Dockerfile镜像构建

1. 构建SSH镜像

[root@localhost]#mkdir sshd   
[root@localhost]# cd sshd
[root@localhost sshd]#vim Dockerfile 
FROM centos:7
MAINTAINER maintainer
RUN yum -y update   ##更新yum仓库
RUN yum -y install openssh* net-tools lsof telnet passwd   ##环境包    lsof 查看端口 telnet远程访问 passwd 修改密码
RUN echo '123456'|passwd --stdin root    ##标准输入  免交户设置一个密码
RUN sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config   ##关闭UsePAM  身份验证模块
RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key    ##非对称密钥    密钥模板
RUN sed -i '/^session\s\+required\s\+pam_loginuid.so/s/^/#/' /etc/pam.d/sshd  ##会话请求运行登录模块注释掉     \s\+ :一个或多个空格
RUN mkdir -p /root/.ssh && chown root:root /root && chmod 700 /root/.ssh  ##.ssh隐藏目录  
EXPOSE 22
CMD ["/usr/sbin/sshd","-D"]   ##-D 守护进程

生成镜像

[root@localhost sshd]# docker build -t sshd:new .

启动容器并远程登录

[root@localhost sshd]# docker run -d -P sshd:new 
[root@localhost sshd]# ssh localhost -p 32768

2. 构建systemctl镜像

[root@localhost]#mkdir systemctl   
[root@localhost]# cd systemctl/
[root@localhost  systemctl]#vim Dockerfile 
FROM sshd:new
ENV container docker
RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i== \  
systemd-tmpfiles-setup.service ] || rm -f $i; done); \         ##遍历，sysinit.target.wants下面所有的文件，每次读取一个变量i，当i等于 systemd-tmpfiles-setup.service的时候不删除以后，其他全部删除 
rm -f /lib/systemd/system/multi-user.target.wants/*; \ 
rm -f /etc/systemd/system/*.wants/*; \
rm -f /lib/systemd/system/local-fs.target.wants/*; \
rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
rm -f /lib/systemd/system/basic.target.wants/*; \
rm -f /lib/systemd/system/anaconda.target.wants/*;  ##内核所存在的一些源文件，全部删除
VOLUME [ "/sys/fs/cgroup" ]   ##挂载宿主机里面目录
CMD ["/usr/sbin/init"]    ##脚本启动的时候执行里面的初始化

生成镜像

[root@localhost systemctl]# docker build -t systemd:new .

生成容器

[root@localhost systemctl]# docker run --privileged -ti -v /sys/fs/cgroup/:/sys/fs/cgroup/:ro systemd:new &   ##后台运行挂载，生辰容器  --privileged 不降权处理  container内的root拥有真正的root权限，否则，container内的root只是外部的一个普通用户

[root@localhost systemctl]# docker exec  加ID号 /bin/bash  ##进入容器

3. 构建nginx镜像

将nginx-1.15.9.tar.gz压缩包放进nginx目录中
[root@localhost]#mkdir nginx  
[root@localhost]# cd nginx/
[root@localhost  nginx]#vim Dockerfile 
FROM centos:7
MAINTAINER chen
RUN yum -y update
RUN yum -y install gcc gcc-c++ make pcre-devel zlib-devel  ##安装环境
RUN useradd -M -s /sbin/nologin nginx  ##创建程序账户
ADD nginx-1.15.9.tar.gz /opt  ###不仅能把压缩包解压，还能将压缩的内容一定到指定容器内的目录中
WORKDIR /opt   ##相当于cd 到opt 目录下
WORKDIR nginx-1.15.9  
RUN ./configure \   
--prefix=/usr/local/nginx \  ##配置文件目录
--user=nginx \    ##主用户
--group=nginx \ ##组用户
--with-http_stub_status_module && make && make install    ##编译安装
ENV PATH /usr/local/nginx/sbin:$PATH  ##环境变量
EXPOSE 80  ##http的端口
EXPOSE 443  ###https的端口
RUN echo "daemon off;" >> /usr/local/nginx/conf/nginx.conf  ##守护服务要关闭，由容器本身提供
ADD run.sh /run.sh   ##移动run.sh到容器中
RUN chmod 755 /run.sh  ##给权限
CMD ["/run.sh"]   ##脚本启动时运行这个脚本

[root@localhost nginx]# vim run.sh 
#!/bin/bash
/usr/local/nginx/sbin/nginx  ##绝对路径启动nginx

生成镜像

[root@localhost nginx]# docker build -t nginx:new .

生成容器

[root@localhost nginx]# docker run -d -P nginx:new
[root@localhost nginx]# docker ps -a | grep nginx
7144b1e8325a        nginx:new           "/run.sh"                 14 hours ago        Exited (255) 57 minutes ago   0.0.0.0:32781->80/tcp, 0.0.0.0:32780->443/tcp   keen_napier

然后可以通过浏览器访问
http://20.0.0.16:32780

4. 构建tomcat镜像

将jdk-8u144-linux-x64.tar.gz 和apache-tomcat-9.0.16.tar.gz 两个包放进tomcat目录下
[root@localhost]#mkdir tomcat
[root@localhost]# cd tomcat/
[root@localhost  tomcat]#vim Dockerfile
FROM centos:7
MAINTAINER chen 
ADD jdk-8u144-linux-x64.tar.gz /usr/local   
WORKDIR /usr/local/
RUN mv jdk1.8.0_144 /usr/local/java    ###移动到iava目录下，系统好识别
ENV JAVA_HOME /usr/local/java    ##环境变量
ENV JAVA_BIN /usr/local/java/bin
ENV JRE_HOME /usr/local/java/jre
ENV PATH $PATH:/usr/local/java/bin:/usr/local/java/jre/bin
ENV CLASSPATH /usr/local/java/jre/bin:/usr/local/java/lib:/usr/local/java/jre/lib/charsets.jar
ADD apache-tomcat-9.0.16.tar.gz /usr/local   ##解压移动安装包到/usr/local 下面
WORKDIR /usr/local/
RUN mv apache-tomcat-9.0.16 /usr/local/tomcat8   ###系统好识别
EXPOSE 8080
#CMD ["/usr/local/tomcat8/bin/catalina.sh","run"]
ENTRYPOINT ["/usr/local/tomcat8/bin/catalina.sh","run"]    ###运行catalina.sh

生成镜像

[root@localhost tomcat]# docker build -t tomcat:new 

生成容器

[root@localhost tomcat]# docker run -d --name tomcat01 -P tomcat:new 
root@localhost tomcat]# docker ps -a | grep tomcat
3a4311ef2b42        tomcat:new          "/usr/local/tomca8/…"    12 hours ago        Exited (255) About an hour ago   0.0.0.0:32782->8080/tcp                         tomcat01

然后可以通过浏览器访问
http://20.0.0.16:32782

5. 构建mysql镜像

将mysql-boost-5.7.20.tar.gz放在mysql目录下go
[root@localhost]#mkdir mysql
[root@localhost]# cd mysql/
[root@localhost  mysql]#vim Dockerfile
FROM centos:7#
RUN yum -y install \
ncurses \
ncurses-devel \
bison \
cmake \
make \
gcc \
gcc-c++
RUN useradd -s /sbin/nologin mysql  ##创建程序用户
ADD mysql-boost-5.7.20.tar.gz /usr/local/src   ##解压软件到指定路径
WORKDIR /usr/local/src/mysql-5.7.20/
RUN cmake \
-DCMAKE_INSTALL_PREFIX=/usr/local/mysql \   ##指定路径
-DMYSQL_UNIX_ADDR=/usr/local/mysql/mysql.sock \  ##通讯文件目录
-DSYSCONFDIR=/etc \   ##配置文件目录
-DSYSTEMD_PID_DIR=/usr/local/mysql \    ##PID文件目录
-DDEFAULT_CHARSET=utf8 \  ##支持字符集 
-DDEFAULT_COLLATION=utf8_general_ci \  ##支持一些特殊的中文字符
-DWITH_INNOBASE_STORAGE_ENGINE=1 \   ##存储引擎
-DWITH_PERFSCHEMA_STORAGE_ENGINE=1 \
-DWITH_BLACKHOLE_STORAGE_ENGINE=1 \
-DWITH_PERFSCHEMA_STORAGE_ENGINE=1 \
-DMYSQL_DATADIR=/usr/local/mysql/data \  ##数据目录
-DWITH_BOOST=boost \  ##支持c++库
-DWITH_SYSTEMD=1 && make -j3 && make install   ##服务中自己的id 和编译安装
RUN chown -R mysql:mysql /usr/local/mysql/  
RUN rm -rf /etc/my.cnf
ADD my.cnf /etc
RUN chown mysql:mysql /etc/my.cnf
ENV PATH=/usr/local/mysql/bin:/usr/local/mysql/lib:$PATH
WORKDIR /usr/local/mysql/
RUN bin/mysqld \
--initialize-insecure \
--user=mysql \
--basedir=/usr/local/mysql \
--datadir=/usr/local/mysql/data
RUN cp /usr/local/mysql/usr/lib/systemd/system/mysqld.service /usr/lib/systemd/system/
EXPOSE 3306
RUN echo -e "#!/bin/sh \n systemctl enable mysqld" > /run.sh
RUN chmod 755 /run.sh
RUN sh /run.sh
CMD ["init"]

[root@localhost mysql]# vim my.cnf 
[client]
port = 3306
default-character-set=utf8
socket = /usr/local/mysql/mysql.sock

[mysql]
port = 3306
default-character-set=utf8
socket = /usr/local/mysql/mysql.sock

[mysqld]
user = mysql
basedir = /usr/local/mysql
datadir = /usr/local/mysql/data
port = 3306
character_set_server=utf8

sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,PIPES_AS_CONCAT,ANSI_QUOTES

生成镜像

[root@localhost mysql]# docker build -t mysql:new .

生成容器

[root@localhost mysql]# docker run --name=mysql01 -d -P --privileged mysql:new 
329854e14b9ba968e4f55770111ffd00f2b1fc386c13bc54ab5d4820b0dd2768


[root@localhost mysql]# docker ps -a |grep mysql
0cbeb50d0296        mysql:new           "init"                    52 seconds ago      Up 51 seconds                    0.0.0.0:32768->3306/tcp                         mysql01

[root@localhost mysql]#docker exec -it 329854e14b9b /bin/bash  ##进入容器
mysql -u root -p  ##进入数据库，授权
mysql> grant all privileges on *.* to 'root'@'%' identified by '123456';

Query OK, 0 rows affected, 1 warning (0.00 sec)
mysql> grant all privileges on *.* to 'root'@'localhost' identified by '123456';
Query OK, 0 rows affected, 1 warning (0.00 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

测试

root@localhost mysql]# yum -y install mairadb* ##mysql客户端下载
[root@localhost ~]# mysql -h 20.0.0.16 -u root -P 32768 -p   
Enter password: ##输入密码  
MySQL [(none)]> create database kk;   ##创建数据库kk
Query OK, 1 row affected (0.00 sec)

mysql> show databases;   ##容器中看一下是否存在kk数据库
+--------------------+
| Database           |
+--------------------+
| information_schema |
| kk                 |
| mysql              |
| performance_schema |
| sys                |
+--------------------+
5 rows in set (0.00 sec)