docker_practice/image/buildkit.md

179 lines
6.5 KiB
Go
Raw Normal View History

## 使 `BuildKit`
**BuildKit** https://github.com/moby/buildkit 开源。
**使Docker Hub Docker 18.09BuildKit 使使 BuildKit 使 Dockerfile Dockerfile.buildkit**
**docker-compose build BuildKit**
Docker CE 18.09+ 使 `BuildKit` `Dockerfile` Docker
### `BuildKit`
`BuildKit` ****
LinuxmacOS
```bash
$ export DOCKER_BUILDKIT=1
```
Windows
```powershell
$ set $env:DOCKER_BUILDKIT=1
```
> 使
### `Dockerfile`
`BuildKit` 使
#### `RUN --mount=type=cache`
使 `Go` `go mod``Node.js` `npm`
`npm`
```docker
FROM node:alpine as builder
WORKDIR /app
COPY package.json /app/
RUN npm i --registry=https://registry.npm.taobao.org \
&& rm -rf ~/.npm
COPY src /app/src
RUN npm run build
FROM nginx:alpine
COPY --from=builder /app/dist /app/dist
```
使 `dist` `package.json` `RUN npm i && rm -rf ~/.npm`
**** `node_modules` `node_modules` `node_modules`
`BuildKit` `RUN --mount=type=cache`
```docker
# syntax = docker/dockerfile:experimental
FROM node:alpine as builder
WORKDIR /app
COPY package.json /app/
RUN --mount=type=cache,target=/app/node_modules,id=my_app_npm_module,sharing=locked \
--mount=type=cache,target=/root/.npm,id=npm_cache \
npm i --registry=https://registry.npm.taobao.org
COPY src /app/src
RUN --mount=type=cache,target=/app/node_modules,id=my_app_npm_module,sharing=locked \
# --mount=type=cache,target=/app/dist,id=my_app_dist,sharing=locked \
npm run build
FROM nginx:alpine
# COPY --from=builder /app/dist /app/dist
# from source 使 RUN
RUN --mount=type=cache,target=/tmp/dist,from=builder,source=/app/dist \
# --mount=type=cache,target/tmp/dist,from=my_app_dist,sharing=locked \
mkdir -p /app/dist && cp -r /tmp/dist/* /app/dist
```
** `BuildKit` `Dockerfile` **
```docker
# syntax = docker/dockerfile:experimental
```
`RUN` `id` `my_app_npm_module` `/app/node_modules`
`RUN` `node_modules` `node_modules`
`RUN` `from` `builder` `source`
`Dockerfile` `--mount=type=cache,...`
|Option |Description|
|---------------------|-----------|
|`id` | `id` 便|
|`target` () | |
|`ro`,`readonly` | |
|`sharing` | `shared` `private` `locked` `sharing` 使 `BuildKit` 使 `id``shared` `private` 使使`locked` 使|
|`from` | |
|`source` | |
#### `RUN --mount=type=bind`
```docker
# syntax = docker/dockerfile:experimental
RUN --mount=type=bind,from=php:alpine,source=/usr/local/bin/docker-php-entrypoint,target=/docker-php-entrypoint \
cat /docker-php-entrypoint
```
#### `RUN --mount=type=tmpfs`
`tmpfs`
```docker
# syntax = docker/dockerfile:experimental
RUN --mount=type=tmpfs,target=/temp \
mount | grep /temp
```
#### `RUN --mount=type=secret`
```docker
# syntax = docker/dockerfile:experimental
RUN --mount=type=secret,id=aws,target=/root/.aws/credentials \
cat /root/.aws/credentials
```
```bash
$ docker build -t test --secret id=aws,src=$HOME/.aws/credentials .
```
#### `RUN --mount=type=ssh`
`ssh`
```docker
# syntax = docker/dockerfile:experimental
FROM alpine
RUN apk add --no-cache openssh-client
RUN mkdir -p -m 0700 ~/.ssh && ssh-keyscan gitlab.com >> ~/.ssh/known_hosts
RUN --mount=type=ssh ssh git@gitlab.com | tee /hello
```
```bash
$ eval $(ssh-agent)
$ ssh-add ~/.ssh/id_rsa
(Input your passphrase here)
$ docker build -t test --ssh default=$SSH_AUTH_SOCK .
```
###
```bash
$ docker builder prune
```
###
* https://github.com/moby/buildkit/blob/master/frontend/dockerfile/docs/experimental.md