Docker 是一个开源的应用容器引擎,让开发者可以打包他们的应用以及依赖包到一个可移植的镜像中,然后发布到任何流行的 Linux或Windows 机器上,也可以实现虚拟化。容器是完全使用沙箱机制,相互之间不会有任何接口。
本文转载自:https://www.cnblogs.com/wyt007/p/11154156.html
Dokcer基础
查看Linux版本
uname -r
查看Linux详尽信息
cat /etc/*elease
输出结果
CentOS Linux release 7.6.1810 (Core)
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"
CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"
CentOS Linux release 7.6.1810 (Core)
CentOS Linux release 7.6.1810 (Core)
容器的五大隔离
- pid:进程隔离
- net:网络隔离 (独有的ip地址,网关,子网掩码)
- ipc:进程间交互隔离
- mnt:文件系统隔离
- uts:主机和域名隔离 (hostname,domainname)container 有自己的机器名
Debian上安装docker
官网地址:Install Docker Engine on Debian
1. 系统要求
Debian Buster 10 (stable)
Debian Stretch 9 / Raspbian Stretch
2. 卸载老版本
sudo apt-get remove docker docker-engine docker.io containerd runc
3. 安装Docker
3.1 仓库安装
(1)设置仓储地址:
sudo apt-get update
sudo apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg-agent \
software-properties-common
(2)增加Docker的官方GPG key:
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
sudo apt-key fingerprint 0EBFCD88
(3)设置稳定仓库,增加每夜版和测试版仓库
sudo add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/debian \
$(lsb_release -cs) \
stable"
(4)安装Docker引擎
a.更新apt包目录,安装Docker Engine
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io
b.安装特殊版本命令
apt-cache madison docker-ce
输出结果
docker-ce | 5:18.09.1~3-0~debian-stretch | https://download.docker.com/linux/debian stretch/stable amd64 Packages
docker-ce | 5:18.09.0~3-0~debian-stretch | https://download.docker.com/linux/debian stretch/stable amd64 Packages
docker-ce | 18.06.1~ce~3-0~debian | https://download.docker.com/linux/debian stretch/stable amd64 Packages
docker-ce | 18.06.0~ce~3-0~debian | https://download.docker.com/linux/debian stretch/stable amd64 Packages
...
c.选择版本,版本号<VERSION_STRING>选择类似18.06.1~ce~3-0~debian
sudo apt-get install docker-ce=<VERSION_STRING> docker-ce-cli=<VERSION_STRING> containerd.io
d.验证是否安装成功
sudo docker run hello-world
3.2 软件包安装
(1)下载软件包
点我下载对应的软件包版本。
(2)安装软件
sudo dpkg -i /path/to/package.deb
(3)验证是否安装成功
sudo docker run hello-world
4. 启动Docker,运行开机自启
systemctl start docker
systemctl enable docker
卸载Docker引擎
(1)卸载Docker Engine,CLI和容器包
sudo apt-get purge docker-ce docker-ce-cli containerd.io
(2)删除镜像,容器,卷和自定义配置
sudo rm -rf /var/lib/docker
使用Docker
查找Docker可执行程序地址/usr/bin/docker
find / -name docker
输出结果
/run/docker
/sys/fs/cgroup/pids/docker
/sys/fs/cgroup/cpuset/docker
/sys/fs/cgroup/freezer/docker
/sys/fs/cgroup/devices/docker
/sys/fs/cgroup/blkio/docker
/sys/fs/cgroup/perf_event/docker
/sys/fs/cgroup/memory/docker
/sys/fs/cgroup/net_cls,net_prio/docker
/sys/fs/cgroup/hugetlb/docker
/sys/fs/cgroup/cpu,cpuacct/docker
/sys/fs/cgroup/systemd/docker
/etc/docker
/var/lib/docker
/var/lib/docker/overlay2/ec5a827479e221461a396c7d0695226ec60b642544f2f921e2da967426b1853c/diff/docker
/var/lib/docker/overlay2/cf92e8387d988e9f87dc3656bb21d3a2fefff02e3505e1d282c0d105cb703ab1/merged/docker
/var/lib/docker/overlay2/df3551b1764d57ad79604ace4c1b75ab1e47cdca2fb6d526940af8b400eee4aa/diff/etc/dpkg/dpkg.cfg.d/docker
/usr/bin/docker
/usr/share/bash-completion/completions/docker
/docker
查找Docker服务端程序 /usr/bin/dockerd
find / -name dockerd
输出结果
[root@localhost ~]# cat /usr/lib/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
BindsTo=containerd.service
After=network-online.target firewalld.service containerd.service
Wants=network-online.target
Requires=docker.socket
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always
# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
# Both the old, and new location are accepted by systemd 229 and up, so using the old location
# to make them work for either version of systemd.
StartLimitBurst=3
# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
# this option work for either version of systemd.
StartLimitInterval=60s
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Comment TasksMax if your systemd version does not supports it.
# Only systemd 226 and above support this option.
TasksMax=infinity
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
[Install]
WantedBy=multi-user.target
解读dockerd配置文件
dockerd:https://docs.docker.com/engine/reference/commandline/dockerd/
硬盘挂载
1. 使用 fdisk -l 命令查看主机上的硬盘
fdisk -l
输出结果
[root@localhost ~]# fdisk -l
Disk /dev/vda: 53.7 GB, 53687091200 bytes, 104857600 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x000b0ebb
Device Boot Start End Blocks Id System
/dev/vda1 * 2048 104856254 52427103+ 83 Linux
Disk /dev/vdb: 536.9 GB, 536870912000 bytes, 1048576000 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
2. 使用mkfs.ext4命令把硬盘格式化
mkfs.ext4 /dev/vdb
3. 使用mount命令挂载磁盘
mount /dev/vdb /boot
4. 输入指令: df -h 查看当前磁盘的情况
df -h
输出结果
[root@localhost ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/vda1 50G 7.4G 40G 16% /
devtmpfs 7.8G 0 7.8G 0% /dev
tmpfs 7.8G 0 7.8G 0% /dev/shm
tmpfs 7.8G 592K 7.8G 1% /run
tmpfs 7.8G 0 7.8G 0% /sys/fs/cgroup
overlay 50G 7.4G 40G 16% /var/lib/docker/overlay2/c76fb87ef4c263e24c7f6874121fb161ce9b22db572db66ff1992ca6daf5768b/merged
shm 64M 0 64M 0% /var/lib/docker/containers/afe151311ee560e63904e3e9d3c1053b8bbb6fd5e3b2d4c74001091b132fe3bd/mounts/shm
overlay 50G 7.4G 40G 16% /var/lib/docker/overlay2/5ca6ed8e1671cb590705f53f89af8f8f5b85a6cdfc8137b3e12e4fec6c76fcea/merged
shm 64M 4.0K 64M 1% /var/lib/docker/containers/79427c180de09f78e33974278043736fca80b724db8b9bce42e44656d04823b3/mounts/shm
tmpfs 1.6G 0 1.6G 0% /run/user/0
/dev/vdb 493G 73M 467G 1% /boot
5. 用 blkid 获取磁盘的uuid和属性
blkid
6. 设置开机自动mount
vim /etc/fstab
UUID=97a17b64-d025-478c-8981-105214e99ff4 /data ext4 defaults 1 1
修改docker存储位置
1. 创建或修改docker配置文件
# 创建或修改docker配置文件
vim /etc/docker/daemon.json
{
"data-root": "/data/docker"
}
2. 创建docker数据存储文件夹
# 创建docker数据存储文件夹
mkdir /data
mkdir /data/docker
3. 停止Docker
# 停止Docker
service docker stop
4. 拷贝存储文件
# 拷贝存储文件
cp -r /var/lib/docker/* /data/docker/
5. 删除源文件
# 删除源文件(不建议先删除,后面没问题了再删除)
# rm -rf /var/lib/docker/
6. 验证docker数据存储位置是否改变
# 验证docker数据存储位置是否改变
docker info
注意:最好在docker刚安装完就执行切换数据目录,不然等容器运行起来后里面的一些volume会还是使用的原来的
镜像加速器
sudo mkdir -p /etc/docker
vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://uwxsp1y1.mirror.aliyuncs.com"],
"data-root": "/data/docker"
}
sudo systemctl daemon-reload
sudo systemctl restart docker
查看系统日志
vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://uwxsp1y1.mirror.aliyuncs.com"],
"data-root": "/data/docker",
"debug":true
}
# journalctl 统一查看service所有的日志。
journalctl -u docker.service -f
远程连接docker deamon
修改docker.service启动信息
# 修改docker.service启动信息
vim /usr/lib/systemd/system/docker.service
# ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
ExecStart=/usr/bin/dockerd --containerd=/run/containerd/containerd.sock
修改daemon.json
#修改daemon.json
vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://uwxsp1y1.mirror.aliyuncs.com"],
"data-root": "/data/docker",
"debug":true,
"hosts": ["192.168.103.240:6381","unix:///var/run/docker.sock"]
}
重载、重启
# 重载、重启
sudo systemctl daemon-reload
service docker restart
查看端口
# 查看端口
netstat -tlnp
[root@localhost docker]# netstat -tlnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 192.168.103.240:6381 0.0.0.0:* LISTEN 27825/dockerd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd
tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN 3743/dnsmasq
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 3122/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 3109/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 3479/master
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 14503/sshd: root@pt
tcp6 0 0 :::111 :::* LISTEN 1/systemd
tcp6 0 0 :::22 :::* LISTEN 3122/sshd
tcp6 0 0 ::1:631 :::* LISTEN 3109/cupsd
tcp6 0 0 ::1:25 :::* LISTEN 3479/master
tcp6 0 0 ::1:6010 :::* LISTEN 14503/sshd: root@pt
远程连接测试
# 远程连接测试
docker -H 192.168.103.240:6381 ps
容器基础
docker container 中常用操控命令
docker run --help
输出结果
[root@localhost ~]# docker run --help
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Run a command in a new container
Options:
--add-host list Add a custom host-to-IP mapping (host:ip)
-a, --attach list Attach to STDIN, STDOUT or STDERR
--blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0)
--blkio-weight-device list Block IO weight (relative device weight) (default [])
--cap-add list Add Linux capabilities
--cap-drop list Drop Linux capabilities
--cgroup-parent string Optional parent cgroup for the container
--cidfile string Write the container ID to the file
--cpu-period int Limit CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
--cpu-rt-period int Limit CPU real-time period in microseconds
--cpu-rt-runtime int Limit CPU real-time runtime in microseconds
-c, --cpu-shares int CPU shares (relative weight)
--cpus decimal Number of CPUs
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
-d, --detach Run container in background and print container ID
--detach-keys string Override the key sequence for detaching a container
--device list Add a host device to the container
--device-cgroup-rule list Add a rule to the cgroup allowed devices list
--device-read-bps list Limit read rate (bytes per second) from a device (default [])
--device-read-iops list Limit read rate (IO per second) from a device (default [])
--device-write-bps list Limit write rate (bytes per second) to a device (default [])
--device-write-iops list Limit write rate (IO per second) to a device (default [])
--disable-content-trust Skip image verification (default true)
--dns list Set custom DNS servers
--dns-option list Set DNS options
--dns-search list Set custom DNS search domains
--entrypoint string Overwrite the default ENTRYPOINT of the image
-e, --env list Set environment variables
--env-file list Read in a file of environment variables
--expose list Expose a port or a range of ports
--group-add list Add additional groups to join
--health-cmd string Command to run to check health
--health-interval duration Time between running the check (ms|s|m|h) (default 0s)
--health-retries int Consecutive failures needed to report unhealthy
--health-start-period duration Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s)
--health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s)
--help Print usage
-h, --hostname string Container host name
--init Run an init inside the container that forwards signals and reaps processes
-i, --interactive Keep STDIN open even if not attached
--ip string IPv4 address (e.g., 172.30.100.104)
--ip6 string IPv6 address (e.g., 2001:db8::33)
--ipc string IPC mode to use
--isolation string Container isolation technology
--kernel-memory bytes Kernel memory limit
-l, --label list Set meta data on a container
--label-file list Read in a line delimited file of labels
--link list Add link to another container
--link-local-ip list Container IPv4/IPv6 link-local addresses
--log-driver string Logging driver for the container
--log-opt list Log driver options
--mac-address string Container MAC address (e.g., 92:d0:c6:0a:29:33)
-m, --memory bytes Memory limit
--memory-reservation bytes Memory soft limit
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
--memory-swappiness int Tune container memory swappiness (0 to 100) (default -1)
--mount mount Attach a filesystem mount to the container
--name string Assign a name to the container
--network string Connect a container to a network (default "default")
--network-alias list Add network-scoped alias for the container
--no-healthcheck Disable any container-specified HEALTHCHECK
--oom-kill-disable Disable OOM Killer
--oom-score-adj int Tune host's OOM preferences (-1000 to 1000)
--pid string PID namespace to use
--pids-limit int Tune container pids limit (set -1 for unlimited)
--privileged Give extended privileges to this container
-p, --publish list Publish a container's port(s) to the host
-P, --publish-all Publish all exposed ports to random ports
--read-only Mount the container's root filesystem as read only
--restart string Restart policy to apply when a container exits (default "no")
--rm Automatically remove the container when it exits
--runtime string Runtime to use for this container
--security-opt list Security Options
--shm-size bytes Size of /dev/shm
--sig-proxy Proxy received signals to the process (default true)
--stop-signal string Signal to stop a container (default "SIGTERM")
--stop-timeout int Timeout (in seconds) to stop a container
--storage-opt list Storage driver options for the container
--sysctl map Sysctl options (default map[])
--tmpfs list Mount a tmpfs directory
-t, --tty Allocate a pseudo-TTY
--ulimit ulimit Ulimit options (default [])
-u, --user string Username or UID (format: <name|uid>[:<group|gid>])
--userns string User namespace to use
--uts string UTS namespace to use
-v, --volume list Bind mount a volume
--volume-driver string Optional volume driver for the container
--volumes-from list Mount volumes from the specified container(s)
-w, --workdir string Working directory inside the container
docker run,docker exec
run可以让容器从镜像中实例化出来,实例化过程中可以塞入很多参数
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
docker run -d --name some-redis redis 外界无法访问,因为是网络隔离,默认bridge模式。
- -a stdin: 指定标准输入输出内容类型,可选 STDIN/STDOUT/STDERR 三项;
- -d: 后台运行容器,并返回容器ID;
- -i: 以交互模式运行容器,通常与 -t 同时使用;
- -P: 随机端口映射,容器内部端口随机映射到主机的高端口
- -p: 指定端口映射,格式为:主机(宿主)端口:容器端口
- -t: 为容器重新分配一个伪输入终端,通常与 -i 同时使用;
- --name="nginx-lb": 为容器指定一个名称;
- --dns 8.8.8.8: 指定容器使用的DNS服务器,默认和宿主一致;-
- --dns-search example.com: 指定容器DNS搜索域名,默认和宿主一致;
- -h "mars": 指定容器的hostname;
- -e username="ritchie": 设置环境变量;
# 设置东八区
docker run -e TZ=Asia/Shanghai -d --name some-redis redis
- --env-file=[]: 从指定文件读入环境变量;
- --cpuset="0-2" or --cpuset="0,1,2": 绑定容器到指定CPU运行;
- -m :设置容器使用内存最大值;
- --net="bridge": 指定容器的网络连接类型,支持 bridge/host/none/container:<name|id> 四种类型;
- --link=[]: 添加链接到另一个容器;
- --expose=[]: 开放一个端口或一组端口;
- --volume , -v: 绑定一个卷
docker run -p 16379:6379 -d --name some-redis redis
- --add-host: 添加自定义ip
#场景:consul做健康检查的时候,需要宿主机的ip地址
docker run --add-host machineip:192.168.103.240 -d --name some-redis redis
docker exec -it some-redis bash
tail /etc/hosts
docker start,docker stop, docker kill
- docker start:启动一个或多个已经被停止的容器
- docker stop:停止一个运行中的容器
- docker restart:重启容器
- docker kill:杀掉一个运行中的容器。
batch delete 容器
docker rm -f
docker rm -f `docker ps -a -q`
docker containers prune
# 极其强大的删除清理方式,慎重使用
# docker system prune
docker container 状态监控命令
查看容器日志
docker logs
容器性能指标
docker stats
容器 -> 宿主机端口
查询port映射关系
知道容器的端口,不知道宿主机的端口。。。
不知道容器的端口,知道宿主机的端口。。。
docker port [container]
查看容器内运行的进程
docker top [container]
容器的详细信息
docker inspect [OPTIONS] NAME|ID [NAME|ID...]
容器的导入导出
- docker export :将文件系统作为一个tar归档文件导出到STDOUT。
docker export [OPTIONS] CONTAINER
# OPTIONS说明:
# -o :将输入内容写到文件。
# PS:
# docker export -o /app2/1.tar.gz some-redis
- docker import : 从归档文件中创建镜像。 复制代码
docker import [OPTIONS] file|URL|- [REPOSITORY[:TAG]]
# OPTIONS说明:
# -c :应用docker 指令创建镜像;
# -m :提交时的说明文字;
# PS:
# 还原镜像
# docker import /app2/1.tar.gz newredis
# 创建容器并运行redis-server启动命令
# docker run -d --name new-some-redis-2 newredis redis-server
docker images命令详解
docker image
镜像的获取,删除,查看
- docker pull : 从镜像仓库中拉取或者更新指定镜像
docker pull [OPTIONS] NAME[:TAG|@DIGEST]
# OPTIONS说明:
# -a :拉取所有 tagged 镜像
# --disable-content-trust :忽略镜像的校验,默认开启
- docker rmi : 删除本地一个或多少镜像。
docker rmi [OPTIONS] IMAGE [IMAGE...]
# OPTIONS说明:
# -f :强制删除;
# --no-prune :不移除该镜像的过程镜像,默认移除;
- docker inspect : 获取容器/镜像的元数据。
docker inspect [OPTIONS] NAME|ID [NAME|ID...]
# OPTIONS说明:
# -f :指定返回值的模板文件。
# -s :显示总的文件大小。
# --type :为指定类型返回JSON。
- docker images : 列出本地镜像。
docker images [OPTIONS] [REPOSITORY[:TAG]]
# OPTIONS说明:
# -a :列出本地所有的镜像(含中间映像层,默认情况下,过滤掉中间映像层);
# --digests :显示镜像的摘要信息;
# -f :显示满足条件的镜像;
# --format :指定返回值的模板文件;
# --no-trunc :显示完整的镜像信息;
# -q :只显示镜像ID。
镜像的导入导出,迁移
docker export/import 对容器进行打包
docker save / load 对镜像进行打包
- docker save : 将指定镜像保存成 tar 归档文件。
docker save [OPTIONS] IMAGE [IMAGE...]
# OPTIONS 说明:
# -o :输出到的文件。
# PS:
# docker save -o /app2/1.tar.gz redis
- docker load : 导入使用 docker save 命令导出的镜像。
docker load [OPTIONS]
# OPTIONS 说明:
# -i :指定导出的文件。
# -q :精简输出信息。
# PS:
# docker load -i /app2/1.tar.gz
docker tag
打标签的目的,方便我上传到自己的私有仓库
- docker tag : 标记本地镜像,将其归入某一仓库。
docker tag [OPTIONS] IMAGE[:TAG] [REGISTRYHOST/][USERNAME/]NAME[:TAG]
# PS:
# docker tag redis:latest 13057686866/redis_1
# 登录
# docker login
# 推送到远程私有仓库
# docker push 13057686866/redis_1
手工构建
- docker build 命令用于使用 Dockerfile 创建镜像。
docker build [OPTIONS] PATH | URL | -
# OPTIONS说明:
# --build-arg=[] :设置镜像创建时的变量;
# --cpu-shares :设置 cpu 使用权重;
# --cpu-period :限制 CPU CFS周期;
# --cpu-quota :限制 CPU CFS配额;
# --cpuset-cpus :指定使用的CPU id;
# --cpuset-mems :指定使用的内存 id;
# --disable-content-trust :忽略校验,默认开启;
# -f :指定要使用的Dockerfile路径;
# --force-rm :设置镜像过程中删除中间容器;
# --isolation :使用容器隔离技术;
# --label=[] :设置镜像使用的元数据;
# -m :设置内存最大值;
# --memory-swap :设置Swap的最大值为内存+swap,"-1"表示不限swap;
# --no-cache :创建镜像的过程不使用缓存;
# --pull :尝试去更新镜像的新版本;
# --quiet, -q :安静模式,成功后只输出镜像 ID;
# --rm :设置镜像成功后删除中间容器;
# --shm-size :设置/dev/shm的大小,默认值是64M;
# --ulimit :Ulimit配置。
# --tag, -t: 镜像的名字及标签,通常 name:tag 或者 name 格式;可以在一次构建中为一个镜像设置多个标签。
# --network: 默认 default。在构建期间设置RUN指令的网络模式
dockerfile
docker build自己动手构建镜像
官方文档:https://docs.docker.com/engine/reference/builder/
dockerfile参数
- FROM
- ENV
- RUN
- CMD
- LABEL
- EXPOSE
- ADD
不仅可以copy文件,还可以下载远程文件。。。
如果是本地的zip包,还能自动解压。
- ENTRYPOINT
- VOLUME
- USER
- WORKDIR
- ONBUILD
- STOPSIGNAL
- HEALTHCHECK
1.新建项目 WebApplication1 空项目即可
2.新建 Dockerfile 配置文件
# 1-有了基础镜像
FROM mcr.microsoft.com/dotnet/core/sdk:2.2
# 2-把我的文件拷贝到这个操作系统中的/app文件夹中
COPY . /app
# 工作目录
WORKDIR /app
# 3-publish
RUN cd /app && dotnet publish "WebApplication1.csproj" -c Release -o /work
# 4-告诉外界我的app暴露的是80端口
EXPOSE 80
# else
ENV TZ Asia/Shanghai
ENV ASPNETCORE_ENVIRONMENT Production
# 作者信息
LABEL version="1.0"
LABEL author="wyt"
# 执行角色
USER root
# 设置工作目录
WORKDIR /work
# 4-启动
CMD ["dotnet","WebApplication1.dll"]
3.将 WebApplication1 整个目录拷贝到远程服务器下
4.构建镜像
cd /app/WebApplication1
docker build -t 13057686866/webapp:v1 .
5.运行容器
docker run -d -p 18000:80 --name webapp3 13057686866/webapp:v1
6.运行成功
curl http://192.168.103.240:18000/
Hello World!
Dockerfile优化策略
使用 .dockerignore 忽略文件
官方地址:https://docs.docker.com/engine/reference/builder/#dockerignore-file
**/.dockerignore
**/.env
**/.git
**/.gitignore
**/.vs
**/.vscode
**/*.*proj.user
**/azds.yaml
**/charts
**/bin
**/obj
**/Dockerfile
**/Dockerfile.develop
**/docker-compose.yml
**/docker-compose.*.yml
**/*.dbmdl
**/*.jfm
**/secrets.dev.yaml
**/values.dev.yaml
**/.toolstarget
0 条评论