build.sh
#!/bin/bash # 构建镜像 imageName=mveldemo version=v1.0 level=i echo "imageName: $imageName" echo "=========开始构建Dockerfile===========" docker build -f Dockerfile -t $imageName:$version . echo "=========构建完成Dockerfile===========" echo "=========开始 tag Dockerfile===========" docker tag $imageName:$version seccraft.hub.com/quality_and_operations/$imageName\_$level:$version echo "=========结束 tag Dockerfile===========" echo "=========开始 推送镜像到仓库===========" docker push seccraft.hub.com/quality_and_operations/$imageName\_$level:$version echo "=========结束 推送镜像到仓库==========="
docker-compose
version: '3'
services:
# web服务只要暴露端口即可
target_machine:
image: seccraft.hub.com/quality_and_operations/mveldemo_i:v1.0
stdin_open: true
restart: always
container_name: mveldemo
ports:
- "9300:9300"
deploy:
resources:
limits:
memory: 500M
docker-entrypoint.sh
#!/bin/bash
set -e
# Add elasticsearch as command if needed
if [ "${1:0:1}" = '-' ]; then
set -- elasticsearch "$@"
fi
# As argument is not related to elasticsearch,
# then assume that user wants to run his own process,
# for example a `bash` shell to explore this image
exec "$@"
Dockerfile
FROM openjdk:8-jdk-alpine
RUN rm -rf /usr/share/elasticsearch
RUN mkdir -p /usr/share/elasticsearch
COPY logging.yml ./config/logging.yml
COPY docker-entrypoint.sh /
COPY elasticsearch-1.1.1.tar.gz /usr/share/elasticsearch
RUN tar -zxvf /usr/share/elasticsearch/elasticsearch-1.1.1.tar.gz \
--strip-components 1 -C /usr/share/elasticsearch
RUN set -ex \
&& chmod +x /docker-entrypoint.sh
ENV PATH /usr/share/elasticsearch/bin:$PATH
WORKDIR /usr/share/elasticsearch
EXPOSE 9300
ENTRYPOINT ["/docker-entrypoint.sh"]
CMD ["elasticsearch"]
logging.yml
# you can override this using by setting a system property, for example -Des.logger.level=DEBUG
es.logger.level: INFO
rootLogger: ${es.logger.level}, console
logger:
# log action execution errors for easier debugging
action: DEBUG
# reduce the logging for aws, too much is logged under the default INFO
com.amazonaws: WARN
appender:
console:
type: console
layout:
type: consolePattern
conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %m%n"
下载elasticsearch
https://download.elastic.co/elasticsearch/elasticsearch/elasticsearch-1.1.1.tar.gz
标签:MVEL,share,echo,漏洞,imageName,elasticsearch,usr,docker From: https://www.cnblogs.com/Adam-Ye/p/17794351.html