Add BuildKit and docker manifest command. close #390 ,close #391

Signed-off-by: khs1994 <khs1994@khs1994.com>
pull/398/head
khs1994 2019-03-29 11:41:02 +08:00
parent d3c197ddfc
commit 0370871867
No known key found for this signature in database
GPG Key ID: 0A380828B1C243A7
12 changed files with 437 additions and 16 deletions

View File

@ -1,7 +1,8 @@
language: bash
sudo: required
services:
- docker
before_install:
- openssl aes-256-cbc -K $encrypted_6cc8cff04075_key -iv $encrypted_6cc8cff04075_iv
-in .travis/id_rsa.enc -out ~/.ssh/id_rsa -d
@ -10,8 +11,10 @@ before_install:
- date
- git config --global user.name "khs1994"
- git config --global user.email "khs1994@khs1994.com"
script:
- docker run -it --rm -v $PWD:/srv/gitbook-src yeasy/docker_practice build
after_success:
- sudo chmod -R 777 _book
- echo "FROM nginx:1.13.8-alpine" >> Dockerfile
@ -29,14 +32,17 @@ after_success:
- COMMIT=`date "+%F %T"`
- git commit -m "Travis CI Site updated $COMMIT"
- git push -f origin master:"$DEPLOY_BRANCH"
env:
global:
- DEPLOY_BRANCH: pages
# - DEPLOY_BRANCH: legacy-pages
- REPO: git@github.com:yeasy/docker_practice.git
addons:
ssh_known_hosts:
- github.com
branches:
only:
- master

View File

@ -1,5 +1,9 @@
##
* 1.1.0 2019-06-30
* `BuildKit`
* `docker manifest` 使
* 1.0.0: 2018-12-31
* v18.x
* Docker

View File

@ -2,7 +2,7 @@
[![](https://img.shields.io/github/stars/yeasy/docker_practice.svg?style=social&label=Stars)](https://github.com/yeasy/docker_practice) [![](https://travis-ci.org/yeasy/docker_practice.svg?branch=master)](https://travis-ci.org/yeasy/docker_practice) [![](https://img.shields.io/github/release/yeasy/docker_practice/all.svg)](https://github.com/yeasy/docker_practice/releases) [![](https://img.shields.io/badge/Based-Docker%20CE%20v18.x-blue.svg)](https://github.com/docker/docker-ce) [![](https://img.shields.io/badge/Docker%20%E6%8A%80%E6%9C%AF%E5%85%A5%E9%97%A8%E4%B8%8E%E5%AE%9E%E6%88%98-jd.com-red.svg)](https://u.jd.com/tKZmVG)
**v1.0.0**
**v1.1.0**
[Docker](https://www.docker.com) 是个划时代的开源项目,它彻底释放了计算虚拟化的威力,极大提高了应用的维护效率,降低了云计算应用开发的成本!使用 Docker可以让应用的部署、测试和分发都变得前所未有的高效和轻松
@ -40,7 +40,7 @@ Docker 自身仍在快速发展中,生态环境也在蓬勃成长。建议初
* QQ VII 252403484
* QQ VIII544818750
* QQ IX 571502246
* QQ X   145983035
* QQ X 145983035
> [Issues](https://github.com/yeasy/docker_practice/issues/new/choose) 来提出。

View File

@ -41,6 +41,8 @@
* [](image/dockerfile/references.md)
* [Dockerfile ](image/multistage-builds/README.md)
* [ Laravel ](image/multistage-builds/laravel.md)
* [ Docker ](image/manifest.md)
* [使 BuildKit ](image/buildkit.md)
* [](image/other.md)
* [](image/internal.md)
* [](container/README.md)

178
image/buildkit.md 100644
View File

@ -0,0 +1,178 @@
## 使 `BuildKit`
**BuildKit** https://github.com/moby/buildkit 开源。
**使Docker Hub Docker 18.09BuildKit 使使 BuildKit 使 Dockerfile Dockerfile.buildkit**
**docker-compose build BuildKit**
Docker CE 18.09+ 使 `BuildKit` `Dockerfile` Docker
### `BuildKit`
`BuildKit` ****
LinuxmacOS
```bash
$ export DOCKER_BUILDKIT=1
```
Windows
```powershell
$ set $env:DOCKER_BUILDKIT=1
```
> 使
### `Dockerfile`
`BuildKit` 使
#### `RUN --mount=type=cache`
使 `Go` `go mod``Node.js` `npm`
`npm`
```docker
FROM node:alpine as builder
WORKDIR /app
COPY package.json /app/
RUN npm i --registry=https://registry.npm.taobao.org \
&& rm -rf ~/.npm
COPY src /app/src
RUN npm run build
FROM nginx:alpine
COPY --from=builder /app/dist /app/dist
```
使 `dist` `package.json` `RUN npm i && rm -rf ~/.npm`
**** `node_modules` `node_modules` `node_modules`
`BuildKit` `RUN --mount=type=cache`
```docker
# syntax = docker/dockerfile:experimental
FROM node:alpine as builder
WORKDIR /app
COPY package.json /app/
RUN --mount=type=cache,target=/app/node_modules,id=my_app_npm_module,sharing=locked \
--mount=type=cache,target=/root/.npm,id=npm_cache \
npm i --registry=https://registry.npm.taobao.org
COPY src /app/src
RUN --mount=type=cache,target=/app/node_modules,id=my_app_npm_module,sharing=locked \
# --mount=type=cache,target=/app/dist,id=my_app_dist,sharing=locked \
npm run build
FROM nginx:alpine
# COPY --from=builder /app/dist /app/dist
# from source 使 RUN
RUN --mount=type=cache,target=/tmp/dist,from=builder,source=/app/dist \
# --mount=type=cache,target/tmp/dist,from=my_app_dist,sharing=locked \
mkdir -p /app/dist && cp -r /tmp/dist/* /app/dist
```
** `BuildKit` `Dockerfile` **
```docker
# syntax = docker/dockerfile:experimental
```
`RUN` `id` `my_app_npm_module` `/app/node_modules`
`RUN` `node_modules` `node_modules`
`RUN` `from` `builder` `source`
`Dockerfile` `--mount=type=cache,...`
|Option |Description|
|---------------------|-----------|
|`id` | `id` 便|
|`target` () | |
|`ro`,`readonly` | |
|`sharing` | `shared` `private` `locked` `sharing` 使 `BuildKit` 使 `id``shared` `private` 使使`locked` 使|
|`from` | |
|`source` | |
#### `RUN --mount=type=bind`
```docker
# syntax = docker/dockerfile:experimental
RUN --mount=type=bind,from=php:alpine,source=/usr/local/bin/docker-php-entrypoint,target=/docker-php-entrypoint \
cat /docker-php-entrypoint
```
#### `RUN --mount=type=tmpfs`
`tmpfs`
```docker
# syntax = docker/dockerfile:experimental
RUN --mount=type=tmpfs,target=/temp \
mount | grep /temp
```
#### `RUN --mount=type=secret`
```docker
# syntax = docker/dockerfile:experimental
RUN --mount=type=secret,id=aws,target=/root/.aws/credentials \
cat /root/.aws/credentials
```
```bash
$ docker build -t test --secret id=aws,src=$HOME/.aws/credentials .
```
#### `RUN --mount=type=ssh`
`ssh`
```docker
# syntax = docker/dockerfile:experimental
FROM alpine
RUN apk add --no-cache openssh-client
RUN mkdir -p -m 0700 ~/.ssh && ssh-keyscan gitlab.com >> ~/.ssh/known_hosts
RUN --mount=type=ssh ssh git@gitlab.com | tee /hello
```
```bash
$ eval $(ssh-agent)
$ ssh-add ~/.ssh/id_rsa
(Input your passphrase here)
$ docker build -t test --ssh default=$SSH_AUTH_SOCK .
```
###
```bash
$ docker builder prune
```
###
* https://github.com/moby/buildkit/blob/master/frontend/dockerfile/docs/experimental.md

View File

@ -1,13 +0,0 @@
## BuildKit
BuildKit https://github.com/moby/buildkit 开源。
Docker CE 18.09+ 使 BuildKit Docker
```bash
$ export DOCKER_BUILDKIT=1
# Windows
$ set $env:DOCKER_BUILDKIT=1
```

View File

@ -0,0 +1,16 @@
FROM node:alpine as builder
WORKDIR /app
COPY package.json /app/
RUN npm i --registry=https://registry.npm.taobao.org \
&& rm -rf ~/.npm
COPY src /app/src
RUN npm run build
FROM nginx:alpine
COPY --from=builder /app/dist /app/dist

View File

@ -0,0 +1,37 @@
# syntax = docker/dockerfile:experimental
FROM node:alpine as builder
WORKDIR /app
COPY package.json /app/
RUN --mount=type=cache,target=/app/node_modules,id=my_app_npm_module,sharing=locked \
--mount=type=cache,target=/root/.npm,id=npm_cache \
npm i --registry=https://registry.npm.taobao.org
COPY src /app/src
RUN --mount=type=cache,target=/app/node_modules,id=my_app_npm_module,sharing=locked \
# --mount=type=cache,target=/app/dist,id=my_app_dist,sharing=locked \
npm run build
FROM nginx:alpine
# COPY --from=builder /app/dist /app/dist
# from source 使 RUN
RUN --mount=type=cache,target=/tmp/dist,from=builder,source=/app/dist \
# --mount=type=cache,target/tmp/dist,from=my_app_dist,sharing=locked \
mkdir -p /app/dist && cp -r /tmp/dist/* /app/dist
RUN --mount=type=bind,from=php:alpine,source=/usr/local/bin/docker-php-entrypoint,target=/docker-php-entrypoint \
cat /docker-php-entrypoint
RUN --mount=type=tmpfs,target=/temp \
mount | grep /temp
RUN --mount=type=secret,id=aws,target=/root/.aws/credentials \
cat /root/.aws/credentials
# docker build -t test --secret id=aws,src=$PWD/aws.txt --progress=plain -f Dockerfile.buildkit .

View File

@ -0,0 +1 @@
awskey

View File

@ -0,0 +1,11 @@
{
"name": "my_app",
"version": "19.6.0",
"devDependencies": {
"webpack": "*",
"webpack-cli": "*"
},
"scripts": {
"build": "mkdir -p $PWD/dist && cp -r src/* dist/"
}
}

View File

@ -0,0 +1 @@
console.log(1);

178
image/manifest.md 100644
View File

@ -0,0 +1,178 @@
## Docker -- docker manifest
使 Docker 宿 `Linux x86_64` 使 `Linux x86_64`
> macOS 使 [binfmt_misc](https://docs.docker.com/docker-for-mac/multi-arch/) 提供了多种架构支持,在 macOS 系统上 (x86_64) 可以运行 arm 等其他架构的镜像。
`Linux x86_64` `username/test`
```Dockerfile
FROM alpine
CMD echo 1
```
Docker Hub `Linux arm64v8` 使
```bash
$ docker run -it --rm username/test
```
`Linux x86_64` `Linux arm64v8` `username/test` `username/arm64v8-test` 使
Docker
`Linux x86_64` `Linux arm64v8` `$ docker run golang:alpine go version`
`golang:alpine` [`manifest` ](https://docs.docker.com/registry/spec/manifest-v2-2/)。
Docker `manifest` Docker Docker `golang:alpine` `username/test`
使 `$ docker manifest inspect golang:alpine` `manifest`
**** 使
```bash
# LinuxmacOS
$ export DOCKER_CLI_EXPERIMENTAL=enabled
# Windows
$ set $env:DOCKER_CLI_EXPERIMENTAL=enabled
```
> 使
```bash
$ docker manifest inspect golang:alpine
```
```json
{
"schemaVersion": 2,
"mediaType": "application/vnd.docker.distribution.manifest.list.v2+json",
"manifests": [
{
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"size": 1365,
"digest": "sha256:5e28ac423243b187f464d635bcfe1e909f4a31c6c8bce51d0db0a1062bec9e16",
"platform": {
"architecture": "amd64",
"os": "linux"
}
},
{
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"size": 1365,
"digest": "sha256:2945c46e26c9787da884b4065d1de64cf93a3b81ead1b949843dda1fcd458bae",
"platform": {
"architecture": "arm",
"os": "linux",
"variant": "v7"
}
},
{
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"size": 1365,
"digest": "sha256:87fff60114fd3402d0c1a7ddf1eea1ded658f171749b57dc782fd33ee2d47b2d",
"platform": {
"architecture": "arm64",
"os": "linux",
"variant": "v8"
}
},
{
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"size": 1365,
"digest": "sha256:607b43f1d91144f82a9433764e85eb3ccf83f73569552a49bc9788c31b4338de",
"platform": {
"architecture": "386",
"os": "linux"
}
},
{
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"size": 1365,
"digest": "sha256:25ead0e21ed5e246ce31e274b98c09aaf548606788ef28eaf375dc8525064314",
"platform": {
"architecture": "ppc64le",
"os": "linux"
}
},
{
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"size": 1365,
"digest": "sha256:69f5907fa93ea591175b2c688673775378ed861eeb687776669a48692bb9754d",
"platform": {
"architecture": "s390x",
"os": "linux"
}
}
]
}
```
`manifest` `digest` Docker 使 `manifest` ( `golang:alpine`)
使 `$ docker manifest` `manifest` Docker Hub
###
`Linux x86_64` `username/x8664-test` `Linux arm64v8` `username/arm64v8-test` Docker Hub
### `manifest`
```bash
# $ docker manifest create MANIFEST_LIST MANIFEST [MANIFEST...]
$ docker manifest create username/test \
username/x8664-test \
username/arm64v8-test
```
`manifest` `-a,--amend`
### `manifest`
```bash
# $ docker manifest annotate [OPTIONS] MANIFEST_LIST MANIFEST
$ docker manifest annotate username/test \
username/x8664-test \
--os linux --arch x86_64
$ docker manifest annotate username/test \
username/arm64v8-test \
--os linux --arch arm64 --variant v8
```
`manifest`
### `manifest`
```bash
$ docker manifest inspect username/test
```
### `manifest`
Docker Hub
```bash
$ docker manifest push username/test
```
###
`Linux x86_64` `Linux arm64v8` `$ docker run -it --rm username/test`
###
`manifest`
* https://blog.docker.com/2017/11/multi-arch-all-the-things/