需要转换这个比较简单的docker拉动并运行命令到docker-compose.yml文件? [英] Need to convert this relatively simple docker pull and run commands into a docker-compose.yml file?
问题描述
docker pull my.private.registry:443 / my-awesome-app
docker run -d --env-file ./env.list -i -p 8080:8080 -p 9990:9990 my.private.registry:443 / my- awesome-app
docker rmi $(docker images -fdangling = true-q)
我是docker-compose的新手,我明白,这些拉/运行步骤大多数可能在docker-compose.yml文件中完成。我希望有经验的人可以告诉我一个例子,因为我发现的那些似乎有点偏离了我的需要。
另外,docker - 给我一个更好的方法来传递我的环境变量比列出的方法?
env.list是我传递给容器的环境变量的列表。这似乎是有效的,但是我注意到做docker检查$ {CONTAINER_ID}显示了我传入的变量值。我觉得这样做是为了首先从配置文件中提取值的目的。 >
首先,如果您将运行命令简单转换为 docker-compose.yml
文件,你会得到以下。为了举个例子,我调用了这个服务 my-awesome-app
,但你可以命名你想要的。 (注意:这个docker-compose文件和下面的一个是新版本2格式,并且需要docker-engine 1.10
和docker-compose 1.6
版本:'2'
服务:
my-awesome-app:
image:my.private.registry:443 / my-awesome-app
ports:
- 8080:8080
- 9990:9990
env_file:
- ./env.list
要实现你的命令包括停止和删除旧的包含,但使用docker-compose,您将运行(在您的工作目录中使用 docker-compose.yml
文件):
docker-compose pull
docker-compose up -d
docker rmi $(docker images - fdangling = true-q)
docker-compose pull
- 做它在锡上说的,拉出所有的图像在
docker-compose.yml
。
p>
docker-compose up -d
- equi / code> docker运行。 -d
以分离模式运行(与$ code> docker run -d 相同)。此命令还将停止并删除之前版本的容器,然后再开始新的。 docker rmi $(docker images -fdangling = true-q)
- 与以前一样。 Docker-compose没有任何清理图像的功能。
环境变量
以上 docker-compose.yml
实现了在运行 docker run --env-file ./env.list
。如果你有一个非小数量的环境变量(例如说3以上),这是最好的方法。
替代方法是将环境变量放在 docker-compose.yml
文件,相当于运行 docker run -e KEY1 = value -e KEY2 = value
。
版本:'2'
服务:
我的awesome-app:
图片:my.private.registry:443 / my-awesome-app
ports:
- 8080:8080
- 9990:9990
环境:
- KEY1 = value
- KEY2 = value
最后,env文件解决的问题是大量的环境变量,而不必在docker-compose文件中列出它们,或者在Docker运行中列出 -e
标志。它也可以被多个容器使用。无论环境变量来自env文件还是直接列出,仍然是容器配置的一部分,因此应该预期它们出现在 docker inspect
中。
此外,如果您担心其他应用程序可能看到此信息,应用程序将首先必须访问docker守护程序(因此可以调用inspect)。如果应用程序可以访问docker守护程序,那么它也可以运行 docker exec echo $ YOUR_ENV_VAR
并以任何方式检索它,以便将 docker检查中的环境变量隐藏起来
不增加安全性。
希望有所帮助。
I have three commands that I am using to "update","re-run", and then "clean up" my current docker image via our CI tool of choice (Jenkins). I'm not including my "container stop and remove" commands for simplicity's sake.
docker pull my.private.registry:443/my-awesome-app
docker run -d --env-file ./env.list -i -p 8080:8080 -p 9990:9990 my.private.registry:443/my-awesome-app
docker rmi $(docker images -f "dangling=true" -q)
I'm new to docker-compose and I understand that most of these pull/run steps could probably be done within a docker-compose.yml file. I'm hoping someone with experience in this can show me an example, because the ones I've found seem to diverge a bit from my needs.
Also, will docker-compose give me a better way to pass in my environment variables than the method listed?
env.list is a list of environment variables I pass to the container. This seems to work, but I notice that doing a docker inspect ${CONTAINER_ID} reveals the variable value I passed in. I feel like this kind of defeats the purpose of extracting the values from the config files in the first place.
First if you simple convert the run command into a docker-compose.yml
file, you would get the following. For the sake of example I have called the service my-awesome-app
but you can name it what you want. (NOTE: this docker-compose file and the one further below is in the new version 2 format and requires docker-engine 1.10
and docker-compose 1.6
to run).
version: '2'
services:
my-awesome-app:
image: my.private.registry:443/my-awesome-app
ports:
- "8080:8080"
- "9990:9990"
env_file:
- ./env.list
To achieve your commands including stopping and removing the old contains but with docker-compose you would run (with the docker-compose.yml
file in your working directory):
docker-compose pull
docker-compose up -d
docker rmi $(docker images -f "dangling=true" -q)
docker-compose pull
- does what it says on the tin, pulls all the images in docker-compose.yml
.
docker-compose up -d
- equivalent to docker run
. The -d
is to run in detached mode (same as docker run -d
). This command will ALSO stop and remove the previous version of the container before starting the new one.
docker rmi $(docker images -f "dangling=true" -q)
- same as before. Docker-compose does not have any features for cleaning images.
Environment variables
The above docker-compose.yml
implements the same method for adding environment variables as running docker run --env-file ./env.list
. If you have a non-small number of environment variables (say above 3 for example), this is the best method.
The alternate method involves placing the environment variables inside the docker-compose.yml
file and is equivalent to running docker run -e KEY1=value -e KEY2=value
.
version: '2'
services:
my-awesome-app:
image: my.private.registry:443/my-awesome-app
ports:
- "8080:8080"
- "9990:9990"
environment:
- KEY1=value
- KEY2=value
Finally the problem the env file solves is having a large number of environment variables and not having to list them all out in your docker-compose file or as -e
flags in docker run. It can also be used by multiple containers. Whether the environment variables come from an env file or are listed directly, the are still part of the containers configuration so it should be expected that they appear in docker inspect
.
Furthermore, if you are worried that other applications could see this information, the application would first have to have access to the docker daemon (so it can call inspect). If an application has access to the docker daemon then it can also run docker exec echo $YOUR_ENV_VAR
and retrieve it any way so hiding environment variables in docker inspect
adds no security.
Hope that helps.
这篇关于需要转换这个比较简单的docker拉动并运行命令到docker-compose.yml文件?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!