1涡贱、把容器內(nèi)需要?到的?件全部復(fù)制到容器中

2、設(shè)置?個(gè)?作?錄惹想，把項(xiàng)?代碼共享到?作?錄中運(yùn)?

3、把需要執(zhí)?的shell命令寫在?個(gè).sh?件中督函，統(tǒng)?執(zhí)?嘀粱。因?yàn)镈ockerfile 的指令每執(zhí)??次都會(huì)在 docker 上新建?層激挪。所以過多?意

義的層，會(huì)造成鏡像膨脹過?锋叨；RUN 是在 docker build執(zhí)?腳本

4垄分、配置容器啟動(dòng)?動(dòng)執(zhí)?腳本，CMD 在docker run 時(shí)運(yùn)?運(yùn)?腳本

DockerFile腳本

1# 基于鏡像基礎(chǔ)

FROM python:3.9.5

# 復(fù)制?件到容器中

ADD ./docker/pip.conf /root/.pip/pip.conf

ADD ./docker/sources.list /etc/apt/sources.list

ADD ./docker/openssl.cnf /etc/ssl/openssl.cnf

ADD ./docker/localtime /etc/localtime

ADD ./docker/requirements.txt /var/requirements.txt

ADD ./docker/startup.sh /var/startup.sh

ADD ./docker/install.sh /var/install.sh

# ?作?錄 /var/app

WORKDIR /var/app

RUN /var/install.sh

CMD /var/startup.sh

環(huán)境?件解析

pip.conf

配置pip國內(nèi)源娃磺，容器內(nèi)?件路徑：/root/.pip/pip.conf

[global]

index-url=https://mirrors.aliyun.com/pypi/simple/

sources.list

配置容器環(huán)境包下載的國內(nèi)源薄湿，容器內(nèi)?件路徑：/etc/apt/sources.list

deb http://mirrors.aliyun.com/debian/ buster main non-free contrib

deb http://mirrors.aliyun.com/debian-security buster/updates main

deb http://mirrors.aliyun.com/debian/ buster-updates main non-free contrib

deb http://mirrors.aliyun.com/debian/ buster-backports main non-free contrib

deb-src http://mirrors.aliyun.com/debian-security buster/updates main

deb-src http://mirrors.aliyun.com/debian/ buster main non-free contrib

deb-src http://mirrors.aliyun.com/debian/ buster-updates main non-free contrib

deb-src http://mirrors.aliyun.com/debian/ buster-backports main non-free cont

openssl.cnf

處理ssl.SSLError: [SSL: DH_KEY_TOO_SMALL] dh key too small問題

容器內(nèi)?件路徑：/etc/ssl/openssl.cnf

修改?件參數(shù)即可

[system_default_sect]

MinProtocol = TLSv1.2

#CipherString = DEFAULT@SECLEVEL=2

CipherString = DEFAULT@SECLEVEL=1

localtime

同步系統(tǒng)時(shí)間到容器內(nèi)，容器內(nèi)?件路徑：/etc/localtime

install.sh

構(gòu)建容器時(shí)需要執(zhí)?的shell命令

#!/bin/bash

set -e

apt update

apt install -y cron libsasl2-dev python-dev libldap2-dev libssl-dev nodejs

pip install --upgrade pip

pip install -r /var/requirements.txt

chmod -R 777 /var/startup.sh

startup.sh

容器啟動(dòng)時(shí)?動(dòng)執(zhí)?的腳本命令偷卧，?般是直接啟動(dòng)項(xiàng)?

#!/bin/bash

set -e

service cron start

pip install -r requirements.txt

python manage.py runserver 0.0.0.0:8000

docker鏡像構(gòu)建

準(zhǔn)備好以上?件之后豺瘤，在Dockerfile?件?錄下執(zhí)??下命令構(gòu)建鏡像：

docker build -t image-nam