Dockerfile theory + practice!!!

Dockerfile overview

  Dockerfile is the description file of the image file in docker. The straight white point is exactly what the image file is composed of step by step.
  for example: you bought a hanger on Taobao, but the seller did not send you a complete hanger, but some components and a drawing. You assemble the hanger step by step according to the drawing, and it will become the appearance you need. Then the dockerfile is the drawing, and the image file is the hanger you need. Dockerfile is not recommended to be named casually, just dockerfile.
  therefore, the Dockerfile contains instructions, each of which builds a layer. Therefore, the content of each instruction is to describe how the layer should be built.

The general process of Dockerfile execution by Docker:

(1) docker runs a container from the basic image;
(2) Execute an instruction and make changes to the container;
(3) Perform the operation similar to docker commit to submit a new image layer;
(4) docker then runs a new container based on the newly submitted image;
(5) Execute the next instruction in the dockerfile until all instructions are executed.

Different stages:

1. Dockerfile: it is the raw material of the software. You need to define a dockerfile, which defines everything the process needs. The contents of dockerfile include execution code or file, environment variable, dependency package, runtime environment, dynamic link library, etc;

2. Docker image: it is the delivery of software. After defining a file with Dockerfile, a docker image will be generated when docker is built. When docker image is running, services will be provided;

3. Docker container: it can be considered as the running state of software, and the container provides services directly.

Details of parameters of Dockerfile:

instructions Meaning
FROM mirror image Specifies the image on which the new image is based. The first instruction must be the FROM instruction, which is required for each image created
MAINTAINER name Explain the maintainer information of the new image
RUN command Executes commands on the mirror on which they are based and commits them to a new mirror
CMD ["program to run", "Parameter1", "parameter2"] The command or script to run when the command starts the container. The Dockerfile can only have one CMD command. If multiple commands are specified, only the last one can be executed
Exit port number Specify the port to open when the new image is loaded into Docker
ENV environment variable value Setting the value of an environment variable will be used by the following RUN
ADD source file / directory target file / directory Copy the source file to the target file. The source file should be in the same directory as the Dockerfile, or a URL
COPY source file / directory target file / directory Copy the file / directory on the local host to the destination, and the source file / directory should be in the same directory as the Dockerfile
VOLUME [directory] Create a mount point in the container
USER user name / UID Specify the user when the container runs
WORKDIR path Specify working directory for subsequent RUN, CMD, ENTRYPOINT
ONBUILD command Specifies the command to run when the generated image is used as a base image
HEALTHCHECK Health examination

Dockerfile practice

1. Building sshd image

[root@localhost ~]# cd /opt/
[root@localhost opt]# mkdir sshd  ##Create directory
[root@localhost opt]# cd sshd/
[root@localhost sshd]# vim Dockerfile  ##Write a dockerfile file

FROM centos    ##Download mirroring
MAINTAINER this is sshd <xu>   ##Descriptive information
RUN yum -y update
RUN yum -y install openssh* net-tools lsof telnet passwd
RUN echo '123456' | passwd --stdin root
RUN sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
RUN sed -i '/^session\s\+required\s\+pam_loginuid.so/s/^/#/' /etc/pam.d/sshd
RUN mkdir -p /root/.ssh && chown root.root /root && chmod 700 /root/.ssh
EXPOSE 22  ##port
CMD ["/usr/sbin/sshd" , "-D"]
[root@localhost sshd]# docker build -t sshd:new .   ##create mirror
89432272695ab560b18de75a064428e4a7c4a52dfce223afd2e85132ae6c3c72
[root@localhost sshd]# docker run -d -P sshd:new  ##Create maps and containers
[root@localhost sshd]# docker ps -a  ##View container status
CONTAINER ID        IMAGE               COMMAND               CREATED             STATUS              PORTS                   NAMES
89432272695a        sshd:new            "/usr/sbin/sshd -D"   7 seconds ago       Up 6 seconds        0.0.0.0:32768->22/tcp   sad_fermi
[root@localhost sshd]# ssh localhost -p 32768  ##Log in locally with ssh

2. Build system CTL image

[root@localhost ~]# cd /opt/
[root@localhost opt]# mkdir systemctl   ##Create directory
[root@localhost opt]# cd systemctl/
[root@localhost systemctl]# vim Dockerfile   ##Write a dockerfile file

FROM sshd:new
ENV container docker   ##Environmental Science
RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \
rm -f /lib/systemd/system/multi-user.target.wants/*; \
rm -f /etc/systemd/system/*.wants/*; \
rm -f /lib/systemd/system/local-fs.target.wants/*; \
rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
rm -f /lib/systemd/system/basic.target.wants/*; \
rm -f /lib/systemd/system/anaconda.target.wants/*;
VOLUME [ "/sys/fs/cgroup" ]
CMD ["/usr/sbin/init"]
[root@localhost systemctl]# docker build -t systemd:lasted .   ##create mirror
[root@localhost systemctl]# docker run --privileged -it -v /sys/fs/cgroup/:/sys/fs/cgroup:ro systemd:lasted /sbin/init
##The root in the private container has the real root permission. Otherwise, the root in the container is only a common external user permission.
[root@localhost ~]# docker exec -it 23a50d568c75 bash  ##Container entry
[root@23a50d568c75 /]# systemctl status sshd   ##View state

3. Build Nginx image

[root@localhost ~]# cd /opt/
[root@localhost opt]# mkdir nginx   ##Create Nginx directory
[root@localhost opt]# cd nginx/
[root@localhost nginx]# vim Dockerfile

FROM centos:7
MAINTAINER The is nginx <xu>
RUN yum install -y proc-devel gcc gcc-c++ zlib zlib-devel make openssl-devel wget
ADD nginx-1.12.2.tar.gz /usr/local
WORKDIR /usr/local/nginx-1.12.2/
RUN ./configure --prefix=/usr/local/nginx && make && make install
EXPOSE 80
EXPOSE 443
RUN echo "daemon off;">>/usr/local/nginx/conf/nginx.conf
WORKDIR /root/nginx
ADD run.sh /run.sh
RUN chmod 755 /run.sh
CMD ["/run.sh"]
[root@localhost nginx]# vim run.sh

#!/bin/bash
/usr/local/nginx/sbin/nginx   ##Start Nginx service
[root@localhost nginx]# mount.cifs //192.168.100.3/LNMP-C7 /mnt / ාා񖓿ාmount image
Password for root@//192.168.100.3/LNMP-C7:  
[root@localhost nginx]# cp /mnt/nginx-1.12.2.tar.gz ./   ##Copy to current directory
[root@localhost nginx]# docker build -t nginx:new .   ##create mirror
[root@localhost nginx]# docker run -d -P nginx:new    ##Create container
228c1f5b8070d52c6f19d03159ad93a60d682a586c0b1f944dc651ee40576a3e
[root@localhost nginx]# docker ps -a   ##View container
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                        PORTS                                           NAMES
228c1f5b8070        nginx:new           "/run.sh"                9 seconds ago       Up 8 seconds                  0.0.0.0:32770->80/tcp, 0.0.0.0:32769->443/tcp   busy_booth

Accessing web pages with browser

4. Building Tomcat image

[root@localhost opt]# mkdir tomcat
[root@localhost opt]# cd tomcat
[root@localhost tomcat]# cp /mnt/tomcat/jdk-8u91-linux-x64.tar.gz ./ ##Copy to current directory
[root@localhost tomcat]# cp /mnt/Tomcat1/tomcat/apache-tomcat-9.0.16.tar.gz ./
[root@localhost tomcat]# vim Dockerfile
FROM centos:7
MAINTAINER this is tomcat
ADD jdk-8u91-linux-x64.tar.gz /usr/local
WORKDIR /usr/local
RUN mv jdk1.8.0_91 /usr/local/java
ENV JAVA_HOME /usr/local/java     ##Setting environment variables
ENV JAVA_BIN /usr/local/java/bin
ENV JRE_HOME /usr/local/java/jre
ENV PATH $PATH:/usr/local/java/bin:/usr/local/java/jre/bin
ENV CLASSPATH /usr/local/java/jre/bin:/usr/local/java/lib:/usr/local/java/jre/lib/charsets.jar
ADD apache-tomcat-8.5.16.tar.gz /usr/local
WORKDIR /usr/local
RUN mv apache-tomcat-8.5.16 /usr/local/tomcat8
EXPOSE 8080
ENTRYPOINT ["/usr/local/tomcat8/bin/catalina.sh","run"]
[root@localhost tomcat]# docker build -t tomcat:centos .  ##create mirror
[root@localhost tomcat]# docker run --name tomcat01 -p 1234:8080 -it  tomcat:centos /bin/bash
##Create container

Access with browser

5. Building MySQL image

[root@localhost opt]# mkdir mysql
[root@localhost opt]# cd mysql
[root@localhost mysql]# cp /mnt/mysql-boost-5.7.20.tar.gz ./  ##Copy the compressed package to the current directory
[root@localhost mysql]# vim my.cnf  ##Create profile template in current directory

[client]
port = 3306
default-character-set=utf8
socket = /usr/local/mysql/mysql.sock

[mysql]
port = 3306
default-character-set=utf8
socket = /usr/local/mysql/mysql.sock

[mysqld]
user = mysql
basedir = /usr/local/mysql
datadir = /usr/local/mysql/data
port = 3306
character_set_server=utf8
pid-file = /usr/local/mysql/mysqld.pid
socket = /usr/local/mysql/mysql.sock
server-id = 1

sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,PIPES_AS_CONCAT,ANSI_QUOTES
[root@localhost mysql]# vim Dockerfile   ##Write a dockerfile file
FROM centos:7
RUN yum -y install \
ncurses \
ncurses-devel \
bison \
cmake \
make \
gcc \
gcc-c++
RUN useradd -s /sbin/nologin mysql
ADD mysql-boost-5.7.20.tar.gz /usr/local/src
WORKDIR /usr/local/src/mysql-5.7.20/
RUN cmake \
-DCMAKE_INSTALL_PREFIX=/usr/local/mysql \
-DMYSQL_UNIX_ADDR=/usr/local/mysql/mysql.sock \
-DSYSCONFDIR=/etc \
-DSYSTEMD_PID_DIR=/usr/local/mysql \
-DDEFAULT_CHARSET=utf8 \
-DDEFAULT_COLLATION=utf8_general_ci \
-DWITH_INNOBASE_STORAGE_ENGINE=1 \
-DWITH_ARCHIVE_STORAGE_ENGINE=1 \
-DWITH_BLACKHOLE_STORAGE_ENGINE=1 \
-DWITH_PERFSCHEMA_STORAGE_ENGINE=1 \
-DMYSQL_DATADIR=/usr/local/mysql/data \
-DWITH_BOOST=boost \
-DWITH_SYSTEMD=1 && make && make install
RUN chown -R mysql:mysql /usr/local/mysql/
RUN rm -rf /etc/my.cnf
ADD my.cnf /etc
RUN chown mysql:mysql /etc/my.cnf
ENV PATH=/usr/local/mysql/bin:/usr/local/mysql/lib:$PATH
WORKDIR /usr/local/mysql/
RUN bin/mysqld \
--initialize-insecure \
--user=mysql \
--basedir=/usr/local/mysql \
--datadir=/usr/local/mysql/data
RUN cp /usr/local/mysql/usr/lib/systemd/system/mysqld.service /usr/lib/systemd/system/
EXPOSE 3306
RUN echo -e "#!/bin/sh \nsystemctl enable mysqld" > /run.sh
RUN chmod 755 /run.sh
RUN sh /run.sh
CMD ["init"]
[root@localhost mysql]# docker build -t centos:mysql .   ##create mirror
[root@localhost mysql]# docker run --name=mysql_server -d -P --privileged centos:mysql 
##Create container
[root@localhost mysql]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS              PORTS                     NAMES
998dc9797102        centos:mysql        "init"              About a minute ago   Up About a minute   0.0.0.0:32768->3306/tcp   mysql_server
[root@localhost mysql]# docker exec -it 998dc9797102 /bin/bash

[root@998dc9797102 mysql]# mysql
mysql> grant all privileges on *.* to 'root'@'%' identified by 'abc123';
mysql> grant all privileges on *.* to 'root'@'localhost' identified by 'abc123';
[root@localhost ~]# mysql -h 192.168.13.128 -u root -P 32768 -pabc123
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MySQL connection id is 4
Server version: 5.7.20 Source distribution

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MySQL [(none)]> 

Tags: Linux MySQL Docker Nginx Tomcat

Posted on Wed, 15 Jan 2020 03:25:46 -0500 by venom999