如何检查失败的“docker build"的文件系统? [英] How can I inspect the file system of a failed `docker build`?
问题描述
我正在尝试为我们的开发过程构建一个新的 Docker 镜像,使用 cpanm
安装一堆 Perl 模块作为各种项目的基础镜像.
I'm trying to build a new Docker image for our development process, using cpanm
to install a bunch of Perl modules as a base image for various projects.
在开发 Dockerfile 时,cpanm
返回失败代码,因为某些模块没有安装干净.
While developing the Dockerfile, cpanm
returns a failure code because some of the modules did not install cleanly.
我很确定我需要让 apt
安装更多东西.
I'm fairly sure I need to get apt
to install some more things.
我的问题是,我在哪里可以找到输出中引用的 /.cpanm/work
目录,以便检查日志?在一般情况下,如何检查失败的 docker build
命令的文件系统?
My question is, where can I find the /.cpanm/work
directory quoted in the output, in order to inspect the logs? In the general case, how can I inspect the file system of a failed docker build
command?
早间编辑在咬紧牙关运行find
之后我发现了
Morning edit After biting the bullet and running a find
I discovered
/var/lib/docker/aufs/diff/3afa404e[...]/.cpanm
这是可靠的,还是我最好构建一个裸"容器并手动运行东西直到我拥有我需要的所有东西?
Is this reliable, or am I better off building a "bare" container and running stuff manually until I have all the things I need?
推荐答案
每当 docker 从 Dockerfile 成功执行 RUN
命令时,图像文件系统中的一个新层已提交.您可以方便地将这些层 ID 用作图像来启动新容器.
Everytime docker successfully executes a RUN
command from a Dockerfile, a new layer in the image filesystem is committed. Conveniently you can use those layers ids as images to start a new container.
采用以下 Dockerfile:
Take the following Dockerfile:
FROM busybox
RUN echo 'foo' > /tmp/foo.txt
RUN echo 'bar' >> /tmp/foo.txt
并构建它:
$ docker build -t so-26220957 .
Sending build context to Docker daemon 47.62 kB
Step 1/3 : FROM busybox
---> 00f017a8c2a6
Step 2/3 : RUN echo 'foo' > /tmp/foo.txt
---> Running in 4dbd01ebf27f
---> 044e1532c690
Removing intermediate container 4dbd01ebf27f
Step 3/3 : RUN echo 'bar' >> /tmp/foo.txt
---> Running in 74d81cb9d2b1
---> 5bd8172529c1
Removing intermediate container 74d81cb9d2b1
Successfully built 5bd8172529c1
您现在可以从 00f017a8c2a6
、044e1532c690
和 5bd8172529c1
启动一个新容器:
You can now start a new container from 00f017a8c2a6
, 044e1532c690
and 5bd8172529c1
:
$ docker run --rm 00f017a8c2a6 cat /tmp/foo.txt
cat: /tmp/foo.txt: No such file or directory
$ docker run --rm 044e1532c690 cat /tmp/foo.txt
foo
$ docker run --rm 5bd8172529c1 cat /tmp/foo.txt
foo
bar
当然,您可能想要启动一个 shell 来探索文件系统并尝试命令:
of course you might want to start a shell to explore the filesystem and try out commands:
$ docker run --rm -it 044e1532c690 sh
/ # ls -l /tmp
total 4
-rw-r--r-- 1 root root 4 Mar 9 19:09 foo.txt
/ # cat /tmp/foo.txt
foo
当其中一个 Dockerfile 命令失败时,您需要做的是查找 上一层的 id 并在根据该 id 创建的容器中运行 shell:
When one of the Dockerfile command fails, what you need to do is to look for the id of the preceding layer and run a shell in a container created from that id:
docker run --rm -it <id_last_working_layer> bash -il
一旦进入容器:
- 尝试失败的命令,并重现问题
- 然后修复命令并测试它
- 最后使用固定命令更新您的 Dockerfile
如果您确实需要在失败的实际层中进行实验,而不是从最后一个工作层开始工作,请参阅Drew 的回答.
If you really need to experiment in the actual layer that failed instead of working from the last working layer, see Drew's answer.
这篇关于如何检查失败的“docker build"的文件系统?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!