Dockerfileを使ったDockerイメージの作成

The commands used in the Dockerfile are
FROM
    FROM specifies a base image, and in general a usable Dockerfile must have FROM as the first command. The image can be any reasonably existing image image.
    FROM must be the first non-commented command Dockerfile.
    FROM can appear multiple times in a Dockerfile to make it easier to create a mix of images.
    If no tag is specified, latest will be specified as the base image version to be used.
MAINTAINER
    Here is the information used to specify the image creator
RUN
    The RUN command will execute any legal command in the current image and submit the result. Once the command execution is committed, it will automatically execute the next command in the Dockerfile.
    Cascading RUN commands and generating commits is a practice that is in line with Docker's core philosophy. It allows custom builds of image images at any point, like version control.
    The RUN command cache does not automatically expire on the next command execution. For example, the cache of RUN apt-get dist-upgrade -y may be used for the next command. The --no-cache flag can be used to force the cache to be unused.
ENV
    The ENV command can be used to set environment variables for docker containers
    The environment variables set by ENV can be viewed using the docker inspect command. You can also use docker run --env <key>=<value> to modify the environment variables.
USER
    USER is used to switch the identity of the runtime owner. docker defaults to root, but if you don't need it, it is recommended to switch the user identity, as root is too powerful and can be a security risk.
WORKDIR
    Docker's default working directory is /, and only RUNs can execute the cd command to switch directories. If you want other commands to execute in the specified directory, you need to rely on WORKDIR, which changes the directory persistently without having to use WORKDIR once before each command.
COPY
    COPY adds files from the path <src> to the container internal path <dest>.
    <src> must be a file or directory that you want for the source folder, or it can be a remote url, <dest> is an absolute path in the target container.
    All new files and folders will create UIDs and GIDs. In fact if <src> is a remote file URL, then the permissions for the target file will be 600.
ADD
    ADD adds a copy of the file from the path <src> to the internal path <dest> of the container.
    <src> must be a file or directory that wants to be for the source folder, but can also be a remote url. <dest> is the absolute path in the target container.
    All new files and folders will create UIDs and GIDs. in fact if <src> is a remote file URL, then the target file will have permissions of 600.
VOLUME
    Creates a mount point that can be mounted from the local host or another container, typically used to store databases, data that needs to be maintained, etc.
EXPOSE
    The EXPOSE directive specifies the port to be specified for forwarding when docker allows it.

CMD
    There can be only one CMD directive in Dockerfile. If you specify more than one, then the last CMD directive is the one that takes effect.
    The main purpose of the CMD directive is to provide default execution containers. These defaults can include executables or omit executables.
    CMD automatically executes this command when you use the shell or exec format.
ONBUILD
    The purpose of ONBUILD is to delay the execution of the command until the next Dockerfile that uses FROM builds the image, for a single delay.
    ONBUILD is used to get the latest source code (with RUN) and the qualified system framework when building the image.
ARG
    ARG is a new command added in Docker 1.9.
    The variables defined by ARG are only valid when the image is created, and disappear when the creation is complete.
LABEL
    Defines an image label Owner and assigns it the value of the variable Name. (LABEL Owner=$Name )

ENTRYPOINT
    is the command or file that will be executed when the Docker image is run as an instance (i.e. Docker container).
    My own Dockerfile file looks like this.

FROM docker.io/centos
MAINTAINER The CentOS Test Images - test
RUN mkdir -p /usr/app
RUN ls
RUN pwd
COPY /jdk /usr/app/jdk/
ADD tomcat/ /usr/app/tomcat/
ADD hadoop/ /usr/app/hadoop/
ENV JAVA_HOME /usr/app/jdk
ENV PATH $JAVA_HOME/bin:$PATH
#ADD /soft/jdk /
#ADD /soft/tomcat /
#ADD /soft/hadoop /
# Volumes for systemd
# VOLUME ["/run", "/tmp"]
# Environment for systemd
# ENV container=docker
# For systemd usage this changes to /usr/sbin/init
# Keeping it as /bin/bash for compatibility with previous
# CMD ["/bin/bash"]

[root@localhost docker]# pwd
/soft/docker
[root@localhost docker]# ll
total 4
-rw-r--r--. 1 root root 541 Aug 15 11:20 Dockerfile
[root@localhost docker]# cd .
[root@localhost soft]# pwd
/soft
[root@localhost soft]# ll
total 393332
-rw-r--r--. 1 root root 9271609 Aug 10 17:23 apache-tomcat-8.5.4.tar.gz
drwxr-xr-x. 2 root root 23 Aug 15 11:20 docker
drwxr-xr-x. 9 10011 10011 4096 Jan 26 2016 hadoop
-rw-r--r--. 1 root root 212046774 Aug 8 18:01 hadoop-2.7.2.tar.gz
drwxr-xr-x. 8 10 143 4096 Jun 23 09:56 jdk
-rw-r--r--. 1 root root 181435897 Aug 8 17:23 jdk-8u102-linux-x64.tar.gz
drwxr-xr-x. 9 root root 4096 Aug 10 17:24 tomcat
  Once the Dockerfile file is created, you can create a docker image via docker build.
  Look at the help file for docker build.

[root@localhost soft]# docker build --help

Usage: docker build [OPTIONS] PATH | URL | -

Build an image from a Dockerfile

  --build-arg=[] Set build-time variables
  --cpu-shares CPU shares (relative weight)
  --cgroup-parent Optional parent cgroup for the container
  --cpu-period Limit the CPU CFS (Completely Fair Scheduler) period
  --cpu-quota Limit the CPU CFS (Completely Fair Scheduler) quota
  --cpuset-cpus CPUs in which to allow execution (0-3, 0,1)
  --cpuset-mems MEMs in which to allow execution (0-3, 0,1)
  --disable-content-trust=true Skip image verification
  -f, --file Name of the Dockerfile (Default is 'PATH/Dockerfile')
  --force-rm Always remove intermediate containers
  --help Print usage
  --isolation Container isolation level
  -m, --memory Memory limit
  --memory-swap Swap limit equal to memory plus swap: '-1' to enable unlimited swap
  --no-cache Do not use cache when building the image
  --pull Always attempt to pull a newer version of the image
  --q, --quiet Suppress the build output and print image ID on success
  --rm=true Remove intermediate containers after a successful build
  --shm-size Size of /dev/shm, default value is 64MB
  -t, --tag=[] Name and optionally a tag in the 'name:tag' format
  --ulimit=[] Ulimit options
  --v, --volume=[] Set build-time bind mounts

  To generate a mirror.

[root@localhost soft]# docker build -t centos:base -f /soft/docker/Dockerfile /soft
Sending build context to Docker daemon 1.118 GB
Step 1 : FROM docker.io/centos
Trying to pull repository docker.io/library/centos ... 
latest: Pulling from docker.io/library/centos
3d8673bd162a: Pull complete 
Digest: sha256:a66ffcb73930584413de83311ca11a4cb4938c9b2521d331026dad970c19adf4
Status: Downloaded newer image for docker.io/centos:latest
 ---> 970633036444
Step 2 : MAINTAINER The CentOS Test Images <[email protected]> - liuqi
 ---> Running in 69fd729187f2
 ---> 7f61239ff233
Removing intermediate container 69fd729187f2
Step 3 : RUN mkdir -p /usr/app
 ---> Running in fb5e95a82274
 ---> 32826b551857
Removing intermediate container fb5e95a82274
Step 4 : RUN ls
 ---> Running in 4cbe815e848f
anaconda-post.log
bin
dev
etc
home
lib
lib64
lost+found
media
mnt
opt
mnt
root
run
sbin
srv
sys
tmp
usr
var
 ---> 8c3b8f7ebc57
Removing intermediate container 4cbe815e848f
Step 5 : RUN pwd
 ---> Running in f226b1caf3e0
/
 ---> 19379045c11d
Removing intermediate container f226b1caf3e0
Step 6 : COPY /jdk /usr/app/jdk/
 ---> 3137c3ee72dc
Removing intermediate container 6c1e513e964c
Step 7 : ADD tomcat/ /usr/app/tomcat/
 ---> 8c6d7a52769a
Removing intermediate container 98d8178ef560
Step 8 : ADD hadoop/ /usr/app/hadoop/
 ---> 34a8ea483a7e
Removing intermediate container ee7fdc55dbc9
Step 9 : ENV JAVA_HOME /usr/app/jdk
 ---> Running in 0a4f8f242ede
 ---> a297fbddb78a
Removing intermediate container 0a4f8f242ede
Step 10 : ENV PATH $JAVA_HOME/bin:$PATH
 ---> Running in 368103f758dd
 ---> 9d20362732d7
Removing intermediate container 368103f758dd
Successfully built 9d20362732d7

[root@localhost soft]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos base 9d20362732d7 4 minutes ago 904.8 MB
docker.io/centos latest 970633036444 2 weeks ago 196.7 MB

  Specify the location of the Dockerfile file with -f. The Dockerfile file must be found in /soft and its directory or it will report a context error.

[root@localhost soft]# docker build -t centos:bases -f /soft/docker/Dockerfile /usr
unable to prepare context: The Dockerfile (/soft/docker/Dockerfile) must be within the build context (/usr)
  This will solve the problem that the Dockerfile file is not in the same directory as the file to be copied, e.g. no such file or directory with ADD, COPY command, Forbidden path outside the build context: . /jdk/ () and similar errors.
  After the image is created, you can start docker run to start the image, when starting the image at the same time will create a container, we can simply take the image as a class, the container is an instance of this class, Image can be understood as a system image, Container is a state of the Image at runtime. If we take a virtual machine as an analogy, Image is the disk file in the shutdown state, Container is the disk file when the virtual machine is running, including memory data.
   The -t option lets Docker assign a pseudo-terminal (pseudo-tty) and bind it to the container's standard input, and -i keeps the container's standard input open.
   When using docker run to create a container, the standard actions that Docker runs in the background include
   Checking if the specified image exists locally, and downloading it from the public repository if it doesn't
   Creating and starting a container with the image
   Allocate a filesystem and mount a read-write layer outside of the read-only image layer
   Bridge a virtual interface from the bridge interface configured on the host to the container
   Configure an ip address from the address pool to the container
   Execute the user-specified application
   After execution, the container is terminated

まず、私のディレクトリ構造を見てください。

[root@localhost docker]# pwd
/soft/docker
[root@localhost docker]# ll
total 4
-rw-r--r--. 1 root root 541 Aug 15 11:20 Dockerfile
[root@localhost docker]# cd .
[root@localhost soft]# pwd
/soft
[root@localhost soft]# ll
total 393332
-rw-r--r--. 1 root root 9271609 Aug 10 17:23 apache-tomcat-8.5.4.tar.gz
drwxr-xr-x. 2 root root 23 Aug 15 11:20 docker
drwxr-xr-x. 9 10011 10011 4096 Jan 26 2016 hadoop
-rw-r--r--. 1 root root 212046774 Aug 8 18:01 hadoop-2.7.2.tar.gz
drwxr-xr-x. 8 10 143 4096 Jun 23 09:56 jdk
-rw-r--r--. 1 root root 181435897 Aug 8 17:23 jdk-8u102-linux-x64.tar.gz
drwxr-xr-x. 9 root root 4096 Aug 10 17:24 tomcat

  Once the Dockerfile file is created, you can create a docker image via docker build.
  Look at the help file for docker build.

[root@localhost soft]# docker build --help

Usage: docker build [OPTIONS] PATH | URL | -

Build an image from a Dockerfile

  --build-arg=[] Set build-time variables
  --cpu-shares CPU shares (relative weight)
  --cgroup-parent Optional parent cgroup for the container
  --cpu-period Limit the CPU CFS (Completely Fair Scheduler) period
  --cpu-quota Limit the CPU CFS (Completely Fair Scheduler) quota
  --cpuset-cpus CPUs in which to allow execution (0-3, 0,1)
  --cpuset-mems MEMs in which to allow execution (0-3, 0,1)
  --disable-content-trust=true Skip image verification
  -f, --file Name of the Dockerfile (Default is 'PATH/Dockerfile')
  --force-rm Always remove intermediate containers
  --help Print usage
  --isolation Container isolation level
  -m, --memory Memory limit
  --memory-swap Swap limit equal to memory plus swap: '-1' to enable unlimited swap
  --no-cache Do not use cache when building the image
  --pull Always attempt to pull a newer version of the image
  --q, --quiet Suppress the build output and print image ID on success
  --rm=true Remove intermediate containers after a successful build
  --shm-size Size of /dev/shm, default value is 64MB
  -t, --tag=[] Name and optionally a tag in the 'name:tag' format
  --ulimit=[] Ulimit options
  --v, --volume=[] Set build-time bind mounts

  To generate a mirror.

[root@localhost soft]# docker build -t centos:base -f /soft/docker/Dockerfile /soft
Sending build context to Docker daemon 1.118 GB
Step 1 : FROM docker.io/centos
Trying to pull repository docker.io/library/centos ... 
latest: Pulling from docker.io/library/centos
3d8673bd162a: Pull complete 
Digest: sha256:a66ffcb73930584413de83311ca11a4cb4938c9b2521d331026dad970c19adf4
Status: Downloaded newer image for docker.io/centos:latest
 ---> 970633036444
Step 2 : MAINTAINER The CentOS Test Images <[email protected]> - liuqi
 ---> Running in 69fd729187f2
 ---> 7f61239ff233
Removing intermediate container 69fd729187f2
Step 3 : RUN mkdir -p /usr/app
 ---> Running in fb5e95a82274
 ---> 32826b551857
Removing intermediate container fb5e95a82274
Step 4 : RUN ls
 ---> Running in 4cbe815e848f
anaconda-post.log
bin
dev
etc
home
lib
lib64
lost+found
media
mnt
opt
mnt
root
run
sbin
srv
sys
tmp
usr
var
 ---> 8c3b8f7ebc57
Removing intermediate container 4cbe815e848f
Step 5 : RUN pwd
 ---> Running in f226b1caf3e0
/
 ---> 19379045c11d
Removing intermediate container f226b1caf3e0
Step 6 : COPY /jdk /usr/app/jdk/
 ---> 3137c3ee72dc
Removing intermediate container 6c1e513e964c
Step 7 : ADD tomcat/ /usr/app/tomcat/
 ---> 8c6d7a52769a
Removing intermediate container 98d8178ef560
Step 8 : ADD hadoop/ /usr/app/hadoop/
 ---> 34a8ea483a7e
Removing intermediate container ee7fdc55dbc9
Step 9 : ENV JAVA_HOME /usr/app/jdk
 ---> Running in 0a4f8f242ede
 ---> a297fbddb78a
Removing intermediate container 0a4f8f242ede
Step 10 : ENV PATH $JAVA_HOME/bin:$PATH
 ---> Running in 368103f758dd
 ---> 9d20362732d7
Removing intermediate container 368103f758dd
Successfully built 9d20362732d7

[root@localhost soft]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos base 9d20362732d7 4 minutes ago 904.8 MB
docker.io/centos latest 970633036444 2 weeks ago 196.7 MB

  Specify the location of the Dockerfile file with -f. The Dockerfile file must be found in /soft and its directory or it will report a context error.

[root@localhost soft]# docker build -t centos:bases -f /soft/docker/Dockerfile /usr
unable to prepare context: The Dockerfile (/soft/docker/Dockerfile) must be within the build context (/usr)

  This will solve the problem that the Dockerfile file is not in the same directory as the file to be copied, e.g. no such file or directory with ADD, COPY command, Forbidden path outside the build context: . /jdk/ () and similar errors.
  After the image is created, you can start docker run to start the image, when starting the image at the same time will create a container, we can simply take the image as a class, the container is an instance of this class, Image can be understood as a system image, Container is a state of the Image at runtime. If we take a virtual machine as an analogy, Image is the disk file in the shutdown state, Container is the disk file when the virtual machine is running, including memory data.
   The -t option lets Docker assign a pseudo-terminal (pseudo-tty) and bind it to the container's standard input, and -i keeps the container's standard input open.
   When using docker run to create a container, the standard actions that Docker runs in the background include
   Checking if the specified image exists locally, and downloading it from the public repository if it doesn't
   Creating and starting a container with the image
   Allocate a filesystem and mount a read-write layer outside of the read-only image layer
   Bridge a virtual interface from the bridge interface configured on the host to the container
   Configure an ip address from the address pool to the container
   Execute the user-specified application
   After execution, the container is terminated

参考 https://www.dwhd.org/20151202_113538.html?lan=cn&lan=cn
http://blog.chinaunix.net/uid-10915175-id-4442826.html
http://blog.csdn.net/zssureqh/article/details/52009043
http://blog.csdn.net/we_shell/article/details/38445979
http://my.oschina.net/renguijiayi/blog/353835
http://blog.csdn.net/wsscy2004/article/details/25878363
http://www.simapple.com/364.html
http://pdfwork.cn/blog/2015/docker/