容器技術之Dockerfile(二)

時間  2020-06-04
標籤 容器 技術 dockerfile 欄目 Docker 简体版
原文   原文鏈接

  前文咱們聊到了什麼是dockerfile,它的主要做用以及dockerfile的一些基本指令的使用方法,回顧請參考http://www.javashuo.com/article/p-yvxccwap-cg.html;今天咱們在來聊一聊dockerfile餘下指令的用法和做用;html

  一、RUN:該指令用於docker build 過程當中運行的程序,能夠是任何命令;語法格式RUN <command> 或RUN ["<executable>", "<param1>", "<param2>"];第一種格式中,<command>一般是一個shell命令,且以「/bin/sh -c」來運行它,這意味着此進程在容器中的PID不爲1,不能接收Unix信號,所以,當使用docker stop <container>命令中止容器時,此進程接收不到SIGTERM信號; 第二種語法格式中的參數是一個JSON格式的數組,其中<executable>爲要運行的命令,後面的<paramN>爲傳遞給命令的選項或參數;然而,此種格式指定的命令不會以「/bin/sh -c」來發起,所以常見的shell操做如變量替換以及通配符(?,*等)替換將不會進行;不過,若是要運行的命令依賴於此shell特性的話,能夠將其替換爲 RUN ["/bin/sh", "-c", "<executable>", "<param1>"]這樣的格式;注意:json數組中,要使用雙引號;node

  示例:linux

[root@node1 test]# cat Dockerfile 
FROM centos:7 

MAINTAINER "qiuhom <qiuhom@linux-1874.com>"

LABEL version="1.0"

LABEL description="this is test file \ that label-values can span multiple lines."

ARG web_home

COPY html ${web_home:-"/data/htdoc/"}

VOLUME ${web_home:-"/data/htdoc/"}

EXPOSE 80/tcp 443/tcp

RUN mkdir -p /aaa/bbb/t{1..4}



[root@node1 test]#

  提示:以上Dockerfile中,用RUN指令運行了mkdir命令,這種運行命令的方式在就能夠利用shell的特性,如上大括號展開功能;nginx

  驗證:build 該dockerfile後,運行該鏡像爲容器,看看容器內部是否建立了/aaa/bbb/t1 t2 t3 t4?web

[root@node1 test]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
busybox             latest              1c35c4412082        16 hours ago        1.22MB
centos              7                   b5b4d78bc90c        4 weeks ago         203MB
[root@node1 test]# docker build . -t myimg:v1
Sending build context to Docker daemon   1.05MB
Step 1/9 : FROM centos:7
 ---> b5b4d78bc90c
Step 2/9 : MAINTAINER "qiuhom <qiuhom@linux-1874.com>"
 ---> Running in 64c792ce6750
Removing intermediate container 64c792ce6750
 ---> 604899ef29f9
Step 3/9 : LABEL version="1.0"
 ---> Running in 6a3f9b4a9058
Removing intermediate container 6a3f9b4a9058
 ---> d9edea71fa22
Step 4/9 : LABEL description="this is test file \ that label-values can span multiple lines."
 ---> Running in b191ab5e19f9
Removing intermediate container b191ab5e19f9
 ---> ee027bbdc04b
Step 5/9 : ARG web_home
 ---> Running in a4c86febf616
Removing intermediate container a4c86febf616
 ---> 5b25bb7421dd
Step 6/9 : COPY html ${web_home:-"/data/htdoc/"}
 ---> 7c7a667149fa
Step 7/9 : VOLUME ${web_home:-"/data/htdoc/"}
 ---> Running in f9ec02d8f736
Removing intermediate container f9ec02d8f736
 ---> 86c7226f6b21
Step 8/9 : EXPOSE 80/tcp 443/tcp
 ---> Running in ad82d389ac25
Removing intermediate container ad82d389ac25
 ---> 28dadea40aff
Step 9/9 : RUN mkdir -p /aaa/bbb/t{1..4}
 ---> Running in 1013a212d3f2
Removing intermediate container 1013a212d3f2
 ---> 7f109a34a4a5
Successfully built 7f109a34a4a5
Successfully tagged myimg:v1
[root@node1 test]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
myimg               v1                  7f109a34a4a5        4 seconds ago       203MB
busybox             latest              1c35c4412082        16 hours ago        1.22MB
centos              7                   b5b4d78bc90c        4 weeks ago         203MB
[root@node1 test]# docker run --name test --rm -it myimg:v1 /bin/bash
[root@fc89ca934ed5 /]# ls /
aaa                bin   dev  home  lib64  mnt  proc  run   srv  tmp  var
anaconda-post.log  data  etc  lib   media  opt  root  sbin  sys  usr
[root@fc89ca934ed5 /]# ls /aaa/
bbb
[root@fc89ca934ed5 /]# ls /aaa/bbb/
t1  t2  t3  t4
[root@fc89ca934ed5 /]# exit
exit
[root@node1 test]#

  提示:底層基礎鏡像的shell若是不支持大括號展開,那麼咱們基於這種鏡像作出來的鏡像運行以上命令也就不支持shell的大括號展開功能;docker

  示例:shell

[root@node1 test]# cat Dockerfile
FROM centos:7

MAINTAINER "qiuhom <qiuhom@linux-1874.com>"

LABEL version="1.0"

LABEL description="this is test file \ that label-values can span multiple lines."

ARG web_home

COPY html ${web_home:-"/data/htdoc/"}

VOLUME ${web_home:-"/data/htdoc/"}

EXPOSE 80/tcp 443/tcp

RUN mkdir -p /aaa/bbb/t{1..4}

RUN ["mkdir","-p","/ccc/ddd/f{1..4}"]

[root@node1 test]#

  提示:以json數組格式的方式去運行命令,它默認是不支持shell的任何特性,這意味着運行該命令時,不是基於shell子進程的方式在執行命令,一般是內核直接執行了;因此上面的命令它會把大括號處理成字符,而不會展開;apache

  驗證:build成鏡像運行成容器,看看是否把大括號處理成字符了?json

[root@node1 test]# docker build . -t myimg:v1.1
Sending build context to Docker daemon   1.05MB
Step 1/10 : FROM centos:7
 ---> b5b4d78bc90c
Step 2/10 : MAINTAINER "qiuhom <qiuhom@linux-1874.com>"
 ---> Using cache
 ---> 604899ef29f9
Step 3/10 : LABEL version="1.0"
 ---> Using cache
 ---> d9edea71fa22
Step 4/10 : LABEL description="this is test file \ that label-values can span multiple lines."
 ---> Using cache
 ---> ee027bbdc04b
Step 5/10 : ARG web_home
 ---> Using cache
 ---> 5b25bb7421dd
Step 6/10 : COPY html ${web_home:-"/data/htdoc/"}
 ---> Using cache
 ---> 7c7a667149fa
Step 7/10 : VOLUME ${web_home:-"/data/htdoc/"}
 ---> Using cache
 ---> 86c7226f6b21
Step 8/10 : EXPOSE 80/tcp 443/tcp
 ---> Using cache
 ---> 28dadea40aff
Step 9/10 : RUN mkdir -p /aaa/bbb/t{1..4}
 ---> Using cache
 ---> 7f109a34a4a5
Step 10/10 : RUN ["mkdir","-p","/ccc/ddd/f{1..4}"]
 ---> Running in 9da1e6bab59f
Removing intermediate container 9da1e6bab59f
 ---> ae463ec8cbd9
Successfully built ae463ec8cbd9
Successfully tagged myimg:v1.1
[root@node1 test]# docker run --name test --rm -it myimg:v1.1 /bin/bash
[root@02ec6e404100 /]# ls /
aaa                bin  data  etc   lib    media  opt   root  sbin  sys  usr
anaconda-post.log  ccc  dev   home  lib64  mnt    proc  run   srv   tmp  var
[root@02ec6e404100 /]# ls /ccc/ddd/
f{1..4}
[root@02ec6e404100 /]#

  提示:能夠看到在/ccc/ddd/目錄下並無把大括號展開,而是直接把它當成了字符處理了;若是咱們想要用json數組這種方式運行命令,又想讓使用shell特性,咱們可使用"/bin/sh -c"來明確聲明後面的命令用shell子進程的方式運行;以下所示centos

[root@node1 test]# cat Dockerfile
FROM centos:7

MAINTAINER "qiuhom <qiuhom@linux-1874.com>"

LABEL version="1.0"

LABEL description="this is test file \ that label-values can span multiple lines."

ARG web_home

COPY html ${web_home:-"/data/htdoc/"}

VOLUME ${web_home:-"/data/htdoc/"}

EXPOSE 80/tcp 443/tcp

RUN mkdir -p /aaa/bbb/t{1..4}

RUN ["/bin/bash","-c","mkdir -p /ccc/ddd/f{1..4}"]

[root@node1 test]#

  提示:以上運行命令的方式就明確聲明使用shell子進程的方式運行命令;這裏須要注意一點的是,若是使用json數組的方式運行命令,後面真正執行的命令要一個總體看成參數傳給"/bin/bash"

  驗證:看看是否會把大括號展開?

[root@node1 test]# docker build . -t myimg:v1.2
Sending build context to Docker daemon   1.05MB
Step 1/10 : FROM centos:7
 ---> b5b4d78bc90c
Step 2/10 : MAINTAINER "qiuhom <qiuhom@linux-1874.com>"
 ---> Using cache
 ---> 604899ef29f9
Step 3/10 : LABEL version="1.0"
 ---> Using cache
 ---> d9edea71fa22
Step 4/10 : LABEL description="this is test file \ that label-values can span multiple lines."
 ---> Using cache
 ---> ee027bbdc04b
Step 5/10 : ARG web_home
 ---> Using cache
 ---> 5b25bb7421dd
Step 6/10 : COPY html ${web_home:-"/data/htdoc/"}
 ---> Using cache
 ---> 7c7a667149fa
Step 7/10 : VOLUME ${web_home:-"/data/htdoc/"}
 ---> Using cache
 ---> 86c7226f6b21
Step 8/10 : EXPOSE 80/tcp 443/tcp
 ---> Using cache
 ---> 28dadea40aff
Step 9/10 : RUN mkdir -p /aaa/bbb/t{1..4}
 ---> Using cache
 ---> 7f109a34a4a5
Step 10/10 : RUN ["/bin/bash","-c","mkdir -p /ccc/ddd/f{1..4}"]
 ---> Running in a5785a139e1f
Removing intermediate container a5785a139e1f
 ---> 30a5f5594104
Successfully built 30a5f5594104
Successfully tagged myimg:v1.2
[root@node1 test]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
myimg               v1.2                30a5f5594104        5 seconds ago       203MB
myimg               v1.1                ae463ec8cbd9        9 minutes ago       203MB
myimg               v1                  7f109a34a4a5        21 minutes ago      203MB
busybox             latest              1c35c4412082        16 hours ago        1.22MB
centos              7                   b5b4d78bc90c        4 weeks ago         203MB
[root@node1 test]# docker run --name test --rm -it myimg:v1.2 /bin/bash
[root@549f875aa4de /]# ls /
aaa                bin  data  etc   lib    media  opt   root  sbin  sys  usr
anaconda-post.log  ccc  dev   home  lib64  mnt    proc  run   srv   tmp  var
[root@549f875aa4de /]# ls /ccc/ddd/
f1  f2  f3  f4
[root@549f875aa4de /]#

  提示:能夠看到用"/bin/bash -c" 是能夠明確聲明後面的命令用shell子進程的方式運行,這樣一來就能夠在後面的命令使用shell特性的語法;

  二、CMD:該指令相似於RUN指令,CMD指令也可用於運行任何命令或應用程序,不過,兩者的運行時間點不一樣; RUN指令運行於映像文件構建過程當中,而CMD指令運行於基於Dockerfile構建出的新映像文件啓動一個容器時; CMD指令的首要目的在於爲啓動的容器指定默認要運行的程序,且其運行結束後,容器也將終止;不過,CMD指定的命令其能夠被docker run的命令行選項所覆蓋;在Dockerfile中能夠存在多個CMD指令,但僅最後一個會生效;語法格式 CMD <command> 或 CMD [「<executable>」, 「<param1>」, 「<param2>」] 或 CMD ["<param1>","<param2>"];前兩種語法格式的意義同RUN,第三種則用於爲ENTRYPOINT指令提供默認參數;

  示例:

[root@node1 test]# cat Dockerfile
FROM busybox:latest

MAINTAINER "qiuhom <qiuhom@linux-1874.com>"

LABEL version="1.0"

LABEL description="this is test file \ that label-values can span multiple lines."

ARG web_home

COPY html ${web_home:-"/data/htdoc/"}

VOLUME ${web_home:-"/data/htdoc/"}

EXPOSE 80/tcp 443/tcp

CMD httpd -f -h /data/htdoc/
[root@node1 test]#

  提示:docker容器內部運行的程序必須運行爲前臺;CMD是指定容器運行時要運行的命令;一般該命令或程序是之前臺方式運行;若是不是前臺運行,咱們的容器就會存在一啓動就退出的狀況;以上命令就表示前臺運行httpd程序 並指定httpd 的工做目錄爲${web_home}變量所指定的目錄;

  驗證:build後看看啓動爲容器是否提供80訪問服務?

[root@node1 test]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
myimg               v1.2                30a5f5594104        23 minutes ago      203MB
myimg               v1.1                ae463ec8cbd9        32 minutes ago      203MB
myimg               v1                  7f109a34a4a5        44 minutes ago      203MB
busybox             latest              1c35c4412082        16 hours ago        1.22MB
centos              7                   b5b4d78bc90c        4 weeks ago         203MB
[root@node1 test]# docker build . -t myimg:v1.3
Sending build context to Docker daemon   1.05MB
Step 1/9 : FROM busybox:latest
 ---> 1c35c4412082
Step 2/9 : MAINTAINER "qiuhom <qiuhom@linux-1874.com>"
 ---> Running in deb5e54eef87
Removing intermediate container deb5e54eef87
 ---> baf170e0c586
Step 3/9 : LABEL version="1.0"
 ---> Running in 433669185e0d
Removing intermediate container 433669185e0d
 ---> d96fb4ae3d58
Step 4/9 : LABEL description="this is test file \ that label-values can span multiple lines."
 ---> Running in b5da74e27c69
Removing intermediate container b5da74e27c69
 ---> 62372d19daf3
Step 5/9 : ARG web_home
 ---> Running in 3f65a67bb15a
Removing intermediate container 3f65a67bb15a
 ---> 1ce797c7cde0
Step 6/9 : COPY html ${web_home:-"/data/htdoc/"}
 ---> 15848dea21b9
Step 7/9 : VOLUME ${web_home:-"/data/htdoc/"}
 ---> Running in 868f4c10e00f
Removing intermediate container 868f4c10e00f
 ---> f3ec40d1cb5e
Step 8/9 : EXPOSE 80/tcp 443/tcp
 ---> Running in 7f72c2612e92
Removing intermediate container 7f72c2612e92
 ---> 5ccfc6d604cc
Step 9/9 : CMD httpd -f -h /data/htdoc/
 ---> Running in 95a4fd578821
Removing intermediate container 95a4fd578821
 ---> 2e296b4f4500
Successfully built 2e296b4f4500
Successfully tagged myimg:v1.3
[root@node1 test]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
myimg               v1.3                2e296b4f4500        3 seconds ago       1.22MB
myimg               v1.2                30a5f5594104        23 minutes ago      203MB
myimg               v1.1                ae463ec8cbd9        33 minutes ago      203MB
myimg               v1                  7f109a34a4a5        44 minutes ago      203MB
busybox             latest              1c35c4412082        16 hours ago        1.22MB
centos              7                   b5b4d78bc90c        4 weeks ago         203MB
[root@node1 test]# docker run --name b1 -d myimg:v1.3
c3514f782cffd8140aa7c612293029f4d0302e8d697887dfc2696eea44a31700
[root@node1 test]# docker ps 
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS               NAMES
c3514f782cff        myimg:v1.3          "/bin/sh -c 'httpd -…"   4 seconds ago       Up 3 seconds        80/tcp, 443/tcp     b1
[root@node1 test]# curl http://172.17.0.2/test1.html
this is test1 html
[root@node1 test]#

  提示:能夠看到httpd是能夠正常提供服務的;從上面的信息咱們也能夠了解到運行容器後,它默認是把咱們寫的命令看成shell子命令的方式在運行;

  示例:以json數組方式運行命令

[root@node1 test]# cat Dockerfile 
FROM busybox:latest

MAINTAINER "qiuhom <qiuhom@linux-1874.com>"

LABEL version="1.0"

LABEL description="this is test file \ that label-values can span multiple lines."

ARG web_home

COPY html ${web_home:-"/data/htdoc/"}

VOLUME ${web_home:-"/data/htdoc/"}

EXPOSE 80/tcp 443/tcp

CMD ["httpd","-f","-h","/data/htdoc/"]

[root@node1 test]#

  提示:用json數組格式運行命令,須要把後面的每一個選項看成參數傳給httpd;

  驗證:運行容器看看容器是否退出,是否可以正常提供httpd服務?

[root@node1 test]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
myimg               v1.3                2e296b4f4500        24 minutes ago      1.22MB
myimg               v1.2                30a5f5594104        47 minutes ago      203MB
myimg               v1.1                ae463ec8cbd9        57 minutes ago      203MB
myimg               v1                  7f109a34a4a5        About an hour ago   203MB
busybox             latest              1c35c4412082        17 hours ago        1.22MB
centos              7                   b5b4d78bc90c        4 weeks ago         203MB
[root@node1 test]# docker build . -t myimg:v1.4
Sending build context to Docker daemon   1.05MB
Step 1/9 : FROM busybox:latest
 ---> 1c35c4412082
Step 2/9 : MAINTAINER "qiuhom <qiuhom@linux-1874.com>"
 ---> Using cache
 ---> baf170e0c586
Step 3/9 : LABEL version="1.0"
 ---> Using cache
 ---> d96fb4ae3d58
Step 4/9 : LABEL description="this is test file \ that label-values can span multiple lines."
 ---> Using cache
 ---> 62372d19daf3
Step 5/9 : ARG web_home
 ---> Using cache
 ---> 1ce797c7cde0
Step 6/9 : COPY html ${web_home:-"/data/htdoc/"}
 ---> Using cache
 ---> 15848dea21b9
Step 7/9 : VOLUME ${web_home:-"/data/htdoc/"}
 ---> Using cache
 ---> f3ec40d1cb5e
Step 8/9 : EXPOSE 80/tcp 443/tcp
 ---> Using cache
 ---> 5ccfc6d604cc
Step 9/9 : CMD ["httpd","-f","-h","/data/htdoc/"]
 ---> Running in 5bebdabfe2b7
Removing intermediate container 5bebdabfe2b7
 ---> 58e3b4c40ae7
Successfully built 58e3b4c40ae7
Successfully tagged myimg:v1.4
[root@node1 test]# docker run --name b1 -d myimg:v1.4
a32a05033a6dcb735363906bfcd2b84cfb290ca1b60c17d3ac2f81cdeceee705
[root@node1 test]# docker ps 
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS               NAMES
a32a05033a6d        myimg:v1.4          "httpd -f -h /data/h…"   6 seconds ago       Up 5 seconds        80/tcp, 443/tcp     b1
[root@node1 test]# curl http://172.17.0.2/test1.html
this is test1 html
[root@node1 test]#

  提示:能夠看到httpd服務能夠正常提供訪問,說明咱們用json數組方式運行命令是正確的;總結一點,用CMD或RUN指令運行命令時,若是直接在CMD或RUN指令後面接命令,這種方式一般會被解釋爲啓動一個shell子進程運行命令,RUN指令表現形式就是後面的命令可使用shell特性的語法格式的命令,好比大括號展開等等;而CMD指令表現形式就是啓動爲容器後,它默認會把咱們指定運行的命令看成參數傳給「/bin/sh」來運行;CMD或RUN指令加中括號的形式就表示使用json數組格式方式運行命令;這種方式運行命令在CMD中表現形式是咱們運行的命令的選項都要看成參數傳給該命令;RUN指令表現形式是不能使用shell特性的命令;若是非要使用shell特性的命令格式,咱們須要把咱們的命令看成參數傳給「/bin/sh」,固然前提是咱們的基礎鏡像shell支持shell特性的語法;

  三、ENTRYPOINT:該指令相似CMD指令的功能,用於爲容器指定默認運行程序,從而使得容器像是一個單獨的可執行程序;與CMD不一樣的是,由ENTRYPOINT啓動的程序不會被docker run命令行指定的參數所覆蓋,並且,這些命令行參數會被看成參數傳遞給ENTRYPOINT指定的程序(不過,docker run命令的--entrypoint選項的參數可覆蓋ENTRYPOINT指令指定的程序);語法格式 ENTRYPOINT <command>或 ENTRYPOINT ["<executable>", "<param1>", "<param2>"];docker run命令傳入的命令參數會覆蓋CMD指令的內容而且附加到ENTRYPOINT命令最後作爲其參數使用;Dockerfile文件中也能夠存在多個ENTRYPOINT指令,但僅有最後一個會生效;

  示例:

[root@node1 test]# cat Dockerfile
FROM busybox:latest

MAINTAINER "qiuhom <qiuhom@linux-1874.com>"

LABEL version="1.0"

LABEL description="this is test file \ that label-values can span multiple lines."

ARG web_home

COPY html ${web_home:-"/data/htdoc/"}

VOLUME ${web_home:-"/data/htdoc/"}

EXPOSE 80/tcp 443/tcp

ENTRYPOINT httpd -f -h /data/htdoc/
[root@node1 test]#

  提示:以上dockerfile中用ENTRYPOINT 來指定容器默認運行程序,它和CMD不一樣的是,CMD指定運行的命令,咱們可使用docker run 命令加要運行的的命令替代容器裏默認運行的命令,而ENTRYPOINT指定的命令咱們是不可隨便替換的,若是要替換必需要使用--entrypoint選項來指定;

  驗證:build成鏡像,咱們啓動爲容器直接運行/bin/sh 看看是否可行?

[root@node1 test]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
myimg               v1.4                58e3b4c40ae7        23 minutes ago      1.22MB
myimg               v1.3                2e296b4f4500        47 minutes ago      1.22MB
myimg               v1.2                30a5f5594104        About an hour ago   203MB
myimg               v1.1                ae463ec8cbd9        About an hour ago   203MB
myimg               v1                  7f109a34a4a5        2 hours ago         203MB
busybox             latest              1c35c4412082        17 hours ago        1.22MB
centos              7                   b5b4d78bc90c        4 weeks ago         203MB
[root@node1 test]# docker build . -t myimg:v1.5
Sending build context to Docker daemon   1.05MB
Step 1/9 : FROM busybox:latest
 ---> 1c35c4412082
Step 2/9 : MAINTAINER "qiuhom <qiuhom@linux-1874.com>"
 ---> Using cache
 ---> baf170e0c586
Step 3/9 : LABEL version="1.0"
 ---> Using cache
 ---> d96fb4ae3d58
Step 4/9 : LABEL description="this is test file \ that label-values can span multiple lines."
 ---> Using cache
 ---> 62372d19daf3
Step 5/9 : ARG web_home
 ---> Using cache
 ---> 1ce797c7cde0
Step 6/9 : COPY html ${web_home:-"/data/htdoc/"}
 ---> Using cache
 ---> 15848dea21b9
Step 7/9 : VOLUME ${web_home:-"/data/htdoc/"}
 ---> Using cache
 ---> f3ec40d1cb5e
Step 8/9 : EXPOSE 80/tcp 443/tcp
 ---> Using cache
 ---> 5ccfc6d604cc
Step 9/9 : ENTRYPOINT httpd -f -h /data/htdoc/
 ---> Running in de274d68686c
Removing intermediate container de274d68686c
 ---> 5825c2ec655f
Successfully built 5825c2ec655f
Successfully tagged myimg:v1.5
[root@node1 test]# docker run --name b1 --rm -it myimg:v1.5 /bin/sh

  提示:運行以上命令後,不會給咱們一個shell終端,也不報錯;可是咱們直接訪問httpd服務是能夠正常訪問的;這意味咱們用docker run 命令是不能替換咱們用entrypoint指定指定的命令的;

  測試:用--entrypoint 選項來看看是否可以覆蓋ENTRYPOINT指定所指定的命令程序?

[root@node1 test]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
myimg               v1.5                5825c2ec655f        12 minutes ago      1.22MB
myimg               v1.4                58e3b4c40ae7        35 minutes ago      1.22MB
myimg               v1.3                2e296b4f4500        About an hour ago   1.22MB
myimg               v1.2                30a5f5594104        About an hour ago   203MB
myimg               v1.1                ae463ec8cbd9        2 hours ago         203MB
myimg               v1                  7f109a34a4a5        2 hours ago         203MB
busybox             latest              1c35c4412082        17 hours ago        1.22MB
centos              7                   b5b4d78bc90c        4 weeks ago         203MB
[root@node1 test]# docker run --name b1 --rm -it --entrypoint "/bin/sh" myimg:v1.5
/ # ls
bin   data  dev   etc   home  proc  root  sys   tmp   usr   var
/ # ps
PID   USER     TIME  COMMAND
    1 root      0:00 /bin/sh
    7 root      0:00 ps
/ #

  提示:能夠看到使用docker run 必需要加--entrypoint 選項才能夠覆蓋ENTRYPOINT指令指定的命令;

  示例:使用json數組格式來指定命令

[root@node1 test]# cat Dockerfile 
FROM busybox:latest

MAINTAINER "qiuhom <qiuhom@linux-1874.com>"

LABEL version="1.0"

LABEL description="this is test file \ that label-values can span multiple lines."

ARG web_home

COPY html ${web_home:-"/data/htdoc/"}

VOLUME ${web_home:-"/data/htdoc/"}

EXPOSE 80/tcp 443/tcp

ENTRYPOINT ["httpd","-f","-h","/data/htdoc/"]

[root@node1 test]#

  提示:使用json數組格式來指定命令時,都須要將後面的選項和參數看成該命令的參數傳進去;

  測試:使用docker run 直接加命令 看看是否可以覆蓋ENTRYPOINT指令指定的命令?

  提示:能夠看到咱們直接使用命令是沒法覆蓋ENTRYPOINT指令說指定的命令;

  示例:

[root@node1 test]# cat Dockerfile 
FROM centos:7

MAINTAINER "qiuhom <qiuhom@linux-1874.com>"

LABEL version="1.0"

LABEL description="this is test file \ that label-values can span multiple lines."

RUN yum install -y httpd

EXPOSE 80/tcp 

ENTRYPOINT ["/usr/sbin/httpd","-DFOREGROUND"]

[root@node1 test]#

  測試:用docker run 命令覆蓋ENTRYPOINT指定的默認命令,看看是否可行?

[root@node1 test]# docker build . -t myimg:v1.7
Sending build context to Docker daemon  1.051MB
Step 1/7 : FROM centos:7
 ---> b5b4d78bc90c
Step 2/7 : MAINTAINER "qiuhom <qiuhom@linux-1874.com>"
 ---> Using cache
 ---> 604899ef29f9
Step 3/7 : LABEL version="1.0"
 ---> Using cache
 ---> d9edea71fa22
Step 4/7 : LABEL description="this is test file \ that label-values can span multiple lines."
 ---> Using cache
 ---> ee027bbdc04b
Step 5/7 : RUN yum install -y httpd
 ---> Running in 164240645e39
Loaded plugins: fastestmirror, ovl
Determining fastest mirrors
 * base: mirrors.aliyun.com
 * extras: mirrors.aliyun.com
 * updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package httpd.x86_64 0:2.4.6-93.el7.centos will be installed
--> Processing Dependency: httpd-tools = 2.4.6-93.el7.centos for package: httpd-2.4.6-93.el7.centos.x86_64
--> Processing Dependency: system-logos >= 7.92.1-1 for package: httpd-2.4.6-93.el7.centos.x86_64
--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-93.el7.centos.x86_64
--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-93.el7.centos.x86_64
--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-93.el7.centos.x86_64
--> Running transaction check
---> Package apr.x86_64 0:1.4.8-5.el7 will be installed
---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed
---> Package centos-logos.noarch 0:70.0.6-3.el7.centos will be installed
---> Package httpd-tools.x86_64 0:2.4.6-93.el7.centos will be installed
---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package             Arch          Version                    Repository   Size
================================================================================
Installing:
 httpd               x86_64        2.4.6-93.el7.centos        base        2.7 M
Installing for dependencies:
 apr                 x86_64        1.4.8-5.el7                base        103 k
 apr-util            x86_64        1.5.2-6.el7                base         92 k
 centos-logos        noarch        70.0.6-3.el7.centos        base         21 M
 httpd-tools         x86_64        2.4.6-93.el7.centos        base         92 k
 mailcap             noarch        2.1.41-2.el7               base         31 k

Transaction Summary
================================================================================
Install  1 Package (+5 Dependent packages)

Total download size: 24 M
Installed size: 32 M
Downloading packages:
warning: /var/cache/yum/x86_64/7/base/packages/apr-util-1.5.2-6.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for apr-util-1.5.2-6.el7.x86_64.rpm is not installed
--------------------------------------------------------------------------------
Total                                              7.8 MB/s |  24 MB  00:03     
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
 Userid     : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
 Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
 Package    : centos-release-7-8.2003.0.el7.centos.x86_64 (@CentOS)
 From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : apr-1.4.8-5.el7.x86_64                                       1/6 
  Installing : apr-util-1.5.2-6.el7.x86_64                                  2/6 
  Installing : httpd-tools-2.4.6-93.el7.centos.x86_64                       3/6 
  Installing : centos-logos-70.0.6-3.el7.centos.noarch                      4/6 
  Installing : mailcap-2.1.41-2.el7.noarch                                  5/6 
  Installing : httpd-2.4.6-93.el7.centos.x86_64                             6/6 
  Verifying  : mailcap-2.1.41-2.el7.noarch                                  1/6 
  Verifying  : apr-util-1.5.2-6.el7.x86_64                                  2/6 
  Verifying  : httpd-2.4.6-93.el7.centos.x86_64                             3/6 
  Verifying  : apr-1.4.8-5.el7.x86_64                                       4/6 
  Verifying  : httpd-tools-2.4.6-93.el7.centos.x86_64                       5/6 
  Verifying  : centos-logos-70.0.6-3.el7.centos.noarch                      6/6 

Installed:
  httpd.x86_64 0:2.4.6-93.el7.centos                                            

Dependency Installed:
  apr.x86_64 0:1.4.8-5.el7                                                      
  apr-util.x86_64 0:1.5.2-6.el7                                                 
  centos-logos.noarch 0:70.0.6-3.el7.centos                                     
  httpd-tools.x86_64 0:2.4.6-93.el7.centos                                      
  mailcap.noarch 0:2.1.41-2.el7                                                 

Complete!
Removing intermediate container 164240645e39
 ---> 63db91f4fe6a
Step 6/7 : EXPOSE 80/tcp
 ---> Running in 6585da71fc3b
Removing intermediate container 6585da71fc3b
 ---> eb671cf67f52
Step 7/7 : ENTRYPOINT ["/usr/sbin/httpd","-DFOREGROUND"]
 ---> Running in f6e7297025af
Removing intermediate container f6e7297025af
 ---> bac03b20761a
Successfully built bac03b20761a
Successfully tagged myimg:v1.7
[root@node1 test]# docker run --name m1 --rm -it myimg:v1.7 /bin/sh
Usage: /usr/sbin/httpd [-D name] [-d directory] [-f file]
                       [-C "directive"] [-c "directive"]
                       [-k start|restart|graceful|graceful-stop|stop]
                       [-v] [-V] [-h] [-l] [-L] [-t] [-T] [-S] [-X]
Options:
  -D name            : define a name for use in <IfDefine name> directives
  -d directory       : specify an alternate initial ServerRoot
  -f file            : specify an alternate ServerConfigFile
  -C "directive"     : process directive before reading config files
  -c "directive"     : process directive after reading config files
  -e level           : show startup errors of level (see LogLevel)
  -E file            : log startup errors to file
  -v                 : show version number
  -V                 : show compile settings
  -h                 : list available command line options (this page)
  -l                 : list compiled in modules
  -L                 : list available configuration directives
  -t -D DUMP_VHOSTS  : show parsed vhost settings
  -t -D DUMP_RUN_CFG : show parsed run settings
  -S                 : a synonym for -t -D DUMP_VHOSTS -D DUMP_RUN_CFG
  -t -D DUMP_MODULES : show all loaded modules 
  -M                 : a synonym for -t -D DUMP_MODULES
  -t                 : run syntax check for config files
  -T                 : start without DocumentRoot(s) check
  -X                 : debug mode (only one worker, do not detach)
[root@node1 test]#

  提示:能夠看到咱們用docker run指定命令去覆蓋ENTRYPOINT指令指定的命令,它給咱們打印了httpd命令的用法,這說明咱們後面傳遞的/bin/sh 看成參數傳遞給ENTRYPOINT說指定的命令;這裏還須要說一下,上面的示例用docker run 去覆蓋ENTRYPOINT指令指定的命令,沒有報錯的緣由應該是busybox裏的httpd程序支持傳遞/bin/sh看成參數;

  示例:CMD指令同ENTRYPOINT一塊兒使用

[root@node1 test]# cat Dockerfile 
FROM centos:7

MAINTAINER "qiuhom <qiuhom@linux-1874.com>"

LABEL version="1.0"

LABEL description="this is test file \ that label-values can span multiple lines."

RUN yum install -y httpd

ADD entrypoint.sh /bin/

EXPOSE 80/tcp 

CMD ["/usr/sbin/httpd","-DFOREGROUND"]

ENTRYPOINT ["/bin/entrypoint.sh"]

[root@node1 test]#

  提示:以上dockerfile使用了CMD和ENTRYPOINT指令來指定容器默認運行程序;此時CMD所指定的命令默認會以參數的形式傳給ENTRYPOINT指令所指定的命令;而上面ENTRYPOINT指定指定的是一個腳本,也就說上面dockerfile最終運行的命令是/bin/entrypoint.sh /usr/sbin/httpd -DFOREGROUND;這裏的腳本就至關於中間層,經過腳本設定一些參數,而後把CMD指定的命令看成參數傳給腳本,最終腳本運行起來;

  entrypoint腳本

[root@node1 test]# ll
total 1032
-rw-r--r-- 1 root root     307 Jun  3 11:28 Dockerfile
-rwxr-xr-x 1 root root     300 Jun  3 11:22 entrypoint.sh
drwxr-xr-x 2 root root      42 May 31 01:51 html
-rw-r--r-- 1 root root 1043748 May 26 11:07 nginx-1.19.0.tar.gz
-rw-r--r-- 1 root root      22 May 31 01:52 test.html
[root@node1 test]# cat entrypoint.sh 
#!/bin/bash

doc_root=${DOC_ROOT:-/var/www/html}
cat > /etc/httpd/conf.d/myweb.conf <<EOF
        <virtualhost *:80>
                servername "localhost"
                documentroot "${doc_root}"
                <directory "${doc_root}">
                        options none
                        allowoverride none
                        require  all granted
                </directory>
        </virtualhost>
EOF

exec "$@"
[root@node1 test]#

  提示:這個腳本很簡單就是在/etc/httpd/conf.d/生成一個myweb.conf的配置文件,而後最後引用腳本的參數運行;exec "$@" 表示把腳本的全部參數獨立運行成一個守護進程;默認不使用exec就表示以shell子進程的方式運行,exec就表示運行爲單獨的守護進程,再也不是shell子進程的方式;

  測試:

[root@node1 test]# docker build . -t httpd:v1
Sending build context to Docker daemon  1.051MB
Step 1/9 : FROM centos:7
 ---> b5b4d78bc90c
Step 2/9 : MAINTAINER "qiuhom <qiuhom@linux-1874.com>"
 ---> Using cache
 ---> 604899ef29f9
Step 3/9 : LABEL version="1.0"
 ---> Using cache
 ---> d9edea71fa22
Step 4/9 : LABEL description="this is test file \ that label-values can span multiple lines."
 ---> Using cache
 ---> ee027bbdc04b
Step 5/9 : RUN yum install -y httpd
 ---> Using cache
 ---> 63db91f4fe6a
Step 6/9 : ADD entrypoint.sh /bin/
 ---> 49d1270c3aa3
Step 7/9 : EXPOSE 80/tcp
 ---> Running in 3dacf6acf23b
Removing intermediate container 3dacf6acf23b
 ---> edced77af5b5
Step 8/9 : CMD ["/usr/sbin/httpd","-DFOREGROUND"]
 ---> Running in 23bb32def296
Removing intermediate container 23bb32def296
 ---> 169a5e164ba5
Step 9/9 : ENTRYPOINT ["/bin/entrypoint.sh"]
 ---> Running in f3bf0c267c7b
Removing intermediate container f3bf0c267c7b
 ---> 0801db092665
Successfully built 0801db092665
Successfully tagged httpd:v1
[root@node1 test]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
httpd               v1                  0801db092665        35 seconds ago      307MB
myimg               v1.7                bac03b20761a        12 minutes ago      307MB
myimg               v1.6                5370df4238eb        2 hours ago         1.22MB
myimg               v1.5                5825c2ec655f        2 hours ago         1.22MB
myimg               v1.4                58e3b4c40ae7        2 hours ago         1.22MB
myimg               v1.3                2e296b4f4500        3 hours ago         1.22MB
myimg               v1.2                30a5f5594104        3 hours ago         203MB
myimg               v1.1                ae463ec8cbd9        3 hours ago         203MB
myimg               v1                  7f109a34a4a5        3 hours ago         203MB
busybox             latest              1c35c4412082        19 hours ago        1.22MB
centos              7                   b5b4d78bc90c        4 weeks ago         203MB
[root@node1 test]# docker run --name h1 -d httpd:v1
cee14b04912822c33e7deeee361e1ce0c20d7daf6c0666bff319bf3f1bc69bdc
[root@node1 test]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS               NAMES
cee14b049128        httpd:v1            "/bin/entrypoint.sh …"   9 seconds ago       Up 9 seconds        80/tcp              h1
[root@node1 test]#

  提示:能夠看到咱們build成鏡像後,直接運行爲容器,容器正常;咱們進入容器內部看看它到底運行的說明命令

[root@node1 test]# docker exec -it h1 /bin/bash
[root@cee14b049128 /]# ls /etc/httpd/conf.d/myweb.conf 
/etc/httpd/conf.d/myweb.conf
[root@cee14b049128 /]# cat /etc/httpd/conf.d/myweb.conf
        <virtualhost *:80>
                servername "localhost"
                documentroot "/var/www/html"
                <directory "/var/www/html">
                        options none
                        allowoverride none
                        require  all granted
                </directory>
        </virtualhost>
[root@cee14b049128 /]# ps aux
USER        PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root          1  0.0  0.1 224080  5016 ?        Ss   16:26   0:00 /usr/sbin/httpd -D
apache        7  0.0  0.0 224212  2960 ?        S    16:26   0:00 /usr/sbin/httpd -D
apache        8  0.0  0.0 224212  2960 ?        S    16:26   0:00 /usr/sbin/httpd -D
apache        9  0.0  0.0 224212  2960 ?        S    16:26   0:00 /usr/sbin/httpd -D
apache       10  0.0  0.0 224212  2960 ?        S    16:26   0:00 /usr/sbin/httpd -D
apache       11  0.0  0.0 224212  2960 ?        S    16:26   0:00 /usr/sbin/httpd -D
root         12  0.0  0.0  11828  1932 pts/0    Ss   16:35   0:00 /bin/bash
root         27  0.0  0.0  51756  1720 pts/0    R+   16:36   0:00 ps aux
[root@cee14b049128 /]# httpd -t -D DUMP_VHOSTS
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
VirtualHost configuration:
*:80                   localhost (/etc/httpd/conf.d/myweb.conf:1)
[root@cee14b049128 /]#

  提示:能夠看到容器內部運行的就是/usr/sbin/httpd -DFOREGROUND這個命令;其實這個命令不是CMD直接運行的命令,而是經過腳本獲取參數而來的;咱們經過腳本添加的配置文件都在對應的位置,而且也都生效了;總結一點,一般CMD和ENTRYPOINT應用在經過entrypoint腳本作中間層向容器內運行的程序提供配置文件的場景,一般這些應用程序不是雲原生的;

相關文章
相關標籤/搜索
每日一句
    每一个你不满意的现在,都有一个你没有努力的曾经。
本站公眾號
   歡迎關注本站公眾號,獲取更多信息
聯繫我們 最近搜索 最新文章 沪ICP备13005482号-10 MyBatis教程 SQL 教程 MySQL教程 Java 教程 Thymeleaf 教程 Hibernate教程 Spring教程 Redis教程