What is dockerfile
Dockerfile is a text document that contains commands for combining images. You can use any command in the command line. Docker automatically generates an image by reading the instructions in the dockerfile.
The docker build command is used to build an image from a Dockerfile. You can use the - f flag in the docker build command to point to Dockerfile anywhere in the file system.
docker build -f /path/to/a/Dockerfile
Basic structure of Dockerfile
Dockerfile is generally divided into four parts: basic image information, maintainer information, image operation instructions and instructions executed when the container is started. '#' is the comment in dockerfile.
Dockerfile file description
Docker runs the instructions of Dockerfile FROM top to bottom. In order to specify the base image, the first instruction must be FROM. A declaration that begins with a character is considered a comment. RUN, CMD, FROM, EXPOSE, ENV and other instructions can be used in docker files.
Common instructions:
FROM: Specifies the base image, which must be the first command
Format:
FROM <image> FROM <image>:<tag> FROM <image>@<digest>
Example:
FROM mysql:5.6
Note:
tag or digest is optional. If these two values are not used, the base image of the latest version will be used
MAINTAINER: MAINTAINER information
Format:
MAINTAINER <name>
Example:
MAINTAINER Jasper Xu MAINTAINER sorex@163.com MAINTAINER Jasper Xu <sorex@163.com>
RUN: command executed when building a mirror
RUN is used to execute commands in the mirror container. It has the following two command execution modes:
shell execution
Format:
RUN <command>
exec execution
Format:
RUN ["executable", "param1", "param2"]
Example:
RUN ["executable", "param1", "param2"]
RUN apk update
RUN ["/etc/execfile", "arg1", "arg1"]
Note:
The intermediate image created by the RUN instruction will be cached and used in the next build. If you do not want to use these cache images, you can specify the – no cache parameter during construction, such as docker build -- no cache
ADD: ADD local files to the container,
tar files will be decompressed automatically (compressed network resources will not be decompressed). You can access network resources, similar to wget
Format:
ADD <src>... <dest>
ADD ["<src>",... "<dest>"] Used to support paths with spaces
Example:
ADD hom* /mydir/ # Add all files starting with "hom"
ADD hom?.txt /mydir/ # ? Replace a single character, for example: "home.txt"
ADD test relativeDir/ # Add "test" to 'workdir' / relativedir/
ADD test /absoluteDir/ # Add "test" to / absoluteDir/
COPY: the function is similar to ADD
However, the files will not be automatically decompressed and network resources cannot be accessed
CMD: call after building the container, that is, when the container starts.
Format:
CMD ["executable","param1","param2"] (Executable, priority) CMD ["param1","param2"] (Set ENTRYPOINT,Call directly ENTRYPOINT Add parameter) CMD command param1 param2 (implement shell Internal command)
Example:
CMD echo "This is a test." | wc - CMD ["/usr/bin/wc","--help"]
Note:
CMD is different from RUN. CMD is used to specify the command to be executed when the container is started, while RUN is used to specify the command to be executed when the image is built.
ENTRYPOINT: configure the container,
Make it executable. With CMD, "application" can be omitted and only parameters can be used.
Format:
ENTRYPOINT ["executable", "param1", "param2"] (Executable file, first) ENTRYPOINT command param1 param2 (shell Internal command)
Example:
FROM ubuntu ENTRYPOINT ["top", "-b"] CMD ["-c"]
Note:
ENTRYPOINT is very similar to CMD, except that the command executed through docker run will not overwrite ENTRYPOINT, and any parameters specified in docker run will be passed to ENTRYPOINT again as parameters. Only one entry point command is allowed in Dockerfile. Multiple assignments will override the previous settings and only the last entry point command will be executed.
LABEL: used to add metadata to the image
Format:
LABEL <key>=<value> <key>=<value> <key>=<value> ...
Example:
LABEL version = "1.0" description = "this is a Web server" by = "IT record"
Note:
When using LABEL to specify metadata, one or more metadata can be specified. When specifying multiple metadata, different metadata are separated by spaces. It is recommended to specify all metadata through a LABEL instruction to avoid generating too many intermediate images.
ENV: setting environment variables
Format:
ENV <key> <value> #All contents after < key > will be considered as part of its < value >, so only one variable can be set at a time ENV <key>=<value> ... #Multiple variables can be set, and each variable is a key value pair of "< key > = < value >". If < key > contains spaces, you can use \ to escape or mark with ""; In addition, backslashes can also be used for continuation
Example:
ENV myName John Doe ENV myDog Rex The Dog ENV myCat=fluffy
Export: Specifies the port for external interaction
Format:
EXPOSE <port> [<port>...]
Example:
EXPOSE 80 443
EXPOSE 8080
EXPOSE 11211/tcp 11211/udp
Note:
Export does not allow the container's port to access the host. To make it accessible, you need to publish these ports through - P when docker run runs the container, or publish all ports exported by export through - P parameter
VOLUME: used to specify the persistent directory
Format:
VOLUME ["/path/to/dir"]
Example:
VOLUME ["/data"] VOLUME ["/var/www", "/var/log/apache2", "/etc/apache2"
Note:
A volume can exist in a specified directory of one or more containers, which can bypass the federated file system and has the following functions:
1 volumes can be shared and reused between containers
2 containers do not have to share volumes with other containers
3 the modification of the volume takes effect immediately
4 modifications to the volume do not affect the mirror
Volume 5 will exist until no container is using it
WORKDIR: working directory, similar to the cd command
Format:
WORKDIR /path/to/workdir
Example:
WORKDIR /a (The working directory is/a) WORKDIR b (The working directory is/a/b) WORKDIR c (At this time, the working directory is/a/b/c)
Note:
After setting the working directory through WORKDIR, the subsequent commands RUN, CMD, ENTRYPOINT, ADD, COPY, etc. in Dockerfile will be executed in this directory. When using docker run to RUN the container, you can override the working directory set during construction with the - w parameter.
USER: Specifies the USER name or UID when the container is run
Subsequent runs will also use the specified USER. When using USER to specify a USER, you can use a USER name, UID, GID, or a combination of both. When the service does not require administrator privileges, you can specify the running USER through this command. And you can create the required users before
Format:
USER user USER user:group USER uid USER uid:gid USER user:gid USER uid:group
Example:
USER www
Note:
After USER is used to specify the USER, the subsequent commands RUN, CMD and ENTRYPOINT in Dockerfile will use the USER. After the image is built, when running the container through docker run, you can override the specified USER through the - u parameter.
ARG: used to specify the variables passed to the build runtime
Format:
ARG <name>[=<default value>]
Example:
ARG site ARG build_user=www
ONBUILD: used to set the mirror trigger
Format:
ONBUILD [INSTRUCTION]
Example:
ONBUILD ADD . /app/src ONBUILD RUN /usr/local/bin/python-build --dir /app/src
Note:
When the constructed image is used as the basic image of other images, the trigger in the image will be triggered by the key
Copy code
Here is a small example:
# nginx Dockerfile # Version 0.1 # Base images base images FROM centos #MAINTAINER maintainer information MAINTAINER tianfeiyu #ENV setting environment variables ENV PATH /usr/local/nginx/sbin:$PATH #ADD files are placed in the current directory and will be automatically decompressed after copying ADD nginx-1.8.0.tar.gz /usr/local/ ADD epel-release-latest-7.noarch.rpm /usr/local/ #RUN executes the following command RUN rpm -ivh /usr/local/epel-release-latest-7.noarch.rpm RUN yum install -y wget lftp gcc gcc-c++ make openssl-devel pcre-devel pcre && yum clean all RUN useradd -s /sbin/nologin -M www #WORKDIR is equivalent to cd WORKDIR /usr/local/nginx-1.8.0 RUN ./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_ssl_module --with-pcre && make && make install RUN echo "daemon off;" >> /etc/nginx.conf #Export mapping port EXPOSE 80 #CMD runs the following command CMD ["nginx"]