docker file简介
Dockerfile 是由一个个的指令组成,是用于表示创建一个镜像文件的过程。
docker file 详解
环境变量env
echo ${NAME:-tom} //没值显示默认值
tom
NAME=test
echo ${NAME:-tom} //有值显示设置的值
test
echo ${NAME:+tom} //只要有值则显示tom
tom
NAME=test
tom
unset NAME
echo ${NAME:+tom} //没值显示空
Dockerfile 指令
FROM命令用法说明
FROM <image>:tag
第一个指令必须是FROM,其指定一个构建镜像的基础源镜像,如果本地没有就会从公共库中拉取,没有指定镜像的标签会使用默认的latest标签,可以出现多次,如果需要在一个Dockerfile中构建多个镜像。
MAINTAINER命令用法说明
MAINTAINER <name> <email>
描述镜像的创建者,名称和邮箱
RUN命令用法说明
RUN "command" "param1" "param2"
RUN命令是一个常用的命令,执行完成之后会成为一个新的镜像,这里也是指镜像的分层构建。一句RUN就是一层,也相当于一个版本。可以通过&符号连接多个RUN语句。RUN后面的必须是双引号不能是单引号(没引号貌似也不要紧),command是不会调用shell的,所以也不会继承相应变量,要查看输入RUN "sh" "-c" "echo" "$HOME",而不是RUN "echo" "$HOME"
CMD命令用法说明
CMD command param1 param2
CMD在Dockerfile中只能出现一次,有多个,只有最后一个会有效。其作用是在启动容器的时候提供一个默认的命令项。如果用户执行docker run的时候提供了命令项,就会覆盖掉这个命令。没提供就会使用构建时的命令
EXPOSE命令用法说明
EXPOSE <port> [<port>...]
Docker服务器容器对外映射的容器端口号,在docker run -p的时候生效
ENV命令用法说明
EVN <key> <value> 只能设置一个
EVN <key>=<value>允许一次设置多
设置容器的环境变量,可以让其后面的RUN命令使用,容器运行的时候这个变量也会保留
ADD命令用法说明
ADD <src> <dest>
复制本机文件或目录或远程文件,添加到指定的容器目录,支持GO的正则模糊匹配。路径是绝对路径,不存在会自动创建。如果源是一个目录,只会复制目录下的内容,目录本身不会复制。ADD命令会将复制的压缩文件夹自动解压,这也是与COPY命令最大的不同
COPY命令用法说明
COPY <src> <dest>
COPY除了不能自动解压,也不能复制网络文件。其它功能和ADD相同
ENTRYPOINT命令用法说明
ENTRYPOINT "command" "param1" "param2"
这个命令和CMD命令一样,唯一的区别是不能被docker run命令的执行命令覆盖,如果要覆盖需要带上选项--entrypoint,如果有多个选项,只有最后一个会生效
VOLUME命令用法说明
VOLUME ["path"]
在主机上创建一个挂载,挂载到容器的指定路径。docker run -v命令也能完成这个操作,而且更强大。这个命令不能指定主机的需要挂载到容器的文件夹路径。但docker run -v可以,而且其还可以挂载数据容器
USER命令用法说明
USER daemon
指定运行容器时的用户名或UID,后续的RUN、CMD、ENTRYPOINT也会使用指定的用户运行命令
WORKDIR命令用法说明
WORKDIR path
为RUN、CMD、ENTRYPOINT指令配置工作目录。可以使用多个WORKDIR指令,后续参数如果是相对路径,则会基于之前的命令指定的路径。如:WORKDIR /home WORKDIR test 。最终的路径就是/home/test。path路径也可以是环境变量,比如有环境变量HOME=/home,WORKDIR $HOME/test也就是/home/test
docker file基于tomcat例子
FROM davidcaste/alpine-tomcat:jdk8tomcat8
MAINTAINER sknife <sknife123@google.com>
#RUN mkdir /webapps
ADD *.war /opt/tomcat/webapps/app.war
CMD ["/opt/tomcat/bin/catalina.sh", "run"]
镜像构建实践
提供文件index.html
<h1>busybox test</h1>
编写Dockerfile
每一条指令都会生成一个镜像层
#Description: test image
FROM busybox:latest
MAINTAINER "sknife <sknife666@gmail.com>"
COPY index.html /data/web/html/
执行构建命令
docker build -h
Usage: docker build [OPTIONS] PATH | URL | -
Build an image from a Dockerfile
Options:
--add-host list Add a custom host-to-IP mapping (host:ip)
--build-arg list Set build-time variables
--cache-from strings Images to consider as cache sources
--cgroup-parent string Optional parent cgroup for the container
--compress Compress the build context using gzip
--cpu-period int Limit the CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit the CPU CFS (Completely Fair Scheduler) quota
-c, --cpu-shares int CPU shares (relative weight)
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
--disable-content-trust Skip image verification (default true)
-f, --file string Name of the Dockerfile (Default is 'PATH/Dockerfile')
--force-rm Always remove intermediate containers
--iidfile string Write the image ID to the file
--isolation string Container isolation technology
--label list Set metadata for an image
-m, --memory bytes Memory limit
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
--network string Set the networking mode for the RUN instructions during build (default "default")
--no-cache Do not use cache when building the image
--pull Always attempt to pull a newer version of the image
-q, --quiet Suppress the build output and print image ID on success
--rm Remove intermediate containers after a successful build (default true)
--security-opt strings Security options
--shm-size bytes Size of /dev/shm
-t, --tag list Name and optionally a tag in the 'name:tag' format
--target string Set the target build stage to build.
--ulimit ulimit Ulimit options (default [])
docker build -t testhttpd:v1 ./
Sending build context to Docker daemon 3.072kB
Step 1/3 : FROM busybox:latest
---> 6d5fcfe5ff17
Step 2/3 : MAINTAINER "sknife <sknife666@gmail.com>"
---> Running in 7cfd8081a9a2
Removing intermediate container 7cfd8081a9a2
---> 01ae95e85baf
Step 3/3 : COPY index.html /data/web/html/
---> 355adbec9342
Successfully built 355adbec9342
Successfully tagged testhttpd:v1
docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
testhttpd v1 355adbec9342 35 seconds ago 1.22MB
docker run --name testhttpd --rm testhttpd:v1 cat /data/web/html/index.html
<h1>busybox test</h1>
使用COPY指令
cp -r /etc/yum.repos.d/ .
vi Dockerfile //在原有文件后加一行
COPY yum.repos.d /etc/yum.repos.d/
docker build -t testhttpd:v2 ./ //重新构建
Sending build context to Docker daemon 13.31kB
Step 1/4 : FROM busybox:latest
---> 6d5fcfe5ff17
Step 2/4 : MAINTAINER "sknife <sknife666@gmail.com>"
---> Using cache
---> 01ae95e85baf
Step 3/4 : COPY index.html /data/web/html/
---> Using cache
---> 355adbec9342
Step 4/4 : COPY yum.repos.d /etc/yum.repos.d/ //新加了一层
---> 77dbb0dcb097
Successfully built 77dbb0dcb097
Successfully tagged testhttpd:v2
docker run --name testhttpd --rm testhttpd:v2 ls /etc/yum.repos.d/
CentOS-Base.repo
CentOS-Epel.repo
docker-ce.repo
epel-testing.repo
epel.repo
对比一下:v1版本镜像无yum.repos.d目录
docker run --name testhttpd --rm testhttpd:v1 ls /etc/
group
hostname
hosts
localtime
mtab
network
passwd
resolv.conf
shadow
将最后一行改一下目录名:不存在的目录将新建目录,并将目录中的文件放入新创建的目录中
COPY yum.repos.d /etc/testyum/
docker build -t testhttpd:v3 ./
docker run --name testhttpd --rm testhttpd:v3 ls /etc/
testyum
将最后一行改成已存在的目录名:将目录中的文件放入已存在的目录中
COPY yum.repos.d /etc/nework/
docker build -t testhttpd:v4 ./
docker run --name testhttpd --rm testhttpd:v4 ls /etc/
group
hostname
hosts
localtime
mtab
network
passwd
resolv.conf
shadow
docker run --name testhttpd --rm testhttpd:v4 ls -al /etc/network
CentOS-Base.repo
CentOS-Epel.repo
docker-ce.repo
epel-testing.repo
epel.repo
if-down.d
if-post-down.d
if-pre-up.d
if-up.d
使用ADD指令
ADD http://nginx.org/download/nginx-1.15.2.tar.gz /usr/local/src
docker build -t testhttpd:v5 ./
Sending build context to Docker daemon 13.31kB
Step 1/5 : FROM busybox:latest
---> 6d5fcfe5ff17
Step 2/5 : MAINTAINER "sknife <sknife666@gmail.com>"
---> Using cache
---> 01ae95e85baf
Step 3/5 : COPY index.html /data/web/html/
---> Using cache
---> 355adbec9342
Step 4/5 : COPY yum.repos.d /etc/yum.repos.d
---> fcf0ad0662ce
Step 5/5 : ADD http://nginx.org/download/nginx-1.15.2.tar.gz /usr/local/src
Downloading [==================================================>] 1.026MB/1.026MB
---> d281e4321278
Successfully built d281e4321278
Successfully tagged testhttpd:v5
docker run --name testhttpd --rm testhttpd:v5 ls -al /usr/local/src
drwxr-xr-x 8 1001 1001 4096 Jul 24 2018 nginx-1.15.2
手工下载nginx压缩包
wget http://nginx.org/download/nginx-1.15.2.tar.gz
vi Dockerfile //改一下最后一行,从本地拷贝
ADD nginx-1.15.2.tar.gz /usr/local/src
docker build -t testhttpd:v6 ./
docker run --name testhttpd --rm testhttpd:v6 ls -al /usr/local/src
使用WORKDIR
vi Dockerfile
WORKDIR /usr/local
ADD nginx-1.15.2.tar.gz ./src
docker build -t testhttpd:v7 ./
docker run --name testhttpd --rm testhttpd:v7 ls -al /usr/local/src
drwxr-xr-x 8 1001 1001 4096 Jul 24 2018 nginx-1.15.2
vi Dockerfile
WORKDIR /usr/local
WORKDIR src
ADD nginx-1.15.2.tar.gz ./
docker build -t testhttpd:v7 ./
Sending build context to Docker daemon 1.04MB
Step 1/7 : FROM busybox:latest
---> 6d5fcfe5ff17
Step 2/7 : MAINTAINER "sknife <sknife666@gmail.com>"
---> Using cache
---> 01ae95e85baf
Step 3/7 : COPY index.html /data/web/html/
---> Using cache
---> 355adbec9342
Step 4/7 : COPY yum.repos.d /etc/yum.repos.d
---> Using cache
---> fcf0ad0662ce
Step 5/7 : WORKDIR /usr/local
---> Using cache
---> d67f61741867
Step 6/7 : WORKDIR src
---> Running in ef90feec6651
Removing intermediate container ef90feec6651
---> 8ae879880c1a
Step 7/7 : ADD nginx-1.15.2.tar.gz ./
---> 73c03474cc0b
Successfully built 73c03474cc0b
Successfully tagged testhttpd:v7
docker run --name testhttpd --rm testhttpd:v7 ls -al /usr/local/src
drwxr-xr-x 8 1001 1001 4096 Jul 24 2018 nginx-1.15.2
docker exec -it testhttpd sh //直接进入容器的话,就是设置的当前工作目录
/usr/local/src # ls
nginx-1.15.2
使用VOLUME指令
VOLUME /data/mysql
docker build -t testhttpd:v8 ./
Sending build context to Docker daemon 1.04MB
Step 1/8 : FROM busybox:latest
---> 6d5fcfe5ff17
Step 2/8 : MAINTAINER "sknife <sknife666@gmail.com>"
---> Using cache
---> 01ae95e85baf
Step 3/8 : COPY index.html /data/web/html/
---> Using cache
---> 355adbec9342
Step 4/8 : COPY yum.repos.d /etc/yum.repos.d
---> Using cache
---> fcf0ad0662ce
Step 5/8 : WORKDIR /usr/local
---> Using cache
---> d67f61741867
Step 6/8 : WORKDIR src
---> Using cache
---> 8ae879880c1a
Step 7/8 : ADD nginx-1.15.2.tar.gz ./
---> Using cache
---> 73c03474cc0b
Step 8/8 : VOLUME /data/mysql
---> Running in 513715511e75
Removing intermediate container 513715511e75
---> 88e4b4860698
Successfully built 88e4b4860698
Successfully tagged testhttpd:v8
docker run --name testhttpd --rm testhttpd:v8 mount
/dev/vda1 on /data/mysql type ext4 (rw,noatime,data=ordered)
[root@VM_0_10_centos docker-file]# docker run --name testhttpd --rm testhttpd:v8 mount
rootfs on / type rootfs (rw)
overlay on / type overlay (rw,relatime,lowerdir=/var/lib/docker/overlay2/l/EWVRZUPD5C7AFBN3KLNP4TYDTB:/var/lib/docker/overlay2/l/XKLV3O2S26Z5XALZAUWBQN5LG6:/var/lib/docker/overlay2/l/6L3Q45LGX5T5QVF7GFC7MWCJ2K:/var/lib/docker/overlay2/l/QNLV4SQZFQSZKBUMNT3RH4EQ2A:/var/lib/docker/overlay2/l/KBG2I3G2X5RKJFB7M7KM7W3T2Q:/var/lib/docker/overlay2/l/ZOE5NVIM2BBPIJOXWGD73U6KDW:/var/lib/docker/overlay2/l/T7FN54GAW364KH4I6WCMED27BT,upperdir=/var/lib/docker/overlay2/08d53cf05e2480d0013fb8b15008960c5be63aadb54365194de04c16e63fe9aa/diff,workdir=/var/lib/docker/overlay2/08d53cf05e2480d0013fb8b15008960c5be63aadb54365194de04c16e63fe9aa/work)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev type tmpfs (rw,nosuid,size=65536k,mode=755)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=666)
sysfs on /sys type sysfs (ro,nosuid,nodev,noexec,relatime)
tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,relatime,mode=755)
cgroup on /sys/fs/cgroup/systemd type cgroup (ro,nosuid,nodev,noexec,relatime,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd)
cgroup on /sys/fs/cgroup/perf_event type cgroup (ro,nosuid,nodev,noexec,relatime,perf_event)
cgroup on /sys/fs/cgroup/freezer type cgroup (ro,nosuid,nodev,noexec,relatime,freezer)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (ro,nosuid,nodev,noexec,relatime,cpuacct,cpu)
cgroup on /sys/fs/cgroup/memory type cgroup (ro,nosuid,nodev,noexec,relatime,memory)
cgroup on /sys/fs/cgroup/pids type cgroup (ro,nosuid,nodev,noexec,relatime,pids)
cgroup on /sys/fs/cgroup/devices type cgroup (ro,nosuid,nodev,noexec,relatime,devices)
cgroup on /sys/fs/cgroup/hugetlb type cgroup (ro,nosuid,nodev,noexec,relatime,hugetlb)
cgroup on /sys/fs/cgroup/cpuset type cgroup (ro,nosuid,nodev,noexec,relatime,cpuset)
cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (ro,nosuid,nodev,noexec,relatime,net_prio,net_cls)
cgroup on /sys/fs/cgroup/blkio type cgroup (ro,nosuid,nodev,noexec,relatime,blkio)
mqueue on /dev/mqueue type mqueue (rw,nosuid,nodev,noexec,relatime)
shm on /dev/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=65536k)
/dev/vda1 on /data/mysql type ext4 (rw,noatime,data=ordered)
/dev/vda1 on /etc/resolv.conf type ext4 (rw,noatime,data=ordered)
/dev/vda1 on /etc/hostname type ext4 (rw,noatime,data=ordered)
/dev/vda1 on /etc/hosts type ext4 (rw,noatime,data=ordered)
proc on /proc/bus type proc (ro,relatime)
proc on /proc/fs type proc (ro,relatime)
proc on /proc/irq type proc (ro,relatime)
proc on /proc/sys type proc (ro,relatime)
proc on /proc/sysrq-trigger type proc (ro,relatime)
tmpfs on /proc/acpi type tmpfs (ro,relatime)
tmpfs on /proc/kcore type tmpfs (rw,nosuid,size=65536k,mode=755)
tmpfs on /proc/keys type tmpfs (rw,nosuid,size=65536k,mode=755)
tmpfs on /proc/timer_list type tmpfs (rw,nosuid,size=65536k,mode=755)
tmpfs on /proc/timer_stats type tmpfs (rw,nosuid,size=65536k,mode=755)
tmpfs on /proc/sched_debug type tmpfs (rw,nosuid,size=65536k,mode=755)
tmpfs on /proc/scsi type tmpfs (ro,relatime)
tmpfs on /sys/firmware type tmpfs (ro,relatime)
可以直接使用grep mysql过滤出来
docker run --name testhttpd --rm testhttpd:v8 mount|grep mysql
/dev/vda1 on /data/mysql type ext4 (rw,noatime,data=ordered)
docker run --name testhttpd --rm testhttpd:v8 sleep 3600
docker inspect testhttpd
"Mounts": [
{
"Type": "volume",
"Name": "0faa2c9f49db5e15eb96878c9f60d7ce50c5f4ce8f5a668993dee9297ff7d939",
"Source": "/var/lib/docker/volumes/0faa2c9f49db5e15eb96878c9f60d7ce50c5f4ce8f5a668993dee9297ff7d939/_data",
"Destination": "/data/mysql",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": ""
}
],
使用EXPOSE指令
动态绑定宿主机的端口
EXPOSE 80/tcp
docker build -t testhttpd:v9 ./
Sending build context to Docker daemon 1.04MB
Step 1/9 : FROM busybox:latest
---> 6d5fcfe5ff17
Step 2/9 : MAINTAINER "sknife <sknife666@gmail.com>"
---> Using cache
---> 01ae95e85baf
Step 3/9 : COPY index.html /data/web/html/
---> Using cache
---> 355adbec9342
Step 4/9 : COPY yum.repos.d /etc/yum.repos.d
---> Using cache
---> fcf0ad0662ce
Step 5/9 : WORKDIR /usr/local
---> Using cache
---> d67f61741867
Step 6/9 : WORKDIR src
---> Using cache
---> 8ae879880c1a
Step 7/9 : ADD nginx-1.15.2.tar.gz ./
---> Using cache
---> 73c03474cc0b
Step 8/9 : VOLUME /data/mysql
---> Using cache
---> 88e4b4860698
Step 9/9 : EXPOSE 80/tcp
---> Running in 602273e7a272
Removing intermediate container 602273e7a272
---> 8059c8690a95
Successfully built 8059c8690a95
Successfully tagged testhttpd:v9
docker run --name testhttpd --rm testhttpd:v9 /bin/httpd -f -h /data/web/html
curl 172.18.0.2
<h1>busybox test</h1>
docker port testhttpd //没有暴露端口
加-P暴露任何端口
docker run --name testhttpd --rm -P testhttpd:v9 /bin/httpd -f -h /data/web/html
docker port testhttpd
80/tcp -> 0.0.0.0:32768
curl localhost:32768
<h1>busybox test</h1>
使用ENV指令
vi Dockerfile //只配置一个ENV,用空格分隔
ENV DOC_ROOT /data/web/html/
COPY index.html $DOC_ROOT
docker build -t testhttpd:v10 ./
Sending build context to Docker daemon 1.04MB
Step 1/10 : FROM busybox:latest
---> 6d5fcfe5ff17
Step 2/10 : MAINTAINER "sknife <sknife666@gmail.com>"
---> Using cache
---> 01ae95e85baf
Step 3/10 : ENV DOC_ROOT /data/web/html/
---> Running in 1827e66be015
Removing intermediate container 1827e66be015
---> 2153578b27c9
Step 4/10 : COPY index.html ${DOC_ROOT:-/data/web/html/}
---> 400df82a8a20
Step 5/10 : COPY yum.repos.d /etc/yum.repos.d
---> 117c6b72904f
Step 6/10 : WORKDIR /usr/local
---> Running in 0995fa6e6614
Removing intermediate container 0995fa6e6614
---> 9233ae06b56d
Step 7/10 : WORKDIR src
---> Running in 4c6eb91114d2
Removing intermediate container 4c6eb91114d2
---> 5723299ea4f1
Step 8/10 : ADD nginx-1.15.2.tar.gz ./
---> da05e6a56d41
Step 9/10 : VOLUME /data/mysql
---> Running in 2e1560259713
Removing intermediate container 2e1560259713
---> a77d85552a35
Step 10/10 : EXPOSE 80/tcp
---> Running in 0dc390381a32
Removing intermediate container 0dc390381a32
---> d83da711f924
Successfully built d83da711f924
Successfully tagged testhttpd:v10
vi Dockerfile // //配置多个ENV,用=分隔;多行用\分隔
ENV DOC_ROOT=/data/web/html/ \
DOC_SERVER="nginx-1.15.2.tar.gz" \
DOC_DB=/data/mysql
COPY index.html ${DOC_ROOT:-/data/web/html/}
ADD $DOC_SERVER ./
VOLUME $DOC_DB
docker build -t testhttpd:v10 ./
Sending build context to Docker daemon 1.04MB
Step 1/10 : FROM busybox:latest
---> 6d5fcfe5ff17
Step 2/10 : MAINTAINER "sknife <sknife666@gmail.com>"
---> Using cache
---> 01ae95e85baf
Step 3/10 : ENV DOC_ROOT=/data/web/html/ DOC_SERVER="nginx-1.15.2.tar.gz" DOC_DB=/data/mysql
---> Running in 217f5ebeb2ea
Removing intermediate container 217f5ebeb2ea
---> 1b8bd42dc527
Step 4/10 : COPY index.html ${DOC_ROOT:-/data/web/html/}
---> cf9999541535
Step 5/10 : COPY yum.repos.d /etc/yum.repos.d
---> 996e589f1b9c
Step 6/10 : WORKDIR /usr/local
---> Running in 2655b2f31921
Removing intermediate container 2655b2f31921
---> fd6b2bf3e69b
Step 7/10 : WORKDIR src
---> Running in 08105fa7812a
Removing intermediate container 08105fa7812a
---> 56061794d6ac
Step 8/10 : ADD $DOC_SERVER ./
---> d6118eff4822
Step 9/10 : VOLUME $DOC_DB
---> Running in fca10268efff
Removing intermediate container fca10268efff
---> 9d3fba25bb6f
Step 10/10 : EXPOSE 80/tcp
---> Running in 177b68d5ebef
Removing intermediate container 177b68d5ebef
---> 692fd83869b6
Successfully built 692fd83869b6
Successfully tagged testhttpd:v10
docker run --name testhttpd --rm -P testhttpd:v10 ls /usr/local/src
nginx-1.15.2
docker run --name testhttpd --rm -P testhttpd:v10 ls /data/web/html
index.html
docker run --name testhttpd --rm -P testhttpd:v10 printenv
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
HOSTNAME=8e8058a20817
DOC_ROOT=/data/web/html/
DOC_SERVER=nginx-1.15.2.tar.gz
DOC_DB=/data/mysql
HOME=/root
docker run 参数设置
docker run --help
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Run a command in a new container
Options:
--add-host list Add a custom host-to-IP mapping (host:ip)
-a, --attach list Attach to STDIN, STDOUT or STDERR
--blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0)
--blkio-weight-device list Block IO weight (relative device weight) (default [])
--cap-add list Add Linux capabilities
--cap-drop list Drop Linux capabilities
--cgroup-parent string Optional parent cgroup for the container
--cidfile string Write the container ID to the file
--cpu-period int Limit CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
--cpu-rt-period int Limit CPU real-time period in microseconds
--cpu-rt-runtime int Limit CPU real-time runtime in microseconds
-c, --cpu-shares int CPU shares (relative weight)
--cpus decimal Number of CPUs
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
-d, --detach Run container in background and print container ID
--detach-keys string Override the key sequence for detaching a container
--device list Add a host device to the container
--device-cgroup-rule list Add a rule to the cgroup allowed devices list
--device-read-bps list Limit read rate (bytes per second) from a device (default [])
--device-read-iops list Limit read rate (IO per second) from a device (default [])
--device-write-bps list Limit write rate (bytes per second) to a device (default [])
--device-write-iops list Limit write rate (IO per second) to a device (default [])
--disable-content-trust Skip image verification (default true)
--dns list Set custom DNS servers
--dns-option list Set DNS options
--dns-search list Set custom DNS search domains
--domainname string Container NIS domain name
--entrypoint string Overwrite the default ENTRYPOINT of the image
-e, --env list Set environment variables
--env-file list Read in a file of environment variables
--expose list Expose a port or a range of ports
--gpus gpu-request GPU devices to add to the container ('all' to pass all GPUs)
--group-add list Add additional groups to join
--health-cmd string Command to run to check health
--health-interval duration Time between running the check (ms|s|m|h) (default 0s)
--health-retries int Consecutive failures needed to report unhealthy
--health-start-period duration Start period for the container to initialize before starting health-retries countdown
(ms|s|m|h) (default 0s)
--health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s)
--help Print usage
-h, --hostname string Container host name
--init Run an init inside the container that forwards signals and reaps processes
-i, --interactive Keep STDIN open even if not attached
--ip string IPv4 address (e.g., 172.30.100.104)
--ip6 string IPv6 address (e.g., 2001:db8::33)
--ipc string IPC mode to use
--isolation string Container isolation technology
--kernel-memory bytes Kernel memory limit
-l, --label list Set meta data on a container
--label-file list Read in a line delimited file of labels
--link list Add link to another container
--link-local-ip list Container IPv4/IPv6 link-local addresses
--log-driver string Logging driver for the container
--log-opt list Log driver options
--mac-address string Container MAC address (e.g., 92:d0:c6:0a:29:33)
-m, --memory bytes Memory limit
--memory-reservation bytes Memory soft limit
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
--memory-swappiness int Tune container memory swappiness (0 to 100) (default -1)
--mount mount Attach a filesystem mount to the container
--name string Assign a name to the container
--network network Connect a container to a network
--network-alias list Add network-scoped alias for the container
--no-healthcheck Disable any container-specified HEALTHCHECK
--oom-kill-disable Disable OOM Killer
--oom-score-adj int Tune host's OOM preferences (-1000 to 1000)
--pid string PID namespace to use
--pids-limit int Tune container pids limit (set -1 for unlimited)
--privileged Give extended privileges to this container
-p, --publish list Publish a container's port(s) to the host
-P, --publish-all Publish all exposed ports to random ports
--read-only Mount the container's root filesystem as read only
--restart string Restart policy to apply when a container exits (default "no")
--rm Automatically remove the container when it exits
--runtime string Runtime to use for this container
--security-opt list Security Options
--shm-size bytes Size of /dev/shm
--sig-proxy Proxy received signals to the process (default true)
--stop-signal string Signal to stop a container (default "SIGTERM")
--stop-timeout int Timeout (in seconds) to stop a container
--storage-opt list Storage driver options for the container
--sysctl map Sysctl options (default map[])
--tmpfs list Mount a tmpfs directory
-t, --tty Allocate a pseudo-TTY
--ulimit ulimit Ulimit options (default [])
-u, --user string Username or UID (format: <name|uid>[:<group|gid>])
--userns string User namespace to use
--uts string UTS namespace to use
-v, --volume list Bind mount a volume
--volume-driver string Optional volume driver for the container
--volumes-from list Mount volumes from the specified container(s)
-w, --workdir string Working directory inside the container
docker run --name testhttpd --rm -P -e DOC_SERVER="tomcat" testhttpd:v10 printenv
DOC_SERVER=tomcat
使用RUN指令
vi Dockerfile
#Description: test image
FROM busybox:latest
MAINTAINER "sknife <sknife666@gmail.com>"
ENV DOC_ROOT=/data/web/html/ \
DOC_SERVER="nginx-1.15.2.tar.gz" \
DOC_DB=/data/mysql
COPY index.html ${DOC_ROOT:-/data/web/html/}
COPY yum.repos.d /etc/yum.repos.d
ADD http://nginx.org/download/${DOC_SERVER} /usr/local/src/
WORKDIR /usr/local/
#WORKDIR src
#ADD $DOC_SERVER ./
VOLUME $DOC_DB
EXPOSE 80/tcp
RUN cd /usr/local/src && \
tar xf ${DOC_SERVER}
docker build -t testhttpd:v11 ./
Sending build context to Docker daemon 1.04MB
Step 1/10 : FROM busybox:latest
---> 6d5fcfe5ff17
Step 2/10 : MAINTAINER "sknife <sknife666@gmail.com>"
---> Using cache
---> 01ae95e85baf
Step 3/10 : ENV DOC_ROOT=/data/web/html/ DOC_SERVER="nginx-1.15.2.tar.gz" DOC_DB=/data/mysql
---> Using cache
---> 1b8bd42dc527
Step 4/10 : COPY index.html ${DOC_ROOT:-/data/web/html/}
---> Using cache
---> cf9999541535
Step 5/10 : COPY yum.repos.d /etc/yum.repos.d
---> Using cache
---> 996e589f1b9c
Step 6/10 : ADD http://nginx.org/download/${DOC_SERVER} /usr/local/src/
Downloading [==================================================>] 1.026MB/1.026MB
---> Using cache
---> 530ac4541918
Step 7/10 : WORKDIR /usr/local/
---> Using cache
---> bfae03feb06d
Step 8/10 : VOLUME $DOC_DB
---> Using cache
---> b9805a6eadb0
Step 9/10 : EXPOSE 80/tcp
---> Using cache
---> 6b9045e83464
Step 10/10 : RUN cd /usr/local/src && tar xf ${DOC_SERVER}
---> Running in 350c175de9ac
Removing intermediate container 350c175de9ac
---> b21080b9b20b
Successfully built b21080b9b20b
Successfully tagged testhttpd:v11
docker run --name testhttpd --rm -P -e DOC_SERVER="tomcat" -it testhttpd:v11 ls /usr/local/src
nginx-1.15.2 nginx-1.15.2.tar.gz
vi Dockerfile
RUN cd /usr/local/src && \
tar xf ${DOC_SERVER} && \
mv nginx-1.15.2 webserver
docker build -t testhttpd:v12 ./
docker run --name testhttpd --rm -P -e DOC_SERVER="webserver" -it testhttpd:v12 ls /usr/local/src
nginx-1.15.2.tar.gz webserver
使用CMD指令
vi Dockerfile
#Description: test image
FROM busybox:latest
MAINTAINER "sknife <sknife666@gmail.com>"
ENV DOC_ROOT=/data/web/html/
RUN mkdir -p $DOC_ROOT && \
echo '<h1>busybox test</h1>' > $DOC_ROOT/index.html
CMD /bin/httpd -f -h ${DOC_ROOT}
docker build -t testhttpd:v12 ./
docker image inspect testhttpd:v12
"Cmd": [
"/bin/sh",
"-c",
"#(nop) ",
"CMD [\"/bin/sh\" \"-c\" \"/bin/httpd -f -h ${DOC_ROOT}\"]"
],
docker run --name testhttpd --rm -P -it testhttpd:v12
docker exec -it testhttpd sh
/ # ps
PID USER TIME COMMAND
1 root 0:00 /bin/httpd -f -h /data/web/html/
11 root 0:00 sh
16 root 0:00 ps
vi Dockerfile
#CMD /bin/httpd -f -h ${DOC_ROOT}
CMD ["/bin/httpd", "-f", "-h ${DOC_ROOT}"]
docker build -t testhttpd:v13 ./
docker image inspect testhttpd:v13
"Cmd": [
"/bin/sh",
"-c",
"{\"/bin/httpd\", \"-f\", \"-h ${DOC_ROOT}\"}"
],
docker run --name testhttpd --rm -P -it testhttpd:v13
/bin/sh: {/bin/httpd,: not found
vi Dockerfile
#CMD /bin/httpd -f -h ${DOC_ROOT}
CMD ["/bin/sh", "-c", "/bin/httpd", "-f", "-h ${DOC_ROOT}"]
docker build -t testhttpd:v13 ./
docker run --name testhttpd --rm -P -it testhttpd:v13