侧边栏壁纸
博主头像
运维匠博主等级

生活百般滋味,人生需要笑对

  • 累计撰写 24 篇文章
  • 累计创建 2 个标签
  • 累计收到 0 条评论

目 录CONTENT

文章目录

Docker镜像反推Dockerfile文件

admin
2024-04-12 / 0 评论 / 0 点赞 / 16 阅读 / 9113 字
温馨提示:
本文最后更新于 2024-04-12,若内容或图片失效,请留言反馈。部分素材来自网络,若不小心影响到您的利益,请联系我们删除。

Docker镜像反推Dockerfile文件

以nginx为例,我们要分析一下该镜像构建以及产出的Dockerfile过程

docker history

这个工具是docker自带的,一般情况下它可以满足我们查看构建过程的需求,但是不会很完美

看一下帮助文档

docker history --help

Usage:  docker history [OPTIONS] IMAGE

Show the history of an image

Aliases:
  docker image history, docker history

Options:
      --format string   Format output using a custom template:
                        'table':            Print output in table format
                        with column headers (default)
                        'table TEMPLATE':   Print output in table format
                        using the given Go template
                        'json':             Print in JSON format
                        'TEMPLATE':         Print output using the given
                        Go template.
                        Refer to https://docs.docker.com/go/formatting/
                        for more information about formatting output with
                        templates
  -H, --human           Print sizes and dates in human readable format
                        (default true)
      --no-trunc        Don't truncate output
  -q, --quiet           Only show image IDs

进行查询

docker history nginx
IMAGE          CREATED       CREATED BY                                       SIZE      COMMENT
92b11f67642b   8 weeks ago   CMD ["nginx" "-g" "daemon off;"]                 0B        buildkit.dockerfile.v0
<missing>      8 weeks ago   STOPSIGNAL SIGQUIT                               0B        buildkit.dockerfile.v0
<missing>      8 weeks ago   EXPOSE map[80/tcp:{}]                            0B        buildkit.dockerfile.v0
<missing>      8 weeks ago   ENTRYPOINT ["/docker-entrypoint.sh"]             0B        buildkit.dockerfile.v0
<missing>      8 weeks ago   COPY 30-tune-worker-processes.sh /docker-ent鈥?  4.62kB    buildkit.dockerfile.v0
<missing>      8 weeks ago   COPY 20-envsubst-on-templates.sh /docker-ent鈥?  3.02kB    buildkit.dockerfile.v0
<missing>      8 weeks ago   COPY 15-local-resolvers.envsh /docker-entryp鈥?  336B      buildkit.dockerfile.v0
<missing>      8 weeks ago   COPY 10-listen-on-ipv6-by-default.sh /docker鈥?  2.12kB    buildkit.dockerfile.v0
<missing>      8 weeks ago   COPY docker-entrypoint.sh / # buildkit           1.62kB    buildkit.dockerfile.v0
<missing>      8 weeks ago   RUN /bin/sh -c set -x     && groupadd --syst鈥?  112MB     buildkit.dockerfile.v0
<missing>      8 weeks ago   ENV PKG_RELEASE=1~bookworm                       0B        buildkit.dockerfile.v0
<missing>      8 weeks ago   ENV NJS_VERSION=0.8.3                            0B        buildkit.dockerfile.v0
<missing>      8 weeks ago   ENV NGINX_VERSION=1.25.4                         0B        buildkit.dockerfile.v0
<missing>      8 weeks ago   LABEL maintainer=NGINX Docker Maintainers <d鈥?  0B        buildkit.dockerfile.v0
<missing>      8 weeks ago   /bin/sh -c #(nop)  CMD ["bash"]                  0B      
<missing>      8 weeks ago   /bin/sh -c #(nop) ADD file:b86ae1c7ca3586d8f鈥?  74.8MB

由于是逆序排序,所以我们需要从下往上看,并且呢命令比较长的话不是很友好。还有它删除了RUN命令,仅仅可以看到RUN命令后面的内容。

为了看完整的过程,可以使用如下命令

docker history --format {{.CreatedBy}} --no-trunc=true 镜像名称/镜像ID|sed "s?/bin/sh\ -c\ \#(nop)\ ??g"|sed "s?/bin/sh\ -c?RUN?g" | tac

示例:

docker history --format {{.CreatedBy}} --no-trunc=true nginx|sed "s?/bin/sh\ -c\ \#(nop)\ ??g"|sed "s?/bin/sh\ -c?RUN?g" | tac

输出结果:

ADD file:d4bb05cb4d403a78b4ab5cd8d620330659d5aeb25f847d104ebc02c3a0f32624 in / 
 CMD ["bash"]
LABEL maintainer=NGINX Docker Maintainers <docker-maint@nginx.com>
ENV NGINX_VERSION=1.25.4
ENV NJS_VERSION=0.8.3
ENV PKG_RELEASE=1~bookworm
RUN RUN set -x     && groupadd --system --gid 101 nginx     && useradd --system --gid nginx --no-create-home --home /nonexistent --comment "nginx user" --shell /bin/false --uid 101 nginx     && apt-get update     && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 ca-certificates     &&     NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62;     NGINX_GPGKEY_PATH=/usr/share/keyrings/nginx-archive-keyring.gpg;     export GNUPGHOME="$(mktemp -d)";     found='';     for server in         hkp://keyserver.ubuntu.com:80         pgp.mit.edu     ; do         echo "Fetching GPG key $NGINX_GPGKEY from $server";         gpg1 --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break;     done;     test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1;     gpg1 --export "$NGINX_GPGKEY" > "$NGINX_GPGKEY_PATH" ;     rm -rf "$GNUPGHOME";     apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/*     && dpkgArch="$(dpkg --print-architecture)"     && nginxPackages="         nginx=${NGINX_VERSION}-${PKG_RELEASE}         nginx-module-xslt=${NGINX_VERSION}-${PKG_RELEASE}         nginx-module-geoip=${NGINX_VERSION}-${PKG_RELEASE}         nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE}         nginx-module-njs=${NGINX_VERSION}+${NJS_VERSION}-${PKG_RELEASE}     "     && case "$dpkgArch" in         amd64|arm64)             echo "deb [signed-by=$NGINX_GPGKEY_PATH] https://nginx.org/packages/mainline/debian/ bookworm nginx" >> /etc/apt/sources.list.d/nginx.list             && apt-get update             ;;         *)             echo "deb-src [signed-by=$NGINX_GPGKEY_PATH] https://nginx.org/packages/mainline/debian/ bookworm nginx" >> /etc/apt/sources.list.d/nginx.list                         && tempDir="$(mktemp -d)"             && chmod 777 "$tempDir"                         && savedAptMark="$(apt-mark showmanual)"                         && apt-get update             && apt-get build-dep -y $nginxPackages             && (                 cd "$tempDir"                 && DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)"                     apt-get source --compile $nginxPackages             )                         && apt-mark showmanual | xargs apt-mark auto > /dev/null             && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; }                         && ls -lAFh "$tempDir"             && ( cd "$tempDir" && dpkg-scanpackages . > Packages )             && grep '^Package: ' "$tempDir/Packages"             && echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list             && apt-get -o Acquire::GzipIndexes=false update             ;;     esac         && apt-get install --no-install-recommends --no-install-suggests -y                         $nginxPackages                         gettext-base                         curl     && apt-get remove --purge --auto-remove -y && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list         && if [ -n "$tempDir" ]; then         apt-get purge -y --auto-remove         && rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list;     fi     && ln -sf /dev/stdout /var/log/nginx/access.log     && ln -sf /dev/stderr /var/log/nginx/error.log     && mkdir /docker-entrypoint.d # buildkit
COPY docker-entrypoint.sh / # buildkit
COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d # buildkit
COPY 15-local-resolvers.envsh /docker-entrypoint.d # buildkit
COPY 20-envsubst-on-templates.sh /docker-entrypoint.d # buildkit
COPY 30-tune-worker-processes.sh /docker-entrypoint.d # buildkit
ENTRYPOINT ["/docker-entrypoint.sh"]
EXPOSE map[80/tcp:{}]
STOPSIGNAL SIGQUIT
CMD ["nginx" "-g" "daemon off;"]

评论区