A, dockerfile format
- Comment #
- Command parameters
- Command is not case sensitive, but it is recommended in all caps instruction.
- Instructions executed sequentially from top to bottom
- The first instruction must be FROM [], indicate the base image to be used.
- Docker file is executed, if used to other profiles, these profiles can not put [Executive] docker file directory of the parent directory, but you can put a subdirectory.
- In the execution docker file directory, you can put a hidden file (.dockerignore), which is stored when not required build files. You can use wildcards to specify. For example, a subdirectory in 10 files, build 3 files when there is no need, you referred to in the docker file in a directory name, so that 10 files were introduced came. But if do not need three files, .dockerignore added to the file, when they build on the three excluded.
- The file name must be: Dockerfile [] or [] dockerfile
Two, dockerfile command
FROM command: repository is the name of the base image (base image), tag gets base image of the label, does not specify that latest. If no registry, pulling it from the docker hub.
FROM <registry><repository>[:<tag>]
FROM <registry><repository>@<digest>
When the registry from the outside to pull image, image is likely to be replaced by others, but the same repository name, so insecure. digest is a hash value of the image, it specifies the digest will not be someone else replaced.
MAINTAINER (not recommended, is LABLE replaced) command: to let dockerfile producers provide detailed information himself.
MAINTAINER can appear anywhere, but it is recommended into the back FROM.
- MAINTANIER "magedu <[email protected]>"
LABEL command: Used to specify metadata, such as author, file size, and so on.
- 用法:LABEL <key>=<value> <key>=<value> ...
COPY command: copy the host of a file or directory to: a directory to build the image of the file system's.
grammar:
- COPY <src> ... <dest>
- COPY ["<src>", ... "<dest>"]
- src: source file or directory, use the relative path (relative dockerfile where the path), supports the use of wildcards
- dest: destination path, an absolute path is recommended. Otherwise, COPY WORKDIR places designated as the starting path.
- Note: When there is a blank character in the path, use the second format, on the grounds that the first white space character is a directory separator format.
File replication criteria:
src must be dockerfile inside the file or directory can not be a parent files in a directory or path.
If src is a directory, its internal file or subdirectory will be recursive copy, but the src directory itself will not be copied.
Equivalent: cp src / * / dest.
If a plurality of specified src, or the use of wildcards src, dest it must be a directory, and must end with a /.
If dest beforehand does not exist, it will be automatically created, together with its parent directory will be created.
Three, build characteristics: each command line execution, will create a new layer, the more layers, the more performance is not good, it can command on a single line, as far as possible on a single line.
For example, the COPY command, if the target directory the same, it is best used only once COPY. While the use of multiple COPY is not an error, but will be more level, performance is not good.
docker build command
Get help:
- PATH: Dockerfile] or [directory] [dockerfile file is located.
- -c: how many CPU production process
- -m: the production process to use much memory.
- -t: repository and tag the specified image.
# docker build --help
Usage: docker build [OPTIONS] PATH | URL | -
Build an image from a Dockerfile
Options:
--add-host list Add a custom host-to-IP mapping (host:ip)
--build-arg list Set build-time variables
--cache-from strings Images to consider as cache sources
--cgroup-parent string Optional parent cgroup for the container
--compress Compress the build context using gzip
--cpu-period int Limit the CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit the CPU CFS (Completely Fair Scheduler) quota
-c, --cpu-shares int CPU shares (relative weight)
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
--disable-content-trust Skip image verification (default true)
-f, --file string Name of the Dockerfile (Default is 'PATH/Dockerfile')
--force-rm Always remove intermediate containers
--iidfile string Write the image ID to the file
--isolation string Container isolation technology
--label list Set metadata for an image
-m, --memory bytes Memory limit
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable
unlimited swap
--network string Set the networking mode for the RUN instructions
during build (default "default")
--no-cache Do not use cache when building the image
--pull Always attempt to pull a newer version of the image
-q, --quiet Suppress the build output and print image ID on success
--rm Remove intermediate containers after a successful
build (default true)
--security-opt strings Security options
--shm-size bytes Size of /dev/shm
-t, --tag list Name and optionally a tag in the 'name:tag' format
--target string Set the target build stage to build.
--ulimit ulimit Ulimit options (default [])
dockerfile Example 1: copy a file.
FROM busybox:latest
MAINTAINER "magedu <[email protected]>"
LABEL maintainer="magedu <[email protected]>"
COPY index.html /data/html/
build at the above dockerfile try to use -t
to specify the image name and tag, found that build success.
# docker build -t tinyhttpd:v0.01 ./
Sending build context to Docker daemon 3.072kB
Step 1/4 : FROM busybox:latest
---> b534869c81f0
Step 2/4 : MAINTAINER "magedu <[email protected]>"
---> Using cache
---> 5c5a1c47716c
Step 3/4 : LABEL maintainer="magedu <[email protected]>"
---> Using cache
---> 88b87ddfdb22
Step 4/4 : COPY index.html /data/html/
---> Using cache
---> 59b7dd6c3eb8
Successfully built 59b7dd6c3eb8
Successfully tagged tinyhttpd:v0.01
Start this image, to see if there /data/html/index.html
# sudo docker run --name b1 --rm tinyhttpd:v0.01 cat /data/html/index.html
<h1>http server</h1>
dockerfile Example 2: copy a directory.
FROM busybox:latest
MAINTAINER "magedu <[email protected]>"
LABEL maintainer="magedu <[email protected]>"
COPY index.html /data/html/
COPY yum.repos.d /etc/yum.repos.d/
Implementation of build:
docker build -t tinyhttpd:v0.02 ./
Sending build context to Docker daemon 30.21kB
Step 1/5 : FROM busybox:latest
---> b534869c81f0
Step 2/5 : MAINTAINER "magedu <[email protected]>"
---> Using cache
---> 5c5a1c47716c
Step 3/5 : LABEL maintainer="magedu <[email protected]>"
---> Using cache
---> 88b87ddfdb22
Step 4/5 : COPY index.html /data/html/
---> Using cache
---> 59b7dd6c3eb8
Step 5/5 : COPY yum.repos.d /etc/yum.repos.d/
---> 99d306a25cc7
Successfully built 99d306a25cc7
Successfully tagged tinyhttpd:v0.02
verification:
docker run --name b1 -it --rm tinyhttpd:v0.02 ls /etc/yum.repos.d/
CentOS-Base.repo CentOS-Sources.repo
CentOS-Base.repo_20191129 CentOS-Vault.repo
CentOS-CR.repo CentOS-fasttrack.repo
CentOS-Debuginfo.repo docker-ce.repo
CentOS-Media.repo
Two, dockerfile command (continued)
ADD command: similar to COPY, and more support for self-extracting compressed file class than COPY URL and download from
grammar:
- ADD <src> ... <dest>
- ADD ["<src>", ... "<dest>"]
ADD guidelines:
- With the COPY command
- If the src to dest is created directly by the URL and dest does not end with a /, then the src specified file will be downloaded and; if the dest file ends with /, then the src specified will be downloaded and saved as dest / <filename>
- If src is a compressed file on the host, it will be automatically expanded its similar behavior
tar -x
; however, the compressed file downloaded by a URL does not automatically start. - If there are multiple src, or use wildcards, dest must be based on the directory path / ending; if not dest ends with /, then it is treated as a normal file, src dest content will be written directly.
Example 1: Using the URL
FROM busybox:latest MAINTAINER "magedu <[email protected]>" LABEL maintainer="magedu <[email protected]>" COPY index.html /data/html/ COPY yum.repos.d /etc/yum.repos.d/ ADD http://nginx.org/download/nginx-1.2.9.tar.gz /usr/local/src
verify results:
# docker run --name b1 --rm tinyhttpd:v0.03 ls /usr/local/src/ nginx-1.2.9.tar.gz
Example 2: Use a local file compression
FROM busybox:latest MAINTAINER "magedu <[email protected]>" LABEL maintainer="magedu <[email protected]>" COPY index.html /data/html/ COPY yum.repos.d /etc/yum.repos.d/ #ADD http://nginx.org/download/nginx-1.2.9.tar.gz /usr/local/src/ ADD nginx-1.2.9.tar.gz /usr/local/src/
verify results:
# docker run --name b1 --rm tinyhttpd:v0.03 ls /usr/local/src/nginx-1.2.9 CHANGES CHANGES.ru LICENSE README auto conf configure contrib html man src
WORKDIR command: dockerfile for all RUN, CMD, ENTRYPOINT, COPY and ADD designated set the working directory.
WORKDIR can appear multiple times, these designations above to find the nearest starting WORKDIR as relative path.
grammar:
- WORKDIR <PATH>
- WORKDIR system environment variables (for example: $ MYENV).
example:
FROM busybox:latest MAINTAINER "magedu <[email protected]>" LABEL maintainer="magedu <[email protected]>" COPY index.html /data/html/ COPY yum.repos.d /etc/yum.repos.d/ #ADD http://nginx.org/download/nginx-1.2.9.tar.gz /usr/local/src/ WORKDIR /usr/local/ ADD nginx-1.2.9.tar.gz ./src1/
verify results:
sudo docker run --name b1 --rm tinyhttpd:v0.03 ls /usr/local/src1/nginx-1.2.9 [sudo] password for ys: CHANGES CHANGES.ru LICENSE README auto conf configure contrib html man src
VOLUME: and run -v similar, but only designated image in a directory, and the host can not specify a directory.
grammar:
- VOLUME <mountpoint>
- VOLUME ["mountpoint1", "mountpoint2"]
Note: If the image file directory mount point, after the container is started, the point will mount the file copied to the host.
example:
FROM busybox:latest MAINTAINER "magedu <[email protected]>" LABEL maintainer="magedu <[email protected]>" COPY index.html /data/html/ COPY yum.repos.d /etc/yum.repos.d/ #ADD http://nginx.org/download/nginx-1.2.9.tar.gz /usr/local/src/ WORKDIR /usr/local/ ADD nginx-1.2.9.tar.gz ./src/ VOLUME /usr/local/src
Confirmation result: Because the image nginx-1.2.9 under / usr / local / src directory, nginx-1.2.9 is copied to the host.
# docker run --name b1 -it --rm tinyhttpd:v0.03 # ls /var/lib/docker/volumes/1240925e87efaa5d9ed375b268a6d804c29013c04792f9a0dde9e135aa7e9f9e/_data/ nginx-1.2.9
EXPOSE: and -p option type, specify the container to storm drain to the outside of the port, but you can not specify the port of the host, because at the time as dockerfile can not determine what the host is running in this image. You will not be able to know which port on the host can be used. So there is a random find host port can be used.
Note: Even with the EXPOSE command, but does not increase if the RUN
-P
option, the port will not be exposed to go.语法:EXPOSE <port>[/protocol] <port>[/protocol]
- protocol is a transport layer protocol, tcp or udp, tcp do not know that
- You can specify a plurality of ports, such as: EXPOSE 5255 5254 / udp
example:
FROM busybox:latest MAINTAINER "magedu <[email protected]>" LABEL maintainer="magedu <[email protected]>" COPY index.html /data/html/ COPY yum.repos.d /etc/yum.repos.d/ #ADD http://nginx.org/download/nginx-1.2.9.tar.gz /usr/local/src/ WORKDIR /usr/local/ ADD nginx-1.2.9.tar.gz ./src/ VOLUME /usr/local/src EXPOSE 80
verify results:
When you start to not specify the
-P
view with docker port, we found no port.# docker run --name b1 --rm tinyhttpd:v0.03 /bin/httpd -f -h /data/html/ # docker port b1
First specify when you start
-P
to see a docker port, port found.# docker run --name b1 --rm -P tinyhttpd:v0.03 /bin/httpd -f -h /data/html/ # docker port b1 80/tcp -> 0.0.0.0:32768
EXPOSE action is: the default port want to expose, at boot time, you can use
-p
to cover EXPOSE specified port.
ENV: In the definition of container system environment variables, ENV, ADD, COPY instructions and the like may be used.
grammar:
- ENV <key> <value>
- ENV <key>=<value> ...
- A first format, then <key> therefore be considered as a content value, only the definition of a variable.
- Second format defining a plurality of variables, if the value contained spaces, using \ escape, it can also be identified on the value quoted; Further, \ be used as wrap.
- When you define multiple variables, to use the second format, so that no additional layers, resulting image is too large.
Examples: $ {DOC_ROOT: - / data / html /} usage is, if (DOC_ROOT no value) {DOC_ROOT = / data / html /}
FROM busybox:latest MAINTAINER "magedu <[email protected]>" LABEL maintainer="magedu <[email protected]>" ENV DOC_ROOT=/data/html/ \ WEB_SERVER_PACKAGE="/nginx-1.2.9" COPY index.html ${DOC_ROOT:-/data/html/} COPY yum.repos.d /etc/yum.repos.d/ #ADD http://nginx.org/download/nginx-1.2.9.tar.gz /usr/local/src/ WORKDIR /usr/local/ ADD ${WEB_SERVER_PACKAGE}.tar.gz ./src/ VOLUME /usr/local/src EXPOSE 80
Yan Shen, can also be used when docker run the
-e
option to set the environment variable.When run through -e, you can change the value of the specified environment variable dockerfile years.
dockerfile is defined in nginx-1.2.9, but -e specified nginx-1.2.3, so WEB_SERVER_PACKAGE = / nginx-1.2.3.
# docker run --name b1 --rm -e WEB_SERVER_PACKAGE=/nginx-1.2.3 tinyhttpd:v0.03 printenv PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin HOSTNAME=7a242517b02e WEB_SERVER_PACKAGE=/nginx-1.2.3
However, / usr / local / src directory or in nginx-1.2.9. Because the point of the build, image has been put on nginx-1.2.9, so you are in -e, the only change in the value of the environment variable only.
# docker run --name b1 --rm -e WEB_SERVER_PACKAGE=/nginx-1.2.3 tinyhttpd:v0.03 ls /usr/local/src nginx-1.2.9
RUN: During the build execution, execute any shell command can be executed in the base image. If multiple commands are related, the best written together.
grammar:
- RUN <command>
- RUN ["executable1","arg1","executable2","arg1"]
- 例如:RUN ["/bin/bash","-c","ls","-ltr"]
Example: We specified in the src if ADD is a compressed file, it does not automatically decompress, so we RUN a tar command to decompress it.
FROM busybox:latest MAINTAINER "magedu <[email protected]>" LABEL maintainer="magedu <[email protected]>" ENV DOC_ROOT=/data/html/ \ WEB_SERVER_PACKAGE="nginx-1.2.9" COPY index.html ${DOC_ROOT:-/data/html/} COPY yum.repos.d /etc/yum.repos.d/ ADD http://nginx.org/download/${WEB_SERVER_PACKAGE}.tar.gz /usr/local/src/ RUN cd /usr/local/src && \ tar xf ${WEB_SERVER_PACKAGE}.tar.gz
RUN Applications: first find the basic centos mirror, and then install a Nginx, usually download the source code compiler installation, instead of using yum install. The reason is yum will produce extra files.
FROM centos RUN yum -y install epel-release && \ yum makecache && \ yum install nginx
CMD: not running at the time docker build, but run at docker run. For example, nginx mirrored boot time, then definitely start nginx CMD command. CMD even more so given, only the last one will work.
grammar:
CMD <command>
command is often a shell command, but is / bin / sh -c to run this command, therefore, is to start by shell, so you can use the characteristics of the shell, but after the start, shell process automatically launched, so this process in place shell process. So it is pid 1.
CMD ["executable1","arg1","executable2","arg1"]
executable directory name with the executable program name, such as / bin / ls. It is not run by / bin / sh -c, is directly started by the kernel, as it is not started by the shell, so the shell wildcards, pipes, redirection characteristics, not with all. If you want to use the shell characteristics, so to use: CMD [ "/ bin / bash", "- c", "executable", "arg"].
RUN usage of the first and second and first and second CMD usage of the same.
CMD ["arg1","arg2"]
With ENTRYPOINT command.
example:
FROM busybox LABEL maintainer="mageedu <[email protected]>" app="httpd" ENV WEB_ROOT="/data/web/html/" RUN mkdir -p ${WEB_ROOT} && \ echo '<h1>Busybox httpd.</h1>' > ${WEB_ROOT}/index.html CMD /bin/httpd -f -h ${WEB_ROOT}
Confirm Results: inspect confirm, indeed with / bin / sh -c to start.
"Cmd": [ "/bin/sh", "-c", "/bin/httpd -f -h ${WEB_ROOT}" ],
pid is 1
docker exec -it b1 /bin/sh / # ps PID USER TIME COMMAND 1 root 0:00 /bin/httpd -f -h /data/web/html/ 6 root 0:00 /bin/sh 11 root 0:00 ps # printenv HOSTNAME=e877c51f7dab WEB_ROOT=/data/web/html/
ENTRYPOINT:
Similarly CMD command, running a program to specify the default container.
To CMD difference is that will not be covered specified docker run parameters (there are ways to cover), and the docker run the specified parameters, automatically added to the end ENTRYPOINT command, the command corresponding to the parameter ENTRYPOINT.
Use --entrypoint string option run, you can be forced to replace ENTRYPOINT command.
If the parameter is not specified docker RUN, CMD parameter using the third format defined above, as a parameter ENTRYPOINT.
If docker run specified parameters, CMD third format also specifies parameters, ENTRYPOINT using the parameters specified when the docker run, ignoring CMD third format specified parameters.
dockerfile file types can also occur more ENTRYPOINT, but only the last one will work.
grammar:
- ENTRYPOINT <command>
- ENTRYPOINT ["executable", "param1", "param2"]
Example: Creating in the build nginx configuration files, and when run, you can also pass through the environment variable -e parameter, modify the information listening port number.
FROM nginx:alpine LABEL maintainer="MageEdu <[email protected]>" ENV NGX_DOC_ROOT="/data/web/html/" ADD entrypoint.sh /bin/ ADD index.html ${NGX_DOC_ROOT} CMD ["/usr/sbin/nginx", "-g", "daemon off;"] ENTRYPOINT ["/bin/entrypoint.sh"]
ENTRYPOINT command is a shell command file their own definition, as follows.
First, with the cat command to create a configuration file nginx, also uses the environment variable.
Then, the exec system call function, the command CMD parameter is defined: [ "/ usr / sbin / nginx", "-g", "daemon off;"]. The role of exec function is: Start ngxin process, and terminates the current process (/ bin / sh process), let nginx process of replacing the current shell process, so the process pid nginx is 1.
"$ @": All parameters of the shell, which is / usr / sbin / nginx "," -g "," daemon off;
entrypoint.sh:
#!/bin/sh cat > /etc/nginx/conf.d/www.conf << EOF server { server_name $HOSTNAME; listen ${IP:-0.0.0.0}:${PORT:-80}; root ${NGX_DOC_ROOT:-/usr/share/nginx/html}; } EOF exec "$@"
When run, the Executive ENTRYPOINT command, CMD parameter is defined in.
Confirm Results: -e became the listening port 8080; nginx's pid is 1; www.conf also been created. [Perform curl -H "Host: a6b94dae9be4" 192.0.0.2:8080] on a host machine, also the output of the results index.html.
# docker run --name b1 --rm -d -e "PORT=8080" mynignx:002 # docker exec -it b1 /bin/sh / # netstat -tnl Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN # cat /etc/nginx/conf.d/www.conf server { server_name a6b94dae9be4; listen 0.0.0.0:8080; root /data/web/html/; } / # ps PID USER TIME COMMAND 1 root 0:00 nginx: master process /usr/sbin/nginx -g daemon off; 8 nginx 0:00 nginx: worker process # cat /data/web/html/index.html <h1>nginx hello</h1> $ curl -H "Host: a6b94dae9be4" 192.0.0.2:8080 <h1>nginx hello</h1>
To test, when run, specify the parameters: / usr / sbin / nginx daemon off (intentionally without -g), to cover CMD. Because of the lack of -g, so the vessel failed to start, explains, indeed cover defined in command CMD.
# docker run --name b1 --rm -d -e "PORT=8080" mynignx:002 /usr/sbin/nginx daemon off 4c88e021408c143ec45e70611c42bd715831cb9c75d6f4a00d307a7a6b53af5c [root@localhost ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
To test, use --entrypoint "/ bin / sh", covering ENTRYPOINT.
Covering successful, the process is No. 1 / bin / sh process; www.conf file was not created; nginx process has not been started.
# docker run --name b1 --rm -it -e "PORT=8080" --entrypoint "/bin/sh" mynignx:002 / # ls bin dev home media opt root sbin sys usr data etc lib mnt proc run srv tmp var / # ps PID USER TIME COMMAND 1 root 0:00 /bin/sh 7 root 0:00 ps / # ls /etc/nginx/conf.d/ default.conf
Best Practices ENTRYPOINT usage: configuration file created in advance before the build, when build, is injected into the image. Can achieve dynamic creation of profiles of various services, so as to solve the problem only because the different profiles, and had to create multiple image of.
USER
Use the background of USER, USER is not specified when the owner of the process is the root, such as the following nginx. While not wishing to be root when using this command.
/ # ps PID USER TIME COMMAND 1 root 0:00 nginx: master process nginx -g daemon off;
docker run, the user name when CMD, ENTRYPOINT performed, used or UID
The default is root
语法:USER <UID> | <UserName>
Or UserName UID must be present in the image must be present in the / etc / passwd in.
HEALTHCHECK:
Regularly check whether the process is running container still working state. docker themselves automatically checks the container process is still alive, or if dead time is not running in the foreground, docker will automatically kill the container. But this is not enough, even if some containers alive, but can not provide the service, that's the equivalent of death, so to define your own command to check the process container is running, whether still working.
grammar:
- HEALTHCHECK [OPTION] CMD command
- OPTION:
- --interval =: Check interval (Default: 30 sec)
- --timeout =: defined timeout period (Default: 30 sec)
- --start-period =: wait long to start the first health check (default: 0 seconds)
- --retries =: found unhealthy, not immediately kill container, and test again a few times. The number of re-tests (default: 3).
- Health test results:
- 0:success
- 1:unhealthy
- 2: reserved (reserved for use)
- OPTION:
- HEALTHCHECK NONE
- HEALTHCHECK [OPTION] CMD command
Examples: health check results are normal.
FROM nginx:alpine LABEL maintainer="MageEdu <[email protected]>" ENV NGX_DOC_ROOT="/data/web/html/" ADD entrypoint.sh /bin/ ADD index.html ${NGX_DOC_ROOT} HEALTHCHECK --interval=3s --timeout=3s \ CMD wget -O - -q http://${IP:-0.0.0.0}:${PORT:-80}/ CMD ["/usr/sbin/nginx", "-g", "daemon off;"] ENTRYPOINT ["/bin/entrypoint.sh"]
The results confirmed that:
# docker run --name b1 --rm mynginx:v001 127.0.0.1 - - [08/Dec/2019:13:54:18 +0000] "GET / HTTP/1.1" 200 612 "-" "Wget" "-" 127.0.0.1 - - [08/Dec/2019:13:54:21 +0000] "GET / HTTP/1.1" 200 612 "-" "Wget" "-" 127.0.0.1 - - [08/Dec/2019:13:54:25 +0000] "GET / HTTP/1.1" 200 612 "-" "Wget" "-"
Examples: Health test results are not normal. Found is not normal, kill 1 [directly]. After the container starts, he was immediately killed.
FROM nginx:alpine LABEL maintainer="MageEdu <[email protected]>" ENV NGX_DOC_ROOT="/data/web/html/" ADD entrypoint.sh /bin/ ADD index.html ${NGX_DOC_ROOT} HEALTHCHECK --interval=1s --timeout=1s --retries=1 \ CMD wget -O - -q http://${IP:-0.0.0.0}:10080/ || kill 1 CMD ["/usr/sbin/nginx", "-g", "daemon off;"] ENTRYPOINT ["/bin/entrypoint.sh"]
SHELL: Specifies the shell with which to run RUN, CMD, ENTRYPOINT command, the default is / bin / sh -c.
- 语法:SHELL ["executable", "parameters"]
- Can appear multiple times, each time will be covered once.
STOPSIGNAL: [name] docker stop container is a default PID for the process 1 to send 15 signals. STOPSIGNAL can specify another signal.
- Syntax: STOPSIGNAL signal.
ARG:
When build, through --build-arg [] passed to the inside of the variable dockerfile
dockerfile where you can have multiple ARG
语法: ARG <name>[=<default value>]
There can set default values in the ARG in dockerfile
ARG version=1.14
example:
FROM nginx:alpine ARG author="MageEdu <[email protected]>" LABEL maintainer=${author}
Confirm Results: build, do not use --build-arg
# docker build -t mynginx:v002 ./ # docker image inspect mynginx:v002 "Labels": { "maintainer": "MageEdu <[email protected]>" },
Results confirmed: When build, using --build-arg
# docker build --build-arg author="abc <[email protected]>" -t mynginx:v002 ./ # docker image inspect mynginx:v002 "Labels": { "maintainer": "abc <[email protected]>" },
ONBUILD
- build this command is not executed.
- When you take someone made image as a base image, the implementation of build, ONBUILD command will be executed.
- Syntax: ONBUILD any dockerfile command (except for the FROM and MAINTAINER)
- ONBUILD ADD or ONBUILD COPY to be extra careful, because you never know when someone else take your image do base image, files are placed where, ADD if it is a remote file to be downloaded is no problem.