Docker鏡像-基於DockerFile制作yum版nginx鏡像
作者:尹正傑
版權聲明:原創作品,謝絕轉載!否則將追究法律責任。
DockerFile可以說是一種能被Docker程序解釋的腳本,DockerFile是一條條指令組成的,每一條指令對應Linux下面的一條命令,Docker程序將這些DockerFile指令再翻譯成真正的Linux命令,其有自己的書寫方式和支持的命令。
Docker程序讀取DockerFile並根據指令生成對應的Docker鏡像,相比手動生成鏡像的方式(可參考:https://www.cnblogs.com/yinzhengjie/p/12190111.html),DockerFile更能直觀的展示鏡像是怎么產生的,有了DockerFile,當后期有額外的需求時,只要在之前的DockerFile添加或修改響應的命令即可重新生成新的Docker鏡像,避免了重復手動執行鏡像的麻煩。
一.下載centos鏡像並初始化系統
1>.下載CentOS指定版本鏡像(默認下載最新的版本,而我指定的是CentOS 7.6主流版本)
[root@docker201.yinzhengjie.org.cn ~]# docker image ls REPOSITORY TAG IMAGE ID CREATED SIZE [root@docker201.yinzhengjie.org.cn ~]# [root@docker201.yinzhengjie.org.cn ~]# docker image pull centos:centos7.6.1810 centos7.6.1810: Pulling from library/centos ac9208207ada: Pull complete Digest: sha256:62d9e1c2daa91166139b51577fe4f4f6b4cc41a3a2c7fc36bd895e2a17a3e4e6 Status: Downloaded newer image for centos:centos7.6.1810 [root@docker201.yinzhengjie.org.cn ~]# [root@docker201.yinzhengjie.org.cn ~]# docker image ls REPOSITORY TAG IMAGE ID CREATED SIZE centos centos7.6.1810 f1cb7c7d58b7 10 months ago 202MB [root@docker201.yinzhengjie.org.cn ~]# [root@docker201.yinzhengjie.org.cn ~]#
2>.在宿主機上創建存放DockerFile的存儲目錄(目錄結構按照業務類型或者系統類型等方式划分,方便后期鏡像比較多的時候進行分類)
[root@docker201.yinzhengjie.org.cn ~]# mkdir /yinzhengjie/softwares/dockerfile/{web/{apache,nginx,tomcat,jdk},system/{centos,ubantu,redhat,suse,debain}} -pv mkdir: created directory ‘/yinzhengjie’ mkdir: created directory ‘/yinzhengjie/softwares’ mkdir: created directory ‘/yinzhengjie/softwares/dockerfile’ mkdir: created directory ‘/yinzhengjie/softwares/dockerfile/web’ mkdir: created directory ‘/yinzhengjie/softwares/dockerfile/web/apache’ mkdir: created directory ‘/yinzhengjie/softwares/dockerfile/web/nginx’ mkdir: created directory ‘/yinzhengjie/softwares/dockerfile/web/tomcat’ mkdir: created directory ‘/yinzhengjie/softwares/dockerfile/web/jdk’ mkdir: created directory ‘/yinzhengjie/softwares/dockerfile/system’ mkdir: created directory ‘/yinzhengjie/softwares/dockerfile/system/centos’ mkdir: created directory ‘/yinzhengjie/softwares/dockerfile/system/ubantu’ mkdir: created directory ‘/yinzhengjie/softwares/dockerfile/system/redhat’ mkdir: created directory ‘/yinzhengjie/softwares/dockerfile/system/suse’ mkdir: created directory ‘/yinzhengjie/softwares/dockerfile/system/debain’ [root@docker201.yinzhengjie.org.cn ~]# [root@docker201.yinzhengjie.org.cn ~]#
二.准備源碼包與配置文件
1>.模擬打包生產環境代碼
[root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]# ll total 20 -rwxr-xr-x. 1 root root 462 Jan 18 20:25 docker-build.sh -rw-r--r--. 1 root root 1758 Jan 19 01:38 Dockerfile -rw-r--r--. 1 root root 45 Jan 18 19:54 index2020.html -rw-r--r--. 1 root root 40 Jan 18 17:05 index.html -rw-r--r--. 1 root root 1711 Jan 19 01:55 nginx.conf [root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]# [root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]# [root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]# cat index.html <h1>YinZhengjie's Nginx Web Server</h1> [root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]# [root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]# cat index2020.html <h1>YinZhengjie's Nginx Web Server 2020</h1> [root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]# [root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]# tar zcvf code.tar.gz index.html index2020.html index.html index2020.html [root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]# [root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]# ll total 24 -rw-r--r--. 1 root root 199 Jan 19 02:06 code.tar.gz -rwxr-xr-x. 1 root root 462 Jan 18 20:25 docker-build.sh -rw-r--r--. 1 root root 1758 Jan 19 01:38 Dockerfile -rw-r--r--. 1 root root 45 Jan 18 19:54 index2020.html -rw-r--r--. 1 root root 40 Jan 18 17:05 index.html -rw-r--r--. 1 root root 1711 Jan 19 01:55 nginx.conf [root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]# [root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]#
2>.編寫nginx的配置文件
[root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]# cat nginx.conf user nginx; worker_processes auto; error_log /var/log/nginx/error.log; pid /run/nginx.pid; #Docker最終運行Nginx建議大家把后台進程關閉,默認是"on". daemon off; include /usr/share/nginx/modules/*.conf; events { worker_connections 1024; } http { #自定義Nginx的日志格式 log_format my_access_json '{"@timestamp":"$time_iso8601",' '"host":"$server_addr",' '"clientip":"$remote_addr",' '"size":$body_bytes_sent,' '"responsetime":$request_time,' '"upstreamtime":"$upstream_response_time",' '"upstreamhost":"$upstream_addr",' '"http_host":"$host",' '"uri":"$uri",' '"domain":"$host",' '"xff":"$http_x_forwarded_for",' '"referer":"$http_referer",' '"tcp_xff":"$proxy_protocol_addr",' '"http_user_agent":"$http_user_agent",' '"status":"$status"}'; access_log /var/log/nginx/access_json.log my_access_json; sendfile on; keepalive_timeout 65; include mime.types; default_type text/html; charset utf-8; server { listen 80 default_server; listen [::]:80 default_server; server_name _; root /usr/share/nginx/html; include /etc/nginx/default.d/*.conf; location / { } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } } } [root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]#
三.編寫Dockerfile
[root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]# cat Dockerfile #******************************************************************** #Author: yinzhengjie #QQ: 1053419035 #Date: 2019-11-25 #Blog: http://www.cnblogs.com/yinzhengjie #Description: YinZhengjie's Nginx Dockerfile #Copyright notice: original works, no reprint! Otherwise, legal liability will be investigated. #******************************************************************** #第一行先定義基礎鏡像,表示當前鏡像文件是基於哪個進行編輯的. FROM centos:centos7.6.1810 #指定鏡像維護者的信息. MAINTAINER Jason.Yin y1053419035@qq.com #定義執行的命令,將安裝nginx的步驟執行一遍。建議大家把多條RUN命令使用"&&"符號寫成一行,這樣可以減少鏡像的層數(Layer), #類似於這樣的安裝命令(或者經常改動相對較小的命令)應該盡量往前寫,這樣在多次編譯時就不會重復執行了(因為默認會使用緩存),從而提升編譯效率. RUN yum -y install epel-release && yum -y install nginx && yum -y install net-tools vim wget pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop #將nginx的配置文件放在鏡像的指定目錄"/etc/nginx/" ADD nginx.conf /etc/nginx/ #如果"code.tar.gz"是壓縮文件則自動解壓壓縮包,並將解壓的結果放在鏡像的指定目錄"/usr/share/nginx/html". ADD code.tar.gz /usr/share/nginx/html #定義向外暴露的端口號,多個端口用空格做間隔,啟動容器的時候"-p"需要使用此端向外端映射. EXPOSE 80/tcp 443/tcp #定義前台運行的命令,每個Docker只能有一條,如果定義了多條"CMD"指令那么最后一條CMD指令會覆蓋之前的(即只有最后一條CMD被執行). CMD ["nginx"] [root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]# [root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]#
四.執行鏡像構建
1>.自定義簡單的構建鏡像的腳本(我這里拋磚引玉,你可以自行擴充)
[root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]# cat docker-build.sh #!/bin/bash # #******************************************************************** #Author: yinzhengjie #QQ: 1053419035 #Date: 2020-01-18 #FileName: docker-build.sh #URL: http://www.cnblogs.com/yinzhengjie #Description: The test script #Copyright (C): 2020 All rights reserved #******************************************************************** TAG=$1 docker image build -t nginx:${TAG} ./ [root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]# [root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]#
2>.使用自定義的腳本構建鏡像
[root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]# docker image ls REPOSITORY TAG IMAGE ID CREATED SIZE nginx v0.2-20200118-1750 ef094745c27f 16 minutes ago 448MB jason/centos7-nginx v0.1.20200114 7372d16c99bc 31 hours ago 448MB jason/centos7-nginx latest c4e0980a825a 32 hours ago 448MB mysql 5.6.44 c30095c52827 6 months ago 256MB centos centos7.6.1810 f1cb7c7d58b7 10 months ago 202MB [root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]# [root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]# ./docker-build.sh v0.2-20200118-1750 #不難發現,當前的鏡像版本號已經存在啦~執行后之前的鏡像文件的版本號將被重置為"<none>" Sending build context to Docker daemon 10.24kB Step 1/7 : FROM centos:centos7.6.1810 ---> f1cb7c7d58b7 Step 2/7 : MAINTAINER Jason.Yin y1053419035@qq.com ---> Using cache ---> edd0bcfc5908 Step 3/7 : RUN yum -y install epel-release && yum -y install nginx && yum -y install net-tools vim wget pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop ---> Using cache ---> 779cda1b20a1 Step 4/7 : ADD nginx.conf /etc/nginx/ ---> adaaeace9a08 Step 5/7 : ADD code.tar.gz /usr/share/nginx/html ---> 415004a0dc4d Step 6/7 : EXPOSE 80/tcp 443/tcp ---> Running in 4e9071f1c399 Removing intermediate container 4e9071f1c399 ---> 5c91af75787c Step 7/7 : CMD ["nginx"] ---> Running in c0cbd8d86a50 Removing intermediate container c0cbd8d86a50 ---> abb7704b09d7 Successfully built abb7704b09d7 Successfully tagged nginx:v0.2-20200118-1750 [root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]# [root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]# docker image ls REPOSITORY TAG IMAGE ID CREATED SIZE nginx v0.2-20200118-1750 abb7704b09d7 2 seconds ago 448MB <none> <none> ef094745c27f 17 minutes ago 448MB jason/centos7-nginx v0.1.20200114 7372d16c99bc 31 hours ago 448MB jason/centos7-nginx latest c4e0980a825a 32 hours ago 448MB mysql 5.6.44 c30095c52827 6 months ago 256MB centos centos7.6.1810 f1cb7c7d58b7 10 months ago 202MB [root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]# [root@docker201.yinzhengjie.org.cn /yinzhengjie/softwares/dockerfile/web/nginx]#
五.使用咱們自己的鏡像測試配置是否生效
1>.基於咱們自制的鏡像啟動容器需要做端口映射
[root@docker201.yinzhengjie.org.cn ~]# docker container ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES d1197bf0e557 mysql:5.6.44 "docker-entrypoint.s…" 4 hours ago Up 4 hours 0.0.0.0:3306->3306/tcp vibrant_rosalind [root@docker201.yinzhengjie.org.cn ~]# [root@docker201.yinzhengjie.org.cn ~]# docker image ls REPOSITORY TAG IMAGE ID CREATED SIZE nginx v0.2-20200118-1750 abb7704b09d7 8 minutes ago 448MB <none> <none> ef094745c27f 25 minutes ago 448MB jason/centos7-nginx v0.1.20200114 7372d16c99bc 32 hours ago 448MB jason/centos7-nginx latest c4e0980a825a 32 hours ago 448MB mysql 5.6.44 c30095c52827 6 months ago 256MB centos centos7.6.1810 f1cb7c7d58b7 10 months ago 202MB [root@docker201.yinzhengjie.org.cn ~]# [root@docker201.yinzhengjie.org.cn ~]# docker run -it --rm -p 80:80 --name myNginx nginx:v0.2-20200118-1750 #啟動成功后會在當前終端阻塞。
2>.使用exec命令連接新生成的容器並查看容器內部的數據是否正確
[root@docker201.yinzhengjie.org.cn ~]# docker container exec -it myNginx bash
[root@2902fadc453a /]#
[root@2902fadc453a /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 7 bytes 586 (586.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@2902fadc453a /]#
[root@2902fadc453a /]# cat /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
#Docker最終運行Nginx建議大家把后台進程關閉,默認是"on".
daemon off;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
#自定義Nginx的日志格式
log_format my_access_json '{"@timestamp":"$time_iso8601",'
'"host":"$server_addr",'
'"clientip":"$remote_addr",'
'"size":$body_bytes_sent,'
'"responsetime":$request_time,'
'"upstreamtime":"$upstream_response_time",'
'"upstreamhost":"$upstream_addr",'
'"http_host":"$host",'
'"uri":"$uri",'
'"domain":"$host",'
'"xff":"$http_x_forwarded_for",'
'"referer":"$http_referer",'
'"tcp_xff":"$proxy_protocol_addr",'
'"http_user_agent":"$http_user_agent",'
'"status":"$status"}';
access_log /var/log/nginx/access_json.log my_access_json;
sendfile on;
keepalive_timeout 65;
include mime.types;
default_type text/html;
charset utf-8;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/html;
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
[root@2902fadc453a /]#
[root@2902fadc453a /]# ss -ntl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 [::]:80 [::]:*
[root@2902fadc453a /]#
[root@2902fadc453a /]# cd /var/log/nginx/
[root@2902fadc453a nginx]#
[root@2902fadc453a nginx]# ll
total 0
-rw-r--r--. 1 root root 0 Jan 18 18:23 access_json.log -rw-r--r--. 1 root root 0 Jan 18 18:23 error.log
[root@2902fadc453a nginx]#
[root@2902fadc453a nginx]#
3>.使用客戶端訪問宿主機的映射端口,驗證咱們自己nginx的鏡像
