dockerfile镜像实战
一、构建SSH镜像
mkdir /opt/sshd cd /opt/sshd vim Dockerfile #第一行必须指明基于的基础镜像 FROM centos:7 #作者信息 MAINTAINER this is ssh image <ly> #镜像的操作指令 RUN yum -y update RUN yum -y install openssh* net-tools lsof telnet passwd RUN echo 'abc123' | passwd --stdin root RUN sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config #不使用PAM认证 RUN sed -ri '/^session\s+required\s+pam_loginuid.so/s/^/#/' /etc/pam.d/sshd #取消pam限制 RUN ssh-keygen -t rsa -A #生成密钥认证文件 RUN mkdir -p /root/.ssh && chown root.root /root && chmod 700 /root/.ssh EXPOSE 22 CMD ["/usr/sbin/sshd" , "-D"] //生成镜像 docker build -t sshd:centos . //启动容器并修改root密码 docker run -d -P sshd:centos docker ps -a ssh localhost -p 49155
注:
yum -y update(所有都升级和改变)
升级所有包,系统版本和内核,改变软件设置和系统设置
二、构建Systemctl镜像
mkdir /opt/systemctl cd /opt/systemctl vim Dockerfile FROM sshd:centos MAINTAINER this is systemctl image <ly> ENV container docker #除了systemd-tmpfiles-setup.service,删除其它所有文件 RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \ rm -f /lib/systemd/system/multi-user.target.wants/*; \ rm -f /etc/systemd/system/*.wants/*; \ rm -f /lib/systemd/system/local-fs.target.wants/*; \ rm -f /lib/systemd/system/sockets.target.wants/*udev*; \ rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ rm -f /lib/systemd/system/basic.target.wants/*;\ rm -f /lib/systemd/system/anaconda.target.wants/*; VOLUME [ "/sys/fs/cgroup" ] #CMD ["/usr/sbin/init"] //生成镜像 docker build -t systemd:centos . //启动容器,并挂载宿主机目录挂载到容器中,和进行初始化 docker run --privileged -it -v /sys/fs/cgroup:/sys/fs/cgroup:ro systemd:centos /sbin/init & #--privileged:使container内的root拥有真正的root权限。否则,container内的root只是外部的一个普通用户权限。 docker ps -a //进入容器 docker exec -it a0d624d2bfa9 bash systemctl status sshd 方法二: docker run -d -P --privileged sshd:centos /usr/sbin/init &
docker run中-v参数的用法解释
宿主机绑定: -v<host>:<container>:[rw|ro]
<host>表示宿主目录
<container>表示容器目录
三、nginx镜像
mkdir /opt/nginx cd /opt/nginx/ cp /opt/nginx-1.12.0.tar.gz /opt/nginx vim Dockerfile #基于基础镜像 FROM centos:7 #用户信息 MAINTAINER this is nginx image <ly> #添加环境包 RUN yum -y update RUN yum -y install pcre-devel zlib-devel gcc gcc-c++ make RUN useradd -M -s /sbin/nologin nginx #上传nginx软件压缩包,并解压 ADD nginx-1.12.0.tar.gz /usr/local/src/ #指定工作目录 WORKDIR /usr/local/src/nginx-1.12.0 RUN ./configure \ --prefix=/usr/local/nginx \ --user=nginx \ --group=nginx \ --with-http_stub_status_module && make && make install ENV PATH /usr/local/nginx/sbin:$PATH #指定http和https端口 EXPOSE 80 EXPOSE 443 RUN echo "daemon off;" >> /usr/local/nginx/conf/nginx.conf #关闭 nginx 在后台运行 #添加宿主机中run.sh到容器中 ADD run.sh /run.sh RUN chmod 755 /run.sh CMD ["/run.sh"] vim run.sh #!/bin/bash /usr/local/nginx/sbin/nginx //创建新镜像 docker build -t nginx:centos . docker run -d -P nginx:centos docker ps -a 5df9e4383b96 nginx:centos "/run.sh" 15 seconds ago Up 15 seconds 0.0.0.0:32769->80/tcp, 0.0.0.0:32768->443/tcp silly_davinci http://192.168.229.90:32769
四、构建tomcat 镜像
mkdir /opt/tomcat cd /opt/tomcat cp /opt/jdk-8u91-linux-x64.tar.gz /opt/tomcat cp /opt/apache-tomcat-8.5.16.tar.gz /opt/tomcat vim Dockerfile FROM centos:7 MAINTAINER this is tomcat image <ly> ADD jdk-8u91-linux-x64.tar.gz /usr/local/ WORKDIR /usr/local/ RUN mv jdk1.8.0_91 /usr/local/java ENV JAVA_HOME /usr/local/java ENV JRE_HOME ${JAVA_HOME}/jre ENV CLASSPATH .:${JAVA_HOME}/lib:${JRE_HOME}/lib ENV PATH $JAVA_HOME/bin:$PATH ADD apache-tomcat-8.5.16.tar.gz /usr/local/ WORKDIR /usr/local/ RUN mv apache-tomcat-8.5.16 /usr/local/tomcat EXPOSE 8080 #CMD ["/usr/local/tomcat/bin/catalina.sh","run"] ENTRYPOINT ["/usr/local/tomcat/bin/catalina.sh","run"] //创建新镜像 docker build -t tomcat:centos . docker run -d --name tomcat1 -p 1315:8080 tomcat:centos http://192.168.229.90:1315
五、构建mysql镜像
mkdir /opt/mysqld cd /opt/mysqld vim Dockerfile FROM centos:7 MAINTAINER this is mysql image <ly> RUN yum -y install gcc gcc-c++ ncurses ncurses-devel bison cmake make RUN useradd -M -s /sbin/nologin mysql ADD mysql-boost-5.7.20.tar.gz /usr/local/src/ WORKDIR /usr/local/src/mysql-5.7.20/ RUN cmake \ -DCMAKE_INSTALL_PREFIX=/usr/local/mysql \ -DMYSQL_UNIX_ADDR=/usr/local/mysql/mysql.sock \ -DSYSCONFDIR=/etc \ -DSYSTEMD_PID_DIR=/usr/local/mysql \ -DDEFAULT_CHARSET=utf8 \ -DDEFAULT_COLLATION=utf8_general_ci \ -DWITH_INNOBASE_STORAGE_ENGINE=1 \ -DWITH_ARCHIVE_STORAGE_ENGINE=1 \ -DWITH_BLACKHOLE_STORAGE_ENGINE=1 \ -DWITH_PERFSCHEMA_STORAGE_ENGINE=1 \ -DMYSQL_DATADIR=/usr/local/mysql/data \ -DWITH_BOOST=boost \ -DWITH_SYSTEMD=1 && make && make install RUN chown -R mysql:mysql /usr/local/mysql/ RUN rm -rf /etc/my.cnf ADD my.cnf /etc/ RUN chown mysql:mysql /etc/my.cnf ENV PATH=/usr/local/mysql/bin:/usr/local/mysql/lib:$PATH WORKDIR /usr/local/mysql/ RUN bin/mysqld \ --initialize-insecure \ --user=mysql \ --basedir=/usr/local/mysql \ --datadir=/usr/local/mysql/data RUN cp /usr/local/mysql/usr/lib/systemd/system/mysqld.service /usr/lib/systemd/system/ EXPOSE 3306 ADD run.sh /usr/local/src RUN chmod 755 /usr/local/src/run.sh RUN sh /usr/local/src/run.sh #CMD ["/usr/sbin/init"] vim my.cnf [client] port = 3306 default-character-set=utf8 socket = /usr/local/mysql/mysql.sock [mysql] port = 3306 default-character-set=utf8 socket = /usr/local/mysql/mysql.sock [mysqld] user = mysql basedir = /usr/local/mysql datadir = /usr/local/mysql/data port = 3306 character_set_server=utf8 pid-file = /usr/local/mysql/mysqld.pid socket = /usr/local/mysql/mysql.sock server-id = 1 sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,PIPES_AS_CONCAT,ANSI_QUOTES vim run.sh #!/bin/bash /usr/local/mysql/bin/mysqld systemctl enable mysqld //创建新镜像 docker build -t mysql:centos . //启动容器,并进行初始化 docker run --name=mysql_server -d -P --privileged mysql:centos /usr/sbin/init & //进容器给权限 docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES f9a4d8f6c65f mysql:centos "/usr/sbin/init" 17 seconds ago Up 16 seconds 0.0.0.0:49153->3306/tcp mysql_server //进入容器,授权远程连接 mysql docker exec -it f9a4d8f6c65f /bin/bash mysql -u root -p grant all privileges on *.* to 'root'@'%' identified by 'abc123'; grant all privileges on *.* to 'root'@'localhost' identified by 'abc123'; flush privileges; //在客户端连接mysql容器 mysql -h 192.168.229.90 -u root -P 49153 -pabc123
编写Dockerfile文件
FROM centos:7 MAINTAINER this is mysql image <ly> RUN yum -y install gcc gcc-c++ ncurses ncurses-devel bison cmake make RUN useradd -M -s /sbin/nologin mysql ADD mysql-boost-5.7.20.tar.gz /usr/local/src/ WORKDIR /usr/local/src/mysql-5.7.20/ RUN cmake \ -DCMAKE_INSTALL_PREFIX=/usr/local/mysql \ -DMYSQL_UNIX_ADDR=/usr/local/mysql/mysql.sock \ -DSYSCONFDIR=/etc \ -DSYSTEMD_PID_DIR=/usr/local/mysql \ -DDEFAULT_CHARSET=utf8 \ -DDEFAULT_COLLATION=utf8_general_ci \ -DWITH_INNOBASE_STORAGE_ENGINE=1 \ -DWITH_ARCHIVE_STORAGE_ENGINE=1 \ -DWITH_BLACKHOLE_STORAGE_ENGINE=1 \ -DWITH_PERFSCHEMA_STORAGE_ENGINE=1 \ -DMYSQL_DATADIR=/usr/local/mysql/data \ -DWITH_BOOST=boost \ -DWITH_SYSTEMD=1 && make -j4 && make install RUN chown -R mysql:mysql /usr/local/mysql/ ADD my.cnf /etc/my.cnf RUN chown mysql:mysql /etc/my.cnf ENV PATH=/usr/local/mysql/bin:/usr/local/mysql/lib:$PATH WORKDIR /usr/local/mysql/ RUN bin/mysqld \ --initialize-insecure \ --user=mysql \ --basedir=/usr/local/mysql \ --datadir=/usr/local/mysql/data RUN cp /usr/local/mysql/usr/lib/systemd/system/mysqld.service /usr/lib/systemd/system/ EXPOSE 3306 RUN systemctl enable mysqld CMD ["/usr/sbin/init"]
将本人在工作学习中的一些知识记录并分享