镜像构建思路

思路:分层设计

最底层:系统层,构建自己适用的不同操作系统镜像;

中间层:根据运行环境,如php、java、python等,构建业务基础运行环境层镜像;

最上层:根据具体的业务模块,构建应用服务层镜像。

目录构建树结构

案例1:centos 7系统镜像构建

cd /root

mkdir -p /root/docker/system/centos

cd /root/docker/system/centos

wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo  # 下载阿里RHEL 7 epel源

cp /etc/yum.repos.d/epel.repo epel.repo

创建镜像文件

vim Dockerfile

# This Dockerfile

# Base image

FROM centos

# Who

MAINTAINER shhnwangjian xxx@163.com

# EPEL

ADD epel.repo /etc/yum.repos.d/

# Base pkg

RUN yum install -y wget supervisor git tree net-tools sudo psmisc mysql-devel && yum clean all

构建镜像

docker build -t shhnwangjian/centos:base .

案例2:基于案例1的centos系统镜像,构建python运行环境镜像

mkdir -p /root/docker/runtime/python

cd /root/docker/runtime/python

创建镜像文件

vim Dockerfile

# Base image

FROM shhnwangjian/centos:base

# Who

MAINTAINER shhnwangjian xxx@163.com

# Python env

RUN yum install -y python-devel python-pip supervisor

# Upgrade pip

RUN pip install --upgrade pip

构建镜像

docker build -t shhnwangjian/python .

案例3:构建带SSH功能的centos 7系统镜像

mkdir -p /root/docker/system/centos-ssh

cd /root/docker/system/centos-ssh

wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo  # 下载阿里RHEL 7 epel源

cp /etc/yum.repos.d/epel.repo epel.repo

创建镜像文件

# Docker for CentOS

# Base image

FROM centos

# Who

MAINTAINER shhnwangjian xxx@163.com

# EPEL

ADD epel.repo /etc/yum.repos.d/

# Base pkg

RUN yum install -y openssh-clients openssl-devel openssh-server wget supervisor git tree net-tools sudo psmisc mysql-devel && yum clean all

# For SSHD

RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key

RUN ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key

RUN echo "root:123456" | chpasswd

构建镜像

docker build -t shhnwangjian/centos-ssh .

案例4:基于案例3的centos-ssh系统镜像,构建python-ssh运行环境镜像

mkdir -p /root/docker/runtime/python-ssh

cd /root/docker/runtime/python-ssh

创建镜像文件

# Base image

FROM shhnwangjian/centos-ssh

# Who

MAINTAINER shhnwangjian xxx@163.com

# Python env

RUN yum install -y python-devel python-pip supervisor

# Upgrade pip

RUN pip install --upgrade pip

构建镜像

docker build -t shhnwangjian/python-ssh .

案例5:基于案例4的python-ssh镜像,构建app应用服务镜像

mkdir -p /root/docker/app/web-app

cd /root/docker/app/web-app

应用程序文件app.py

from flask import Flask

app = Flask(__name__)

@app.route('/')

def hello():

        return "Hello World!"

if __name__ == "__main__":

        app.run(host="0.0.0.0", debug=True)

python依赖包文件requirements.txt

Flask

supervisor配置文件app-supervisor.ini

[program:web-api]

command=/usr/bin/python2.7 /opt/app.py

process_name=%(program_name)s

autostart=true

user=www

stdout_logfile=/tmp/app.log

stderr_logfile=/tmp/app.error

[program:sshd]

command=/usr/sbin/sshd -D

process_name=%(program_name)s

autostart=true

在宿主机上安装supervisor,将默认生成的supervisord.conf放入docker构建环境目录下

; Sample supervisor config file.

[unix_http_server]

file=/var/run/supervisor/supervisor.sock   ; (the path to the socket file)

;chmod=                 ; sockef file mode (default )

;chown=nobody:nogroup       ; socket file uid:gid owner

;username=user              ; (default is no username (open server))

;password=               ; (default is no password (open server))

;[inet_http_server]         ; inet (TCP) server disabled by default

;port=127.0.0.1:        ; (ip_address:port specifier, *:port for all iface)

;username=user              ; (default is no username (open server))

;password=               ; (default is no password (open server))

[supervisord]

logfile=/var/log/supervisor/supervisord.log  ; (main log file;default $CWD/supervisord.log)

logfile_maxbytes=50MB       ; (max main logfile bytes b4 rotation;default 50MB)

logfile_backups=          ; (num of main logfile rotation backups;default )

loglevel=info               ; (log level;default info; others: debug,warn,trace)

pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid)

nodaemon=true             ; (start in foreground if true;default false)

minfds=                 ; (min. avail startup file descriptors;default )

minprocs=                ; (min. avail process descriptors;default )

;umask=                  ; (process file creation umask;default )

;user=chrism                 ; (default is current user, required if root)

;identifier=supervisor       ; (supervisord identifier, default is 'supervisor')

;directory=/tmp              ; (default is not to cd during start)

;nocleanup=true              ; (don't clean up tempfiles at start;default false)

;childlogdir=/tmp            ; ('AUTO' child log dir, default $TEMP)

;environment=KEY=value       ; (key value pairs to add to environment)

;strip_ansi=false            ; (strip ansi escape codes in logs; def. false)

; the below section must remain in the config file for RPC

; (supervisorctl/web interface) to work, additional interfaces may be

; added by defining them in separate rpcinterface: sections

[rpcinterface:supervisor]

supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface

[supervisorctl]

serverurl=unix:///var/run/supervisor/supervisor.sock ; use a unix:// URL  for a unix socket

;serverurl=http://127.0.0.1:9001 ; use an http:// url to specify an inet socket

;username=chris              ; should be same as http_username if set

;password=                ; should be same as http_password if set

;prompt=mysupervisor         ; cmd line prompt (default "supervisor")

;history_file=~/.sc_history  ; use readline history if available

; The below sample program section shows all possible program subsection values,

; create one or more 'real' program: sections to be able to control them under

; supervisor.

;[program:theprogramname]

;command=/bin/cat              ; the program (relative uses PATH, can take args)

;process_name=%(program_name)s ; process_name expr (default %(program_name)s)

;numprocs=                    ; number of processes copies to start (def )

;directory=/tmp                ; directory to cwd to before exec (def no cwd)

;umask=                     ; umask for process (default None)

;priority=                  ; the relative start priority (default )

;autostart=true                ; start at supervisord start (default: true)

;autorestart=true              ; retstart at unexpected quit (default: true)

;startsecs=                  ; number of secs prog must stay running (def. )

;startretries=                ; max # of serial start failures (default )

;exitcodes=,                 ; 'expected' exit codes for process (default ,)

;stopsignal=QUIT               ; signal used to kill process (default TERM)

;stopwaitsecs=               ; max num secs to wait b4 SIGKILL (default )

;user=chrism                   ; setuid to this UNIX account to run the program

;redirect_stderr=true          ; redirect proc stderr to stdout (default false)

;stdout_logfile=/a/path        ; stdout log path, NONE for none; default AUTO

;stdout_logfile_maxbytes=1MB   ; max # logfile bytes b4 rotation (default 50MB)

;stdout_logfile_backups=     ; # of stdout logfile backups (default )

;stdout_capture_maxbytes=1MB   ; number of bytes in 'capturemode' (default )

;stdout_events_enabled=false   ; emit events on stdout writes (default false)

;stderr_logfile=/a/path        ; stderr log path, NONE for none; default AUTO

;stderr_logfile_maxbytes=1MB   ; max # logfile bytes b4 rotation (default 50MB)

;stderr_logfile_backups=     ; # of stderr logfile backups (default )

;stderr_capture_maxbytes=1MB   ; number of bytes in 'capturemode' (default )

;stderr_events_enabled=false   ; emit events on stderr writes (default false)

;environment=A=,B=           ; process environment additions (def no adds)

;serverurl=AUTO                ; override serverurl computation (childutils)

; The below sample eventlistener section shows all possible

; eventlistener subsection values, create one or more 'real'

; eventlistener: sections to be able to handle event notifications

; sent by supervisor.

;[eventlistener:theeventlistenername]

;command=/bin/eventlistener    ; the program (relative uses PATH, can take args)

;process_name=%(program_name)s ; process_name expr (default %(program_name)s)

;numprocs=                    ; number of processes copies to start (def )

;events=EVENT                  ; event notif. types to subscribe to (req'd)

;buffer_size=                ; event buffer queue size (default )

;directory=/tmp                ; directory to cwd to before exec (def no cwd)

;umask=                     ; umask for process (default None)

;priority=-                   ; the relative start priority (default -)

;autostart=true                ; start at supervisord start (default: true)

;autorestart=unexpected        ; restart at unexpected quit (default: unexpected)

;startsecs=                  ; number of secs prog must stay running (def. )

;startretries=                ; max # of serial start failures (default )

;exitcodes=,                 ; 'expected' exit codes for process (default ,)

;stopsignal=QUIT               ; signal used to kill process (default TERM)

;stopwaitsecs=               ; max num secs to wait b4 SIGKILL (default )

;user=chrism                   ; setuid to this UNIX account to run the program

;redirect_stderr=true          ; redirect proc stderr to stdout (default false)

;stdout_logfile=/a/path        ; stdout log path, NONE for none; default AUTO

;stdout_logfile_maxbytes=1MB   ; max # logfile bytes b4 rotation (default 50MB)

;stdout_logfile_backups=     ; # of stdout logfile backups (default )

;stdout_events_enabled=false   ; emit events on stdout writes (default false)

;stderr_logfile=/a/path        ; stderr log path, NONE for none; default AUTO

;stderr_logfile_maxbytes=1MB   ; max # logfile bytes b4 rotation (default 50MB)

;stderr_logfile_backups        ; # of stderr logfile backups (default )

;stderr_events_enabled=false   ; emit events on stderr writes (default false)

;environment=A=,B=           ; process environment additions

;serverurl=AUTO                ; override serverurl computation (childutils)

; The below sample group section shows all possible group values,

; create one or more 'real' group: sections to create "heterogeneous"

; process groups.

;[group:thegroupname]

;programs=progname1,progname2  ; each refers to 'x' in [program:x] definitions

;priority=                  ; the relative start priority (default )

; The [include] section can just contain the "files" setting.  This

; setting can list multiple files (separated by whitespace or

; newlines).  It can also contain wildcards.  The filenames are

; interpreted as relative to this file.  Included files *cannot*

; include files themselves.

[include]

files = supervisord.d/*.ini

conf

备注:nodaemon=true ,前台启动

创建镜像文件

# Base image

FROM shhnwangjian/python-ssh

# Who

MAINTAINER shhnwangjian xxx@163.com

# ADD user www

RUN useradd -s /sbin/nologin -M www

# ADD file

ADD app.py /opt/app.py

ADD requirements.txt /opt/

ADD supervisord.conf /etc/supervisord.conf

ADD app-supervisor.ini /etc/supervisord.d/

# Pip install

RUN /usr/bin/pip2.7 install -r /opt/requirements.txt

# Port

EXPOSE 22 5000

# CMD

CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]

构建镜像

docker build -t shhnwangjian/web-api .

启动容器

docker run --name web-api -d -p 88:5000 -p 8022:22 shhnwangjian/web-api

Docker生产实践(六)的更多相关文章

  1. 基于【 Docker】六 || 部署Harbor仓库

    第一步:下载harbor二进制文件:https://github.com/goharbor/harbor/releases 第二步:安装 docker compose sudo curl -L htt ...

  2. Docker系列(六)路由打通网络示例

    运行环境 两台虚拟机IP分别为:192.168.0.103(简称:A主机).192.168.0.104(简称:B主机) 操作系统:Centos 7 Docker版本:1.8 Mysql镜像配置 1.在 ...

  3. Docker(六):Docker网络配置进阶

    1.Docker集群网络配置之Weave Weave是Github上一个比较热门的Docker容器网络方案,具有非常良好的易用性且功能强大.仓库地址:https://github.com/weavew ...

  4. Docker系统六:Docker网络管理

    Docker网络 I. Docer的通信方式 默认情况下,Docker使用网桥(brige)+ NAT的通信模型. Docker启动时会自动创建网桥Docker0,并配置ip 172.17.0.1/1 ...

  5. Docker 系列六(Docker Swarm 项目).

    一.前言 随着互联网快速发展,以及微服务架构的流行,服务器的压力越来越大.上一篇介绍的 Docker Compose 项目,可以将多个容器捏合在一起,实现容器间的通信,比如 Web 项目对 DB.Ca ...

  6. Docker(十六)-Docker的daemon.json的作用

    docker安装后默认没有daemon.json这个配置文件,需要进行手动创建.配置文件的默认路径:/etc/docker/daemon.json 一般情况,配置文件 daemon.json中配置的项 ...

  7. Docker实战(六)之使用Dockerfile创建镜像

    Dockervile是一个文本格式的配置文件,用户可以使用Dockerfile来快速创建自定义镜像. 1.基本结构 Dockerfile由一行行命令语句组成,并且支持以#开头的注释行. 一般而言,Do ...

  8. 深入浅出Docker(六):像谷歌一样部署你的应用

    1.概述 谷歌发起的开源项目从来都是广受技术圈的关注和讨论,本文将介绍的就是最新的容器编排管理系统Kubernetes.Kubernetes开源项目版本更新频繁,对于初次使用者来说其定义大量的技术术语 ...

  9. Docker | 第六章:构建私有仓库

    前言 上一章节,讲解了利用Dockerfile和commit进行自定义镜像的构建.大部分时候,公司运维或者实施部门在构建了符合公司业务的镜像环境后,一般上不会上传到公共资源库的.这就需要自己搭建一个私 ...

随机推荐

  1. learning of a previous team

     作为一个软件工程团队,离不开下面三个要素:支持,即分享.责任和合作. 分享是出色技术团队的另一个关键要素,它是团队的基石之一.只有通过分享,团队才有可能实现1+1 > 2这种效应,分享也是让团 ...

  2. Daily Scrumming* 2015.10.27(Day 8)

    一.总体情况总结 今日项目总结: 前后端同一了API设计以及API权限认证.用户状态保存的开发方案 API以及后端模型已经开始开发,前端UEditor开始学习,本周任务有良好的起步 前后端完成分工,后 ...

  3. 安卓端通过http对Mysql进行增删改查

    各类it学习视频,大家都可以看看哦!我自己本人都是通过这些来学习it只知识的! 下面是视频链接转自:http://www.cnblogs.com/yzxk/p/4749440.html Android ...

  4. 初学Cocos2dx

    初学cocos2dx Cocos2dx 中的主要概念包括:应用.导演.场景.层.精灵.动画.动作. Cocos2dx里面的主要类 1.CCObject Object Object Object 是co ...

  5. What is ASP.NET SignalR

    什么是ASP.NET SignalR ASP.NET SignalR是ASP.NET开发人员的新库,它使得为应用程序添加实时Web功能变得非常简单. 什么是“实时网络”功能?它能够让您的服务器端代码实 ...

  6. lintcode-517-丑数

    517-丑数 写一个程序来检测一个整数是不是丑数. 丑数的定义是,只包含质因子 2, 3, 5 的正整数.比如 6, 8 就是丑数,但是 14 不是丑数以为他包含了质因子 7. 注意事项 可以认为 1 ...

  7. NET Core 部署到 Windows服务

    https://www.cnblogs.com/linezero/p/5159927.html https://www.cnblogs.com/emrys5/p/nssm-netcore.html h ...

  8. jndi连接数据库配置过程总结

    一.我们先找到tomcat安装目录中conf目录下的context.xml更改里面的内容: <?xml version='1.0' encoding='utf-8'?> <Conte ...

  9. 关闭SSD(固态硬盘)节能功能 提搞SSD性能

     此方法可以缓解比如QQ聊天时能明显感觉到打字过程不连续,0.1s左右的间歇停顿,操作系统并不会锁死,系统突然停止响应,硬盘灯狂闪,鼠标指针成为圆圈,点什么都没反应,这种状况可能会持续1-2分钟, ...

  10. [转帖 cnblog 的news ]技术实力超群的Netflix,为何没有CTO

    技术实力超群的Netflix,为何没有CTO https://news.cnblogs.com/n/581824/ 投递人 itwriter 发布于 2017-11-05 16:12 评论(2) 有1 ...