基于RockyLinux官方base镜像、分层构建自定义Nginx及常见版本Java基础镜像
1 基于RockyLinux官方base镜像、分层构建自定义Nginx及常见版本Java基础镜像
1.1 Nginx
1.1.1 镜像制作规划
1.1.1.1 RockyLinux基础镜像制作
1.1.1.1.1 镜像文件列表
root@master01:/opt/k8s-data/dockerfile/system/rockylinux# tree
.
├── Dockerfile
├── build-command.sh
└── filebeat-8.19.10-x86_64.rpm
1 directory, 3 files
1.1.1.1.2 Dockerfile文件内容
安装基础命令并设置中国时区
安装基础命令并设置中国时区
root@master01:/opt/k8s-data/dockerfile/system/rockylinux# cat Dockerfile
#自定义Centos 基础镜像
FROM registry.cn-hangzhou.aliyuncs.com/myhubregistry/rockylinux:9.3.20231119
LABEL maintainer="YourName <your E-mail>" \
version="1.0" \
description="This is a myserver project image"
ADD filebeat-8.19.10-x86_64.rpm /tmp
#RUN cd /etc/yum.repos.d/ && rm -rf ./*
#ADD Centos-7.repo /etc/yum.repos.d/Centos-7.repo
RUN yum makecache && yum install -y /tmp/filebeat-8.19.10-x86_64.rpm procps-ng vim wget tree iputils telnet gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop && echo "alias ll='ls -l'" >> ~/.bashrc && rm -rf /etc/localtime /tmp/filebeat-8.19.10-x86_64.rpm && ln -snf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && useradd nginx -u 2088
1.1.1.1.3 build-command脚本
基于脚本实现镜像自动build及上传到harbor功能
#!/bin/bash
nerdctl build -t harbor.zhou-kai.com/baseimages/myserver-rockylinux-base:9.3.20260214 .
nerdctl push harbor.zhou-kai.com/baseimages/myserver-rockylinux-base:9.3.20260214
1.1.1.1.4 执行脚本构建Rocky Linux基础镜像
构建完成后自动上传至本地harbor服务器
root@master01:/opt/k8s-data/dockerfile/system/rockylinux# bash build-command.sh
[+] Building 480.7s (8/8)
=> [internal] load build definition from Dockerfile 0.1s
=> => transferring dockerfile: 859B 0.0s
[+] Building 481.3s (8/8) FINISHED
=> [internal] load build definition from Dockerfile 0.1s
=> => transferring dockerfile: 859B 0.0s
=> [internal] load metadata for registry.cn-hangzhou.aliy 36.6s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load build context 5.0s
=> => transferring context: 67.59MB 5.0s
=> [1/3] FROM registry.cn-hangzhou.aliyuncs.com/myhubregi 20.3s
=> => resolve registry.cn-hangzhou.aliyuncs.com/myhubregis 0.0s
=> => sha256:446f83f14b236772583d069e6f 64.31MB / 64.31MB 12.7s
=> => extracting sha256:446f83f14b236772583d069e6f46a75e7e 7.2s
=> [2/3] ADD filebeat-8.19.10-x86_64.rpm /tmp 0.6s
=> [3/3] RUN yum makecache && yum install -y /tmp/filebe 275.5s
=> exporting to docker image format 147.0s
=> => exporting layers 49.5s
=> => exporting manifest sha256:fd986a5ddd0d0884504f905a8c 0.0s: => => exporting config sha256:5b0dcbb40b77b1738004abf456b5 0.0s0 => => sending tarball 97.4s
Loaded image: harbor.zhou-kai.com/baseimages/myserver-rockylinux-base:9.3.20260214
INFO[0000] pushing as a reduced-platform image (application/vnd.docker.distribution.manifest.v2+json, sha256:fd986a5ddd0d0884504f905a8c9232302a1a0b7b10ef0b594198542a7804c7f8)
manifest-sha256:fd986a5ddd0d0884504f905a8c9232302a1a0b7b10ef0b594198542a7804c7f8: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:d14c567a6cfd0bcbcfa81e5b13d6751bd2e3743f8b0c646ef4ba0d14342a27c3: done |++++++++++++++++++++++++++++++++++++++|
config-sha256:5b0dcbb40b77b1738004abf456b5eaa388b0a1d703216a7b52d55338ac729a9d: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:446f83f14b236772583d069e6f46a75e7e5456add656d1415a452618189fb825: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:724ea8ef63daeea414fcf2fe05d63005f861b7589b84d9997adbd2920c71ecf9: done |++++++++++++++++++++++++++++++++++++++|
elapsed: 21.4s total: 350.4 (16.4 MiB/s)
1.1.1.2 Nginx基础镜像制作
制作一个通用的Nginx镜像
1.1.1.2.1 镜像文件列表
root@master01:/opt/k8s-data/dockerfile/web/pub-images/nginx-base#
tree
.
├── Dockerfile
├── build-command.sh
└── nginx-1.28.1.tar.gz
1 directory, 3 files
1.1.1.2.2 Dockerfile文件内容
#Nginx Base Image
FROM harbor.zhou-kai.com/baseimages/myserver-rockylinux-base:9.3.20260214
LABEL maintainer="YourName <Your E-mail>" \
version="1.0" \
description="This is a myserver project image"
ARG NGINX_VERSION=1.28.1
RUN yum install -y vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop
ADD nginx-${NGINX_VERSION}.tar.gz /usr/local/src/
RUN cd /usr/local/src/nginx-${NGINX_VERSION} && ./configure && make && make install && ln -sv /usr/local/nginx/sbin/nginx /usr/sbin/nginx &&rm -rf /usr/local/src/nginx-${NGINX_VERSION}.tar.gz
1.1.1.2.3 build-command脚本
基于脚本实现镜像自动build及上传到harbor功能
#!/bin/bash
nerdctl build -t harbor.zhou-kai.com/pub-images/nginx-base:v1.28.1 .
nerdctl push harbor.zhou-kai.com/pub-images/nginx-base:v1.28.1
root@master01:/opt/k8s-data/dockerfile/web/pub-images/nginx-base
1.1.1.2.4 执行脚本构建Nginx基础镜像
root@master01:/opt/k8s-data/dockerfile/web/pub-images/nginx-base# bash build-command.sh
[+] Building 109.7s (9/9)
=> [internal] load build definition from Dockerfile 0.0s
[+] Building 109.9s (9/9)
[+] Building 110.1s (9/9) FINISHED
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 737B 0.0s
=> [internal] load metadata for harbor.zhou-kai.com/baseimages/myserver-rockylinux-base:9.3.20260214 10.1s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [1/4] FROM harbor.zhou-kai.com/baseimages/myserver-rockylinux-base:9.3.20260214@sha256:fd986a5ddd0d0884504f905a8c9232302a1a 0.1s
=> => resolve harbor.zhou-kai.com/baseimages/myserver-rockylinux-base:9.3.20260214@sha256:fd986a5ddd0d0884504f905a8c9232302a1a 0.1s
=> [internal] load build context 0.0s
=> => transferring context: 42B 0.0s
=> CACHED [2/4] RUN yum install -y vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-d 0.0s
=> CACHED [3/4] ADD nginx-1.28.1.tar.gz /usr/local/src/ 0.0s
=> CACHED [4/4] RUN cd /usr/local/src/nginx-1.28.1 && ./configure && make && make install && ln -sv /usr/local/nginx/sbin/ng 0.0s
=> exporting to docker image format 99.3s
=> => exporting layers 0.0s
=> => exporting manifest sha256:8ed416a4c314522352b5df792d5c2bbbbbe5edfd73bc3229b39a7c9c727187d1 0.0s. => => exporting config sha256:0130a9057f3eba9d7fab52c58c4d6176c11350f89149e22c3d1386868c55d10a 0.0s
=> => sending tarball 99.3s
INFO[0000] pushing as a reduced-platform image (application/vnd.docker.distribution.manifest.v2+json, sha256:8ed416a4c314522352b5df792d5c2bbbbbe5edfd73bc3229b39a7c9c727187d1)
manifest-sha256:8ed416a4c314522352b5df792d5c2bbbbbe5edfd73bc3229b39a7c9c727187d1: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:c5d27a9fa3f2a757d3f6a9624d191779f17b483c5f9ee38664711f319e1ef44c: done |++++++++++++++++++++++++++++++++++++++|
config-sha256:0130a9057f3eba9d7fab52c58c4d6176c11350f89149e22c3d1386868c55d10a: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:446f83f14b236772583d069e6f46a75e7e5456add656d1415a452618189fb825: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:724ea8ef63daeea414fcf2fe05d63005f861b7589b84d9997adbd2920c71ecf9: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:d14c567a6cfd0bcbcfa81e5b13d6751bd2e3743f8b0c646ef4ba0d14342a27c3: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:fed8c78e509c0878123025222d8c10354a99cfe853e81a08313918565942123a: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:65affb770ac39aac28d316f2a5e3516d51d7e0b190b9e3e420d8ac673f7d4d7e: done |++++++++++++++++++++++++++++++++++++++|
elapsed: 22.8s total: 362.1 (15.9 MiB/s)
1.1.1.3 Nginx业务镜像制作
基于Nginx基础镜像,制作不同服务的Nginx业务镜像
1.1.1.3.1 镜像文件列表
# tree
.
├── Dockerfile
├── build-command.sh
├── index.html
├── nginx.conf
├── webapp
│ └── index.html
└── webapp.tar.gz
2 directories, 6 files
1.1.1.3.2 Dockerfile文件内容
#Nginx 1.28.1
FROM harbor.zhou-kai.com/pub-images/nginx-base:v1.28.1
ADD nginx.conf /usr/local/nginx/conf/nginx.conf
#可选添加静态文件
ADD webapp.tar.gz /usr/local/nginx/html/webapp/
ADD index.html /usr/local/nginx/html/index.html
RUN ln -sf /dev/stdout /usr/local/nginx/logs/access.log && ln -sf /dev/stderr /usr/local/nginx/logs/error.log
#可选静态资源挂载路径、目录会自动初始化
#RUN mkdir -p /usr/local/nginx/html/webapp/static /usr/local/nginx/html/webapp/images
EXPOSE 80 443
CMD ["nginx"]
1.1.1.3.3 buid-command脚本
#!/bin/bash
TAG=$1
nerdctl build -t harbor.zhou-kai.com/myserver/frontend-web:${TAG} .
echo "镜像构建完成,即将上传到harbor"
nerdctl push harbor.zhou-kai.com/myserver/frontend-web:${TAG}
#echo "镜像上传到harbor完成"
1.1.1.3.4 执行脚本构建Nginx业务镜像
# bash build-command.sh v1
1.2 Tomcat
基于基础的RockyLinux镜像,制作公司内部基础镜像-->JDK镜像-->Tomcat基础镜像-->Tomcat业务镜像.
1.2.1 OracleJDK基础镜像制作
1.2.1.1 JDK基础镜像文件列表
root@master01:/opt/k8s-data/dockerfile/web/pub-images/oraclejdk-1.8.212# ls
Dockerfile jdk-8u212-linux-x64.tar.gz profile
build-command.sh jdk1.8.0_212
1.2.1.2 Dockerfile文件内容
#JDK Base Image
FROM harbor.zhou-kai.com/baseimages/myserver-rockylinux-base:9.3.20260214
LABEL maintainer="YourName <Your Email>" \
version="1.0" \
description="This is a myserver project image"
ADD jdk-8u212-linux-x64.tar.gz /usr/local/src/
RUN ln -sv /usr/local/src/jdk1.8.0_212 /usr/local/jdk
ADD profile /etc/profile
ENV JAVA_HOME=/usr/local/jdk
ENV JRE_HOME=$JAVA_HOME/jre
ENV CLASSPATH=$JAVA_HOME/lib/:$JRE_HOME/lib/
ENV PATH=$PATH:$JAVA_HOME/bin
1.2.1.3 build-command脚本
#!/bin/bash
nerdctl build -t harbor.zhou-kai.com/pub-images/oraclejdk-base:v1.8.212 .
nerdctl push harbor.zhou-kai.com/pub-images/oraclejdk-base:v1.8.212
1.2.1.4 执行脚本构建JDK基础镜像
# bash build-command.sh
[+] Building 172.3s (9/9)
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 514B 0.0s
[+] Building 173.4s (9/9) FINISHED
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 514B 0.0s
=> [internal] load metadata for harbor.zhou-kai.com/ba 10.1s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> CACHED [1/4] FROM harbor.zhou-kai.com/baseimages/mys 0.2s
=> => resolve harbor.zhou-kai.com/baseimages/myserver-r 0.2s
=> [internal] load build context 11.4s
=> => transferring context: 195.05MB 11.4s
=> [2/4] ADD jdk-8u212-linux-x64.tar.gz /usr/local/src/ 6.2s
=> [3/4] RUN ln -sv /usr/local/src/jdk1.8.0_212 /usr/lo 0.7s
=> [4/4] ADD profile /etc/profile 0.1s
=> exporting to docker image format 143.3s
=> => exporting layers 21.5s
=> => exporting manifest sha256:c041ebc3ff6d2adda2fab32 0.0s1 => => exporting config sha256:77a5a771880af970a46f3ab1d 0.0sf => => sending tarball 121.7s
Loaded image: harbor.zhou-kai.com/pub-images/oraclejdk-base:v1.8.212
INFO[0000] pushing as a reduced-platform image (application/vnd.docker.distribution.manifest.v2+json, sha256:c041ebc3ff6d2adda2fab32ab262211391495e3e906ce6826492f25c4fee9bc6)
manifest-sha256:c041ebc3ff6d2adda2fab32ab262211391495e3e906ce6826492f25c4fee9bc6: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:67f29a42b95221c97cd541f5da32df4da1d1c1551090fcdefb251f552aea807d: done |++++++++++++++++++++++++++++++++++++++|
config-sha256:77a5a771880af970a46f3ab1dc86678312667e2c62460b60aa2324adb1ac850e: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:446f83f14b236772583d069e6f46a75e7e5456add656d1415a452618189fb825: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:724ea8ef63daeea414fcf2fe05d63005f861b7589b84d9997adbd2920c71ecf9: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:d14c567a6cfd0bcbcfa81e5b13d6751bd2e3743f8b0c646ef4ba0d14342a27c3: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:ed0d24b613125ba507cefbf686cd621dc6b2f658d46784becb96927122c99d39: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:6c2dc9f27ab43d190889a616e75fa8de31b0e3596522b5de2f3f2157bbd0a1ba: done |++++++++++++++++++++++++++++++++++++++|
elapsed: 24.4s total: 537.7 (22.0 MiB/s)
1.2.1.5 验证JDK镜像作为容器启动后的java环境
#nerdctl run -it --rm harbor.zhou-kai.com/pub-images/oraclejdk-base:v1.8.212 bash
[root@dc6638aa3e2e /]# java -version
java version "1.8.0_212"
Java(TM) SE Runtime Environment (build 1.8.0_212-b10)
Java HotSpot(TM) 64-Bit Server VM (build 25.212-b10, mixed mode)
1.2.2 OpenJDK镜像制作
1.2.2.1 OpenJDK镜像文件列表
.
├── 1.openjdk-21.0.10-base
│ ├── Dockerfile
│ └── build-command.sh
└── 2.openjdk-21.0.10
├── Dockerfile
├── build-command.sh
├── sources.list
└── ubuntu.sources
3 directories, 6 files
#其中1.openjdk-21.0.10-base为基础镜像,2.openjdk-21.0.10为最终镜像
1.2.2.2 基础镜像Dockerfile文件内容
# https://hub.docker.com/_/openjdk 已废弃,本镜像基于sapmachine:21.0.10-jdk-ubuntu-24.04
FROM sapmachine:21.0.10-jdk-ubuntu-24.04-source
RUN apt update && apt install -y ca-certificates curl gnupg
1.2.2.3 基础镜像build-command脚本
#!/bin/bash
#
nerdctl build -t harbor.zhou-kai.com/pub-images/sapmachine:21.0.10-jdk-ubuntu-24.04-base .
nerdctl push harbor.zhou-kai.com/pub-images/sapmachine:21.0.10-jdk-ubuntu-24.04-base
1.2.2.4 构建基础镜像
[+] Building 107.8s (6/6)
=> [internal] load build definition from Dockerfile 0.1s
[+] Building 108.0s (6/6)
[+] Building 108.2s (6/6) FINISHED
=> [internal] load build definition from Dockerfile 0.1s
=> => transferring dockerfile: 335B 0.0s
=> [internal] load metadata for docker.io/library/sapmachine:21.0.10-jdk-ubuntu-24.04 26.2s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [1/2] FROM docker.io/library/sapmachine:21.0.10-jdk-ubuntu-24.04@sha256:de13424fa7c25204975ee23302248362112f29433e487f01587 0.1s
=> => resolve docker.io/library/sapmachine:21.0.10-jdk-ubuntu-24.04@sha256:de13424fa7c25204975ee23302248362112f29433e487f01587 0.1s
=> CACHED [2/2] RUN apt update && apt install -y ca-certificates curl gnupg 0.0s
=> exporting to docker image format 81.1s
=> => exporting layers 0.0s
=> => exporting manifest sha256:74a46a2a22897b77677f08de89a7bfe0d81115c25427fd98204064ae0443f4b4 0.0s7 => => exporting config sha256:57337bbd3918a493a3037228112737b3ea286e5a93cd6934a8272088af97e07e 0.0s
=> => sending tarball 81.0s
INFO[0000] pushing as a reduced-platform image (application/vnd.docker.distribution.manifest.v2+json, sha256:74a46a2a22897b77677f08de89a7bfe0d81115c25427fd98204064ae0443f4b4)
manifest-sha256:74a46a2a22897b77677f08de89a7bfe0d81115c25427fd98204064ae0443f4b4: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:c61640bd1195b51474d9f4ecf1cc528ec1a76c63f53b823d055072a3bfcae0b3: done |++++++++++++++++++++++++++++++++++++++|
config-sha256:57337bbd3918a493a3037228112737b3ea286e5a93cd6934a8272088af97e07e: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:a3629ac5b9f4680dc2032439ff2354e73b06aecc2e68f0035a2d7c001c8b4114: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:231628878931cb2e916a9a678eb219b283e31fcf07667b01271007b0ac0f8193: done |++++++++++++++++++++++++++++++++++++++|
elapsed: 18.6s total: 281.3 (15.1 MiB/s)
1.2.2.5 最终JDK镜像Dockerfile文件
# https://hub.docker.com/_/openjdk 已废弃,本镜像基于sapmachine:21.0.10-jdk-ubuntu-24.04
FROM harbor.zhou-kai.com/pub-images/sapmachine:21.0.10-jdk-ubuntu-24.04-base
USER root
ADD sources.list /etc/apt/sources.list
ADD ubuntu.sources /etc/apt/sources.list.d/ubuntu.sources
#RUN sed -i 's/deb.debian.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apt/sources.list && sed -i 's/security.debian.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apt/sources.list
RUN apt update -y && apt install -y tzdata locales fonts-noto-cjk wget unzip telnet net-tools iputils-ping lsof less vim curl procps locales fonts-noto-cjk wget curl unzip telnet net-tools iputils-ping lsof less vim procps && ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
RUN echo "alias ll='ls -l'" >> ~/.bashrc
RUN localedef -c -f UTF-8 -i zh_CN zh_CN.utf8 && dpkg-reconfigure -f noninteractive tzdata
ENV LANG=zh_CN.utf8
1.2.2.6 最终JDK镜像build-command脚本
#!/bin/bash
nerdctl build -t harbor.zhou-kai.com/pub-images/sapmachine:21.0.10-jdk-ubuntu-24.04 .
nerdctl push harbor.zhou-kai.com/pub-images/sapmachine:21.0.10-jdk-ubuntu-24.04
1.2.2.7 构建最终JDK镜像
[+] Building 230.3s (12/12)
=> => transferring dockerfile: 1.04kB 0.0s
=> [internal] load metadata for harbor.zhou-kai.com/pub-images/sapmachine:21.0.10-jdk-ubuntu-24.04-base 20.2s
[+] Building 230.4s (12/12)
=> => transferring dockerfile: 1.04kB 0.0s
=> [internal] load metadata for harbor.zhou-kai.com/pub-images/sapmachine:21.0.10-jdk-ubuntu-24.04-base 20.2s
=> [auth] pub-images/sapmachine:pull token for harbor.zhou-kai.com 0.0s
=> [internal] load .dockerignore 0.0s
[+] Building 230.6s (12/12)
=> => transferring dockerfile: 1.04kB 0.0s
=> [internal] load metadata for harbor.zhou-kai.com/pub-images/sapmachine:21.0.10-jdk-ubuntu-24.04-base 20.2s
[+] Building 230.7s (12/12)
=> => transferring dockerfile: 1.04kB 0.0s
=> [internal] load metadata for harbor.zhou-kai.com/pub-images/sapmachine:21.0.10-jdk-ubuntu-24.04-base 20.2s
[+] Building 230.9s (12/12)
=> => transferring dockerfile: 1.04kB 0.0s
=> [internal] load metadata for harbor.zhou-kai.com/pub-images/sapmachine:21.0.10-jdk-ubuntu-24.04-base 20.2s
[+] Building 231.0s (12/12)
=> => transferring dockerfile: 1.04kB 0.0s
=> [internal] load metadata for harbor.zhou-kai.com/pub-images/sapmachine:21.0.10-jdk-ubuntu-24.04-base 20.2s
[+] Building 231.2s (12/12)
=> => transferring dockerfile: 1.04kB 0.0s
=> [internal] load metadata for harbor.zhou-kai.com/pub-images/sapmachine:21.0.10-jdk-ubuntu-24.04-base 20.2s
[+] Building 231.3s (12/12) => => transferring dockerfile: 1.04kB 0.0s
=> [internal] load metadata for harbor.zhou-kai.com/pub-images/sapmachine:21.0.10-jdk-ubuntu-24.04-base 20.2s
[+] Building 231.4s (12/12) FINISHED
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 1.04kB 0.0s
=> [internal] load metadata for harbor.zhou-kai.com/pub-images/sapmachine:21.0.10-jdk-ubuntu-24.04-base 20.2s
=> [auth] pub-images/sapmachine:pull token for harbor.zhou-kai.com 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [1/6] FROM harbor.zhou-kai.com/pub-images/sapmachine:21.0.10-jdk-ubuntu-24.04-base@sha256:74a46a2a22897b77677f08de89a7bfe0d 0.1s
=> => resolve harbor.zhou-kai.com/pub-images/sapmachine:21.0.10-jdk-ubuntu-24.04-base@sha256:74a46a2a22897b77677f08de89a7bfe0d 0.0s
=> [internal] load build context 0.1s
=> => transferring context: 2.80kB 0.1s
=> [2/6] ADD sources.list /etc/apt/sources.list 0.1s
=> [3/6] ADD ubuntu.sources /etc/apt/sources.list.d/ubuntu.sources 0.1s
=> [4/6] RUN apt update -y && apt install -y tzdata locales fonts-noto-cjk wget unzip telnet net-tools iputils-ping lsof l 77.0s
=> [5/6] RUN echo "alias ll='ls -l'" >> ~/.bashrc 0.6s
=> [6/6] RUN localedef -c -f UTF-8 -i zh_CN zh_CN.utf8 && dpkg-reconfigure -f noninteractive tzdata 3.2s
=> exporting to docker image format 128.7s
=> => exporting layers 20.2s
=> => exporting manifest sha256:04b4375c58cdb638300bba122459f9707dbc94ab24ba68571f7b09685a59bd4b 0.0s
=> => exporting config sha256:c1aae259dc8b81ff6452abf38a54f1adb5f1622b0b87bd8aa93ad8243229cc5d 0.0s
=> => sending tarball 108.4s
Loaded image: harbor.zhou-kai.com/pub-images/sapmachine:21.0.10-jdk-ubuntu-24.04
INFO[0000] pushing as a reduced-platform image (application/vnd.docker.distribution.manifest.v2+json, sha256:04b4375c58cdb638300bba122459f9707dbc94ab24ba68571f7b09685a59bd4b)
manifest-sha256:04b4375c58cdb638300bba122459f9707dbc94ab24ba68571f7b09685a59bd4b: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:31a957acce2ee3aa7ade8e1087e3e74b0b430b71f478fb8b715b3acedf4c5bd8: done |++++++++++++++++++++++++++++++++++++++|
config-sha256:c1aae259dc8b81ff6452abf38a54f1adb5f1622b0b87bd8aa93ad8243229cc5d: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:a3629ac5b9f4680dc2032439ff2354e73b06aecc2e68f0035a2d7c001c8b4114: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:231628878931cb2e916a9a678eb219b283e31fcf07667b01271007b0ac0f8193: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:c61640bd1195b51474d9f4ecf1cc528ec1a76c63f53b823d055072a3bfcae0b3: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:950e179158c76ff0cbfde2044f9d9f9cb66401c9ea4a88885f9f9a6053a6ccbc: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:9076c6215f9e7d1dc8e5d2c3a037b983a98bbc3b7ca6a570408372b75aa4f168: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:ad046dfead5dcf7bfc5c7d0ea3a4a092c32914802acfdb3487562e149fe859a8: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:dfe12aee1cd9fa6bb4b0f1669459b402e6e29bb0e00f264d5fcd5780daa055bf: done |++++++++++++++++++++++++++++++++++++++|
elapsed: 14.4s total: 139.1 (9.6 MiB/s)
1.2.2.8 验证JDK镜像作为容器启动后的java环境
#nerdctl run -it --rm harbor.zhou-kai.com/pub-images/sapmachine:21.0.10-jdk-ubuntu-24.04 bash
root@b95839a92937:/# java -version
openjdk version "21.0.10" 2026-01-20 LTS
OpenJDK Runtime Environment SapMachine (build 21.0.10+7-LTS)
OpenJDK 64-Bit Server VM SapMachine (build 21.0.10+7-LTS, mixed mode, sharing)
1.2.3 Tomcat基础镜像制作
1.2.3.1 基础镜像文件列表
.
├── Dockerfile
├── apache-tomcat-8.5.43.tar.gz
└── build-command.sh
1 directory, 3 files
1.2.3.2 Dockerfile文件内容
#Tomcat 8.5.43基础镜像
FROM harbor.zhou-kai.com/pub-images/oraclejdk-base:v1.8.212
LABEL maintainer="YourName <YourEmail>" \
version="1.0" \
description="This is a myserver project image"
RUN mkdir /apps /data/tomcat/webapps /data/tomcat/logs -pv
ADD apache-tomcat-8.5.43.tar.gz /apps
RUN useradd tomcat -u 2098 && ln -sv /apps/apache-tomcat-8.5.43 /apps/tomcat && chown -R tomcat.tomcat /apps /data -R
1.2.3.3 build-command脚本
#!/bin/bash
nerdctl build -t harbor.zhou-kai.com/pub-images/tomcat-base:v8.5.43 .
nerdctl push harbor.zhou-kai.com/pub-images/tomcat-base:v8.5.43
1.2.3.4 构建镜像
[+] Building 176.9s (11/11)
=> [internal] load build definition from Dockerfile 0.0s
[+] Building 177.6s (11/11) FINISHED
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 468B 0.0s
=> [internal] load metadata for harbor.zhou-kai.com/pub-images/oraclejdk-base:v1.8.212 20.2s
=> [auth] pub-images/oraclejdk-base:pull token for harbor.zhou-kai.com 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [1/4] FROM harbor.zhou-kai.com/pub-images/oraclejdk-base:v1.8.212@sha256:c041ebc3ff6d2adda2fab32ab262211391495e3e906ce68264 0.4s
=> => resolve harbor.zhou-kai.com/pub-images/oraclejdk-base:v1.8.212@sha256:c041ebc3ff6d2adda2fab32ab262211391495e3e906ce68264 0.1s
=> [internal] load build context 1.1s
=> => transferring context: 9.72MB 1.1s
=> [auth] pub-images/oraclejdk-base:pull token for harbor.zhou-kai.com 0.0s
=> [2/4] RUN mkdir /apps /data/tomcat/webapps /data/tomcat/logs -pv 1.1s
=> [3/4] ADD apache-tomcat-8.5.43.tar.gz /apps 0.4s
=> [4/4] RUN useradd tomcat -u 2098 && ln -sv /apps/apache-tomcat-8.5.43 /apps/tomcat && chown -R tomcat.tomcat /apps /data -R 1.7s
=> exporting to docker image format 152.7s
=> => exporting layers 2.8s
=> => exporting manifest sha256:3713025a55fa3731f9cdd8d942f15df1e8409fd2f9d7ae4cea6e9174391112a0 0.0s
=> => exporting config sha256:5d682fbb4dca3ba7a6673e071182e8ec9cdfa0f955824d070bd45ca854319a40 0.0s) => => sending tarball 149.9s
Loaded image: harbor.zhou-kai.com/pub-images/tomcat-base:v8.5.43
INFO[0000] pushing as a reduced-platform image (application/vnd.docker.distribution.manifest.v2+json, sha256:3713025a55fa3731f9cdd8d942f15df1e8409fd2f9d7ae4cea6e9174391112a0)
manifest-sha256:3713025a55fa3731f9cdd8d942f15df1e8409fd2f9d7ae4cea6e9174391112a0: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:e7663517dfe29b63304813922d6b0cc522494414c40816019e00363630ded28b: done |++++++++++++++++++++++++++++++++++++++|
config-sha256:5d682fbb4dca3ba7a6673e071182e8ec9cdfa0f955824d070bd45ca854319a40: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:446f83f14b236772583d069e6f46a75e7e5456add656d1415a452618189fb825: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:724ea8ef63daeea414fcf2fe05d63005f861b7589b84d9997adbd2920c71ecf9: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:d14c567a6cfd0bcbcfa81e5b13d6751bd2e3743f8b0c646ef4ba0d14342a27c3: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:ed0d24b613125ba507cefbf686cd621dc6b2f658d46784becb96927122c99d39: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:6c2dc9f27ab43d190889a616e75fa8de31b0e3596522b5de2f3f2157bbd0a1ba: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:67f29a42b95221c97cd541f5da32df4da1d1c1551090fcdefb251f552aea807d: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:3ac2ac5ea513f19564c33938b5e1b003bfe0d2a7d4f0a77b26baad217db8365b: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:c5a0e6e1bd5c273961a4e745acd7b8964d14e087d15d0c24de4d6fb3906616c7: done |++++++++++++++++++++++++++++++++++++++|
elapsed: 27.2s total: 556.3 (20.4 MiB/s)
1.2.3.5 测试Tomcat镜像作为容器启动
#nerdctl run -it --rm -p 8808:8080 harbor.zhou-kai.com/pub-images/tomcat-base:v8.5.43
[root@700ab85552c2 /]# /apps/tomcat/bin/catalina.sh start
Using CATALINA_BASE: /apps/tomcat
Using CATALINA_HOME: /apps/tomcat
Using CATALINA_TMPDIR: /apps/tomcat/temp
Using JRE_HOME: /usr/local/jdk/jre
Using CLASSPATH: /apps/tomcat/bin/bootstrap.jar:/apps/tomcat/bin/tomcat-juli.jar
Tomcat started.
1.2.4 Tomcat业务镜像app1制作
后期可以按此步骤制作app2、appN镜像
1.2.4.1 业务镜像文件列表
.
├── Dockerfile
├── app1.tar.gz
├── build-command.sh
├── catalina.sh
├── filebeat.yml
├── myapp
│ └── index.html
├── run_tomcat.sh
└── server.xml
2 directories, 8 files
1.2.4.2 Dockerfile文件内容
#tomcat web1
FROM harbor.zhou-kai.com/pub-images/tomcat-base:v8.5.43
ADD catalina.sh /apps/tomcat/bin/catalina.sh
ADD server.xml /apps/tomcat/conf/server.xml
#使用指定的方式添加代码
ADD myapp/* /data/tomcat/webapps/myapp1/
ADD app1.tar.gz /data/tomcat/webapps/app1/
ADD run_tomcat.sh /apps/tomcat/bin/run_tomcat.sh
#ADD filebeat.yml /etc/filebeat/filebeat.yml
RUN chown -R nginx.nginx /data/ /apps/
#ADD filebeat-7.5.1-x86_64.rpm /tmp/
#RUN cd /tmp && yum localinstall -y filebeat-7.5.1-amd64.deb
EXPOSE 8080 8443
CMD ["/apps/tomcat/bin/run_tomcat.sh"]
1.2.4.3 build-command脚本
#!/bin/bash
TAG=$1
#docker build -t harbor.zhou-kai.com/myserver/tomcat-app1:${TAG} .
#sleep 3
#docker push harbor.zhou-kai.com/myserver/tomcat-app1:${TAG}
nerdctl build -t harbor.zhou-kai.com/myserver/tomcat-app1:${TAG} .
nerdctl push harbor.zhou-kai.com/myserver/tomcat-app1:${TAG}
1.2.4.4 构建镜像
bash build-command.sh 2026-02-15_20_21_00
1.2.4.5 测试Tomcat镜像作为容器启动
#nerdctl run -it --rm -p 8809:8080 harbor.zhou-kai.com/myserver/tomcat-app1:2026-02-15_20_21_00
1.2.4.6 访问Tomcat镜像Web页面
1.2.5 在k8s环境运行tomcat
1.2.5.1 基于Tomcat业务镜像创建deployment
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
app: myserver-tomcat-app1-deployment-label
name: myserver-tomcat-app1-deployment
namespace: myserver
spec:
replicas: 2
selector:
matchLabels:
app: myserver-tomcat-app1-selector
template:
metadata:
labels:
app: myserver-tomcat-app1-selector
spec:
containers:
- name: myserver-tomcat-app1-container
image: harbor.zhou-kai.com/myserver/tomcat-app1:2026-02-15_20_21_00
#imagePullPolicy: IfNotPresent
imagePullPolicy: Always
ports:
- containerPort: 8080
protocol: TCP
name: http
env:
- name: "password"
value: "123456"
- name: "age"
value: "18"
resources:
limits:
cpu: 0.5
memory: "512Mi"
requests:
cpu: 0.5
memory: "512Mi"
volumeMounts:
- name: myserver-images
mountPath: /data/tomcat/webapps/images
readOnly: false
- name: myserver-statics
mountPath: /data/tomcat/webapps/statics
readOnly: false
volumes:
- name: myserver-images
nfs:
server: 172.31.7.109
path: /data/k8sdata/myserver/images
- name: myserver-statics
nfs:
server: 172.31.7.109
path: /data/k8sdata/myserver/statics
# nodeSelector:
# project: myserver
# app: tomcat
1.2.5.2 创建service
kind: Service
apiVersion: v1
metadata:
labels:
app: myserver-tomcat-app1-service-label
name: myserver-tomcat-app1-service
namespace: myserver
spec:
type: NodePort
ports:
- name: http
port: 80
protocol: TCP
targetPort: 8080
nodePort: 30098
selector:
app: myserver-tomcat-app1-selector
1.2.5.3 访问测试
浙公网安备 33010602011771号