1、dockerfile指令详解
ADD:
ADD指令类似于COPY指令,ADD支持使用TAR文件和URL路径
语法:
ADD <src> ... <dest> 或 ADD ["<src>",..."<desc>"]
操作准则:
同COPY指令
如果<src>为URL且<dest>不以/结尾,则<src>指定的文件将被下载并直接被创建为<dest>;如果<dest>以为/结尾,则文件名URL指定的文件将被直接下载并保存为<dest>/<filename>;
如果<src>是一个本地系统上的压缩格式的tar文件,它将被展开为一个目录,其行为类似于“tar -x”命令,然而,通过url获取到的tar文件将不会自动展开;
如果<src>有多个,或其间接或直接使用了通配符,则<dest>必须是一个以/结尾的目录路径;如果<dest>不以/结尾,则其被视作一个普通文件,<src>的内容将被直接写入到<dest>;
例如:
[root@bogon build_workshop]# wget http://nginx.org/download/nginx-1.14.2.tar.gz//我们从互联网上wget下来一个Nginx包
--2020-08-14 16:41:11-- http://nginx.org/download/nginx-1.14.2.tar.gz
Resolving nginx.org (nginx.org)... 3.125.197.172, 52.58.199.22, 2a05:d014:edb:5702::6, ...
Connecting to nginx.org (nginx.org)|3.125.197.172|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1015384 (992K) [application/octet-stream]
Saving to: ‘nginx-1.14.2.tar.gz’
100%[========================================================================================================================================================================================================================>] 1,015,384 324KB/s in 3.1s
2020-08-14 16:41:15 (324 KB/s) - ‘nginx-1.14.2.tar.gz’ saved [1015384/1015384]
nginx1.18.0 通过构建的方式下载下来
[root@bogon build_workshop]# vi Dockerfile
FROM busybox:latest
LABEL maintainer="yumumu <572232220@qq.com>"
COPY index.html /data/web/html/
ADD http://nginx.org/download/nginx-1.18.0.tar.gz /tmp/
ADD nginx-1.14.2.tar.gz /usr/src/
[root@bogon build_workshop]# docker image build /root/build_workshop/ -t myimg:v2 //编译镜像
Sending build context to Docker daemon 1.019MB
Step 1/5 : FROM busybox:latest
---> 018c9d7b792b
Step 2/5 : LABEL maintainer="yumumu <572232220@qq.com>"
---> Using cache
---> 53e05937d996
Step 3/5 : COPY index.html /data/web/html/
---> Using cache
---> 7e319004b923
Step 4/5 : ADD http://nginx.org/download/nginx-1.18.0.tar.gz /tmp/
Downloading [==================================================>] 1.04MB/1.04MB
---> e29fe6bdbdc1
Step 5/5 : ADD nginx-1.14.2.tar.gz /usr/src/
---> 9677dad0dc24
Successfully built 9677dad0dc24
Successfully tagged myimg:v2
[root@bogon build_workshop]# docker run --name t2 --rm -it myimg:v2 /bin/sh //用编译好的镜像来启动容器
/ # ls /tmp
nginx-1.18.0.tar.gz
/ # ls /usr/src
nginx-1.14.2
/ #
WORKDIR
用于为Dockerfile中所有的RUN、CMD、ENTRYPOINT、COPY和ADD指定设定工作目录
语法:
WORKDIR <dirpath>
在Dockerfile文件中,WORKDIR指令可出现多次,其路径也可以为相对路径,不过,其是相对此前一个WORKDIR指令指定的路径
另外,WORKDIR也可调用由ENV指定定义的变量
例如:
WORKDIR /var/log
WORKDIR $STATEPATH
注意:每个WORKDIR的生效范围是当前WORKDIR向后下个WORKDIR之前的范围
[root@bogon build_workshop]# vi Dockerfile
FROM busybox:latest
LABEL maintainer="yumumu <572232220@qq.com>"
COPY index.html /data/web/html/
ADD http://nginx.org/download/nginx-1.18.0.tar.gz /tmp/
WORKDIR /usr/
ADD nginx-1.14.2.tar.gz src/ //目录是/usr/src
~
VOLUME
用于image中创建一个挂载点目录,以挂载Docker host上的卷或其它容器上的卷
语法:
VOLUME <mountpoint> 或 VOLUME ["<mountpoint>"]
如果挂载点目录路径下此前在文件存在,docker run 命令会贼卷挂载完成后将此前的所有文件复制到新挂载的卷
[root@bogon build_workshop]# vi Dockerfile
FROM busybox:latest
LABEL maintainer="yumumu <572232220@qq.com>"
COPY index.html /data/web/html/
ADD http://nginx.org/download/nginx-1.18.0.tar.gz /tmp/
ADD nginx-1.14.2.tar.gz /usr/src/
VOLUME /data/web/html //假设我们把/data/web/html设置成存储卷
[root@bogon build_workshop]# docker image build /root/build_workshop/ -t myimg:v4 //打包成镜像myimg:v4
Sending build context to Docker daemon 1.032MB
Step 1/6 : FROM busybox:latest
---> 018c9d7b792b
Step 2/6 : LABEL maintainer="yumumu <572232220@qq.com>"
---> Using cache
---> 53e05937d996
Step 3/6 : COPY index.html /data/web/html/
---> Using cache
---> 7e319004b923
Step 4/6 : ADD http://nginx.org/download/nginx-1.18.0.tar.gz /tmp/
Downloading [==================================================>] 1.04MB/1.04MB
---> Using cache
---> e29fe6bdbdc1
Step 5/6 : ADD nginx-1.14.2.tar.gz /usr/src/
---> Using cache
---> 9677dad0dc24
Step 6/6 : VOLUME /data/web/html
---> Running in c091442c87a0
Removing intermediate container c091442c87a0
---> 311e7a9bcb7e
Successfully built 311e7a9bcb7e
Successfully tagged myimg:v4
[root@bogon build_workshop]# docker run --name t3 --rm -it myimg:v4 /bin/sh 启动容器查看存储卷
/ # cd /data/web/html/
/data/web/html # ls
index.html
注意:如果说被挂载得挂载点得目录下有文件得时候,它可以先把文件复制到存储卷上然后再挂载
[root@bogon volumes]# docker container inspect t3 //查看容器得详细信息
[
{
"Id": "e70087c6ac195145594f1a9fcaabaf5404a1130fe3c7e3a803e4fca623cd2e72",
"Created": "2020-08-17T03:23:52.470023815Z",
"Path": "/bin/sh",
"Args": [],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 47576,
"ExitCode": 0,
"Error": "",
"StartedAt": "2020-08-17T03:23:52.833373696Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:311e7a9bcb7e25d18b134ea8dc8059450d7c01552531e8a504102962acc60003",
"ResolvConfPath": "/var/lib/docker/containers/e70087c6ac195145594f1a9fcaabaf5404a1130fe3c7e3a803e4fca623cd2e72/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/e70087c6ac195145594f1a9fcaabaf5404a1130fe3c7e3a803e4fca623cd2e72/hostname",
"HostsPath": "/var/lib/docker/containers/e70087c6ac195145594f1a9fcaabaf5404a1130fe3c7e3a803e4fca623cd2e72/hosts",
"LogPath": "/var/lib/docker/containers/e70087c6ac195145594f1a9fcaabaf5404a1130fe3c7e3a803e4fca623cd2e72/e70087c6ac195145594f1a9fcaabaf5404a1130fe3c7e3a803e4fca623cd2e72-json.log",
"Name": "/t3",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": true,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Capabilities": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/87af29be2180b2bf467f1026c5eec546a96748a618578674ebccb93d9ef2d569-init/diff:/var/lib/docker/overlay2/c6f53fde5bce67ea51eb5d1db7a94aca4e7254e39ae8fee1858d178cd3418f77/diff:/var/lib/docker/overlay2/2811adff6babe450b0f721fb90065690f10c617f33e25dd7a791260ea82c17ff/diff:/var/lib/docker/overlay2/43809a7f901520cf386fca029590b9769d5c2337725b4e6eabd20a1a08e5e344/diff:/var/lib/docker/overlay2/bb945e3d5f5421c019f8022b69070c014e1d842466a3ee2e7a464ef09494f723/diff",
"MergedDir": "/var/lib/docker/overlay2/87af29be2180b2bf467f1026c5eec546a96748a618578674ebccb93d9ef2d569/merged",
"UpperDir": "/var/lib/docker/overlay2/87af29be2180b2bf467f1026c5eec546a96748a618578674ebccb93d9ef2d569/diff",
"WorkDir": "/var/lib/docker/overlay2/87af29be2180b2bf467f1026c5eec546a96748a618578674ebccb93d9ef2d569/work"
},
"Name": "overlay2"
},
"Mounts": [
{
"Type": "volume",
"Name": "ba90d478254c0cc6da78b12771c569b8e0dad283769235646c96484f2bc8bea4",
"Source": "/var/lib/docker/volumes/ba90d478254c0cc6da78b12771c569b8e0dad283769235646c96484f2bc8bea4/_data", //宿主机存储卷路径
"Destination": "/data/web/html",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": ""
}
],
"Config": {
"Hostname": "e70087c6ac19",
"Domainname": "",
"User": "",
"AttachStdin": true,
"AttachStdout": true,
"AttachStderr": true,
"Tty": true,
"OpenStdin": true,
"StdinOnce": true,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"/bin/sh"
],
"Image": "myimg:v4",
"Volumes": {
"/data/web/html": {}
},
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"maintainer": "yumumu <572232220@qq.com>"
}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "2f51d47e644e72ce7f30fb87a8e58110e91a386b8cadf9308a48155e9714fc82",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/2f51d47e644e",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "bc8dc4f1460873a5b37fbfa0b6d8e77d2f83d1d10da0a1a923496f53bc62fd20",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.6",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:06",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "c0abba7360378d6a7cf08213748f59c6330f3688c8731c0672069926279c5a6a",
"EndpointID": "bc8dc4f1460873a5b37fbfa0b6d8e77d2f83d1d10da0a1a923496f53bc62fd20",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.6",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:06",
"DriverOpts": null
}
}
}
}
]
[root@bogon volumes]# ls /var/lib/docker/volumes //查看宿主机的目录下有没有这个文件/ba90d478254c0cc6da78b12771c569b8e0dad283769235646c96484f2bc8bea4/_data
index.html
EXPOSE
用于为容器打开指定要监听的端口以实现与外部通信
语法:
EXPOSE <port>[/<protocol>] [<port>[/<protocol>] ....]
<protocol>用于指定传输层协议,可为tcp和udp二者之一,默认为TCP协议
EXPOSE指令可一次指定多个端口,例如
EXPOSE 11211/udp 11211/tcp
例子:加入我们有一个默认就监听在80端口的服务,我们基于镜像在用dockerfile在做一个镜像让它暴露80端口
[root@bogon volumes]# docker image ls //查看镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
myimg v4 311e7a9bcb7e 39 minutes ago 8.33MB
myimg v2 9677dad0dc24 2 days ago 8.33MB
myimg v1 7e319004b923 3 days ago 1.22MB
572232220/myimg v0.1 6dae971ed21d 11 days ago 1.22MB
busybox latest 018c9d7b792b 2 weeks ago 1.22MB
nginx 1.15-alpine dd025cdfe837 15 months ago 16.1MB
[root@bogon build_workshop]# vi Dockerfile //编写dockerfile
FROM busybox:latest
LABEL maintainer="yumumu <572232220@qq.com>"
COPY index.html /data/web/html/
ADD http://nginx.org/download/nginx-1.18.0.tar.gz /tmp/
ADD nginx-1.14.2.tar.gz /usr/src/
VOLUME /data/web/html
EXPOSE 80/tcp //暴露80端口
[root@bogon build_workshop]# docker image build /root/build_workshop/ -t myimg:v5 //把dockerfile构建成镜像
Sending build context to Docker daemon 1.032MB
Step 1/7 : FROM busybox:latest
---> 018c9d7b792b
Step 2/7 : LABEL maintainer="yumumu <572232220@qq.com>"
---> Using cache
---> 53e05937d996
Step 3/7 : COPY index.html /data/web/html/
---> Using cache
---> 7e319004b923
Step 4/7 : ADD http://nginx.org/download/nginx-1.18.0.tar.gz /tmp/
Downloading [==================================================>] 1.04MB/1.04MB
---> Using cache
---> e29fe6bdbdc1
Step 5/7 : ADD nginx-1.14.2.tar.gz /usr/src/
---> Using cache
---> 9677dad0dc24
Step 6/7 : VOLUME /data/web/html
---> Using cache
---> 311e7a9bcb7e
Step 7/7 : EXPOSE 80/tcp
---> Running in 1772acdd041b
Removing intermediate container 1772acdd041b
---> 5c832c7131bf
Successfully built 5c832c7131bf
Successfully tagged myimg:v5
[root@bogon build_workshop]# docker run --name t4 --rm -P -it myimg:v5 /bin/sh //启动容器 端口暴露在一定程序上暴露是有网络风险的 就算我们在dockerfile中指定了它也不会暴露,除非你加-P选项
/ #
[root@bogon build_workshop]# docker container port t4 //打开另外一个终端查看端口暴露信息
80/tcp -> 0.0.0.0:32768
这种暴露都是动态绑定机制,就是把你的宿主机可用地址的动态端口
[root@bogon build_workshop]# docker run --name t4 --rm -P -it myimg:v5 /bin/sh
/ # httpd -h /data/web/html //启动容器以后我们在宿主机的外部去访问
/ #
用本机电脑去访问虚拟机
ENV
用于为镜像定义所需的环境变量,并可被Dockerfile文件中位于其后的其它指令(如ENV、ADD、COPY等)所调用
注意:这个环境变量是在build阶段时使用的
调用格式为$variable_name或${variable_name}
语法
ENV <key> <value> 或 ENV <key>=<value> ...
第一种格式中,<key>之后的所有内容均被视作其<value>的组成部分,因此,一次只能设置一个变量
第二种格式可用一次设置多个变量,每个变量为一个“<key>=<value>”的键值对,如果<value>中包含空格,可以以反斜线(\)进行转义。也可通过对<value>加引号进行标识;另外,反斜线也可用于续行;
定义多个变量时,建议使用第二种方式,以便在同一层中完成所有功能
[root@bogon build_workshop]# vi Dockerfile
FROM busybox:latest
ENV webhome="/data/web/html/"
LABEL maintainer="yumumu <572232220@qq.com>"
COPY index.html ${webhome}
ADD http://nginx.org/download/nginx-1.18.0.tar.gz ${webhome}
ADD nginx-1.14.2.tar.gz ./
VOLUME ${webhome}
EXPOSE 80/tcp
[root@bogon build_workshop]# docker image build /root/build_workshop/ -t myimg:v6 //去构建镜像
Sending build context to Docker daemon 1.032MB
Step 1/8 : FROM busybox:latest
---> 018c9d7b792b
Step 2/8 : ENV webhome="/data/web/html/"
---> Using cache
---> c0d2c69266b8
Step 3/8 : LABEL maintainer="yumumu <572232220@qq.com>"
---> Using cache
---> 5b645e0a6abe
Step 4/8 : COPY index.html ${webhome}
---> Using cache
---> 4a59ce1ce4ee
Step 5/8 : ADD http://nginx.org/download/nginx-1.18.0.tar.gz ${webhome}
Downloading [==================================================>] 1.04MB/1.04MB
---> Using cache
---> 9d44bd18f09c
Step 6/8 : ADD nginx-1.14.2.tar.gz ./
---> Using cache
---> 3b7334fa103c
Step 7/8 : VOLUME ${webhome}
---> Using cache
---> a4e78a700c4f
Step 8/8 : EXPOSE 80/tcp
---> Using cache
---> 4ff524fdb339
Successfully built 4ff524fdb339
Successfully tagged myimg:v6
[root@bogon build_workshop]# docker run --name t3 --rm -P -it myimg:v6 /bin/sh //用V6镜像启动一个容器
/ # ls /data/web/html/ //查看目录下的文件
index.html nginx-1.18.0.tar.gz
/ #
ARG:
定义变量,可以再build时传值
[root@bogon build_workshop]# vi Dockerfile
FROM busybox:latest
ARG webhome="/data/web/html/"
LABEL maintainer="yumumu <572232220@qq.com>"
COPY index.html ${webhome}
ADD http://nginx.org/download/nginx-1.18.0.tar.gz ${webhome}
ADD nginx-1.14.2.tar.gz ./
VOLUME ${webhome}
EXPOSE 80/tcp
[root@bogon build_workshop]# docker image build --build-arg webhome="/webdata /hrdocs/" /root/build_workshop/ -t myimg:v7 //构建镜像 用--build-arg去给变量传值
Sending build context to Docker daemon 1.032MB
Step 1/8 : FROM busybox:latest
---> 018c9d7b792b
Step 2/8 : ARG webhome="/data/web/html/"
---> Using cache
---> 9d99c2b43225
Step 3/8 : LABEL maintainer="yumumu <572232220@qq.com>"
---> Using cache
---> cc5d331560e3
Step 4/8 : COPY index.html ${webhome}
---> 7aaf5ded1564
Step 5/8 : ADD http://nginx.org/download/nginx-1.18.0.tar.gz ${webhome}
Downloading [==================================================>] 1.04MB/1.04MB
---> 6843fa9482ca
Step 6/8 : ADD nginx-1.14.2.tar.gz ./
---> d3864872bf30
Step 7/8 : VOLUME ${webhome}
---> Running in 6085285a25d3
Removing intermediate container 6085285a25d3
---> 2ca99213a9ce
Step 8/8 : EXPOSE 80/tcp
---> Running in aa2f63e4d284
Removing intermediate container aa2f63e4d284
---> 60c8973c8d18
Successfully built 60c8973c8d18
Successfully tagged myimg:v7
[root@bogon build_workshop]# docker run --name t1 --rm -P -it myimg:v7 /bin/sh //运行容器验证--build-arg的变量传得值是否生效
/ # cd /webdata/hrdocs/
/webdata/hrdocs # pwd
/webdata/hrdocs
/webdata/hrdocs # ls
index.html nginx-1.18.0.tar.gz
RUN
用于指定docker build过程中运行的程序,其可以是任何命令(基础镜像中存在得命令)
语法:
RUN <command> 或 RUN ["<executable>","param1","param2"]
第一种格式中,<command>通常是一个shell命令,且以“/bin/sh -c”来运行它,这意味着此进程在容器中的pid不为1,不能接收Unix信号,因此,当使用 docker stop <container>命令停止容器时,此进程接收不到SIGTERM信号;
第二种语法格式中的参数是一个JSON格式的数组,其中<executable>为要运行的命令,后面的<paramN>为传递给命令的选项或参数,然而,此种格式指定的命令不会以“/bin/sh -c”来发起,因此常见的shell操作如变量替换以及通配符(?,*等)替换将不会进行;不过。如果要运行的命令依赖于此shell特性的话,可以将其替换为类似下面的格式
RUN ["/bin/bash","-c","<executable>","<param1>"]
[root@bogon ~]# mkdir ap
[root@bogon ~]# cd ap/
[root@bogon ap]# vim Dockerfile //编写DOckerfile
FROM centos:7
ARG docroot=/var/www/html/
RUN yum makecache && \
yum -y install httpd php php-mysql && \
yum clean all && \ //清理缓存
rm -rf /var/cache/yum/* //Dockerfile中每一个命令都是一个镜像层,使用RUN时间,如果想让多个命令生成一个镜像层使用&& \
[root@bogon ap]# docker image build . -t php-httpd:v0.1 //构建镜像
Sending build context to Docker daemon 2.048kB
Step 1/3 : FROM centos:7
7: Pulling from library/centos
75f829a71a1c: Pull complete
Digest: sha256:19a79828ca2e505eaee0ff38c2f3fd9901f4826737295157cc5212b7a372cd2b
Status: Downloaded newer image for centos:7
---> 7e6257c9f8d8
Step 2/3 : ARG docroot=/var/www/html/
---> Running in 4534ea75bd24
Removing intermediate container 4534ea75bd24
---> ac21cf01d4b6
Step 3/3 : RUN yum makecache && yum -y install httpd php php-mysql
---> Running in 93e718a126f4
Loaded plugins: fastestmirror, ovl
Determining fastest mirrors
* base: mirrors.tuna.tsinghua.edu.cn
* extras: mirror.bit.edu.cn
* updates: mirror.bit.edu.cn
Metadata Cache Created
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
* base: mirrors.tuna.tsinghua.edu.cn
* extras: mirror.bit.edu.cn
* updates: mirror.bit.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package httpd.x86_64 0:2.4.6-93.el7.centos will be installed
--> Processing Dependency: httpd-tools = 2.4.6-93.el7.centos for package: httpd-2.4.6-93.el7.centos.x86_64
--> Processing Dependency: system-logos >= 7.92.1-1 for package: httpd-2.4.6-93.el7.centos.x86_64
--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-93.el7.centos.x86_64
--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-93.el7.centos.x86_64
--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-93.el7.centos.x86_64
---> Package php.x86_64 0:5.4.16-48.el7 will be installed
--> Processing Dependency: php-common(x86-64) = 5.4.16-48.el7 for package: php-5.4.16-48.el7.x86_64
--> Processing Dependency: php-cli(x86-64) = 5.4.16-48.el7 for package: php-5.4.16-48.el7.x86_64
---> Package php-mysql.x86_64 0:5.4.16-48.el7 will be installed
--> Processing Dependency: php-pdo(x86-64) = 5.4.16-48.el7 for package: php-mysql-5.4.16-48.el7.x86_64
--> Processing Dependency: libmysqlclient.so.18(libmysqlclient_18)(64bit) for package: php-mysql-5.4.16-48.el7.x86_64
--> Processing Dependency: libmysqlclient.so.18()(64bit) for package: php-mysql-5.4.16-48.el7.x86_64
--> Running transaction check
---> Package apr.x86_64 0:1.4.8-5.el7 will be installed
---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed
---> Package centos-logos.noarch 0:70.0.6-3.el7.centos will be installed
---> Package httpd-tools.x86_64 0:2.4.6-93.el7.centos will be installed
---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed
---> Package mariadb-libs.x86_64 1:5.5.65-1.el7 will be installed
---> Package php-cli.x86_64 0:5.4.16-48.el7 will be installed
--> Processing Dependency: libedit.so.0()(64bit) for package: php-cli-5.4.16-48.el7.x86_64
---> Package php-common.x86_64 0:5.4.16-48.el7 will be installed
--> Processing Dependency: libzip.so.2()(64bit) for package: php-common-5.4.16-48.el7.x86_64
---> Package php-pdo.x86_64 0:5.4.16-48.el7 will be installed
--> Running transaction check
---> Package libedit.x86_64 0:3.0-12.20121213cvs.el7 will be installed
---> Package libzip.x86_64 0:0.10.1-8.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
httpd x86_64 2.4.6-93.el7.centos base 2.7 M
php x86_64 5.4.16-48.el7 base 1.4 M
php-mysql x86_64 5.4.16-48.el7 base 102 k
Installing for dependencies:
apr x86_64 1.4.8-5.el7 base 103 k
apr-util x86_64 1.5.2-6.el7 base 92 k
centos-logos noarch 70.0.6-3.el7.centos base 21 M
httpd-tools x86_64 2.4.6-93.el7.centos base 92 k
libedit x86_64 3.0-12.20121213cvs.el7 base 92 k
libzip x86_64 0.10.1-8.el7 base 48 k
mailcap noarch 2.1.41-2.el7 base 31 k
mariadb-libs x86_64 1:5.5.65-1.el7 base 759 k
php-cli x86_64 5.4.16-48.el7 base 2.7 M
php-common x86_64 5.4.16-48.el7 base 565 k
php-pdo x86_64 5.4.16-48.el7 base 99 k
Transaction Summary
================================================================================
Install 3 Packages (+11 Dependent packages)
Total download size: 30 M
Installed size: 54 M
Downloading packages:
warning: /var/cache/yum/x86_64/7/base/packages/apr-util-1.5.2-6.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for apr-util-1.5.2-6.el7.x86_64.rpm is not installed
--------------------------------------------------------------------------------
Total 1.4 MB/s | 30 MB 00:21
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
Userid : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
Package : centos-release-7-8.2003.0.el7.centos.x86_64 (@CentOS)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : apr-1.4.8-5.el7.x86_64 1/14
Installing : apr-util-1.5.2-6.el7.x86_64 2/14
Installing : httpd-tools-2.4.6-93.el7.centos.x86_64 3/14
Installing : centos-logos-70.0.6-3.el7.centos.noarch 4/14
Installing : libzip-0.10.1-8.el7.x86_64 5/14
Installing : php-common-5.4.16-48.el7.x86_64 6/14
Installing : php-pdo-5.4.16-48.el7.x86_64 7/14
Installing : 1:mariadb-libs-5.5.65-1.el7.x86_64 8/14
Installing : libedit-3.0-12.20121213cvs.el7.x86_64 9/14
Installing : php-cli-5.4.16-48.el7.x86_64 10/14
Installing : mailcap-2.1.41-2.el7.noarch 11/14
Installing : httpd-2.4.6-93.el7.centos.x86_64 12/14
Installing : php-5.4.16-48.el7.x86_64 13/14
Installing : php-mysql-5.4.16-48.el7.x86_64 14/14
Verifying : mailcap-2.1.41-2.el7.noarch 1/14
Verifying : libedit-3.0-12.20121213cvs.el7.x86_64 2/14
Verifying : apr-util-1.5.2-6.el7.x86_64 3/14
Verifying : httpd-2.4.6-93.el7.centos.x86_64 4/14
Verifying : php-cli-5.4.16-48.el7.x86_64 5/14
Verifying : php-pdo-5.4.16-48.el7.x86_64 6/14
Verifying : apr-1.4.8-5.el7.x86_64 7/14
Verifying : php-mysql-5.4.16-48.el7.x86_64 8/14
Verifying : 1:mariadb-libs-5.5.65-1.el7.x86_64 9/14
Verifying : php-common-5.4.16-48.el7.x86_64 10/14
Verifying : php-5.4.16-48.el7.x86_64 11/14
Verifying : libzip-0.10.1-8.el7.x86_64 12/14
Verifying : httpd-tools-2.4.6-93.el7.centos.x86_64 13/14
Verifying : centos-logos-70.0.6-3.el7.centos.noarch 14/14
Installed:
httpd.x86_64 0:2.4.6-93.el7.centos php.x86_64 0:5.4.16-48.el7
php-mysql.x86_64 0:5.4.16-48.el7
Dependency Installed:
apr.x86_64 0:1.4.8-5.el7
apr-util.x86_64 0:1.5.2-6.el7
centos-logos.noarch 0:70.0.6-3.el7.centos
httpd-tools.x86_64 0:2.4.6-93.el7.centos
libedit.x86_64 0:3.0-12.20121213cvs.el7
libzip.x86_64 0:0.10.1-8.el7
mailcap.noarch 0:2.1.41-2.el7
mariadb-libs.x86_64 1:5.5.65-1.el7
php-cli.x86_64 0:5.4.16-48.el7
php-common.x86_64 0:5.4.16-48.el7
php-pdo.x86_64 0:5.4.16-48.el7
Complete!
Removing intermediate container 93e718a126f4
---> 55f9f0cf3b6e
Successfully built 55f9f0cf3b6e
Successfully tagged php-httpd:v0.1
[root@bogon ap]# docker run --name web1 --rm -it php-httpd:v0.1 /bin/bash //用构建得镜像去运行一个容器 查看容器中得httpd和php得版本
[root@e9d0b49b805e /]# rpm -q httpd
httpd-2.4.6-93.el7.centos.x86_64
[root@e9d0b49b805e /]# rpm -q php
php-5.4.16-48.el7.x86_64
[root@e9d0b49b805e /]# cat /usr/lib/systemd/system/httpd.service
[Unit]
Description=The Apache HTTP Server
After=network.target remote-fs.target nss-lookup.target
Documentation=man:httpd(8)
Documentation=man:apachectl(8)
[Service]
Type=notify
EnvironmentFile=/etc/sysconfig/httpd
ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND //-DFOREGROUND选项这种格式就表示运行在前台的
ExecReload=/usr/sbin/httpd $OPTIONS -k graceful
ExecStop=/bin/kill -WINCH ${MAINPID}
# We want systemd to give httpd some time to finish gracefully, but still want
# it to kill httpd after TimeoutStopSec if something went wrong during the
# graceful stop. Normally, Systemd sends SIGTERM signal right after the
# ExecStop, which would kill httpd. We are sending useless SIGCONT here to give
# httpd time to finish.
KillSignal=SIGCONT
PrivateTmp=true
[Install]
WantedBy=multi-user.target
CMD:
类似于RUN指令,CMD指令也可用于运行任何命令或应用程序,不过,二者得运行时间点不同
RUN指令运行于镜像文件构建过程中,而CMD指令运行于基于Dockerfile构建出得新镜像文件启动一个容器时
CMD指令得首要目的再于为启动得容器指定默认要运行得程序,且其运行结束后,容器也将终止,不过,CMD指定
的命令其可以被docker run的命令行选项所覆盖
在Dockerfile中可以存在多个CMD命令,但仅仅最后一个会生效
语法:
CMD <command> 或
CMD ["executable","param1","param2"] 或者
CMD ["<param1>","<param2>"]
前两种语法格式的意义同RUN
第三种则用于为ENTRYPOINT指令提供默认参数
[root@bogon ap]# vi Dockerfile
FROM centos:7
ARG docroot=/var/www/html/
RUN yum makecache && \
yum -y install httpd php php-mysql && \
yum clean all && \
rm -rf /var/cache/yum/*
CMD ["/usr/sbin/httpd","-DFOREGROUND"] //表示运行在前台,这种方式表示不以shell进程来解释它
[root@bogon ap]# docker image build . -t php-httpd:v0.2 //构建镜像
Sending build context to Docker daemon 2.048kB
Step 1/4 : FROM centos:7
---> 7e6257c9f8d8
Step 2/4 : ARG docroot=/var/www/html/
---> Using cache
---> ac21cf01d4b6
Step 3/4 : RUN yum makecache && yum -y install httpd php php-mysql && yum clean all && rm -rf /var/cache/yum/*
---> Running in abff53929125
Loaded plugins: fastestmirror, ovl
Determining fastest mirrors
* base: mirror.bit.edu.cn
* extras: mirror.bit.edu.cn
* updates: mirror.bit.edu.cn
Metadata Cache Created
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
* base: mirror.bit.edu.cn
* extras: mirror.bit.edu.cn
* updates: mirror.bit.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package httpd.x86_64 0:2.4.6-93.el7.centos will be installed
--> Processing Dependency: httpd-tools = 2.4.6-93.el7.centos for package: httpd-2.4.6-93.el7.centos.x86_64
--> Processing Dependency: system-logos >= 7.92.1-1 for package: httpd-2.4.6-93.el7.centos.x86_64
--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-93.el7.centos.x86_64
--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-93.el7.centos.x86_64
--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-93.el7.centos.x86_64
---> Package php.x86_64 0:5.4.16-48.el7 will be installed
--> Processing Dependency: php-common(x86-64) = 5.4.16-48.el7 for package: php-5.4.16-48.el7.x86_64
--> Processing Dependency: php-cli(x86-64) = 5.4.16-48.el7 for package: php-5.4.16-48.el7.x86_64
---> Package php-mysql.x86_64 0:5.4.16-48.el7 will be installed
--> Processing Dependency: php-pdo(x86-64) = 5.4.16-48.el7 for package: php-mysql-5.4.16-48.el7.x86_64
--> Processing Dependency: libmysqlclient.so.18(libmysqlclient_18)(64bit) for package: php-mysql-5.4.16-48.el7.x86_64
--> Processing Dependency: libmysqlclient.so.18()(64bit) for package: php-mysql-5.4.16-48.el7.x86_64
--> Running transaction check
---> Package apr.x86_64 0:1.4.8-5.el7 will be installed
---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed
---> Package centos-logos.noarch 0:70.0.6-3.el7.centos will be installed
---> Package httpd-tools.x86_64 0:2.4.6-93.el7.centos will be installed
---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed
---> Package mariadb-libs.x86_64 1:5.5.65-1.el7 will be installed
---> Package php-cli.x86_64 0:5.4.16-48.el7 will be installed
--> Processing Dependency: libedit.so.0()(64bit) for package: php-cli-5.4.16-48.el7.x86_64
---> Package php-common.x86_64 0:5.4.16-48.el7 will be installed
--> Processing Dependency: libzip.so.2()(64bit) for package: php-common-5.4.16-48.el7.x86_64
---> Package php-pdo.x86_64 0:5.4.16-48.el7 will be installed
--> Running transaction check
---> Package libedit.x86_64 0:3.0-12.20121213cvs.el7 will be installed
---> Package libzip.x86_64 0:0.10.1-8.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
httpd x86_64 2.4.6-93.el7.centos base 2.7 M
php x86_64 5.4.16-48.el7 base 1.4 M
php-mysql x86_64 5.4.16-48.el7 base 102 k
Installing for dependencies:
apr x86_64 1.4.8-5.el7 base 103 k
apr-util x86_64 1.5.2-6.el7 base 92 k
centos-logos noarch 70.0.6-3.el7.centos base 21 M
httpd-tools x86_64 2.4.6-93.el7.centos base 92 k
libedit x86_64 3.0-12.20121213cvs.el7 base 92 k
libzip x86_64 0.10.1-8.el7 base 48 k
mailcap noarch 2.1.41-2.el7 base 31 k
mariadb-libs x86_64 1:5.5.65-1.el7 base 759 k
php-cli x86_64 5.4.16-48.el7 base 2.7 M
php-common x86_64 5.4.16-48.el7 base 565 k
php-pdo x86_64 5.4.16-48.el7 base 99 k
Transaction Summary
================================================================================
Install 3 Packages (+11 Dependent packages)
Total download size: 30 M
Installed size: 54 M
Downloading packages:
warning: /var/cache/yum/x86_64/7/base/packages/apr-util-1.5.2-6.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for apr-util-1.5.2-6.el7.x86_64.rpm is not installed
--------------------------------------------------------------------------------
Total 3.3 MB/s | 30 MB 00:09
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
Userid : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
Package : centos-release-7-8.2003.0.el7.centos.x86_64 (@CentOS)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : apr-1.4.8-5.el7.x86_64 1/14
Installing : apr-util-1.5.2-6.el7.x86_64 2/14
Installing : httpd-tools-2.4.6-93.el7.centos.x86_64 3/14
Installing : centos-logos-70.0.6-3.el7.centos.noarch 4/14
Installing : libzip-0.10.1-8.el7.x86_64 5/14
Installing : php-common-5.4.16-48.el7.x86_64 6/14
Installing : php-pdo-5.4.16-48.el7.x86_64 7/14
Installing : 1:mariadb-libs-5.5.65-1.el7.x86_64 8/14
Installing : libedit-3.0-12.20121213cvs.el7.x86_64 9/14
Installing : php-cli-5.4.16-48.el7.x86_64 10/14
Installing : mailcap-2.1.41-2.el7.noarch 11/14
Installing : httpd-2.4.6-93.el7.centos.x86_64 12/14
Installing : php-5.4.16-48.el7.x86_64 13/14
Installing : php-mysql-5.4.16-48.el7.x86_64 14/14
Verifying : mailcap-2.1.41-2.el7.noarch 1/14
Verifying : libedit-3.0-12.20121213cvs.el7.x86_64 2/14
Verifying : apr-util-1.5.2-6.el7.x86_64 3/14
Verifying : httpd-2.4.6-93.el7.centos.x86_64 4/14
Verifying : php-cli-5.4.16-48.el7.x86_64 5/14
Verifying : php-pdo-5.4.16-48.el7.x86_64 6/14
Verifying : apr-1.4.8-5.el7.x86_64 7/14
Verifying : php-mysql-5.4.16-48.el7.x86_64 8/14
Verifying : 1:mariadb-libs-5.5.65-1.el7.x86_64 9/14
Verifying : php-common-5.4.16-48.el7.x86_64 10/14
Verifying : php-5.4.16-48.el7.x86_64 11/14
Verifying : libzip-0.10.1-8.el7.x86_64 12/14
Verifying : httpd-tools-2.4.6-93.el7.centos.x86_64 13/14
Verifying : centos-logos-70.0.6-3.el7.centos.noarch 14/14
Installed:
httpd.x86_64 0:2.4.6-93.el7.centos php.x86_64 0:5.4.16-48.el7
php-mysql.x86_64 0:5.4.16-48.el7
Dependency Installed:
apr.x86_64 0:1.4.8-5.el7
apr-util.x86_64 0:1.5.2-6.el7
centos-logos.noarch 0:70.0.6-3.el7.centos
httpd-tools.x86_64 0:2.4.6-93.el7.centos
libedit.x86_64 0:3.0-12.20121213cvs.el7
libzip.x86_64 0:0.10.1-8.el7
mailcap.noarch 0:2.1.41-2.el7
mariadb-libs.x86_64 1:5.5.65-1.el7
php-cli.x86_64 0:5.4.16-48.el7
php-common.x86_64 0:5.4.16-48.el7
php-pdo.x86_64 0:5.4.16-48.el7
Complete!
Loaded plugins: fastestmirror, ovl
Cleaning repos: base extras updates
Cleaning up list of fastest mirrors
Removing intermediate container abff53929125
---> 41a418bb0571
Step 4/4 : CMD ["/usr/sbin/httpd","-DFORGROUND"]
---> Running in e6f5f52e402c
Removing intermediate container e6f5f52e402c
---> 88db279567d8
Successfully built 88db279567d8
Successfully tagged php-httpd:v0.2
[root@bogon ap]# docker run --name web1 --rm php-httpd:v0.2 //用构建的镜像运行容器
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.3. Set the 'ServerName' directive globally to suppress this message
[root@bogon ap]# docker ps //查看容器是否运行
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6a6b45923e8e php-httpd:v0.2 "/usr/sbin/httpd -DF…" 17 seconds ago Up 17 seconds web1
72e8f6c2cfe0 myimg:v7 "/bin/sh" 13 hours ago Up 13 hours 0.0.0.0:32770->80/tcp t1
[root@bogon ap]# docker exec -it web1 /bin/bash //连入容器查看监听端口
[root@6a6b45923e8e /]# netstat -tnl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
ENTRYPOINT
类似CMD指令的功能,用于为容器指定默认运行程序,从而使得容器像是一个单独的可执行程序
与CMD不同的是,由ENTRYPOINT启动的程序不会被docker run 指令行指定的参数所覆盖,而且,这些命令行参数会被当作参数传递给ENTRYPOINT指定指定的程序
不过,docker run命令的--entrypoint选项的参数可覆盖ENTRYPOINT指令指定的程序
语法:
ENTRYPOINT <command>
ENTRYPOINT ["executable","param1","param2"]
docker run命令传入的命令参数会覆盖CMD指令的内容并且附加到ENTRYPOINT命令最后作为其参数使用
Dockerfile文件中也可以讯在多个ENTRYPOINT指令,但仅有最后一个会生效
我们还用上面CMD构建的镜像去运行一个容器
[root@bogon ap]# docker run --name web1 --rm -it php-httpd:v0.2 /bin/bash
[root@0ee90b91eefe /]# ps -aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.1 0.1 11828 1904 pts/0 Ss 06:20 0:00 /bin/bash
root 14 0.0 0.1 51756 1708 pts/0 R+ 06:21 0:00 ps -aux
注意上面我们会发现运行默认就是shell,压根没启httpd,所以我们说CMD运行的命令是会被覆盖的,如果我们不期望被覆盖,则要使用ENTRYPOINT
[root@bogon ap]# vi Dockerfile
FROM centos:7
ARG docroot=/var/www/html/
RUN yum makecache && \
yum -y install httpd php php-mysql && \
yum clean all && \
rm -rf /var/cache/yum/*
ADD phpinfo.php ${docroot}
EXPOSE 80/tcp
VOLUME ${docroot}
ENTRYPOINT ["/usr/sbin/httpd","-DFOREGROUND"]
[root@bogon ap]# vi phpinfo.php //写一个php测试页面
<?php
phpinfo();
?>
[root@bogon ap]# docker image build . -t php-httpd:v0.3 //构建镜像
Sending build context to Docker daemon 3.072kB
Step 1/7 : FROM centos:7
---> 7e6257c9f8d8
Step 2/7 : ARG docroot=/var/www/html/
---> Using cache
---> ac21cf01d4b6
Step 3/7 : RUN yum makecache && yum -y install httpd php php-mysql && yum clean all && rm -rf /var/cache/yum/*
---> Using cache
---> 026987d51651
Step 4/7 : ADD phpinfo.php ${docroot}
---> a5b56675b817
Step 5/7 : EXPOSE 80/tcp
---> Running in 6e25a620278c
Removing intermediate container 6e25a620278c
---> 18ef747ab196
Step 6/7 : VOLUME ${docroot}
---> Running in 3064ecaf80cb
Removing intermediate container 3064ecaf80cb
---> 9bbb28eb6c14
Step 7/7 : ENTRYPOINT ["/usr/sbin/httpd","-DFOREGROUND"]
---> Running in 170dba6f6fab
Removing intermediate container 170dba6f6fab
---> 14c3b887cf16
Successfully built 14c3b887cf16
Successfully tagged php-httpd:v0.3
[root@bogon ap]# docker run --name web1 --rm -it php-httpd:v0.3 /bin/bash //用构建的镜像v0.3启动时报 /usr/sbin/httpd 表示 命令中的/bin/bash被当作是参数传了进去 因此使用ENTRYPOINT不会被覆盖
Usage: /usr/sbin/httpd [-D name] [-d directory] [-f file]
[-C "directive"] [-c "directive"]
[-k start|restart|graceful|graceful-stop|stop]
[-v] [-V] [-h] [-l] [-L] [-t] [-T] [-S] [-X]
Options:
-D name : define a name for use in <IfDefine name> directives
-d directory : specify an alternate initial ServerRoot
-f file : specify an alternate ServerConfigFile
-C "directive" : process directive before reading config files
-c "directive" : process directive after reading config files
-e level : show startup errors of level (see LogLevel)
-E file : log startup errors to file
-v : show version number
-V : show compile settings
-h : list available command line options (this page)
-l : list compiled in modules
-L : list available configuration directives
-t -D DUMP_VHOSTS : show parsed vhost settings
-t -D DUMP_RUN_CFG : show parsed run settings
-S : a synonym for -t -D DUMP_VHOSTS -D DUMP_RUN_CFG
-t -D DUMP_MODULES : show all loaded modules
-M : a synonym for -t -D DUMP_MODULES
-t : run syntax check for config files
-T : start without DocumentRoot(s) check
-X : debug mode (only one worker, do not detach)
如果想使用ENTRYPOINT覆盖的话只能在docker run时加 --entrypoint "/bin/bash"参数去运行
[root@bogon ap]# docker run --name web1 --rm -it --entrypoint "/bin/bash" php-httpd:v0.3
[root@cbb834b1b26a /]#
USER
用于指定运行image时的或运行的Dockerfile中任何RUN、CMD或ENTRYPOINT指令指定的程序时的用户名或UID
默认情况下,container的运行身份为root用户
语法:
USER <UID> | <UserName>
需要注意的是,<UID>可以为任意数字,但实践中其必须为/etc/passwd中某用户的有效UID,否则,docker run命令将运行失败
HEALTHCHECK 健康状态检测
对于容器来讲,健康状态检测是非常非常重要的功能,因为我们说过一个容器之所以能运行起来是因为基于镜像启动容器时,docker容器在一个容器中只运行一个进程,只要进程不倒,容器就不倒,但是可能会有一个问题,如果进程没倒,但是进程已经不能正常工作了,有一些进程运行个十天半个月以后,它既不能接收用户请求也不能处理响应用户请求,但是进程本身仍然在运行状态,我们则可以认为这个容器现在是病态的了,因此healthcheck就是来完成这个事的,它允许我们额外加一层命令,这个命令可能是用来模拟客户端的向容器内的应用程序发请求,比如像80端口请求某个资源,这个资源如果能正常响应我们则认为是健康的,否则我们认为它是不健康的,就算进程没终止,我们依然把它判定为不健康,而后通知容器引擎强制重启容器。
语法:
HEALTHCHECK [选项] CMD <命令>
:设置检查容器健康状况的命令
HEALTHCHECK NONE
:如果基础镜像有健康检查指令,使用这行可以屏蔽掉其健康检查指令
HEALTHCHECK
支持下列选项:
--interval=<间隔>
:两次健康检查的间隔,默认为 30 秒;
--timeout=<时长>
:健康检查命令运行超时时间,如果超过这个时间,本次健康检查就被视为失败,默认 30 秒;
--retries=<次数>
:当连续失败指定次数后,则将容器状态视为 unhealthy
,默认 3 次。
--start-period=<时间>
:在什么时间开始,我们拿一个镜像启动为容器,这个启动瞬间就把应用程序启动起来了,容器一启动立即做健康检测,默认是0秒,如果我们把这个参数值改成5s则是容器启动5s以后做第一次检测,有些程序初始化比较慢,这里一般根据程序得启动速度去设置相应得健康检查时间
命令的返回值决定了该次健康检查的成功与否:
0:代表成功
1:代表失败
2:代表保留
例如:
HEALTHCHECK --interval=5m --timeout=3s CMD curl -f http://localhost || exit 1
当在一个镜像指定了 HEALTHCHECK
指令后,用其启动容器,初始状态会为 starting
,在 HEALTHCHECK
指令检查成功后变为 healthy
,如果连续一定次数失败,则会变为 unhealthy
。
假设我们有个镜像是简单的WEB服务,我们希望增加健康检查来判断其 Web 服务是否在正常工作,我们可以用 curl 来帮助判断,其 Dockerfile 的 HEALTHCHECK 可以这么写:
[root@bogon ap]# vi Dockerfile
FROM centos:7
ARG docroot=/var/www/html/
RUN yum makecache && \
yum -y install httpd php php-mysql && \
yum clean all && \
rm -rf /var/cache/yum/*
ADD ok.html phpinfo.php ${docroot}
EXPOSE 80/tcp
VOLUME ${docroot}
HEALTHCHECK --interval=3s --timeout=3s --start-period=3s CMD curl -f http://localhost/ok.html ||exit 1
ENTRYPOINT ["/usr/sbin/httpd","-DFOREGROUND"]
[root@bogon ap]# vi ok.html
OK
[root@bogon ap]# docker image build . -t php-httpd:v0.4
Sending build context to Docker daemon 4.096kB
Error response from daemon: Dockerfile parse error line 16: Unknown type "\\" in HEALTHCHECK (try CMD)
[root@bogon ap]# vim Dockerfile
-bash: vim: command not found
[root@bogon ap]# vi Dockerfile
[root@bogon ap]# docker image build . -t php-httpd:v0.4 //构建镜像
Sending build context to Docker daemon 4.096kB
Step 1/8 : FROM centos:7
---> 7e6257c9f8d8
Step 2/8 : ARG docroot=/var/www/html/
---> Using cache
---> ac21cf01d4b6
Step 3/8 : RUN yum makecache && yum -y install httpd php php-mysql && yum clean all && rm -rf /var/cache/yum/*
---> Using cache
---> 026987d51651
Step 4/8 : ADD ok.html phpinfo.php ${docroot}
---> 69d81e02cad7
Step 5/8 : EXPOSE 80/tcp
---> Running in ebba86b306f0
Removing intermediate container ebba86b306f0
---> 850ecdc8fb7d
Step 6/8 : VOLUME ${docroot}
---> Running in 0015e374938a
Removing intermediate container 0015e374938a
---> 6312b627abd2
Step 7/8 : HEALTHCHECK --interval=3s --timeout=3s --start-period=3s CMD curl http://localhost/ok.html ||exit 1
---> Running in a5f310eabc82
Removing intermediate container a5f310eabc82
---> 61484e9aaabf
Step 8/8 : ENTRYPOINT ["/usr/sbin/httpd","-DFOREGROUND"]
---> Running in 8930c9841370
Removing intermediate container 8930c9841370
---> cf52febb9d14
Successfully built cf52febb9d14
Successfully tagged php-httpd:v0.4
用构建的镜像去运行一个容器
[root@bogon ap]# docker run --name myweb --rm -it php-httpd:v0.4
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.3. Set the 'ServerName' directive globally to suppress this message
当运行该镜像后,可以通过 docker container ls 看到容器的状态为healthy
[root@bogon ap]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
dba42e5085f7 php-httpd:v0.4 "/usr/sbin/httpd -DF…" 18 seconds ago Up 17 seconds (healthy) 80/tcp myweb
我们连入到容器内部去删除ok.html模拟健康检测失败
[root@bogon ap]# docker exec -it myweb /bin/bash
[root@dba42e5085f7 /]# curl localhost/ok.html
OK
[root@dba42e5085f7 /]# ls
anaconda-post.log bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
[root@dba42e5085f7 /]# rm /var/www/html/ok.html
rm: remove regular file '/var/www/html/ok.html'? y
这个时候容器的状态就会变成unhealthy
[root@bogon ap]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fae031cd6cee php-httpd:v0.4 "/usr/sbin/httpd -DF…" About a minute ago Up About a minute (unhealthy) 80/tcp myweb
72e8f6c2cfe0 myimg:v7 "/bin/sh" 16 hours ago Up 16 hours 0.0.0.0:32770->80/tcp t1
ONBUILD
你在你的dockerfile中写了一个onbuild指令,但是onbuild时它不会运行,而是别人基于你做好的镜像作为基础镜像在做镜像时会运行
用于在Dockerfile中定义一个触发器
Dockerfile用于build映像文件,此映像文件亦可作为base image被另一个dockerfile用作FROM指令的参数,并以之构建新的映像文件
在后面的这个Dockerfile中的FROM指令在Build过程中被执行时,将会“触发”创建其base image的Dockerfile文件中的onbuild指令定义的触发器
语法:
ONBUILD <INSTRUCTION>
尽管任何指令都可注册成为触发器指令,但ONBUILD不能自我嵌套,且不会触发from和MAINTAINER指令
使用包含ONBUILD指令的Dockerfile构建的镜像应该使用特殊的标签,如ruby:2.0-onbuild
在ONBUILD指令中使用ADD或COPY指令应格外小心,因为新构建过程的上下文在缺少指定的源文件时会失败
[root@bogon ~]# mkdir testimg
[root@bogon ~]# cd testimg/
[root@bogon testimg]# vim Dockerfile
FROM busybox:latest
LABEL maintainer="MageEdu <mage@magedu.com>"
RUN mkdir -p /data/web
ONBUILD ADD http://nginx.org/download/nginx-1.18.0.tar.gz /usr/src
[root@bogon testimg]# docker build . -t testimg:v0.1
Sending build context to Docker daemon 2.048kB
Step 1/4 : FROM busybox:latest
---> 018c9d7b792b
Step 2/4 : LABEL maintainer="MageEdu <mage@magedu.com>"
---> Running in 6c62a2212eec
Removing intermediate container 6c62a2212eec
---> 42e7ab69d831
Step 3/4 : RUN mkdir -p /data/web
---> Running in 31fc2c41e9e0
Removing intermediate container 31fc2c41e9e0
---> 7deb35a2c392
Step 4/4 : ONBUILD ADD http://nginx.org/download/nginx-1.18.0.tar.gz /usr/src
---> Running in 56393d74b4db
Removing intermediate container 56393d74b4db
---> 94bab84a0bdc
Successfully built 94bab84a0bdc
Successfully tagged testimg:v0.1
现在我们基于上个镜像做个二次镜像
[root@bogon ~]# mkdir secimg
[root@bogon ~]# cd secimg
[root@bogon ~]# vi Dockerfile //编辑Dockerfile
FROM testimg:v0.1
LABEL hi=hello 随便写一点数据
[root@bogon mesimg]# docker build . -t mesimg:v0.1 //去构建镜像
Sending build context to Docker daemon 2.048kB
Step 1/2 : FROM testimg:v0.1
# Executing 1 build trigger
Downloading [==================================================>] 1.04MB/1.04MB
---> 08e4899f6c24
Step 2/2 : LABEL hi=hello
---> Running in 13435cdb2db3
Removing intermediate container 13435cdb2db3
---> 3676a37185e4
Successfully built 3676a37185e4
Successfully tagged mesimg:v0.1