
##相比较第一次变小了不少
示例2:多阶段构建
把这些先在一个镜像里做好,再拷贝到另外一个镜像里:
[root@docker docker]# vim Dockerfile
[root@docker docker]#
[root@docker docker]# cat Dockerfile
FROM centos:repo AS build
LABEL Mail=lxm@folian.org
ADD nginx-1.26.1.tar.gz /mnt
WORKDIR /mnt/nginx-1.26.1
RUN yum install -y gcc make pcre-devel openssl-devel && ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module && make && make install && rm -rf /mnt/nginx-1.26.1 && yum clean all
FROM centos:repo
LABEL mail=lxm@folian.org
COPY --from=build /usr/local/nginx /usr/local/nginx
EXPOSE 80
VOLUME ["/usr/local/nginx/html"]
CMD ["/usr/local/nginx/sbin/nginx","-g","daemon off;"]
[root@docker docker]# docker build -t nginx:v2 .
[root@docker docker]#
构建得巨快;而且更小了;
示例3:利用最精简的镜像构建
比如把构建nginx需要的最基础的镜像,拷贝放到另外一个很小很小的镜像里。
[root@docker docker]# cat Dockerfile
FROM nginx:1.23 AS base
ARG TIME_ZONE
RUN mkdir -p /opt/var/cache/nginx && \
cp -a --parents /usr/lib/nginx /opt && \
cp -a --parents /usr/share/nginx /opt && \
cp -a --parents /var/log/nginx /opt && \
cp -aL --parents /var/run /opt && \
cp -a --parents /etc/nginx /opt && \
cp -a --parents /etc/passwd /opt && \
cp -a --parents /etc/group /opt && \
cp -a --parents /usr/sbin/nginx /opt && \
cp -a --parents /usr/sbin/nginx-debug /opt && \
cp -a --parents /lib/x86_64-linux-gnu/ld-* /opt && \
cp -a --parents /usr/lib/x86_64-linux-gnu/libpcre* /opt && \
cp -a --parents /lib/x86_64-linux-gnu/libz.so.* /opt && \
cp -a --parents /lib/x86_64-linux-gnu/libc* /opt && \
cp -a --parents /lib/x86_64-linux-gnu/libdl* /opt && \
cp -a --parents /lib/x86_64-linux-gnu/libpthread* /opt && \
cp -a --parents /lib/x86_64-linux-gnu/libcrypt* /opt && \
cp -a --parents /usr/lib/x86_64-linux-gnu/libssl.so.* /opt && \
cp -a --parents /usr/lib/x86_64-linux-gnu/libcrypto.so.* /opt && \
cp /usr/share/zoneinfo/${TIME_ZONE:-ROC} /opt/etc/localtime
FROM gcr.io/distroless/base-debian11
COPY --from=base /opt /
EXPOSE 80 443
ENTRYPOINT ["nginx", "-g", "daemon off;"]
扫一扫
1111
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
