1. Introduction
A Dockerfile is a text document used to build custom Docker images. We use the docker build command to build images from the Dockerfile file. Dockerfile is one of the skills you must learn if you are building custom images.
2. Basic structure of Dockerfile
Dockerfile is generally divided into: basic image, image meta information, image operation instructions and container startup execution instructions. # is a comment in Dockerfile.
3. Dockerfile file description
Docker runs the Dockerfile instructions from top to bottom, with each instruction taking step as a step. The file must also be named Dockerfile.
4. Common Dockerfile commands.
Next, I summarize the common Dockerfile directives.
4.1 the FROM instruction
FROM specifies the base image, must be the first command, format:
FROM <image>:<tag>
Tag or digest are optional, and if they are not used, the latest version of the base image is used.
Example: FROM mysql:5.6
4.2 MAINTAINERinstruction
MAINTAINER is used to claim MAINTAINER information. This command is expired. The format of LABEL is recommended.
MAINTAINER <name>
4.3 the LABEL instructions
LABEL: Used to add metadata to an image. It is used to declare the build information, such as the author, organization, and organization. Format:
LABEL <key>=<value> <key>=<value> <key>=<value> ...
Example: LABEL version=”1.0″ description=”felord.cn” by=”Felordcn”
When LABEL is used to specify metadata, one LABEL can specify one or more metadata. When multiple metadata are specified, the metadata are separated by Spaces. It is recommended to specify all metadata through a LABEL directive to avoid generating too many intermediate images.
4.4 ENV command
ENV is used to set environment variables in the following format:
ENV <key> <value>
ENV <key>=<value>
Copy the codeExample: ENV version 1.0.0 or ENV version=1.0.0
Variables can be referenced by ${key} in other instructions, such as ${version}. We can also assign dynamically via -e
in docker run
4.5 ARG instruction
ARG is used to specify variables passed to the build runtime in the format:
ARG <name>[=<default value>]
Assign values dynamically via –build-arg
=
in docker run, without specifying that its default values will be used.
4.6 WORKDIR instruction
The WORKDIR command is used to specify a working directory, similar to the CD command we normally use.
WORKDIR <PATH>
RUN, CMD, ENTRYPOINT, ADD, COPY and other commands in Dockerfile will be executed under this directory. When running the container with Docker Run, you can override the working directory set at build time with the -w argument.
4.7 the ADD instruction
ADD is used to ADD local files to the image. Tar files are automatically decompressed (network compressed resources are not decompressed), and network resources can be accessed. The format is similar to wget.
ADD <src>... <dest>
# used to support paths that contain Spaces
ADD ["<src>"."<dest>"]
Copy the codeExample:
ADD home* /path/ # Support wildcard * ADD all files starting with “home” to /path/
4.8 the COPY instructions
COPY functions like ADD, but does not automatically decompress files or access network resources
4.9 the RUN command
The RUN command is used to RUN the command used during image construction. The command can be executed in either of the following ways:
shellExecution format:
RUN <command>
Example: RUN apk update
execExecution format:
RUN ["executable", "param1", "param2"]
Example: RUN [“/dev/file”, “p1”, “p2”]
Note that the intermediate image created by the RUN directive is cached and will be used in the next build. If you do not want to use a cache image, you can specify the –no-cache parameter at build time, for example: docker build –no-cache
4.10 CMD command
The commands that are executed after CMD builds the container, that is, when the container is started. Format:
Execute the executable file first
CMD ["executable"."param1"."param2"]
If ENTRYPOINT is set, call ENTRYPOINT to add parameters. See CMD
CMD ["param1"."param2"]
Run the shell command
CMD command param1 param2
Copy the codeExample: CMD [“/usr/bin/bash”,”–help”]
CMD is different from RUN, which specifies the commands to be executed when the container is started, and RUN specifies the commands to be executed when the image is built.
4.11 ENTRYPOINT instruction
ENTRYPOINT is used to configure the container and make it executable. With CMD, you can omit application and use only parameters. Format:
Executable file, priority
ENTRYPOINT ["executable"."param1"."param2"]
# shell internal command
ENTRYPOINT command param1 param2
Copy the codeExample:
FROM ubuntu
ENTRYPOINT ["top"."-b"]
CMD ["-c"]
Copy the codeENTRYPOINT is very similar to CMD, except that commands executed through Docker run do not overwrite ENTRYPOINT, and any parameters specified in the Docker run command are passed to ENTRYPOINT again as parameters. Only the last ENTRYPOINT command is active in a Dockerfile, which means that if you specify multiple entryPoints, only the last ENTRYPOINT instruction is executed.
4.12 EXPOSE instruction
EXPOSE Specifies the port for interaction with the outside world in the following format:
EXPOSE [<port>...]
Examples: EXPOSE 8080 443, EXPOSE 80, EXPOSE 11431/ TCP 12551/ UDP
EXPOSE doesn’t directly let the container’s port map to the host. When the host accesses the container ports, it needs to publish those ports with -p when docker Run runs the container, or publish all the EXPOSE exported ports with the -p parameter
4.13 VOLUME orders
VOLUME specifies the persistence directory in the following format:
VOLUME ["<src>",...]
Example: VOLUME [“/data”], VOLUME [“/var/www”, “/var/log/apache2”, “/etc/apache2”]
A volume can exist in one or more containers in a specified directory that bypasses the federated file system and has the following capabilities:
- Volumes can be shared and reused between containers
- Containers do not need to share volumes with other containers
- The modification takes effect immediately
- The volume modification has no impact on the mirror
- The volume persists until no container is using it
Like the EXPOSE directive, VOLUME does not mount to the host, but instead needs to be mapped to the host directory through -v when the container is run through docker Run. See docker volume create for another command
4.14 the USER instructions
USER specifies the USER name or UID to RUN the container, and subsequent runs also use the specified USER. When specifying a USER using USER, you can use a USER name, UID, GID, or a combination of the two. When a service does not require administrator rights, you can use this command to specify a running user. And you can create the required user before, format:
USER user
USER user:group
USER uid:group
USER uid
USER user:gid
USER uid:gid
Copy the codeAfter specifying a USER using USER, the subsequent commands RUN, CMD, and ENTRYPOINT in Dockerfile will use the USER. When you run the container through Docker run, you can override the specified user with the -u argument.
4.15 ONBUILD instruction
The ONBUILD command is triggered when the image being built is used as a base image for other images.
ONBUILD [INSTRUCTION]
Example:
ONBUILD ADD . /application/src
ONBUILD RUN /usr/local/bin/python-build --dir /app/src
Copy the code5. To summarize
Today to build Docker image script Dockerfile basic command for a detailed summary, and to illustrate, I believe you can solve some of the confusion in building the image. Please pay more attention to the wechat official account: Felordcn, there will be more dry goods in the future.
Add: Spring Boot Dockerfile
# 使用 aws 的java jdk 8
FROM amazoncorretto:8
# Meta information about author, etc
LABEL AUTHOR=Felordcn OG=felord.cn
# mount the volume
VOLUME ["/tmp"."/logs"]
# time zone
ENV TZ=Asia/Shanghai
The default configuration file is application.yml
ENV ACTIVE=defualt
# Set the mirror time zone
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
Change to the packaged JAR file name
ADD /target/flyway-spring-boot-1.0.0.jar app.jar
ENTRYPOINT ["java"."-Djava.security.egd=file:/dev/./urandom"."-Dspring.profiles.active=${ACTIVE}"."-jar"."app.jar"]
Copy the codeFollow our public id: Felordcn for more information
Personal blog: https://felord.cn
