Docker学习记录——Dockerfile
苗锦洲
创建于:2021-08-26 10:11:34
0
33
253
0
Dockerfile介绍以及部署SpringBoot实践
友情提示:此篇文章大约需要阅读 11分6秒
# Dockerfile介绍
## 1.每条指令都是互相隔离的,可能创建新的层
例如
``RUN cd /tmp``
对下一条指令没有任何影响
## 2.尽可能使用缓存加速build
``build-cache``
会在控制台显示出来
`--cache-from`可以指定外部缓存源
## 3.docker scan
When you’re done with your build, you’re ready to look into [scanning your image with](https://docs.docker.com/engine/scan/)[ ](https://docs.docker.com/engine/scan/)[docker scan](https://docs.docker.com/engine/scan/), and [pushing your image to Docker Hub](https://docs.docker.com/docker-hub/repos/).
# Best practices for writing Dockerfiles
[Best practices for writing Dockerfiles | Docker Documentation](https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#leverage-build-cache)
## 1.General guidelines and recommendations
### 1.1 Create ephemeral containers[?](https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#create-ephemeral-containers)
容器尽越“短暂”越好
“短暂”是指容器可以被停止和销毁,然后重建并替换为绝对最小的设置和配置。
### 1.2 Understand build context[?](https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#understand-build-context)
默认dockerfile所在的路径就是 build context
可以用 -f 指定
防止不需要的文件被构建进去,导致不必要的资源消耗
实例:
```bash
mkdir myproject && cd myproject
$ echo "hello" > hello
$ echo -e "FROM busybox\nCOPY /hello /\nRUN cat /hello" > Dockerfile
$ docker build -t helloapp:v1 .
```
```bash
mkdir -p dockerfiles context
$ mv Dockerfile dockerfiles && mv hello context
$ docker build --no-cache -t helloapp:v2 -f dockerfiles/Dockerfile context
```
build的时候可以关注一下大小信息
```bash
Sending build context to Docker daemon 187.8MB
```
### 1.3 Pipe Dockerfile through stdin[?](https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#pipe-dockerfile-through-stdin)
#### 1.3.1 Build an image using a Dockerfile from stdin, without sending build context
不需要Dockerfile文件,使用输入流构建,提高构建速度,
但是不能使用 `COPY` 或 `ADD` 指令
```bash
docker build -t myimage:latest -<<EOF
FROM busybox
RUN echo "hello world"
EOF
```
#### 1.3.2 Build from a local build context, using a Dockerfile from stdin
```bash
docker build [OPTIONS] -f- PATH
```
```bash
# create a directory to work in
mkdir example
cd example
# create an example file
touch somefile.txt
# build an image using the current directory as context, and a Dockerfile passed through stdin
docker build -t myimage:latest -f- . <<EOF
FROM busybox
COPY somefile.txt ./
RUN cat /somefile.txt
EOF
```
#### 1.3.3 Build from a remote build context, using a Dockerfile from stdin
```bash
docker build [OPTIONS] -f- PATH
```
```bash
docker build -t myimage:latest -f- https://github.com/docker-library/hello-world.git <<EOF
FROM busybox
COPY hello.c ./
EOF
```
### 1.4 Exclude with `.dockerignore`[?](https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#exclude-with-dockerignore)
类似于 `.gitignore`
[Dockerfile reference | Docker Documentation](https://docs.docker.com/engine/reference/builder/#dockerignore-file)
### 1.5 Use multi-stage builds[?](https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#use-multi-stage-builds)
可以极大减小最后打包生成的镜像
image最后一步生成,可以利用构建缓存
例如,如果您的构建包含多个层,您可以将它们从更改较不频繁(以确保构建缓存可重用)到更改较频繁的排序:
* 安装构建应用程序所需的工具
* 安装或更新库依赖项
* 生成您的应用程序
A Dockerfile for a Go application could look like:
```bash
# syntax=docker/dockerfile:1
FROM golang:1.16-alpine AS build
# Install tools required for project
# Run `docker build --no-cache .` to update dependencies
RUN apk add --no-cache git
RUN go get github.com/golang/dep/cmd/dep
# List project dependencies with Gopkg.toml and Gopkg.lock
# These layers are only re-built when Gopkg files are updated
COPY Gopkg.lock Gopkg.toml /go/src/project/
WORKDIR /go/src/project/
# Install library dependencies
RUN dep ensure -vendor-only
# Copy the entire project and build it
# This layer is rebuilt when a file changes in the project directory
COPY . /go/src/project/
RUN go build -o /bin/project
# This results in a single layer image
FROM scratch
COPY --from=build /bin/project /bin/project
ENTRYPOINT ["/bin/project"]
CMD ["--help"]
```
### 1.6 Don't install unnecessary packages[?](https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#dont-install-unnecessary-packages)
### 1.7 Decouple applications[?](https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#decouple-applications)
### 1.8 Minimize the number of layers[?](https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#minimize-the-number-of-layers)
- 只有 `RUN` , `COPY` , `ADD `创建层,其他创建临时的中间镜像,不会增加size
* 尽可能使用多阶段构建,只复制最终的image需要的文件
### 1.9 Sort multi-line arguments[?](https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#sort-multi-line-arguments)
按字母表顺序对参数排序,`\` 换行
```bash
RUN apt-get update && apt-get install -y \
bzr \
cvs \
git \
mercurial \
subversion \
&& rm -rf /var/lib/apt/lists/*
```
### 1.10 Leverage build cache[?](https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#leverage-build-cache)
利用构建缓存
## 2.Dockerfile instructions[?](https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#dockerfile-instructions)
# 相关链接
[Dockerfile reference | Docker Documentation](https://docs.docker.com/engine/reference/builder/)
[Best practices for writing Dockerfiles | Docker Documentation](https://docs.docker.com/develop/develop-images/dockerfile_best-practices/)
评论
楼主暂时不想被别人评论哦~
已自动恢复阅读位置、日/夜间模式参数