Dockerfile简介+Dockerfile实战

Dockerfile概述

Dockerfile是docker中镜像文件的的描述文件,说的直白点就是镜像文件到底是由什么东西一步步构成的。
例如:你在淘宝上买了一个衣架,但是卖家并没有给你发一个完整的衣架,而是一些组件和一张图纸,你按照这个图纸一步一步将衣架组装起来,就成了你所需要的样子。那么Dockerfile 就是这张图纸,镜像文件就是你需要的这个衣架,Dockerfile 不建议随便命名,就用 Dockerfile。
因此,Dockerfile其内部包含了一条条的指令,每一条指令构建一层,因此每一条指令的内容,就是描述该层应当如何构建。

Dm + ( F W :ocker 执行 Dockerfile 的大致流程2 p v e . I

(1)docker从基础镜像运行一个容器;
(2)执行一条指令并对容器作出修改;
(3)执行类似dockercommit的操作提交一个新的镜像层
(4)docker再基于刚提交的镜像运行一个新容器;
(5)执行dockerfile中的下一条指令直到所有指令都执行完成。

T I H : &顾Dockerfile

说到Dockerfile,就离不开DockerfiZ M m E g j Ule的核心组件,尤其是镜像。镜像是运行容器的基础环境,也就是说镜像是docker容器创建的关键,而创建镜像的三种方式之一的Dockerfile是最为灵活的。

什么是Dockerfile?
Dockerfile可以看做是被Docker程序所解释翻译的脚本,由一组命令集合而成,每一条命令都对应一条操作命令,有其翻译为Linux下/ h p _ 1 = m i /的具体命令。用户可以通过自定义内容来快速构建镜像。
​ 其实说简单点,你可以认为Dockerfile是“专门用于构建镜像的shell脚本”。
​ 还记得Dockerfile的严格格式吗?我们先来看一下这个表格。
Dockerfile简介+Dockerfile实战

1.构建httpd服务镜像

[root@localhoH C = ) 4 7 _st ~]# cd /opt/
[root@locale g H s & hhost opt]# mkdir apache ##创建目录
[root@localhost opt]# cd apache/
[root@localhost ssh 7 p u c x I C $d]# vim Dockerfileu k P 7 / { w  ##编写dockerfile文件
#基于的基础镜像
FROM c4 [  s S b @entos
#维护镜像的用Z e 0 6 T o w j /信息
MAINTAINER zjz
#镜像操作指令安装ApacC G * a X z N E vhe软件
RUN yum -y update
RUN yum -y install httpd
#开启 80端口
EXPOSE 80
#复制网站首页文件
ADD index.html /var/www/html/index.html
#将执行脚本复制到镜像中
ADD run.sh /run.sh
RUN chmod 755 /run.sh
#启动容器是执行脚本
CMD ["/run.sh"]
其P A O中注意:1 G ) n 9 @ Prun 命令可以有多条CMD只能有一条,若有多条则只会执行最后一条
编写启动httpd服务的shell脚本
vim run.sh
#!/bin/bash
rm -re - + z H t R +f /run/hB 6 p G Y e _ Zttpd/*
exec /usr/sbin/apachectl -D FOREGROUND
编写测试页面
vim index.html
<h1>this is docker httpd web</h1>
使用tree命令查看目录的文件结构
没有tree ? r u . fe这个命令,用yum -y install t, 2 A L Q { B Uree 装一哈
[root@localhosP u ht apache]# tree ./
.s z @/
├── Dockerfile
├── index.html
└── run.sh
0 dD v  * _ oirectories, 3 files

构建和使用镜像(创建运行容器)

[root@localhost apache]# docker build -t http8 ` f V ] m J od:new .

Dockerfile简介+Dockerfile实战

[root@localhost apache]# docker images

Dockerfile简介+Dockerfile实战

#基于K _ / : [ ; , ( M构建的镜像创建并运行容器,给容器取名为test
[root@localhost apache]# docker run --name test -d -P httpd:new  

Dockerfile简介+Dockerfile实战

[root@localhost apache]# docker ps -a

Dockerfile简介+Dockerfile实战
这样我们进入容器中检查一下这个页面文件是否存在

[root@localhost ap= ] # 2 t E )ache]# docker exec -it test /bin/bas, ] M @ [ * `h
[root@0467d8d2d590 /]# cat /var/www/html/index.html
<h1>this is docker httpd web</h1>

Dockerfile简介+Dockerfile实战
Dockerfile简介+Dockerfile实战

2、构建sshd镜像

[root@los K K w I S  ~ Kcalhost ~]# cd /opt/
[root@localhost opt]# mkdir sshd  ##创建目录
[root@localhost opt]# cd sshd/
[root= P G Z f@localhost sshd]# vim Dockerfile  ##编写dockerfile文d ; L ? r l件
#sshd服务的镜像构建——基于Dockerfile
#首先% a = w @ m U先下载基础镜像centos,创建对应的工作目录
#开始编写nginx的Dockerfile
#第一步:基础镜像
FROM centos:7F } ! 8 k T , I H
#第d | y X & 1 D b n二步:维护者信息
MAINTAINER zjz
#第三步:指令集
RUN yum -y update
RUN yum -y install openssh* net-ti x % )ools lsof telnet passwd
RUN echo '123123' | passwd --stdin root
#不! s r *以PAM认证登录而是以密钥对登录(非对称密钥),即禁用ssh的PAM认证
RUN sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
RUN ssh-keygen -t rsaE ~ @ d B -f /etc/ssh/ssh_host_rsa_key
#禁用ssh中PAM会话模块
RUN sed -i '/^s5 -  K 5 h K ! Eession\s\+required\s\+pam_loginuid.so/s/^/#/' /etc/pam.d/sshd
#创建ssh工作目录和权限设置
RUN mkdir -p /roo` o m pt/.ssh && chown root:root /root &a? % B _ m 6mp;& chmod 700 /roM N A 2 Q Hot/.ssh
#开放22端口
EXPO! , F 9 n [SE 22
#第四步:启动容器时执行指令
CMD ["/usr/sbi{ X R $ ? gn/sshd","-D"]
构建镜像和运行容器
[root~ p p r@localhost sshd]# docker run -d -P sshd:new
6005aaad0e99897e11672e081101a43aee169c06acba08a48b1353317d9504eb
[root@localhost sshd]# docker ps -a
CONTAINER ID        IMAGE               COMMAND               CREATED             STATUS              PORTS                   NAMES
6005aaad0e99        ssU } @ f ]hd:new            "/usr/sbin/sshd -D"   7 seconds ago       Up 6 seconds. % _ F , 0 o        0.0.0.0:32768-&g! q ) t;22/tcp   pensive_poincare
测试
[root@localhost sO s p ] [shd]# ssh 192.168.10.52 -p 327r C G : [ F - H68
The authenticity of host '[192.168.10.52]:32768 ([192.168.10.52]:32768)' can't be established.
RSA key fingerprint is c5:95:5d:0a:ce:b3:d8:cc:43:f7:b61 @ G ( c w:32:89:12:28:21.
Are you sure you want to continue connecting (yes/no( $ e z)? yes
Warning: Permanently added '[192.168.10.52]:32768' (R$ G ( b M ] - $ %SA) to the list ofz f U U - knoM V i O Y n +wn host^ F E T I Y a Ms.
root@192.168.10.52's password:
Permission dR + ~ a _ & w k XeniedO W : _ j 2 k D, pleas1 Q U A y d %e try again.
root@192.168.10.52's password:
[root@6005aaad0e99 ~]# exit
logout
Connection to 192.168.10.52 closed.
此时我们登录该容器(5 k j Bssh或者docker exec命令Q V %)查看sshd服务的状态(但是systemctl无法使用)[ p k
[root@6005aaad0e99 ~]# systemctl staC : ~ _ tus sshd
Failed to ge9 D j % D T 5t D-BuY i Q c os connection: Operation not permitted
一则我们可以使用下面的命令使用该命令,二则我们可以基于上面构建的镜像作为基础镜像Z T ( 0 ~ O 0 @构建sz ] K h v D |ystemctl的{ 2 _ M % R i @镜像来测试验证。
[root@localhost sshd]# docker run --privileged -itd -P sshd:new  /usr/sbin/init
bf552af2fb6b7d512bc44c32262aj m S H a U !5dcce092e26bb7bec8e73c866a5c5a755d83
[root@locy L [ - [ K p d balhost sshd]#  docke] H [ n ] @ ? 9r ps -a
CONTAINER ID        IMAGE               COMMAND               CREATED             STATUS              PORTS                   NA| u ? o x @ k | ~MES
bf552af2fb6b        sshd:new            "/usr/sbin/init"      6 seconds ago       Up 6 seconds        0.0.0.0:32770->22/tcp   adoring_bosL S 0 ( = i Ke
bb24d t F 4 z A a gb2efd442        systemctl:new       "/usr8 D ! t # ! I T/sbin/init"      13 minutes ago      Up 13 minutes       22/tcp                  sleepy_curie
0467d8d2d590        httpd:new           "/a 5 O F L W S trun.sh"             27 minutes ago      Up 27 minutes       0.0.0.0:32769->80/tcp   test
6005aaad0e99        sshd:new            "/usr/sbin/sshd -D"   Ah F &bout a/ I ?n hour ago   Up About an hour    0.0.0.0:32768->22/tcp   pensive_poincare
[root@locc 2 = palhost sshd]# ssh 192.168.10.52 -p 32770
The authenticity of hJ ? O F 0ost '[192.168.10.52]:B + x ! =32770 ([192.168.10.52]:32770)' can't be established- 0 B : t @ G i.
ECDSA key fingerprint is e7:5b:57:32:ea:12:db:9c  ) 80:c5:da:d5:3d:95:ff:48:ak d 8 N ) x ,b.
Are you sure you want to continue connect$ C $ 0 7 6 6 w Eing (yes/no)? yes
Warning: Permanently added '[192.168.10.52]:32770' (ECDSA) to the list of known hoX k k Q {   hsts.
root@192.168.10.52's password:
[root@bf552Q 8 k 1 #af2fb6b ~]#  systemctl status sshd
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
Active: active (runnin$ . = ^ 3 T  w og) since Tue 2020-07-28 02:55:53 UTC; 48s ago
Docs: man:sshd(8)
man:sshd_config(5)
Main PID: 75 (sshd)
CGroup: /docker/bf552af2fb6b7d512bc44c32262a5dcce092e26b6 k i { p ; ^ H sb7bec8e73c866a5c5a755d83/system.slice/sshd.service
├─ 75 /usr/sbin/ssS W E *hd -D
├─ 85 sshd: root@pts/1
├─ 89 -bash
└─102 systemctl status sshd
‣ 75 /usr/sbin/sshd -D
Jul 28 02:55:53 bf552af2fb6b systemd[1]U b ~ I  2 I ] =: Starting OpenSSH server daemon...
Jul 28 02:55:53 bf552af2fb6b sshd[75]: Server listening on 0.0.0.0 port 22.
Jul 28 02:55:53 bf552af2d O 9 U i efb6b sshd[75]: WARNING: 'UsePAM nol * Z e 9' is not supported in Red Hat Enterprise Linux ao = j Wnd ...lems.
Jul 28 02:55:53 bf552af2fb6b sshd[75]: Server listening on :: port 22.
Jul 28 02:55:53 bf552af2fb6b systemd[1]: Stare 7 i k l O ( uted OpenSSH server daemon.
Jul 28 02:56:23 bf552af2fb6b ssh7 j D o 5 ,d[85]: WARNING: 'UsePAO | Z l 8 Y oM no' is not supported in Red Hat Enterprise Linux and ...lems.
Jul 28 02:56:27 bf552af2fb6b sshd[85]: Failed password for root from 192.168.10.52 port 35474 ssh2
Jul 28 02:5( S e - I ` 36:29 bfv L 7 :552af2fb6b sshd[85]: Failed password for root fr[ _ -om 192.168.10.52 port 35474 ssh2
Jul 28 02:56:31 bf552af g H q i ] D2fb6b sshd[85]: Accepted password for root from 192.16- h . F8.10.52 port 3547? : w 4 ssh2
Hint: Some lines were ellipsizedG e a n y, use -l to show in full.

3、构建systemctl镜像

[root@localhost ~]# cd8 M R /opt/
[root@localhost opt]# mkdir systemctl  ##创建目录
[root@localhost opt]# cd systemctl/
[root@localhost sshd]# vim Dockerfile  ##编写dockY ( t y U R W NerfileU Y n |文件
FROM sshd:new
MAINTAINER zj| ~ - 9z
ENV container dox J s Q ^ *cker
#下面的命令是放在一个镜像层中执行的,可以减少镜像层
#括号中的指令含义是遍历进入的目录文件,删除除了systemd-tmpfileso R # O Z g-setup.serviI 1 9 ce的所有文件,之后删除一些其他文件
RUN (cd /lib/systemd/system/sysinit.tarY ~ X @ = w D r ,gel D u 2 / t # ^t.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \Z ) d B
rm -f /lib/systemd/system/multi-user.target.wants/*; \
rm -f /etc/systemd/system/*.wants/*; \
rm -f /lib/systemd/system/local-fs.target.wants/*; \
rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
rm -f /lib/systemd/system/basic.T R $ h # c %target^ 1 1 * T k d.wan9  1 K zts/*; \ % k  &
rm -f /lib/systemd/system/anaconda.N l l h = ~target.wants/*;
VOLUX ^ M . n w M F pME [ "/sys/fs/cgroup" ]
CMD ["/usr/sbin/init"]

构建运行及j F o Y m e测试

[roo5 z h 4 ; l W mt@localhost systemctl]# docker build -t systemctl:new . ##创建镜像
[root@localhost s$ m C c , R Jyste$ $  M g | Ymctl]# dockeK p G M m M ar run --privileged -it -v /sys/fs/cgroup/:/s% # m | f Sys/fs/cgroup:ro systemctl:new /usr/sbin/init ##privatege ) #  - _ !ed contais R h { i g ?ner 内的root拥有真正的root权限,否则,container内的root只是外部的一个普通用户权限。
systemd 219 running in system mode. (+PAM +AUDIT +St 8 d H j eELINUX +IMA -APPARMOR +SMACK +SYSVINITb x { n w [ ) e +UTMP +LIBCRYPTSETUP +GCRY@ Z L & $PT +GNUTLS +ACL +XZ +LZ4 -SECCOMP +BLKID +ELFUTILS +KMOD +IDN)
Detect[ Z & T Sed virt4 m Iualizatio* L k in docker.
Detecta s B m 1 R %ed architecture x86-64.
Welcj o ` @ s j Wome to CentOS Linux 7 (Core)!
Set hostname to <bb24b2efd442>.
[  OK  ] Created slice Root Slice.
[  OK  ] Liw _ * $ & r a wstening on Journal Socket.
[  OK  ] Createx # $ ` Od slice System Slice.
[  OK  ] Reached target Slices.
[  OK  ] Reached target Paths.
[  OK  ] Listening on Delayed Shutdown Sockey 1 R I I 1t.
[  OK  ] Reachedc d # O target Local File Systems.
Starting CreatU W `e Volatile Files a e Q p ynd DirectorE h ? i D / 2 , bies...
[  OKR R 7 v % ; N  ] Reached targeb s g C 2 . ^t Swap.
Starting JourD ) ; snal Service...
[  OK  ]z 1 + . O - t Started Creat; t h E d e Volatile Files and DireZ s H q % octorS $ m F & ViE . : h H A 1 * des.
[ INFO ] Update UTMP about System Boot/Shutdown is not active.
[DEPED q & nND] Dependency failn I o = 7 T -ed for Update UTMP about System Runlevel Changes.
Job systemd-update-utmp-runN ( X A 4 H |level.servicF _ M _ B W Ve/start failed with result 'dependency'.
[  OK  ] Started Journal S| 5 a t eervice.
[  O1 ^ m H 1 / Z @ _K  ]Y I % c @ | , R Reached target System Initia2 = lization.
[  OK  ] Listening on D-Bus System Message8 y K p ; 6 d Bus Socket.
[  OK  ] Reached target S: v R - Bockets.
[  OK  ] Reached target Basic System.
[  OK  ] Reached target Multi-User System.
[  OK  ] Started Daily Cleanup of Temporary Directoriesz z ~.
[  OK  ] Reached target Timers.= # O z D 8 4

重新开启一个终9 : 8端进行测试

[root@localhost ~]# cd /opt/
[root@localhost opt]# cd sys# } stemctl/
[root@localhost systemctl]# docker ps -a
[root@localhost systb I uemctl]# docker ps
CONTAINER ID        IM{ 0 F c V ( WAGE               COMMAND               CREATED             STATUS              PORTS                   NAMES
bb2J _ - @4b2efd442        system] 0 9 + 5 % ;ctl:new       "/us( k o a q M l Rr/sbin/init"      9 mn g @ i W W R -inutes ago       Up 9 minutes        22/tcp                  sleepy_curie
0467d8d2d590        httpd:new           "/run.sh"             23 minutes ago      Up 23 minutes       0.0.0.0:32769->80/tcp   test{ ( K
6005aaad0e99        sshK U } . % n U bd:new            "/usr/sbin/sshd -D"   44 minutes ago      Up 44 minutes       0.0.0.0:32768->22/tcp   pensive_pp ) ; T U W -oincare
[root@localhost systemctl]#| , T b . docker exec -it sleepy_curie /bin/bash
[roo- , c :t@bb24b2efd442 /]# systemctl status sshd
● sshd.service - OpenSSH server daemon
Loaded: loaded (- R A u Z/usr/libA z k j }/systemd/syg  _ O 4stem/sshd.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: maS r P W yn:sshd(8)
man:sshd_config(5)
[root@bb24b2efd442 /]# ssh 192.168.10.52 -p 22
The a! x R z Z u W S Uuthenticity of host '192.168.10.52 (192.168.10.52)' can't be established.
ECDSA key fingerprint is SHA256:X3dOS5bVumqe/7loOyPanoa7rXqlTF79C5mavP1EQW0.
ECDSAo f e N $ q key fingerprint is MD5:00:8Q P 7 x Pf:be:Z e R 6 H s u O E85:3b:97:c9:05:bb:fb:fe:17:14:x 4 f o j J k m 949:19:9f.
Are you sure you wa4 { U t znt to conti = i V - h V N Cnue connecting (yes/no)? yes
Warning: Permanently added '192l # p B H 5 # C.168.10.52' (ECDSA) to the list of known hosts.
root@192.168.10.52's password:
Last failed login: Tue Jul 28 10:46:42 CST 2020 from 172.17.0.4 on ssh:notty
There were 2 failed login attempts since the last successful lI Z O d w 3  Hogin!  }.
Last login: Tue Jul 28 10:43:54 2020 from 192.168.10.1
[root@lh ( 5 I n 2ocalhost ~]# exit
logout
Connection to 192.168.10.52 closeT ? - q _ 2 4d.
[root@bb24b2efd442 /]# exit
exit

4.构建Nginx镜像

[root@loc` H Falhost ~]# cd /opt/
[root@localhost opt]# mkdir nginx   ##创建Nginx目录
[roott . } ~ d@localhost optY I n  C L R 4 F]# cd nginx/
[root@localhost nginx]# vim Dockerfile
FROM centos:7
MAINTAINER The is ngin2 3 U } e I |x <zjz&_ 9 K u % B  U *gt;
RUN yum install -y proc-devel gcc gcc-c++ zlib zlib-devel make openssl-d % 5devel wget
ADD nginx-! o [ z A , N r1.14.0.tar.gz /usr/local
WORKDIR /usr/local/nginx-1.14.0/
RUN ./configure --prefix=/usr/loca7 | /l/nginx && make && make instG l Lall
EXPOSE 80
EXPOSE 443
RUN echo "daemon off;">>/usr/local/nginx/conf/nginx.conf
WORKDIR /root/nginx
ADD run.sh /run.sh
RUN chmod 755 /run.sh
CMD ["/run.sh"]
[root@localhost nginx]# vim run: z 5 ) # _ W z 3.sh
#!/bin/bash
/usr/local/nginx/sbp J 1 0 # F A [in/nginx   ##开启Nginx服务
[root@localhost nginx]# rz    ##在xshell里上传nginx安装包
[root@localhost nginx]# ls
nginx-1.14.0.tr ] % 8ar.gz
[root@localhost nginx]# dr j W ? o M B E locker build -t nginx:new .   ##创建镜像
[root@localhost nginx]# docker run -d -P nginx:new    ##创建容器
ba75ff06051430938bb# b n ) # f } N .b014450cd16f7b2b7a2fe023969a6a0ec76051d6872c5
[root@localhost nginx]# docker ps -a   ##查看容器
CONTAINER ID        IMAGE               COMMAND               CREATED             STATUS              PORTS                                           NAMES
ba75ff060514        nginx:new           "/run.sh"             14 seconds ago      Up 14 sT , : Aeconds       0.0.0.0:32772->80/tcp, 0.0.0.0:38 c G F 22771->443/tcp   pedantic_archimedes

Dockerfile简介+Dockerfile实战

5.构建Tomcat镜像

[root@localhost opt]# mkdir tomcat
[root@localhosE k ; c i 6 6 H .t opt]# cd tomcat/
[root@localhost tomcat]- $ q J @ e N _# rz
[roF g ) i Z s C got@localhost tomcat]# ls
jdk-8u211-linux-x64.tar.gz
[root@localhost tomcat]# rz
[root@localhost tomcat]# ls
a} $ F ( / .pache-tomcat-8.5.35.tar.gz  jdk-8u211-linux-x64.tar.gz
[root@localhost tomcat]# vim Dockerfile
FROM centos:7
MAINTAINER thi5 S : E [ cs is tomcat
ADD jdk-8u211-linux-x64.tar.gz /usr/local
WORKDIR /usr/local
RUN mv jdk1.8.0_211  /usr/local/java
ENV JAVA_HOME /usr/local/java     ##设置环境变量
ENV JAVA_BIN /usr/local/java/bin
ENV JR8 9 b j 0 E_HOME] Q U ) = m /usr/local/javy z a Q 6 9 ) da/jre
ENV PATH $PATH:/usr/local/java/bin:/usr/local/java/jre/bin
ENV CLASSPATH /usr/local/java/jre/bin:/usr/local/java/lib:/usr/local/java/jre/lib/charsets.jar
ADD~ d 0 ~ X Y T apache-tomcat-8.5.35.tar.gz  /usr/local
WOR^ ? f 6 0 n T 0KDIR /usr/local
RUN mv apache-tomcat-8.5.35  /usr/local/tomcat8
EXPOSE 8080
ENTRYPOINT ["/usr/local/tomcat8/bin/catalina.sh","run"]
[root@localhost tomcu ~ Qat]# doc4 H 0 ] 9 jker build -t tomcat:centos .  ##创建镜像
[root@localhost tomcat]# docker run --name tomcat01 -p 1234:8080 -it  tomcat:centos /bin/bash
##创建容器
[root@localhost tomcatY 2 ( r . - ]# docker ps
CONTAINER ID        IY q v b ( }MAGE               COMMAND                  CREATED             STATb - r - h n J aUS              PORTS                                           NAMES
3f81e707d8b6        tomcat:centos       "/usr/local/tomcat8/…"   3 minutes ago       Up 3 miz ] & ^ o P 1nutes        0.0.0.0:1234->8080/tcp                          tomcat01

Dockerfile简介+Dockerfile实战

6.构建MySQL镜像

[root@localhost mysql5.7]# cat Dockerfile
#基于基础镜像
FROM centos:7
#维护该镜像的用户信息
MAINTAINER zjz
#指令集
#下载相关工具
RUN yum -y install \
ncurses \
ncn S = H D 2urses-devel \
bison \
cmake \
m5 : 6 R t Yake \
gcc \
gcc-c++
#创建mysql用户
RUN useradd -s /sbin/nologin mysql
#复制软件包到指定目录(将会自动解压] v D V 2 b : [ ])
ADD mysql-boost-5.7.20.tar.gz /usr/local/src
#指定工作目录
WORKDIR /usr/local/srV A $ a _c/mysql-5.7.20/
#cmake配置及编译安装
RUN cmake \
-DCMAKE_INSTALL_PREFIX=/ur 3  @ m xsr/local/mysql \
-DMYSQL_UNIX_ADDR=/usr/local/mysql/mysql.sock \4 0 x S 5
-DSYSCONFDI E W ? y pR=/etc \
-DSYSTEMD_PID_DIR=/usr/local/mysql \
-DI 7 ; v t gDEFAULT_CHARSET=utf8 \
-DDEFAULT_COLLAT0 9 b } 1ION=utf8_general_ci \
-DWITH_INNOBASE_STORAGE_ENGINE=1 \
-DWITH_ARCHIVE_STORAGE_ENGINE=1 \
-DWITH_BLACKHOLE_STORAGE_ENGINE=1 \
-DWITH_PERFSCHEM= ! c CA_STORAGE_ENGINE=+ B 2 y g1 \
-DMYSQL_DATADIR=/usr/local/mysql/data \
-DWITH_BOO) / o - @ o h [ST=boost \
-DWITH_SYSTEMD=1 && make && make install
#更改mysql目录属主属组
RUN chown -R mysql:mysql{ M o ~ /usr/local/mysql/
#删除默认安装的my.cnf文件
RUN rm -& K R Y c { A { 9rf /etc/my.cnf
#复制一份my.cnf到etc目录下
ADD my.cnf /etc
#更改该文件权限
RUN chown mysql3 z + !:mysql /etc/my.cnf
#设置环境变$ O o E量,命令目录及库文件目录
ENV PATH=/usr/local/mysql/bin:/usr/local/mysql/lib:$PATH
#指定工作目录
WORKDIR /usr/^ ; =local/mysql/
#初始化设置
RUN bin/mysqld \
--initialize-insecure \a Y J f h p * l
--user=mysql \
--basedir=/usr/% B C L l { A Xlocal/mysql \
--datadir=/usr/local/mysql/data
#优化启动方式
RUN$ , 4 J L 1 cp /usr/local/mysql/uL s ! w + @ X Qsr/lib/systemd/system/mysqld.y G l $ w 2 fservice /usr/lib/systemd/systeh 3 ^ Y o K # u 2m/
EXPOSE 3306
#直接设置运行启动脚本
RUN ec+ # 0ho -g ; ] $ d S q } ue "#!/bin/sh \nsL b 4 h - l |ys/ % } | itemctl enable mysqld" > /run.sh
RUN chmod 755 /run.sh
RUN sh /run.sh
#启v c h Q y o K A |动容器时执行
CMD ["ib a Y & a wnit"]

my.cnf文2 ( Y f _ + G T

[client]
port = 3306
defaultp , $ 0 p-character-set=utf8
socket = /usr/local/mysql/mysql.sock
[mysql]
pQ e 3ort = 3306
default-character-set=utf8
s3 ? % & m [ %ocket = /usr/local/mysql/mysql2 0 ~ O 2 g #.sock
[mysqld]
user = mysql
basedir = /usr/local/mysql
datadir = /usr/local/mysql/data
port = 3306
character_set_server=utf8
pid-file = /uN O V K Xsr/local/mys! V z , N G 2 F ;ql/mysqld.pid
socket = /usr/local/mysql/mysql.sock
server-id0 , ^ 4 D b = 1
sql_mR E [ x + sode=NO_ENGINE_N h ( F } USUBSTITUTION,STRICT_TRANS_TABLES,NO_AUTO_CREATE_USER,NO_AUTO_VALj r q B Z j O 4UE_ON_ZERO,NO_ZERO_I2 r WN_DATE,NO_Z2 6 U H _ Q G 5ERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,PIPES_AS_CONCAT,ANSI_QUOTES

构建及运行

[root@localhost mysql5.7]# docker build -t mysql:latesB j ^ % + h , = -t .
...//友情提示MySQL5.7时间比较长
[root@localhost mysql5.7]# docker run --nx 0 D x - e Same mysql_c D + $ Anew -d -P --privileged mysql:latest
e9c9f93766d149a3387aed4cb5e04425269a884fccf06256b087d00e4c262222
[root@localho? H V est mysql5.7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                                           NAMES
e9c9f93766d1        mysql:latest        "inith 3 2"u @ l e ( D / O                   6 seconds ago       Up 5 seconds        0.0.0.0:32774->3306/tcp  

进入MySQL服务的容器中进行提权操作

[root@localhost mysql5.7]# docker exec -it mysql_new /bin/bash
[root@e9c9f93766d1 mys _ z D p x b j 9ql]# mT ] F : Y c 3 ?ysql
Welcome to the MySQL monitor.  Commands end with ; or & X + . K V T fg.
Your MySQL connection id i) o o 1s 3
Server version: 5.7.20 Source distribution
Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/T * 6 5 ; 8 ; r *or its? * I  C ; w ;
affilT o T Xiates. Other namesb Y v may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> grant all privileges on *.* to 'root'@'%' identified by '1^ * E : 6 ~ ! x23456';
Query OK, 0 rows a( @ & ] Wffected, 1 warning (0.00 sec)
mysql>  flush privileges;
Query OK, 0 roi / k i K U 0 8ws affected (0.01 sec)
my7 a $ u q 7sql> exit
Bye
[root@e9c9f93766d1 mysql]# exit
exit

宿主机系统安装mariadb服务来测试

[root@localhost mysql5.7]# yum install mariadb -y
[root@localhost mq W # M 1 / l %ysql5.7]# mysql -h 20.0.0.149 -P 32774 -uroot -p123456
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MyI [ 9 3SQL connection id is 4
Serv8 # , B cer versh + Y w tion: 5.7.20 Source distribution
Copyright (c) 2000, 2018) B F, Oracle, MariaDB Corporation Ab and others.
Type 'helpY : | T z;' or '\h' for help. Type '\c' to clear the currentf 9 [ y input statement.
MySQL [(nF L T 3 0 lone)B o p M b C W ^ t]> show databases;
+-E ` P # C b r # j-------------------+
|S z w Database           |
+--------------------+
| informa) U O K ~ 7 Z Xtion_schema |
| mys# . @ Q .ql              |
| performance_schema |
| sys                |
+-------B & L P w d =-------------+
4 rows in set (0.01 sec)
#创建一个数据库,退出后再次然后~ u J c Q ; 0 K进入容器查看
MySQL [(none)]> create database mydb;
Query OK, 1 row affected (0.00 sec)
MySQL [(none)]> exi^ J C S G / Y # Ht
Bye
[root@localhosB U A  1 ; l vt mysql5.7]# docker exec -it mysql_new /bin/bash
[root@e91 0 t _c9f93766d1 mysql]# mysql
Welcome to the MySQL monitor.  Commands e} Z Q q ^nd with ; or \g.
Yy 7 m cour MySQP V | R 0 VL connection id is 5
Server version: 5.7.20 Source distribution
Copyright (c) 2000, 2017, Oracle and/or its af; Z . & c = 2filiates. All rights reserved.
Oracle is a registered trademark of Od 6 2racle Corporation and/or its
affiliates. Other nK e t g 5 V A m 3ames may be trademarks of their resp3 I M ~ L v Eective
owners.
Type 'help;' or '\h' f@ } 3 A q N |or help. Type '\c' to clear the current input statement.
mysql&gG q I ft; shX E O n / 9 p {ow databases;
+-----------W S G 7 V---------+
| Database           |
+---------------4 b V-----+
| information_schema |
| mydb               |
| mysql              |
| performance_s_ f Q 0chema |
| sys                |
+--------------------+
5 rows in set (0.00 sec)
mysql> exit
Bye
[root@e9c9f93766d1 mysql]# exit
exi0 # H c r . R Vt
[root@localhost mysql5.7]# 

工程中一般不会将MySQL服务放在容器中运行,而是会单独使用服务器部署提供服务(搭建高可用集群架构)