Dockerfile/Containerfile
There is no docker file syntax man page on RHEL.
$ sudo dnf provides "*Dockerfile"
Not root, Subscription Management repositories not updated
buildah-tests-1:1.24.2-4.el9_0.x86_64 : Tests for buildah
Repo : @System
Matched from:
Other : *Dockerfile
$ rpm -ql buildah-tests | egrep "Dockerfile|Containerfile"
/usr/share/buildah/test/system/bud/add-chmod/Dockerfile
/usr/share/buildah/test/system/bud/add-chmod/Dockerfile.bad
...
| Dockerfile instructions | Explenation | Example |
|---|---|---|
| FROM | Base image | FROM registry.redhat.io/ubi8/ubi:8.5 |
| MAINTAINER | MAINTAINER Magnus K Karlsson <magnus.k.karlsson@antigo.se> | |
| LABEL | Adds metadata to an image | LABEL com.example.version="0.0.1-beta" |
| ARG | "Defines a variable that users can pass at build-time to the builder with the docker build command using the --build-arg <varname>=<value> flag." | ARG user1=someuser |
| ENV | Environment variable <key> to the value <value> | ENV MY_NAME="John Doe" ENV PORT=8080 |
| RUN | RUN dnf install -y httpd | |
| USER | "Use USER to change to a non-root user" "Avoid switching USER back and forth frequently" |
USER apache |
| EXPOSE | EXPOSE ${PORT} | |
| ADD or COPY | "generally speaking, COPY is preferred" ADD is local tar file auto-extraction into the image, as in ADD rootfs.tar.xz / |
ADD files.tar.gz ${APACHE_HOME} ADD http://example.com/foobar / |
| WORKDIR | Set the working directory | WORKDIR ${APACHE_HOME} |
| VOLUME | Define a volume mount point | VOLUME ${APACHE_HOME}/data |
| ENTRYPOINT | "set the image’s main command ... then use CMD as the default flags" | ENTRYPOINT ["/usr/sbin/httpd"] |
| CMD | CMD ["sh", "my-start.sh"] |
Reference:
https://docs.docker.com/engine/reference/builder/
https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#dockerfile-instructions
Examples
The order of the instructions is important for USER. First create container user (with specific uid and gid) and then instruct with USER.
After will the instructions be run with the dedicated USER, i.e. later instructions with COPY and ADD, those files will belong to USER.
FROM registry.access.redhat.com/ubi9/ubi
MAINTAINER Magnus K Karlsson <magnus.k.karlsson@antigo.se>
ENV PORT 8080
RUN dnf install -y httpd && \
sed -i "s/Listen 80/Listen ${PORT}/g" /etc/httpd/conf/httpd.conf && \
chown -R apache:apache /etc/httpd/logs/ && \
chown -R apache:apache /run/httpd/
USER apache
EXPOSE ${PORT}
COPY ./index.html /var/www/html
CMD ["httpd", "-D", "FOREGROUND"]
FROM registry.redhat.io/ubi8/ubi:8.5
MAINTAINER Magnus K Karlsson <magnus.k.karlsson@antigo.se>
ARG MYSERVICE_VERSION=1.0.0
ENV MYSERVICE_HOME=/opt/myservice
RUN yum install -y java-1.8.0-openjdk-devel
RUN groupadd -g 2001 myservice && \
useradd -u 2001 -g 2001 myservice && \
chown -R myservice:myservice ${MYSERVICE_HOME} && \
chmod -R 755 ${MYSERVICE_HOME}
USER myservice
EXPOSE 8080
ADD myservice-${MYSERVICE_VERSION}.tar.gz ${MYSERVICE_HOME}
ADD myservice-start.sh ${MYSERVICE_HOME}
WORKDIR ${MYSERVICE_HOME}
VOLUME ${MYSERVICE_HOME}/data
CMD ["sh", "myservice-start.sh"]
Build, Tag and Push
If using official Red Hat repo or other that requires login, you must first login.
$ podman login registry.redhat.io --username you@domain.com
$ podman login quay.io --username you_username
Build, tag and push
$ podman build -t httpd-24-custom:1.0 -f Dockerfile .
$ podman tag localhost/httpd-24-custom quay.io/magnus_k_karlsson/httpd-24-custom:1.0
$ podman push quay.io/magnus_k_karlsson/httpd-24-custom:1.0
Then run
No comments:
Post a Comment