1.docker build
docker build 这个动作有一个context 上下文的概念
docker build -f /path/to/a/Dockerfile .
这个动作 通过 -f 参数 指出我们的 Dockerfile 位置,同时指定我们当前的工作目录为构建上下文。如果以当前的目录非常大(构建启动过程会变慢,还会浪费多余的mem)
docker build -t shykes/myapp:1.0.2 -t shykes/myapp:latest .
构建时 可以给指定的 镜像打上相应的tag
下面的例子
[root@fdfs-1 ~]# docker build -t weaveworks/scope:1.11.2 -t weaveworks/scope:latest -f /tmp/Dockerfile /tmp/
Sending build context to Docker daemon 119.8kB 传送安全上下文
Step 1/3 : FROM weaveworks/scope:1.11.2
1.11.2: Pulling from weaveworks/scope
Digest: sha256:4cdc0bac4e83f61f1675cd8fbe0709ff0df473b81977650ed3a26772ff3c627a
Status: Downloaded newer image for weaveworks/scope:1.11.2
---> d165af1c2e55
Step 2/3 : ENV http_proxy="proxy3.bj.petrochina:8080"
---> Running in e0c36494eb6b
Removing intermediate container e0c36494eb6b
---> 045d14958d3c
Step 3/3 : ENV https_proxy="proxy3.bj.petrochina:8080"
---> Running in bd51305a33de
Removing intermediate container bd51305a33de
---> a3130b788869
Successfully built a3130b788869
Successfully tagged weaveworks/scope:1.11.2
Successfully tagged weaveworks/scope:latest
docker 18.09 为我们开启了 docker的新流程 非线性构建
[root@fdfs-1 ~]# export DOCKER_BUILDKIT=1
[root@fdfs-1 ~]# docker build -t weaveworks/scope:1.11.2 -t weaveworks/scope:latest -f /tmp/Dockerfile /tmp/
[+] Building 7.1s (5/5) FINISHED
=> [internal] load .dockerignore 0.7s
=> => transferring context: 2B 0.0s
=> [internal] load build definition from Dockerfile 0.5s
=> => transferring dockerfile: 155B 0.0s
=> [internal] load metadata for docker.io/weaveworks/scope:1.11.2 4.8s
=> [1/1] FROM docker.io/weaveworks/scope:1.11.2@sha256:4cdc0bac4e83f61f1675cd8fbe0709ff0df473b81977650ed3a26772ff3c627a 0.6s
=> => resolve docker.io/weaveworks/scope:1.11.2@sha256:4cdc0bac4e83f61f1675cd8fbe0709ff0df473b81977650ed3a26772ff3c627a 0.0s
=> exporting to image 0.5s
=> => exporting layers 0.0s
=> => writing image sha256:99f9e42918a0338f08a377a1b933e331c57275326471803f591944ed414b67df 0.0s
=> => naming to docker.io/weaveworks/scope:1.11.2 0.0s
=> => naming to docker.io/weaveworks/scope:latest 0.0s
2.Parser directives
没太搞懂的概念,dockefile可以指定指令的定制器。官方指令器必须出现在dockerfile的首行,且不能换行。目前只支持syntax和escape(转义字符)
3.ENV
FROM busybox ENV foo /bar WORKDIR ${foo} # WORKDIR /bar ADD . $foo # ADD . /bar COPY $foo /quux # COPY $foo /quux
ENV abc=hello
ENV abc=bye def=$abc
ENV ghi=$abc
will result in def
having a value of hello
, not bye
. However, ghi
will have a value of bye
because it is not part of the same instruction that set abc
to bye
.
ENV 中有同步定义的概念 变量赋值不分先后顺序,他们都从上一层镜像中取值,而上层镜像和本层是independence的
4.FROM
语法格式 FROM <image>[:<tag>] [AS <name>] FROM <image>[@<digest>] [AS <name>]
5.RUN 和 CMD
RUN <command> (shell form, the command is run in a shell, which by default is /bin/sh -c on Linux or cmd /S /C on Windows) RUN ["executable", "param1", "param2"] (exec form) CMD ["executable","param1","param2"] (exec form, this is the preferred form) CMD ["param1","param2"] (as default parameters to ENTRYPOINT) CMD command param1 param2 (shell form)
6.LABEL
LABEL <key>=<value> <key>=<value> <key>=<value> ...
7.EXPOSE
EXPOSE <port> [<port>/<protocol>...]
不真正暴露端口只是给使用镜像的人提供一份文档
8.COPY 和 ADD
ADD [--chown=<user>:<group>] <src>... <dest> ADD [--chown=<user>:<group>] ["<src>",... "<dest>"] (this form is required for paths containing whitespace) --chown 只能被用于linux 容器,且如果目标容器没有这些文件/etc/passwd or /etc/group 那么本次添加也是注定失败的。 1. add文件必须出现在上下文中 2. src 可以是url 但url必须又 反斜杠 3. add 的目标未加 / 则认为是普通文件会被复写 4. add 添加压缩文件会被解压 5. add 目标文件加了/ 会被认为是一个文件夹,如果这个文件正好存在,那他将被复写,非常坑爹。
COPY [--chown=<user>:<group>] <src>... <dest>
COPY [--chown=<user>:<group>] ["<src>",... "<dest>"] (this form is required for paths containing whitespace)
很温和不会帮我们自动解压
9.ENTRYPOINT
ENTRYPOINT ["executable", "param1", "param2"] (exec form, preferred) ENTRYPOINT command param1 param2 (shell form)
10.WORKDIR USER 略
11.HEALTHCHECK
HEALTHCHECK [OPTIONS] CMD command (check container health by running a command inside the container)
HEALTHCHECK NONE (disable any healthcheck inherited from the base image)
HEALTHCHECK --interval=5m --timeout=3s
CMD curl -f http://localhost/ || exit 1
health check 是非常重要的