Docker_001
时间:2022-07-23
本文章向大家介绍Docker_001,主要内容包括其使用实例、应用技巧、基本知识点总结和需要注意事项,具有一定的参考价值,需要的朋友可以参考一下。
Docker_MySQL 5.7
FROM debian:buster-slim
# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added
RUN groupadd -r mysql && useradd -r -g mysql mysql
RUN apt-get update && apt-get install -y --no-install-recommends gnupg dirmngr && rm -rf /var/lib/apt/lists/*
# add gosu for easy step-down from root
ENV GOSU_VERSION 1.7
RUN set -x
&& apt-get update && apt-get install -y --no-install-recommends ca-certificates wget && rm -rf /var/lib/apt/lists/*
&& wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture)"
&& wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture).asc"
&& export GNUPGHOME="$(mktemp -d)"
&& gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4
&& gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu
&& gpgconf --kill all
&& rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc
&& chmod +x /usr/local/bin/gosu
&& gosu nobody true
&& apt-get purge -y --auto-remove ca-certificates wget
RUN mkdir /docker-entrypoint-initdb.d
RUN apt-get update && apt-get install -y --no-install-recommends
# for MYSQL_RANDOM_ROOT_PASSWORD
pwgen
# for mysql_ssl_rsa_setup
openssl
# FATAL ERROR: please install the following Perl modules before executing /usr/local/mysql/scripts/mysql_install_db:
# File::Basename
# File::Copy
# Sys::Hostname
# Data::Dumper
perl
# install "xz-utils" for .sql.xz docker-entrypoint-initdb.d files
xz-utils
&& rm -rf /var/lib/apt/lists/*
RUN set -ex;
# gpg: key 5072E1F5: public key "MySQL Release Engineering <mysql-build@oss.oracle.com>" imported
key='A4A9406876FCBD3C456770C88C718D3B5072E1F5';
export GNUPGHOME="$(mktemp -d)";
gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key";
gpg --batch --export "$key" > /etc/apt/trusted.gpg.d/mysql.gpg;
gpgconf --kill all;
rm -rf "$GNUPGHOME";
apt-key list > /dev/null
ENV MYSQL_MAJOR 5.7
ENV MYSQL_VERSION 5.7.29-1debian10
RUN echo "deb http://repo.mysql.com/apt/debian/ buster mysql-${MYSQL_MAJOR}" > /etc/apt/sources.list.d/mysql.list
# the "/var/lib/mysql" stuff here is because the mysql-server postinst doesn't have an explicit way to disable the mysql_install_db codepath besides having a database already "configured" (ie, stuff in /var/lib/mysql/mysql)
# also, we set debconf keys to make APT a little quieter
RUN {
echo mysql-community-server mysql-community-server/data-dir select '';
echo mysql-community-server mysql-community-server/root-pass password '';
echo mysql-community-server mysql-community-server/re-root-pass password '';
echo mysql-community-server mysql-community-server/remove-test-db select false;
} | debconf-set-selections
&& apt-get update && apt-get install -y mysql-server="${MYSQL_VERSION}" && rm -rf /var/lib/apt/lists/*
&& rm -rf /var/lib/mysql && mkdir -p /var/lib/mysql /var/run/mysqld
&& chown -R mysql:mysql /var/lib/mysql /var/run/mysqld
# ensure that /var/run/mysqld (used for socket and lock files) is writable regardless of the UID our mysqld instance ends up having at runtime
&& chmod 777 /var/run/mysqld
# comment out a few problematic configuration values
&& find /etc/mysql/ -name '*.cnf' -print0
| xargs -0 grep -lZE '^(bind-address|log)'
| xargs -rt -0 sed -Ei 's/^(bind-address|log)/#&/'
# don't reverse lookup hostnames, they are usually another container
&& echo '[mysqld]nskip-host-cachenskip-name-resolve' > /etc/mysql/conf.d/docker.cnf
VOLUME /var/lib/mysql
COPY docker-entrypoint.sh /usr/local/bin/
RUN ln -s usr/local/bin/docker-entrypoint.sh /entrypoint.sh # backwards compat
ENTRYPOINT ["docker-entrypoint.sh"]
EXPOSE 3306 33060
CMD ["mysqld"]
Docker_NGINX_1.17.9
FROM alpine:3.10
LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
ENV NGINX_VERSION 1.17.9
ENV NJS_VERSION 0.3.9
ENV PKG_RELEASE 1
RUN set -x
# create nginx user/group first, to be consistent throughout docker variants
&& addgroup -g 101 -S nginx
&& adduser -S -D -H -u 101 -h /var/cache/nginx -s /sbin/nologin -G nginx -g nginx nginx
&& apkArch="$(cat /etc/apk/arch)"
&& nginxPackages="
nginx=${NGINX_VERSION}-r${PKG_RELEASE}
nginx-module-xslt=${NGINX_VERSION}-r${PKG_RELEASE}
nginx-module-geoip=${NGINX_VERSION}-r${PKG_RELEASE}
nginx-module-image-filter=${NGINX_VERSION}-r${PKG_RELEASE}
nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-r${PKG_RELEASE}
"
&& case "$apkArch" in
x86_64)
# arches officially built by upstream
set -x
&& KEY_SHA512="e7fa8303923d9b95db37a77ad46c68fd4755ff935d0a534d26eba83de193c76166c68bfe7f65471bf8881004ef4aa6df3e34689c305662750c0172fca5d8552a *stdin"
&& apk add --no-cache --virtual .cert-deps
openssl
&& wget -O /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub
&& if [ "$(openssl rsa -pubin -in /tmp/nginx_signing.rsa.pub -text -noout | openssl sha512 -r)" = "$KEY_SHA512" ]; then
echo "key verification succeeded!";
mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/;
else
echo "key verification failed!";
exit 1;
fi
&& apk del .cert-deps
&& apk add -X "https://nginx.org/packages/mainline/alpine/v$(egrep -o '^[0-9]+.[0-9]+' /etc/alpine-release)/main" --no-cache $nginxPackages
;;
*)
# we're on an architecture upstream doesn't officially build for
# let's build binaries from the published packaging sources
set -x
&& tempDir="$(mktemp -d)"
&& chown nobody:nobody $tempDir
&& apk add --no-cache --virtual .build-deps
gcc
libc-dev
make
openssl-dev
pcre-dev
zlib-dev
linux-headers
libxslt-dev
gd-dev
geoip-dev
perl-dev
libedit-dev
mercurial
bash
alpine-sdk
findutils
&& su nobody -s /bin/sh -c "
export HOME=${tempDir}
&& cd ${tempDir}
&& hg clone https://hg.nginx.org/pkg-oss
&& cd pkg-oss
&& hg up ${NGINX_VERSION}-${PKG_RELEASE}
&& cd alpine
&& make all
&& apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk
&& abuild-sign -k ${tempDir}/.abuild/abuild-key.rsa ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz
"
&& cp ${tempDir}/.abuild/abuild-key.rsa.pub /etc/apk/keys/
&& apk del .build-deps
&& apk add -X ${tempDir}/packages/alpine/ --no-cache $nginxPackages
;;
esac
# if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
&& if [ -n "$tempDir" ]; then rm -rf "$tempDir"; fi
&& if [ -n "/etc/apk/keys/abuild-key.rsa.pub" ]; then rm -f /etc/apk/keys/abuild-key.rsa.pub; fi
&& if [ -n "/etc/apk/keys/nginx_signing.rsa.pub" ]; then rm -f /etc/apk/keys/nginx_signing.rsa.pub; fi
# Bring in gettext so we can get `envsubst`, then throw
# the rest away. To do this, we need to install `gettext`
# then move `envsubst` out of the way so `gettext` can
# be deleted completely, then move `envsubst` back.
&& apk add --no-cache --virtual .gettext gettext
&& mv /usr/bin/envsubst /tmp/
&& runDeps="$(
scanelf --needed --nobanner /tmp/envsubst
| awk '{ gsub(/,/, "nso:", $2); print "so:" $2 }'
| sort -u
| xargs -r apk info --installed
| sort -u
)"
&& apk add --no-cache $runDeps
&& apk del .gettext
&& mv /tmp/envsubst /usr/local/bin/
# Bring in tzdata so users could set the timezones through the environment
# variables
&& apk add --no-cache tzdata
# forward request and error logs to docker log collector
&& ln -sf /dev/stdout /var/log/nginx/access.log
&& ln -sf /dev/stderr /var/log/nginx/error.log
EXPOSE 80
STOPSIGNAL SIGTERM
CMD ["nginx", "-g", "daemon off;"]
- [接口测试 - 基础篇] 07 来来来,一起读写excel玩玩之一
- 时间序列分析算法【R详解】
- 【专知-关关的刷题日记16】Leetcode 88. Merge Sorted Array
- [接口测试 - 基础篇] 06 好吧也来解析下html
- [接口测试 - 基础篇] 05 好讨厌的xml解析
- 【专知-关关的刷题日记17】Leetcode 268. Missing Number
- 【专知-关关的刷题日记18】Leetcode 35. Search Insert Position
- [接口测试 - http.client篇] 15 常用API说明及基本的示例
- [接口测试 - http.client篇] 14 源码初探及其工作机制分析
- 【专知-关关的刷题日记19】Leetcode 118. Pascal's Triangle
- 每周学点大数据 | No.3算法设计与分析理论
- HDU 1874 畅通工程续【Floyd算法实现】
- 接口测试 | 21 基于flask弄个restful API服务出来
- 数论部分第二节:埃拉托斯特尼筛法 埃拉托斯特尼筛法
- JavaScript 教程
- JavaScript 编辑工具
- JavaScript 与HTML
- JavaScript 与Java
- JavaScript 数据结构
- JavaScript 基本数据类型
- JavaScript 特殊数据类型
- JavaScript 运算符
- JavaScript typeof 运算符
- JavaScript 表达式
- JavaScript 类型转换
- JavaScript 基本语法
- JavaScript 注释
- Javascript 基本处理流程
- Javascript 选择结构
- Javascript if 语句
- Javascript if 语句的嵌套
- Javascript switch 语句
- Javascript 循环结构
- Javascript 循环结构实例
- Javascript 跳转语句
- Javascript 控制语句总结
- Javascript 函数介绍
- Javascript 函数的定义
- Javascript 函数调用
- Javascript 几种特殊的函数
- JavaScript 内置函数简介
- Javascript eval() 函数
- Javascript isFinite() 函数
- Javascript isNaN() 函数
- parseInt() 与 parseFloat()
- escape() 与 unescape()
- Javascript 字符串介绍
- Javascript length属性
- javascript 字符串函数
- Javascript 日期对象简介
- Javascript 日期对象用途
- Date 对象属性和方法
- Javascript 数组是什么
- Javascript 创建数组
- Javascript 数组赋值与取值
- Javascript 数组属性和方法
- Kubernetes K8S之通过yaml文件创建Pod与Pod常用字段详解
- Kubernetes K8S之kubectl命令详解及常用示例
- Kubernetes K8S之Pod 生命周期与init container初始化容器详解
- Kubernetes K8S之Pod生命周期与探针检测
- Kubernetes K8S之Pod 生命周期与postStart、preStop事件
- Kubernetes K8S之资源控制器RC、RS、Deployment详解
- python教程 | 最标准的地图调用方式(国家测绘局提供数据)
- Kubernetes K8S之资源控制器StatefulSets详解
- Kubernetes K8S之资源控制器Daemonset详解
- Kubernetes K8S之资源控制器Job和CronJob详解
- Kubernetes K8S在IPVS代理模式下Service服务的ClusterIP类型访问失败处理
- Kubernetes K8S之Pod跨namespace名称空间访问Service服务
- Kubernetes K8S之Service服务详解与示例
- Kubernetes K8S之Ingress详解与示例
- Kubernetes K8S之存储Secret详解