Thinking: what do you want to optimize the image?
The means of image optimization
l) select the thinnest basic image -- > core 2) reduce the number of layers of image 3) clean up the intermediate products of image construction -- > useless 4) pay attention to optimizing network requests 5) try to use the build cache as much as possible -- > important (what we do for ourselves) -- > see the mismatch between the downloaded and the actual! 6) use multi-stage to build images
base image: required commands and corresponding dynamic link library (ldd) required by commands (scripts)!
Case demonstration
# (1) level 1 build -- > temporary cache FROM rhel7 as build ADD nginx-1.15.8.tar.gz /mnt COPY dvd.repo /etc/yum.repos.d/dvd.repo WORKDIR /mnt/nginx-1.15.8 # Reconstruct rpm database, reduce the number of layers by & & RM -- > and clean up the intermediate products of image construction! # Cancel debug mode! RUN rpmdb --rebuilddb && yum install -y gcc pcre-devel zlib-devel make && yum clean all && sed -i 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc && ./configure --prefix=/usr/local/nginx && make && make install && rm -fr /mnt/nginx-1.15.8 # (2) secondary construction FROM rhel7 COPY --from=build /usr/local/nginx /usr/local/nginx EXPOSE 80 VOLUME ["/usr/local/nginx/html"] CMD ["/usr/local/nginx/sbin/nginx", "-g", "daemon off;"]
Note: Although the above method has been optimized, because the space occupied by the underlying Bash is too large, there are many things in the bash environment that can not be used to build nginx services, which leads to a waste of resources, so optimize the base image!
Note: optimization of basic image -- > optimization of class library
Optimize basic image -- > multi tier construction
FROM nginx as base # Do not specify the version is nginx:latest
# Add: if there is no local image warehouse, download it from a remote location -- > the precondition is to do a good job of docker login.
# time zone
ARG Asia/Shanghai
# LDD / usr / SBIN / httpd -- > refer to httpd to understand the dynamic connection library required by nginx
RUN mkdir -p /opt/var/cache/nginx && \
cp -a --parents /usr/lib/nginx /opt && \
cp -a --parents /usr/share/nginx /opt && \
cp -a --parents /var/log/nginx /opt && \
cp -aL --parents /var/run /opt && \
cp -a --parents /etc/nginx /opt && \
cp -a --parents /etc/passwd /opt && \
cp -a --parents /etc/group /opt && \
cp -a --parents /usr/sbin/nginx /opt && \
cp -a --parents /lib/x86_64-linux-gnu/libpcre.so.* /opt && \
cp -a --parents /lib/x86_64-linux-gnu/libz.so.* /opt && \
cp -a --parents /lib/x86_64-linux-gnu/libc.so.* /opt && \
cp -a --parents /lib/x86_64-linux-gnu/libdl.so.* /opt && \
cp -a --parents /lib/x86_64-linux-gnu/libpthread.so.* /opt && \
cp -a --parents /lib/x86_64-linux-gnu/libcrypt.so.* /opt && \
cp -a --parents /usr/lib/x86_64-linux-gnu/libssl.so.* /opt && \
cp -a --parents /usr/lib/x86_64-linux-gnu/libcrypto.so.* /opt && \
cp /usr/share/zoneinfo/${TIME_ZONE:-ROC} /opt/etc/localtime
# Multiple & & -- > layers compressed!
FROM gcr.io/distroless/base
COPY --from=base /opt /
EXPOSE 80
VOLUME ["/usr/share/nginx/html"] # nginx default resource directory
ENTRYPOINT ["nginx", "-g", "daemon off;"]
docker build -t rhel7:v6 .
docker run -d --name vm5 -p 80:80 rhel7:v6
docker history rhel7:v6
# Note: after starting (d parameter is OK) -- > look at volume - > find the corresponding directory - > see that there are 50.xml and index.html!error
docker search rhel Error response from daemon: Get https://index.docker.io/v1/search?
Reason
sysctl -a|grep ip_forward # DNS problem -- > network foundation problem # If the image accelerator is not configured properly, try to reconfigure the image accelerator. There is a network problem!