镜像构建思路

思路:分层设计

最底层:系统层,构建自己适用的不同操作系统镜像;

中间层:根据运行环境,如php、java、python等,构建业务基础运行环境层镜像;

最上层:根据具体的业务模块,构建应用服务层镜像。

目录构建树结构

案例1:centos 7系统镜像构建

cd /root

mkdir -p /root/docker/system/centos

cd /root/docker/system/centos

wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo  # 下载阿里RHEL 7 epel源

cp /etc/yum.repos.d/epel.repo epel.repo

创建镜像文件

vim Dockerfile

# This Dockerfile

# Base image

FROM centos

# Who

MAINTAINER shhnwangjian xxx@163.com

# EPEL

ADD epel.repo /etc/yum.repos.d/

# Base pkg

RUN yum install -y wget supervisor git tree net-tools sudo psmisc mysql-devel && yum clean all

构建镜像

docker build -t shhnwangjian/centos:base .

案例2:基于案例1的centos系统镜像,构建python运行环境镜像

mkdir -p /root/docker/runtime/python

cd /root/docker/runtime/python

创建镜像文件

vim Dockerfile

# Base image

FROM shhnwangjian/centos:base

# Who

MAINTAINER shhnwangjian xxx@163.com

# Python env

RUN yum install -y python-devel python-pip supervisor

# Upgrade pip

RUN pip install --upgrade pip

构建镜像

docker build -t shhnwangjian/python .

案例3:构建带SSH功能的centos 7系统镜像

mkdir -p /root/docker/system/centos-ssh

cd /root/docker/system/centos-ssh

wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo  # 下载阿里RHEL 7 epel源

cp /etc/yum.repos.d/epel.repo epel.repo

创建镜像文件

# Docker for CentOS

# Base image

FROM centos

# Who

MAINTAINER shhnwangjian xxx@163.com

# EPEL

ADD epel.repo /etc/yum.repos.d/

# Base pkg

RUN yum install -y openssh-clients openssl-devel openssh-server wget supervisor git tree net-tools sudo psmisc mysql-devel && yum clean all

# For SSHD

RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key

RUN ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key

RUN echo "root:123456" | chpasswd

构建镜像

docker build -t shhnwangjian/centos-ssh .

案例4:基于案例3的centos-ssh系统镜像,构建python-ssh运行环境镜像

mkdir -p /root/docker/runtime/python-ssh

cd /root/docker/runtime/python-ssh

创建镜像文件

# Base image

FROM shhnwangjian/centos-ssh

# Who

MAINTAINER shhnwangjian xxx@163.com

# Python env

RUN yum install -y python-devel python-pip supervisor

# Upgrade pip

RUN pip install --upgrade pip

构建镜像

docker build -t shhnwangjian/python-ssh .

案例5:基于案例4的python-ssh镜像,构建app应用服务镜像

mkdir -p /root/docker/app/web-app

cd /root/docker/app/web-app

应用程序文件app.py

from flask import Flask

app = Flask(__name__)

@app.route('/')

def hello():

        return "Hello World!"

if __name__ == "__main__":

        app.run(host="0.0.0.0", debug=True)

python依赖包文件requirements.txt

Flask

supervisor配置文件app-supervisor.ini

[program:web-api]

command=/usr/bin/python2.7 /opt/app.py

process_name=%(program_name)s

autostart=true

user=www

stdout_logfile=/tmp/app.log

stderr_logfile=/tmp/app.error

[program:sshd]

command=/usr/sbin/sshd -D

process_name=%(program_name)s

autostart=true

在宿主机上安装supervisor,将默认生成的supervisord.conf放入docker构建环境目录下

; Sample supervisor config file.

[unix_http_server]

file=/var/run/supervisor/supervisor.sock   ; (the path to the socket file)

;chmod=                 ; sockef file mode (default )

;chown=nobody:nogroup       ; socket file uid:gid owner

;username=user              ; (default is no username (open server))

;password=               ; (default is no password (open server))

;[inet_http_server]         ; inet (TCP) server disabled by default

;port=127.0.0.1:        ; (ip_address:port specifier, *:port for all iface)

;username=user              ; (default is no username (open server))

;password=               ; (default is no password (open server))

[supervisord]

logfile=/var/log/supervisor/supervisord.log  ; (main log file;default $CWD/supervisord.log)

logfile_maxbytes=50MB       ; (max main logfile bytes b4 rotation;default 50MB)

logfile_backups=          ; (num of main logfile rotation backups;default )

loglevel=info               ; (log level;default info; others: debug,warn,trace)

pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid)

nodaemon=true             ; (start in foreground if true;default false)

minfds=                 ; (min. avail startup file descriptors;default )

minprocs=                ; (min. avail process descriptors;default )

;umask=                  ; (process file creation umask;default )

;user=chrism                 ; (default is current user, required if root)

;identifier=supervisor       ; (supervisord identifier, default is 'supervisor')

;directory=/tmp              ; (default is not to cd during start)

;nocleanup=true              ; (don't clean up tempfiles at start;default false)

;childlogdir=/tmp            ; ('AUTO' child log dir, default $TEMP)

;environment=KEY=value       ; (key value pairs to add to environment)

;strip_ansi=false            ; (strip ansi escape codes in logs; def. false)

; the below section must remain in the config file for RPC

; (supervisorctl/web interface) to work, additional interfaces may be

; added by defining them in separate rpcinterface: sections

[rpcinterface:supervisor]

supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface

[supervisorctl]

serverurl=unix:///var/run/supervisor/supervisor.sock ; use a unix:// URL  for a unix socket

;serverurl=http://127.0.0.1:9001 ; use an http:// url to specify an inet socket

;username=chris              ; should be same as http_username if set

;password=                ; should be same as http_password if set

;prompt=mysupervisor         ; cmd line prompt (default "supervisor")

;history_file=~/.sc_history  ; use readline history if available

; The below sample program section shows all possible program subsection values,

; create one or more 'real' program: sections to be able to control them under

; supervisor.

;[program:theprogramname]

;command=/bin/cat              ; the program (relative uses PATH, can take args)

;process_name=%(program_name)s ; process_name expr (default %(program_name)s)

;numprocs=                    ; number of processes copies to start (def )

;directory=/tmp                ; directory to cwd to before exec (def no cwd)

;umask=                     ; umask for process (default None)

;priority=                  ; the relative start priority (default )

;autostart=true                ; start at supervisord start (default: true)

;autorestart=true              ; retstart at unexpected quit (default: true)

;startsecs=                  ; number of secs prog must stay running (def. )

;startretries=                ; max # of serial start failures (default )

;exitcodes=,                 ; 'expected' exit codes for process (default ,)

;stopsignal=QUIT               ; signal used to kill process (default TERM)

;stopwaitsecs=               ; max num secs to wait b4 SIGKILL (default )

;user=chrism                   ; setuid to this UNIX account to run the program

;redirect_stderr=true          ; redirect proc stderr to stdout (default false)

;stdout_logfile=/a/path        ; stdout log path, NONE for none; default AUTO

;stdout_logfile_maxbytes=1MB   ; max # logfile bytes b4 rotation (default 50MB)

;stdout_logfile_backups=     ; # of stdout logfile backups (default )

;stdout_capture_maxbytes=1MB   ; number of bytes in 'capturemode' (default )

;stdout_events_enabled=false   ; emit events on stdout writes (default false)

;stderr_logfile=/a/path        ; stderr log path, NONE for none; default AUTO

;stderr_logfile_maxbytes=1MB   ; max # logfile bytes b4 rotation (default 50MB)

;stderr_logfile_backups=     ; # of stderr logfile backups (default )

;stderr_capture_maxbytes=1MB   ; number of bytes in 'capturemode' (default )

;stderr_events_enabled=false   ; emit events on stderr writes (default false)

;environment=A=,B=           ; process environment additions (def no adds)

;serverurl=AUTO                ; override serverurl computation (childutils)

; The below sample eventlistener section shows all possible

; eventlistener subsection values, create one or more 'real'

; eventlistener: sections to be able to handle event notifications

; sent by supervisor.

;[eventlistener:theeventlistenername]

;command=/bin/eventlistener    ; the program (relative uses PATH, can take args)

;process_name=%(program_name)s ; process_name expr (default %(program_name)s)

;numprocs=                    ; number of processes copies to start (def )

;events=EVENT                  ; event notif. types to subscribe to (req'd)

;buffer_size=                ; event buffer queue size (default )

;directory=/tmp                ; directory to cwd to before exec (def no cwd)

;umask=                     ; umask for process (default None)

;priority=-                   ; the relative start priority (default -)

;autostart=true                ; start at supervisord start (default: true)

;autorestart=unexpected        ; restart at unexpected quit (default: unexpected)

;startsecs=                  ; number of secs prog must stay running (def. )

;startretries=                ; max # of serial start failures (default )

;exitcodes=,                 ; 'expected' exit codes for process (default ,)

;stopsignal=QUIT               ; signal used to kill process (default TERM)

;stopwaitsecs=               ; max num secs to wait b4 SIGKILL (default )

;user=chrism                   ; setuid to this UNIX account to run the program

;redirect_stderr=true          ; redirect proc stderr to stdout (default false)

;stdout_logfile=/a/path        ; stdout log path, NONE for none; default AUTO

;stdout_logfile_maxbytes=1MB   ; max # logfile bytes b4 rotation (default 50MB)

;stdout_logfile_backups=     ; # of stdout logfile backups (default )

;stdout_events_enabled=false   ; emit events on stdout writes (default false)

;stderr_logfile=/a/path        ; stderr log path, NONE for none; default AUTO

;stderr_logfile_maxbytes=1MB   ; max # logfile bytes b4 rotation (default 50MB)

;stderr_logfile_backups        ; # of stderr logfile backups (default )

;stderr_events_enabled=false   ; emit events on stderr writes (default false)

;environment=A=,B=           ; process environment additions

;serverurl=AUTO                ; override serverurl computation (childutils)

; The below sample group section shows all possible group values,

; create one or more 'real' group: sections to create "heterogeneous"

; process groups.

;[group:thegroupname]

;programs=progname1,progname2  ; each refers to 'x' in [program:x] definitions

;priority=                  ; the relative start priority (default )

; The [include] section can just contain the "files" setting.  This

; setting can list multiple files (separated by whitespace or

; newlines).  It can also contain wildcards.  The filenames are

; interpreted as relative to this file.  Included files *cannot*

; include files themselves.

[include]

files = supervisord.d/*.ini

conf

备注:nodaemon=true ,前台启动

创建镜像文件

# Base image

FROM shhnwangjian/python-ssh

# Who

MAINTAINER shhnwangjian xxx@163.com

# ADD user www

RUN useradd -s /sbin/nologin -M www

# ADD file

ADD app.py /opt/app.py

ADD requirements.txt /opt/

ADD supervisord.conf /etc/supervisord.conf

ADD app-supervisor.ini /etc/supervisord.d/

# Pip install

RUN /usr/bin/pip2.7 install -r /opt/requirements.txt

# Port

EXPOSE 22 5000

# CMD

CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]

构建镜像

docker build -t shhnwangjian/web-api .

启动容器

docker run --name web-api -d -p 88:5000 -p 8022:22 shhnwangjian/web-api

Docker生产实践(六)的更多相关文章

  1. 基于【 Docker】六 || 部署Harbor仓库

    第一步:下载harbor二进制文件:https://github.com/goharbor/harbor/releases 第二步:安装 docker compose sudo curl -L htt ...

  2. Docker系列(六)路由打通网络示例

    运行环境 两台虚拟机IP分别为:192.168.0.103(简称:A主机).192.168.0.104(简称:B主机) 操作系统:Centos 7 Docker版本:1.8 Mysql镜像配置 1.在 ...

  3. Docker(六):Docker网络配置进阶

    1.Docker集群网络配置之Weave Weave是Github上一个比较热门的Docker容器网络方案,具有非常良好的易用性且功能强大.仓库地址:https://github.com/weavew ...

  4. Docker系统六:Docker网络管理

    Docker网络 I. Docer的通信方式 默认情况下,Docker使用网桥(brige)+ NAT的通信模型. Docker启动时会自动创建网桥Docker0,并配置ip 172.17.0.1/1 ...

  5. Docker 系列六(Docker Swarm 项目).

    一.前言 随着互联网快速发展,以及微服务架构的流行,服务器的压力越来越大.上一篇介绍的 Docker Compose 项目,可以将多个容器捏合在一起,实现容器间的通信,比如 Web 项目对 DB.Ca ...

  6. Docker(十六)-Docker的daemon.json的作用

    docker安装后默认没有daemon.json这个配置文件,需要进行手动创建.配置文件的默认路径:/etc/docker/daemon.json 一般情况,配置文件 daemon.json中配置的项 ...

  7. Docker实战(六)之使用Dockerfile创建镜像

    Dockervile是一个文本格式的配置文件,用户可以使用Dockerfile来快速创建自定义镜像. 1.基本结构 Dockerfile由一行行命令语句组成,并且支持以#开头的注释行. 一般而言,Do ...

  8. 深入浅出Docker(六):像谷歌一样部署你的应用

    1.概述 谷歌发起的开源项目从来都是广受技术圈的关注和讨论,本文将介绍的就是最新的容器编排管理系统Kubernetes.Kubernetes开源项目版本更新频繁,对于初次使用者来说其定义大量的技术术语 ...

  9. Docker | 第六章:构建私有仓库

    前言 上一章节,讲解了利用Dockerfile和commit进行自定义镜像的构建.大部分时候,公司运维或者实施部门在构建了符合公司业务的镜像环境后,一般上不会上传到公共资源库的.这就需要自己搭建一个私 ...

随机推荐

  1. Task 6.2冲刺会议七 /2015-5-20

    今天把主界面改善了一下,主要功能时摄像头的使用以及语音聊天的部分,两个部分的设计原理基本相同,但是可是好几个模块让有点不知道该怎么下手.这时候我感觉到了模块拼接是很困难的,只有十分清楚每个模块才能很好 ...

  2. Android笔记-5-EditText密码和Checkbox二选一

    EditText密码:明文和密文 密文: public class MainActivity extends Activity { private EditText password = null; ...

  3. python字符串操作、文件操作,英文词频统计预处理

    1.字符串操作: 解析身份证号:生日.性别.出生地等. 凯撒密码编码与解码 网址观察与批量生成 解析身份证号:生日.性别.出生地等 def function3(): print('请输入身份证号') ...

  4. 6/10 sprint2 看板和燃尽图的更新

  5. HDU 1231 最大子序列

    http://acm.hdu.edu.cn/showproblem.php?pid=1231 Problem Description 给定K个整数的序列{ N1, N2, ..., NK },其任意连 ...

  6. vue开发完成后打包后图片路径不对

    用vue做了一个小的移动端项目,从头到尾做下来,感觉自己好多东西都没弄清楚过.也学到了很多,已整理笔记在自己电脑上,但是比较零散,空了再来仔细整理整理. 于是,上周五模拟好数据(接口还未写),准备打包 ...

  7. Delphi CreateMutex 防止程序多次运行

    windows是个多用户多任务的操作系统,支持多个程序同时运行,如果你的程序不想让用户同时运行一个以上, 那应该怎样做呢? 本文将介绍避免用户同时运行多个程序的例子. 需要用到的函数CreateMut ...

  8. ES6 常用1

    ( (1)交换变量的值 ) [x, y] = [y, x]; ( (2)从函数返回多个值 // 返回一个数组function example() { return [1, 2, 3]; } var [ ...

  9. vue使用axios发送数据请求

    本文章是基于vue-cli脚手架下开发 1.安装 npm install axios --s npm install vue-axios --s 2.使用.在index.js中(渲染App组件的那个j ...

  10. java的日志知识

    java常用的日志有以下几种 : 一.jdk自带的java.util.logging包下的日志功能, 不常用. 二.commons-logging  + log4j 的搭配 .log4j是日志功能的具 ...