docker命令之build
1 man docker-build
NAME
docker-build - Build an image from a Dockerfile source at PATH
SYNOPSIS
docker build [--no-cache[=false]] [-q|--quiet[=false]] [--rm] [-t|--tag=TAG] PATH | URL | -
DESCRIPTION
This will read the Dockerfile from the directory specified in PATH. It also sends any other files and directories
found in the current directory to the Docker daemon. The contents of this directory would be used by ADD commands
found within the Dockerfile.
Warning, this will send a lot of data to the Docker daemon depending on the contents of the current directory. The
build is run by the Docker daemon, not by the CLI, so the whole context must be transferred to the daemon. The Docker
CLI reports "Sending build context to Docker daemon" when the context is sent to the daemon.
When a single Dockerfile is given as the URL, then no context is set. When a Git repository is set as the URL, the
repository is used as context.
OPTIONS
-q, --quiet=true|false When set to true, suppress verbose build output. Default is false.
--rm=true|false When true, remove intermediate containers that are created during the build process. The default is
true.
-t, --tag=tag The name to be applied to the resulting image on successful completion of the build. tag in this context
means the entire image name including the optional TAG after the ':'.
--no-cache=true|false When set to true, do not use a cache when building the image. The default is false.
2 流程
2.1 client端
CmdBuild(api/client/) -----> postBuild(api/server/) ------> CmdBuild(builder/)
client的CmdBuild方法主要是检查build参数和build环境是否满足要求后,将解析出来的参数通过POST请求给httpserver,这部分不再做分析了。
其中tag=tt,rm:1,其他的参数都是默认或为空
2.2 server端
解析客户端过来的请求,配置job运行的环境变量,如果在docker build命令行中没有指定相应的参数,那么就使用系统默认配置的环境。默认参数如下
--force-rm=false Always remove intermediate containers, even after unsuccessful builds
--no-cache=false Do not use cache when building the image
-q, --quiet=false Suppress the verbose output generated by the containers
--rm=true Remove intermediate containers after a successful build
-t, --tag="" Repository name (and optionally a tag) to be applied to the resulting image in case of success
var (
authEncoded = ("X-Registry-Auth")
authConfig = &{}
configFileEncoded = ("X-Registry-Config")
configFile = &{}
job = ("build")
)if ("forcerm") == "1" && ("1.12") {
("rm", "1")
} else if ("rm") == "" && ("1.12") {
("rm", "1")
} else {
("rm", ("rm"))
}
()
("remote", ("remote"))
("t", ("t"))
("q", ("q"))
("nocache", ("nocache"))
("forcerm", ("forcerm"))
("authConfig", authConfig)
("configFile", configFile)if err := (); err != nil {
if !() {
return err
}
sf := (("1.8"))
((err))
}2.3 job端
build job安装,用于处理build动作的job函数体。
func (b *BuilderJob) Install() {
("build", )
}var (
remoteURL = ("remote")
repoName = ("t")
suppressOutput = ("q")
noCache = ("nocache")
rm = ("rm")
forceRm = ("forcerm")
authConfig = &{}
configFile = &{}
tag string
context
)
("authConfig", authConfig)
("configFile", configFile)
repoName, tag = (repoName)if remoteURL == "" { context = ()} else if (remoteURL) { ...}} else if (remoteURL) {
...}新建执行build的任务结构体,将函数前面收集的信息填充在此结构体中,作为此次build的环境。
builder := &Builder{
Daemon: ,
Engine: ,
OutStream: &{
Writer: ,
StreamFormatter: sf,
},
ErrStream: &{
Writer: ,
StreamFormatter: sf,
},
Verbose: !suppressOutput,
UtilizeCache: !noCache,
Remove: rm,
ForceRemove: forceRm,
OutOld: ,
StreamFormatter: sf,
AuthConfig: authConfig,
AuthConfigFile: configFile,
}id, err := (context)
if err != nil {
return (err)
}build任务完成后,将repoName,tag,id等信息保存起来
if repoName != "" {
().Set(repoName, tag, id, false)
}builder的Run 位于builder/中,是builder的一个方法。
这个方法通过读取Run参数context中的内容读取到文件中,然后分析这个文件中的内容,其实这个文件中的内容就是Dockerfile中的内容。
在Dockerfile中使用的命令由文件中的方法执行,这些方法的路由是由文件负责的,这是Dockerfile文件中命令
对应的处理方法。
func init() {
evaluateTable = map[string]func(*Builder, []string, map[string]bool) error{
"env": env,
"maintainer": maintainer,
"add": add,
"copy": dispatchCopy, // copy() is a go builtin
"from": from,
"onbuild": onbuild,
"workdir": workdir,
"docker-version": nullDispatch, // we don't care about docker-version
"run": run,
"cmd": cmd,
"entrypoint": entrypoint,
"expose": expose,
"volume": volume,
"user": user,
"insert": insert,
}
}读取context内容
if err := (context); err != nil {
return "", err
}将产生的Dockerfile文件放入相应的路径上
filename := (, "Dockerfile")读取文件内容
f, err := (filename)
if err != nil {
return "", err
}解析Dockerfile文件内容,为执行这些Dockerfile命令做准备
ast, err := (f)
if err != nil {
return "", err
}
= ast--rm=true,删除build过程中产生的临时Container。另外dispatch还有将dockerfile不可用的命令过滤掉的功能。
= &{Entrypoint: []string{}, Cmd: []string{"/bin/sh", "-c"}}
= map[string]struct{}{}
for i, n := range {
if err := (i, n); err != nil {
if {
()
}
return "", err
}
(, " ---> %s\n", ())
if {
()
}
}
(, "Successfully built %s\n", ())
return , nilDockerfile中的每个命令都会有个入口,通过dispatch方法分发,对应Dockerfile命令的handler都在中,
但最后都交给commit方法执行,commit方法位于中,每个命令的执行都是会通过新建一个Container来完成,
最后将每个命令执行的结果提交到一个layer中。
if id == "" {
cmd :=
= []string{"/bin/sh", "-c", "#(nop) " + comment}
defer func(cmd []string) { = cmd }(cmd)
hit, err := ()
if err != nil {
return err
}
if hit {
return nil
}
container, err := ()
if err != nil {
return err
}
id =
if err := (); err != nil {
return err
}
defer ()
}// Commit the container
image, err := (container, "", "", "", , true, &autoConfig)
if err != nil {
return err
}