Benutzer-Werkzeuge
admin_grundlagen:docker:build
Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen gezeigt.
| Beide Seiten, vorherige Überarbeitung Vorherige Überarbeitung Nächste Überarbeitung | Vorherige Überarbeitung | ||
|
admin_grundlagen:docker:build [2026/05/22 19:59] ingo_wichmann [Docker Image aktualisieren] |
admin_grundlagen:docker:build [2026/06/01 12:13] (aktuell) peter_rossbach2 [Docker Image aktualisieren] |
||
|---|---|---|---|
| Zeile 11: | Zeile 11: | ||
| (( anders als das Image aus https://hub.docker.com/_/debian ist dieses Image nicht reproduzierbar )) | (( anders als das Image aus https://hub.docker.com/_/debian ist dieses Image nicht reproduzierbar )) | ||
| sudo debootstrap --variant=minbase trixie ./debian http://debian/debian | sudo debootstrap --variant=minbase trixie ./debian http://debian/debian | ||
| + | (( unter RockyLinux ''--keyring'' ergänzen: | ||
| + | sudo debootstrap --variant=minbase --keyring=/usr/share/keyrings/debian-archive-trixie-stable.gpg trixie ./debian http://debian.linuxhotel.de/debian | ||
| + | )) | ||
| sudo tar cC debian/ . | docker image import - ingo/debian:trixie | sudo tar cC debian/ . | docker image import - ingo/debian:trixie | ||
| Tag ''latest'' hinzufügen: | Tag ''latest'' hinzufügen: | ||
| Zeile 23: | Zeile 26: | ||
| mkdir nginx | mkdir nginx | ||
| cd nginx | cd nginx | ||
| + | ++++ podman | | ||
| + | bei Podman darf die Datei auch ''Containerfile'' heißen | ||
| + | ++++ | ||
| <file txt Dockerfile> | <file txt Dockerfile> | ||
| FROM ingo/debian:trixie | FROM ingo/debian:trixie | ||
| Zeile 40: | Zeile 46: | ||
| LABEL org.opencontainers.image.created=$REFRESHED_AT | LABEL org.opencontainers.image.created=$REFRESHED_AT | ||
| </file> (( https://docs.docker.com/reference/dockerfile/ )) | </file> (( https://docs.docker.com/reference/dockerfile/ )) | ||
| - | ++++ podman | | ||
| - | bei Podman darf die Datei auch ''Containerfile'' heißen | ||
| - | ++++ | ||
| ++++ ENTRYPOINT / CMD / run-Command | | ++++ ENTRYPOINT / CMD / run-Command | | ||
| ^ ''ENTRYPOINT'' ^ ''CMD'' ^ run-Command ^ ausgeführt wird ^ | ^ ''ENTRYPOINT'' ^ ''CMD'' ^ run-Command ^ ausgeführt wird ^ | ||
| Zeile 85: | Zeile 88: | ||
| When you use the --pull flag, Podman is forced to try downloading a fresh version of that base image from an external source. Because it sees localhost/ingo/debian:trixie, Podman literally looks for a web-facing registry running on your actual machine (https://localhost/v2/). Since you don't have a container registry service actively running on port 443 of your host machine, the network request fails with "connection refused" | When you use the --pull flag, Podman is forced to try downloading a fresh version of that base image from an external source. Because it sees localhost/ingo/debian:trixie, Podman literally looks for a web-facing registry running on your actual machine (https://localhost/v2/). Since you don't have a container registry service actively running on port 443 of your host machine, the network request fails with "connection refused" | ||
| + | Unter Debian mit Docker version 26.1.5+dfsg1, build a72d7cd klappt ''--pull'' auch nicht. | ||
| + | ERROR: failed to solve: ingo/debian:trixie: failed to resolve source metadata for docker.io/ingo/debian:trixie: pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed | ||
| ++++ | ++++ | ||
| Zeile 101: | Zeile 106: | ||
| </code> | </code> | ||
| + | |||
| + | Nginx as Systemd: | ||
| + | |||
| + | <code bash> | ||
| + | mkdir ~/ubi9-nginx && cd ~/ubi9-nginx | ||
| + | cat >Dockerfile <<EOR | ||
| + | FROM registry.access.redhat.com/ubi9/ubi-init | ||
| + | RUN cat <<'EOF' >/etc/yum.repos.d/nginx.repo | ||
| + | [nginx-stable] | ||
| + | name=nginx stable repo | ||
| + | baseurl=http://nginx.org/packages/rhel/9/\$basearch/ | ||
| + | gpgcheck=1 | ||
| + | enabled=1 | ||
| + | gpgkey=https://nginx.org/keys/nginx_signing.key | ||
| + | module_hotfixes=true | ||
| + | EOF | ||
| + | |||
| + | RUN dnf -y install nginx \ | ||
| + | && dnf clean all \ | ||
| + | && systemctl enable nginx | ||
| + | STOPSIGNAL SIGRTMIN+3 | ||
| + | CMD ["/sbin/init"] | ||
| + | EOR | ||
| + | |||
| + | docker build -t ubi9-nginx-systemd:0.0.1 . | ||
| + | docker run --name ubi9-nginx --privileged -d -p 8090:80 ubi9-nginx-systemd:0.0.1 | ||
| + | docker exec -it ubi9-nginx nginx -v | ||
| + | docker exec -it ubi9-nginx systemctl status | ||
| + | docker exec -it ubi9-nginx journalctl -u nginx | ||
| + | # ups.. | ||
| + | docker logs ubi9-nginx | ||
| + | </code> | ||
| + | |||
| + | <code bash> | ||
| + | # build with compose | ||
| + | cat >compose.yml <<EOR | ||
| + | services: | ||
| + | nginx: | ||
| + | build: . | ||
| + | privileged: true | ||
| + | ports: | ||
| + | - "8090:80" | ||
| + | tmpfs: | ||
| + | - /run | ||
| + | - /run/lock | ||
| + | - /tmp | ||
| + | stop_signal: SIGRTMIN+3 | ||
| + | EOR | ||
| + | docker compose build | ||
| + | docker compose up -d | ||
| + | docker compose exec nginx ps -ef | ||
| + | docker compose down | ||
| + | </code> | ||
| + | |||
| + | ++++ this doesn't solve the console logging problem | | ||
| + | |||
| + | <code bash> | ||
| + | |||
| + | cat >Dockerfile <<EOR | ||
| + | FROM registry.access.redhat.com/ubi9/ubi-init | ||
| + | RUN cat <<'EOF' >/etc/yum.repos.d/nginx.repo | ||
| + | [nginx-stable] | ||
| + | name=nginx stable repo | ||
| + | baseurl=http://nginx.org/packages/rhel/9/\$basearch/ | ||
| + | gpgcheck=1 | ||
| + | enabled=1 | ||
| + | gpgkey=https://nginx.org/keys/nginx_signing.key | ||
| + | module_hotfixes=true | ||
| + | EOF | ||
| + | |||
| + | RUN dnf -y install nginx \ | ||
| + | && dnf clean all | ||
| + | |||
| + | # nginx logs to files (important for tail) | ||
| + | RUN mkdir -p /var/log/nginx | ||
| + | |||
| + | # systemd override for nginx | ||
| + | RUN mkdir -p /etc/systemd/system/nginx.service.d && \ | ||
| + | cat <<'EOF' >/etc/systemd/system/nginx.service.d/override.conf | ||
| + | [Service] | ||
| + | StandardOutput=journal | ||
| + | StandardError=journal | ||
| + | EOF | ||
| + | |||
| + | # log forwarder service | ||
| + | RUN cat <<'EOF' >/etc/systemd/system/nginx-log-forwarder.service | ||
| + | [Unit] | ||
| + | Description=Nginx log forwarder | ||
| + | After=nginx.service | ||
| + | Requires=nginx.service | ||
| + | [Service] | ||
| + | Type=simple | ||
| + | ExecStart=/bin/sh -c '/usr/bin/tail -F /var/log/nginx/access.log /var/log/nginx/error.log' | ||
| + | Restart=always | ||
| + | [Install] | ||
| + | WantedBy=multi-user.target | ||
| + | EOF | ||
| + | |||
| + | RUN systemctl enable nginx \ | ||
| + | && systemctl enable nginx-log-forwarder | ||
| + | STOPSIGNAL SIGRTMIN+3 | ||
| + | CMD ["/sbin/init"] | ||
| + | EOR | ||
| + | |||
| + | # docker | ||
| + | docker compose build | ||
| + | docker compose up -d | ||
| + | curl 127.0.0.1:8090 | ||
| + | docker compose exec nginx systemctl status nginx-log-forwarder | ||
| + | docker compose exec nginx journalctl -u nginx-log-forwarder | ||
| + | # see access logs | ||
| + | docker logs nginx_nginx_1 | ||
| + | |||
| + | # podman | ||
| + | podman compose build | ||
| + | podman compose up -d | ||
| + | curl 127.0.0.1:8090 | ||
| + | podman compose exec nginx systemctl status nginx-log-forwarder | ||
| + | podman compose exec nginx journalctl -u nginx-log-forwarder | ||
| + | # see access logs | ||
| + | podman logs nginx_nginx_1 | ||
| + | # no logging output! | ||
| + | </code> | ||
| + | |||
| + | ++++ | ||
admin_grundlagen/docker/build.1779479967.txt.gz · Zuletzt geändert: 2026/05/22 19:59 von ingo_wichmann
Seiten-Werkzeuge
Falls nicht anders bezeichnet, ist der Inhalt dieses Wikis unter der folgenden Lizenz veröffentlicht: CC Attribution-Noncommercial-Share Alike 4.0 International
