Dockerfile introduction to violence

Docker last: Docker introduction to violence
Docker next: Docker network

summary

What is it?

Dockerfile The text file used to build the Docker image is a script composed of instructions and parameters required to build the image one by one.

Writing steps

graph LR; A[write Dockerfile] B[docker build command build] C[docker run image run container instance] a -- > B -- > C

Execution process

graph TD; A[docker runs a container from the basic image] b[executes an instruction and modifies the container] c[executes an operation similar to docker commit and submits a new image layer] D[docker then runs a new container based on the just submitted image] E[executes the next instruction in the dockerfile until all instructions are executed] a -- > B -- > C -- > D -- > E

Common commands

FROM | MAINTAINER | EXPOSE | WORKDIR | USER | VOLUME

FROM: basic image, that is, the image on which the current image is based. The first item must be FROM
MAINTAINER: name and email address of image MAINTAINER
Export: the port exposed by the current container
WORKDIR: Specifies the working directory in which the terminal logs in by default after the container is created
USER: Specifies the USER to execute the image. If not specified, the default is root (generally not specified)
VOLUME: container data VOLUME, used for data storage and persistence

RUN

There are two formats of commands that need to be run during container construction, namely shell format and exec format.

RUN yum install -y vim
RUN ["yum", "install", "-y", "vim"]

RUN runs when docker build s

ENV

Used to set environment variables during image construction
The set environment variables can be used in subsequent instructions, for example:

ENV MY_PATH /usr/my_path
WORKDIR $MY_PATH

ADD | COPY

ADD: copy the files in the host directory into the image (automatically process URL and tar compressed package)
COPY: similar to ADD, but only a simple COPY

CMD

Specify the command to execute after the container is started

Support shell format and exec format
After specifying the ENTRYPOINT instruction, specify the specific parameters with CMD.

be careful:

Multiple CMD instructions can be specified, but only the last one takes effect. CMD will be replaced by parameters after docker run

For example:

# The last line of tomcat is CMD ["catalina.sh", "run"]
# If you execute the following command, the tomcat service will not start normally
docker run -it -p 8080:8080 tomcat /bin/bash

The difference between the CMD command and the RUN command: the CMD command is RUN when docker run s, and the RUN command is RUN when docker build s

ENTRYPOINT

Like CMD, it is used to specify the commands to be executed when a container runs, but the difference is that ENTRYPOINT will not be overwritten by the commands after docker run.
It is usually used in conjunction with CMD command. When CMD is after the ENTRYPOINT command, CMD is used to pass parameters to ENTRYPOINT.
For example, build nginx:test image:

FROM nginx

ENTRYPOINT ["nginx", "-c"]
CMD ["/etc/nginx/nginx.conf"]

Specified equivalent effect:

docker run nginx:test # nginx -c /etc/nginx/nginx.conf
docler run nginx:test /etc/nginx/new.conf # nginx -c /etc/nginx/new.conf

Example

Build centos7 with ssh login

mkdir centos7_ssh
cd centos7_ssh
vim Dockerfile

Dockerfile contents are as follows:

# Based on which image
FROM centos:7

# author
MAINTAINER zhinushannan<zhinushannan@gmail.com>

# Setting environment variables
ENV ROOT_PASSWORD 12345678
ENV PYTHON_VERSION 3.7.4
ENV PIP_MIRROR_HOST mirrors.aliyun.com
ENV PIP_MIRROR_URL http://mirrors.aliyun.com/pypi/simple/

# Configure ssh login:
# Install openssh server, openssh clients, net tools
# Set the password of the root account
# Generate ssh key
RUN yum install -y openssh-server penssh-clients net-tools && \
    echo $ROOT_PASSWORD | passwd --stdin root && \
    ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key && ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key



# Configure Python environment
RUN yum install -y zlib-devel openssl-devel libffi-devel gcc make wget && \
    cd /root/ && wget https://www.python.org/ftp/python/$PYTHON_VERSION/Python-$PYTHON_VERSION.tar.xz && \
    tar -xf /root/Python-$PYTHON_VERSION.tar.xz && rm -rf /root/Python-$PYTHON_VERSION.tar.xz && \
    cd /root/Python-$PYTHON_VERSION && ./configure && make && make install && rm -rf /root/Python-$PYTHON_VERSION

# After installing thefuck tool and starting the container, it needs to be executed in turn to take effect: fuck, source ~ / bashrc, fuck, source ~/.bashrc
RUN pip3 install thefuck -i $PIP_MIRROR_URL --trusted-host $PIP_MIRROR_HOST && \
    echo -e "\n\n# thefuck\reval \"\$(thefuck --alias fuck)\"" >> /etc/profile

# When the container starts, start the sshd service
CMD ["/usr/sbin/sshd", "-D"]

# Listen on port 22
EXPOSE 22

docker build -t centos_ssh:7 .  # structure
docker run -d -p 9000:22 centos_ssh:7  # start-up
ssh root@10.103.3.59 -p 9000  # ssh login, where the ip should be the ip of the machine
ssh-keygen -f "/home/zhinushannan/.ssh/known_hosts" -R "[10.103.3.59]:9000"  # After deleting the container, the corresponding signature should be deleted

Suspended mirror image

Both REPOSITORY and TAG are images of <none>.
View the suspended image: docker images -f dangling=true
Remove all suspended images: docker image prune