Dockerfile中的mkdir .ssh，文件夹不存在吗？ [英] mkdir .ssh in a Dockerfile, folder is not there?

问题描述

我希望我的Dockerfile指向mkdir .ssh /

但是，为什么不呢？

I want my Dockerfile to mkdir .ssh/
But it does not, why not?

FROM jenkinsci/jnlp-slave

MAINTAINER Johnny5 isAlive <johnny5@hotmail.com>

USER root

RUN rm /bin/sh && ln -s /bin/bash /bin/sh

RUN apt-get update
RUN apt-get install unzip git curl vim -y

USER jenkins

RUN mkdir -p /home/jenkins/.ssh && touch /home/jenkins/.ssh/aFile

...正在构建...
看起来不错吗？

...building... Looks fine?

Step 12 : RUN mkdir -p /home/jenkins/.ssh && touch /home/jenkins/.ssh/aFile
 ---> Running in ca19a679580d
 ---> 5980df7db482
Removing intermediate container ca19a679580d
Successfully built 5980df7db482

运行并环顾四周， .ssh /文件夹和里面的aFile不存在...

Running and looking around, the .ssh/ folder and aFile inside are not there ...

$ docker run -it -u 0 --entrypoint /bin/bash 5980df7db482
root@4aa40a18baf2:~# pwd
/home/jenkins
root@4aa40a18baf2:~# ls -al
total 24
drwxr-xr-x 3 jenkins jenkins 4096 Oct 17 23:17 .
drwxr-xr-x 4 root    root    4096 Sep 14 08:50 ..
-rw-r--r-- 1 jenkins jenkins  220 Nov 12  2014 .bash_logout
-rw-r--r-- 1 jenkins jenkins 3515 Nov 12  2014 .bashrc
-rw-r--r-- 1 jenkins jenkins  675 Nov 12  2014 .profile
drwxr-xr-x 2 jenkins jenkins 4096 Sep 14 08:50 .tmp
root@4aa40a18baf2:~# 

推荐答案

如果我拉出父映像，则 jenkinsci / jnlp-slave ，然后使用 docker检查它，检查jenkinsci / jnlp-slave ，我可以看到它已经在 / home / jenkins 中定义了一个卷：

If I pull the parent image, jenkinsci/jnlp-slave, and inspect it with docker inspect jenkinsci/jnlp-slave, I can see that it already has a volume defined at /home/jenkins:

[
    {
        ...
        "ContainerConfig": {
            ...
            "Volumes": {
                "/home/jenkins": {}
            },
        ...
    }
]

这意味着在每个构建步骤中，您对该位置所做的任何更改都不会提交到您的新图层。

This means that during each build step, any changes you make to that location won't be committed to your new layer.

这是Dockerfile的简化版本，以突出显示正在发生的事情：

Here's a simplified version of your Dockerfile to highlight what's going on:

FROM jenkinsci/jnlp-slave
RUN mkdir -p /home/jenkins/.ssh

现在，让我们使用以下命令进行构建： docker build --no-cache --rm = false -t jns。：

Now, let's build with the following command: docker build --no-cache --rm=false -t jns .:

Sending build context to Docker daemon  2.56 kB
Step 1 : FROM jenkinsci/jnlp-slave
 ---> d7731d944ad7
Step 2 : RUN mkdir -p /home/jenkins/.ssh
 ---> Running in 520a8e2f7cae
 ---> 962189878d5e
Successfully built 962189878d5e

-无缓存选项使该命令在重复调用时更易于使用。 -rm = false 将使构建器不删除为每个步骤创建的容器。

The --no-cache option makes the command easier to work with on repeat invocations. The --rm=false will cause the builder to not remove the containers created for each step.

在这种情况下，构建者在我的系统上运行了520a8e2f7cae中的第2步。现在，我可以执行 docker检查520a8e2f7cae 并查看用于此步骤的实际容器了。具体来说，我对安装位置感到好奇：

In this case, the builder ran the Step 2 in 520a8e2f7cae on my system. I can now do a docker inspect 520a8e2f7cae and see the actual container used for this step. Specifically, I'm curious about the mounts location:

[
    {
    ...
    "Mounts": [
        {
        "Name": "e34fd82bd190f21dbd63b5cf70167a16674cd00d95fdc6159314c25c6d08e10e",
        "Source": "/var/lib/docker/volumes/e34fd82bd190f21dbd63b5cf70167a16674cd00d95fdc6159314c25c6d08e10e/_data",
        "Destination": "/home/jenkins",
        "Driver": "local",
        "Mode": "",
        "RW": true,
        "Propagation": ""
        }
    ],
    ...
    }
]

我看到有一个ID为 e34fd82bd190f21dbd63b5cf70167a16674cd00d95fdc6159314c25c6d08e10e 的匿名卷，价格为 / home / jenkins 。

I see that there's an anonymous volume with id e34fd82bd190f21dbd63b5cf70167a16674cd00d95fdc6159314c25c6d08e10e for /home/jenkins.

我可以像这样检查该卷的内容：

I can inspect the contents of that volume like this:

$ docker run --rm -v e34fd82bd190f21dbd63b5cf70167a16674cd00d95fdc6159314c25c6d08e10e:/volume alpine ls -lah /volume
total 28
drwxr-xr-x    4 10000    10000       4.0K Oct 18 02:49 .
drwxr-xr-x   25 root     root        4.0K Oct 18 02:55 ..
-rw-r--r--    1 10000    10000        220 Nov 12  2014 .bash_logout
-rw-r--r--    1 10000    10000       3.4K Nov 12  2014 .bashrc
-rw-r--r--    1 10000    10000        675 Nov 12  2014 .profile
drwxr-xr-x    2 10000    10000       4.0K Oct 18 02:49 .ssh
drwxr-xr-x    2 10000    10000       4.0K Sep 14 08:50 .tmp

在RUN步骤中创建的 .ssh 目录在此卷中。由于卷不属于容器的写入层，因此不会提交。我可以通过在此容器上执行 docker diff 来确认这一点：

The .ssh directory created in the RUN step is in this volume. Since volumes aren't part of the container's write layer, it won't get committed. I can confirm this by doing a docker diff on this container:

docker diff 520a8e2f7cae

没有输出，显示容器的文件系统没有变化，这就是为什么它没有

There is no output, showing no changes to the container's filesystem, which is why it doesn't come forward into this layer of the image.

此位置的其他内容是父映像中在VOLUME指令之前提交的文件，该文件使 / home / jenkins 放入一个卷中。

The other contents at this location are files in the parent image that were committed before the VOLUME directive that made /home/jenkins into a volume.

这篇关于Dockerfile中的mkdir .ssh，文件夹不存在吗？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！