第50天-Docker-dockerfile镜像制作与命令详解

1.docker命令使用详解-上
2.docker命令使用详解-下
3.docker镜像制作简介
4.基于Dockerfile制作nginx镜像
5.镜像分层构建-上
6.镜像分层构建-下
7.镜像构建总结


     
1.docker命令使用详解-上
 
2.docker命令使用详解-下
 
3.docker镜像制作简介
 
4.基于Dockerfile制作nginx镜像
创建nginx基础镜像
==================
下载nginx源码包
# wget http://nginx.org/download/nginx-1.18.0.tar.gz

下载源镜像:
# docker pull  centos:7.8    #需要联网pull基础centos镜像
# dr load -i  /opt/centos7.8.2003-image.tar.gz   不需要联网pull基础centos镜像，本地位置D:\和彩云同步文件夹\Service optimization file\Docker\ubuntu1804\docker镜像仓库\root-IOS\centos7.8.2003-image.tar.gz

创建目录环境
目录结构按照业务类型或系统类型等方式划分,方便后期镜像比较多的时候进行分类。
# cd /opt/   &&  mkdir  dockerfile/{web/{nginx,tomcat,jdk,apache},system/{centos,ubuntu,redhat}} -pv 

创建并配置nginx镜像所需文件
所有nginx镜像服务配置文件都放在统一目录all-in-one
# mkdir -p /opt/dockerfile/web/nginx/all-in-one  &&  cd /opt/dockerfile/web/nginx/all-in-one   




0.Dockerfile         创建镜像制作必要Dockerfile文件
-------------------------------------------------
# cd /opt/dockerfile/web/nginx/all-in-one  
vim Dockerfile
#
#
#base image  for jackie nginx
FROM  centos:7.8.2003
maintainer  "jackie 985848343qq.com"
RUN yum install epel-release -y  && yum install -y vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools  iotop 

构建1层nginx镜像
-t    名字加上标签版本
# docker build -t   harbor.jackie.com/m43/nginx-web:1.16.1  .

测试结果:
查看镜像执行过程
# dr history harbor.jackie.com/m43/nginx-web:1.16.1



1.COPY     Dockerfile文件添加一行
-------------------------------
copy只能复制到本地目录
# cd /opt/dockerfile/web/nginx/all-in-one  
vim Dockerfile 
#
#
#base image  for jackie nginx
FROM  centos:7.8.2003 
maintainer  "jackie 985848343qq.com" 
RUN yum install epel-release -y  && yum install -y vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools  iotop
COPY nginx-1.18.0.tar.gz /usr/local/src/

构建2层镜像:
# docker build -t  harbor.jackie.com/m43/nginx-web:1.16.2   .

测试结果:
进入容器查看是否执行成功
# dr run -it harbor.jackie.com/m43/nginx-web:1.16.2 bash 
测试:
# ll /usr/local/src


2. ADD    添加,Dockerfile文件添加一行
-------------------------------------
自动解压tar包到指定目录
# cd /opt/dockerfile/web/nginx/all-in-one  
vim Dockerfile
#
#
#base image  for jackie nginx
FROM  centos:7.8.2003 
maintainer  "jackie 985848343qq.com" 
RUN yum install epel-release -y  && yum install -y vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools  iotop
#COPY nginx-1.18.0.tar.gz /usr/local/src/
ADD   nginx-1.18.0.tar.gz /usr/local/src/

构建3层镜像:
# docker build -t  harbor.jackie.com/m43/nginx-web:1.16.3   .

测试结果:
# dr run -it harbor.jackie.com/m43/nginx-web:1.16.3 bash 
测试:
# ll /usr/local/src


3 RUM  进入解压文件夹后执行编译命令
--------------------------------
# cd /opt/dockerfile/web/nginx/all-in-one  
# vim Dockerfile

#
#
#base image  for jackie nginx
FROM  centos:7.8.2003
maintainer  "jackie 985848343qq.com"
RUN yum install epel-release -y  && yum install -y vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools  iotop
# COPY nginx-1.18.0.tar.gz /usr/local/src/
ADD   nginx-1.18.0.tar.gz /usr/local/src/
RUN cd /usr/local/src/nginx-1.18.0  && ./configure --prefix=/apps/nginx  --with-http_sub_module  &&  make && make install

构建4层镜像:
# docker build -t  harbor.jackie.com/m43/nginx-web:1.16.2   .

测试结果:
进入容器并映射端口
# dr run -it  --rm -p 8080:80  harbor.jackie.com/m43/nginx-web:1.16.2  bash 
启动容器中nginx服务
[root@2b360f893e0b /]#  /apps/nginx/sbin/nginx 
测试8080端口:
http://172.31.7.16:8080/



4.再添加一行RUN与两行ADD      修改编译安装nginx的主配置文件中代码存放位置  
---------------------------------------------------------------------
# cd /opt/dockerfile/web/nginx/all-in-one  
vim Dockerfile  
#
#
#base image  for jackie nginx
FROM  centos:7.8.2003
maintainer  "jackie 985848343qq.com"
RUN yum install epel-release -y  && yum install -y vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools  iotop
# COPY nginx-1.18.0.tar.gz /usr/local/src/
ADD   nginx-1.18.0.tar.gz /usr/local/src/
RUN cd /usr/local/src/nginx-1.18.0  && ./configure --prefix=/apps/nginx  --with-http_sub_module  &&  make && make install
RUN  useradd  nginx  -u 2022
ADD nginx.conf  /apps/nginx/conf/nginx.conf
ADD  code.tar.gz /data/nginx/html  #把压缩文件自动解压到/data/nginx/html目录下

修改并拷贝容器中的配置文件:/apps/nginx/conf/nginx.conf  
# dr cp 2b360f893e0b:/apps/nginx/conf/nginx.conf  .  
# vim nginx.conf 
user  nginx;

        location / {
            root   /data/nginx/html;       #修改存放代码路径
            index  index.html index.htm;
        }

创建宿主机存放代码的目录
# mkdir  /opt/dockerfile/web/nginx/all-in-one/code   &&  cd /opt/dockerfile/web/nginx/all-in-one/code
创建代码页面,并在当前目录给代码打包
# echo  jackie  come in  > index.html  &&   tar zcvf  code.tar.gz index.html 
移动到all-in-one目录下
# mv code.tar.gz  ../.

构建5层镜像:
# docker build -t  harbor.jackie.com/m43/nginx-web:1.16.2   .

测试结果:
# dr run -it --rm  -p 8080:80  harbor.jackie.com/m43/nginx-web:1.16.2  bash 
查看命令在容器内执行结果
[root@e8b497483ea7 /]# id nginx
[root@51ab41728ef5 /]# tree /data/
[root@51ab41728ef5 /]# cat /apps/nginx/conf/nginx.conf
[root@51ab41728ef5 /]# /apps/nginx/sbin/nginx -t
[root@e8b497483ea7 /]# /apps/nginx/sbin/nginx       启动容器nginx服务
测试访问8080
http://172.31.7.16:8080/


5.CMD      启动容器服务默认命令的使用
-----------------------------------
# cd  /opt/dockerfile/web/nginx/all-in-one
vim  Dockerfile  
#
#
#base image  for jackie nginx
FROM  centos:7.8.2003
maintainer  "jackie 985848343qq.com"
RUN yum install epel-release -y  && yum install -y vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools  iotop
# COPY nginx-1.18.0.tar.gz /usr/local/src/
ADD   nginx-1.18.0.tar.gz /usr/local/src/
RUN cd /usr/local/src/nginx-1.18.0  && ./configure --prefix=/apps/nginx  --with-http_sub_module  &&  make && make install
RUN  useradd  nginx  -u 2022
ADD nginx.conf  /apps/nginx/conf/nginx.conf
ADD  code.tar.gz /data/nginx/html
ADD  run_nginx.sh  /apps/nginx/sbin/run_nginx.sh
EXPOSE 80 443
CMD ["/apps/nginx/sbin/run_nginx.sh"]

再次配置nginx.conf，使其前台执行
# cd /opt/dockerfile/web/nginx/all-in-one
# vim  nginx.conf 
daemon off;           #添加daemon off;关闭守护进程模式

设置容器中的nginx服务启动脚本    run_nginx.sh  
# cd /opt/dockerfile/web/nginx/all-in-one  
vim  run_nginx.sh
#!/bin/bash
echo "172.31.7.111"  > /etc/hosts
/apps/nginx/sbin/nginx
添加执行权限
# chmod a+x    run_nginx.sh

构建6层镜像
# docker build -t  harbor.jackie.com/m43/nginx-web:1.16.2   .


测试结果
# dr run -it --rm -p 8080:80  harbor.jackie.com/m43/nginx-web:1.16.2  
测试访问:
http://172.31.7.16:8080/




例:
CMD        启动容器的服务默认的命令启用的另一种实现形式
---------------------------------------------------
# cd  /opt/dockerfile/web/nginx/all-in-one
vim  Dockerfile  
#
#
#base image  for jackie nginx
FROM  centos:7.8.2003
maintainer  "jackie 985848343qq.com"
RUN yum install epel-release -y  && yum install -y vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools  iotop
# COPY nginx-1.18.0.tar.gz /usr/local/src/
ADD   nginx-1.18.0.tar.gz /usr/local/src/
RUN cd /usr/local/src/nginx-1.18.0  && ./configure --prefix=/apps/nginx  --with-http_sub_module  &&  make && make install
RUN  useradd  nginx  -u 2022
ADD nginx.conf  /apps/nginx/conf/nginx.conf
ADD  code.tar.gz /data/nginx/html
EXPOSE 80 443
CMD ["/apps/nginx/sbin/nginx","-g","daemon off;"]




镜像文件以layer方式以层的方式存储
# ll /var/lib/docker/image/overlay2/layerdb/mounts

查看目录下文件的大小
# du -sh /var/lib/docker/*
20K /var/lib/docker/builder
72K /var/lib/docker/buildkit
5.镜像分层构建-上
再centos系统安装基础命令
=======================
1.创建Dockerfile文件
# cd /opt/dockerfile/system/centos
# vim Dockerfile
FROM centos:7.8.2003
LABEL  maintainer="zhuzikang [email protected]"
RUN yum install epel-release -y  && yum install -y vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools  iotop  && groupadd www -g 2022 && useradd www -u 2022 -g www

2.设置脚本后，启动时不在用镜像名字，执行脚本
传递参数变量
# vim build-command.sh 
#!/bin/bash
Tag=$1
docker build -t harbor.jackie.net/centos:${Tag}  .

3.启动脚本
# bash build-command.sh
# bash build-command.sh  2021-4-16-0-25



安装tomcat的依赖JDK服务
=======================
# mkdir /opt/dockerfile/web/jdk/jdk-8u-281 -p  && cd  jdk-8u-281
上传: jdk-8u281-linux-x64.tar.gz
修改容器内文件: profile   #从容器中下载profile文件到本地目录/jdk-8u-281中，并修改文件，添加jdk环境变量
# dr run -it harbor.jackie.net/centos:7.8.2003  bash
# docker cp d765810a9131:/etc/profile  .
构建: 
build-command.sh
Dockerfile

构建Dockerfile
# vim Dockerfile                           
FROM harbor.jackie.net/centos:7.8.2003
LABEL maintainer="zhuzikang [email protected]"
ADD jdk-8u281-linux-x64.tar.gz  /usr/local/src
RUN ln -sv /usr/local/src/jdk1.8.0_281 /usr/local/jdk
ADD profile  /etc/profile
ENV name  jackie
ENV  JAVA_HOME  /usr/local/jdk
ENV JRE_HOME $JAVA_HOME/jre
ENV CLASSPATH $JAVA_HOME/lib/:$JRE_HOME/lib/
ENV PATH $PATH:$JAVA_HOME/bin
RUN rm -rf /etc/localtime && ln -snf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

构建build-command.sh
# vim build-command.sh                      
#!/bin/bash
docker build -t harbor.jackie.com/centos-jdk-base:8u281  .

启动容器
# bash  build-command.sh

测试数据
# dr run -it --rm harbor.jackie.com/centos-jdk-base:8u281 bash
查看环境变量
# cat /etc/profile
export JAVA_HOME=/usr/local/jdk
export TOMCAT_HOME=/apps/tomcat
export PATH=$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$TOMCAT_HOME/bin:$PATH
export CLASSPATH=.$CLASSPATH:$JAVA_HOME/lib:$JAVA_HOME/jre/lib:$JAVA_HOME/lib/tools.jar
JDK环境的创建结果
$ java -version
普通用户的java环境
# su - www
# java --version
完成JDK镜像



创建tomcat基础镜像
====================
配置tomcat启动程序路径
# cd /opt/dockerfile/web/tomcat/
# mkdir tomcat-base-9.0.38  && cd tomcat-base-9.0.38
上传: apache-tomcat-9.0.38.tar.gz
构建: 
build-command.sh
Dockerfile

构建: Dockerfile
# vim  Dockerfile 
FROM harbor.jackie.com/centos-jdk-base:8u281
LABEL maintainer="zhuzikang [email protected]"
#VOLUME   /data  /apps      #通常用于挂载点使用
RUN ln -sv /apps/apache-tomcat-9.0.38   /apps/tomcat   

构建: 
build-command.sh
# vim build-command.sh
#!/bin/bash
docker build -t harbor.jackie.com/centos-tomcat-base:v9.0.39  .

启动tomcat
# bash build-command.sh 
设置普通用户执行权限
# dr run -it -p 8080:8080  harbor.jackie.com/centos-tomcat-base:v9.0.39 bash
# chown  www.www /apps/ -R
使用普通用户启动tomcat
# su - www -c "/apps/tomcat/bin/catalina.sh start"


测试结果:
# dr run -it  harbor.jackie.com/centos-tomcat-base:v9.0.39 bash
# ll /apps/
lrwxrwxrwx 1 root root   26 Apr 16 03:14 tomcat -> /apps/apache-tomcat-9.0.38
6.镜像分层构建-下
创建tomcat app1业务镜像
======================
The first step-创建:           myapp
The two step-构建：            Dockerfile文件、 build-command.sh 
The three step-修改容器内tomcat配置文件:  server.xml
The four step-创建启动容器服务脚本:       run_tomcat.sh

创建: 代码目录myapp,并打包
# cd  /opt/dockerfile/web/tomcat/tomcat-app1  &&  mkdir myapp  && vim /myapp/index.jsp
<h1> jackie tomcat app1 web1 </h1>
# tar czvf myapp.tar.gz myapp/


构建: Dockerfile
#  mkdir /opt/dockerfile/web/tomcat/tomcat-app1/  -p 
# cd  /opt/dockerfile/web/tomcat/tomcat-app1
vim  Dockerfile
# jackie tomcat app1
#此镜像已经集成了java与jdk环境，与工作账号
FROM  harbor.jackie.com/centos-tomcat-base:v9.0.39   
#指定创造则是谁
LABEL maintainer="jackie [email protected]"
# 在/opt/dockerfile/web/tomcat/tomcat-app1目录文件中添加修改好的配置文件
ADD  server.xml /apps/tomcat/conf/server.xml
# 本地的代码解压后，形成在webapps下的一个myapp目录
ADD myapp.tar.gz /data/tomcat/webapps
# 此操作需要在最后改，修改执行权限，让普通用户wwww能够执行操作
RUN chown www.www  /data/  /apps -R
# 设置容器内服务暴露的端口
EXPOSE  8080 8843
#执行脚本运行容器内服务
CMD ["/apps/tomcat/bin/run_tomcat.sh"]


拷贝已经修改过的配置文件到此目录下
# cd /opt/dockerfile/web/tomcat/tomcat-app1
# dr cp 7be28fdd7454:/apps/tomcat/conf/server.xml  .


修改容器内tomcat配置文件
# dr run -it --rm  harbor.jackie.com/centos-tomcat-base:v9.0.39  bash
# vim /apps/tomcat/conf/server.xml 
   <Host name="localhost"  appBase="/data/tomcat/webapps"
            unpackWARs="false" autoDeploy="false">
# mkdir /data/tomcat/webapps -p 


构建: build-command.sh 
# vim build-command.sh
#!/bin/bash
docker build -t harbor.jackie.com/tomcat-app1:app1  .
# chmod  a+x build-command.sh 


创建启动容器服务脚本:
# cd  /opt/dockerfile/web/tomcat/tomcat-app1
# vim run_tomcat.sh
#!/bin/bash
su  -  www -c "/apps/tomcat/bin/catalina.sh start"  # 容器内部使用的脚本，start，是指在后台执行，这里可以使用run在容器前台执行
tail -f /etc/hosts   # 创建一个在容器里初始化为一的初始化进程
# chmod  a+x run_tomcat.sh


启动测试：
# dr run -it --rm -p 8080:8080 harbor.jackie.com/tomcat-app1:app1;
http://172.31.7.16:8080/myapp/




创建tomcat app2业务镜像
=======================
复制app1的业务镜像内容
# cd /opt/dockerfile/web/tomcat
# cp -r tomcat-app1/  tomcat-app2  && cd   tomcat-app2 

修改代码
# vim  myapp/index.jsp
<h1> jackie tomcat app2 web2 </h1>
给代码打包
# tar czvf myapp.tar.gz myapp/

修改build_install.sh内容，使其创建的镜像为app2所用
vim   build-command.sh
#!/bin/bash
docker build -t harbor.jackie.com/tomcat-app2:app2  .


测试结果
-d    后台执行
--rm  退出容器以后,这个容器就被删除了,方便在临时测试使用
# dr run -it -d --rm -p 8080:8080 harbor.jackie.com/tomcat-app2:app2
访问:
http://172.31.7.16:8080/myapp/




Haporxy镜像的构建
=================
构建dockerfile文件
构建build_install.sh
构建run_haproxy.sh启动脚本
构建haproxy反向代理文件
构建haproxy镜像
# cd  /opt/dockerfile/web && mkdir haproxy  && cd haproxy
# cd /opt/dockerfile/web/haproxy


构建dockerfile文件
vim  Dockerfile
# harpoxy image
FROM  harbor.jackie.net/centos-base:7.8.2003 
LABEL maintainer="jackie [email protected]"
RUN  yum  install libtermcap-devel  ncurses-devel libevent-devel readline-devel gcc gcc-c++ glibc glibc-devel pcre pcre-devel  openssl openssl-devel systemd-devel net-tools vim iotop bc zip unzip zlib-devel lrzsz tree screen lsof tcpdump wget ntpdate -y
ADD run_haproxy.sh  /apps/haproxy/bin/run_haproxy.sh
ADD haproxy.cfg /etc/haproxy/haproxy.cfg
EXPOSE 80 9999
CMD  ["/apps/haproxy/bin/run_haproxy.sh"]


构建build_install.sh
vim build_install.sh
#!/bin/bash
docker build -t  harbor.jackie.com/harproxy:v2.2.11  .


构建run_haproxy.sh启动脚本
# touch run_haproxy.sh  && chmod a+x run_haproxy.sh
vim  run_haproxy.sh
#!/bin/bash
/apps/haproxy/sbin/haproxy  -f /etc/haproxy/haproxy.cfg
tail -f  /etc/hosts


构建haproxy反向代理文件
# vim haproxy.cfg 
global
maxconn 100000
chroot /apps/haproxy
stats socket /apps/haproxy/haproxy.sock mode 600 level admin
uid 99
gid 99
daemon
#nbproc 4
#cpu-map 1 0
#cpu-map 2 1
#cpu-map 3 2
#cpu-map 4 3
pidfile /apps/haproxy/haproxy.pid
log 127.0.0.1 local3 info

defaults
option http-keep-alive
option  forwardfor
maxconn 100000
mode http
timeout connect 300000ms
timeout client  300000ms
timeout server  300000ms

listen stats
 mode http
 bind 0.0.0.0:9999
 stats enable
 log global
 stats uri     /haproxy-status
 stats auth    haadmin:123456

listen  web_port
 bind 0.0.0.0:80              
 mode http
 log global
 server web1  172.31.7.14:8080  check inter 3000 fall 2 rise 5    
 server web2  172.31.7.15:8080  check inter 3000 fall 2 rise 5


构建haproxy镜像
# bash build_install.sh 


测试结果:   haproxy是否开启
# dr run -it --rm -p 8800:80 harbor.jackie.com/harproxy:v2.2.11
# ll /apps/haproxy/
# /apps/haproxy/sbin/haproxy  -v
# dr run -it -p 80:80 -p 9999:9999 harbor.jackie.com/harproxy:v2.2.11
# dr exec -it ee64a17fb0e6  bash
[root@ee64a17fb0e6 /]# ps -ef |grep haproxy
[root@ee64a17fb0e6 /]# ss -ntl
LISTEN     0      128      *:9999                 *:*                  
LISTEN     0      128      *:80                   *:* 


测试结果:   haproxy是否生效
http://172.31.7.16:9999/haproxy-status
用户名 haadmin
密码   123456
http://172.31.7.16/myapp/          #实现轮询调度
jackie tomcat app15 web15
jackie tomcat app2 web2


172.31.7.14与172.31.7.15
------------------------
两台机器同时执行
D:\和彩云同步文件夹\Service optimization file\Docker\ubuntu1804\opt\dockerfile\web\tomcat\tomcat\tomcat-app2\harbor.jackie.com-tomcat-app2:app2.tar.gz 
# dr load -i harbor.jackie.com-tomcat-app2\:app2.tar.gz 
# dr run -it -d  -p 8080:8080 harbor.jackie.com/tomcat-app2:app2

测试访问:
http://172.31.7.14:8080/myapp/
http://172.31.7.15:8080/myapp/


172.31.7.15
-------------
修改其代码
#  dr exec -it 2731ac552335 bash
#  vim /data/tomcat/webapps/myapp/index.jsp
<h1> jackie tomcat app15 web15 </h1>


image-20210420152955106

image-20210420160050238
7.镜像构建总结