I have a Dockerfile that creates the build image I want to use here: ~/build/Dockerfile then I use a standard image to deploy
The image built from ~/build/Dockerfile is not Published anywhere, I know I can simply copy paste the one Dockerfile into the other, however it would be better if I could simply reference it so..
Is it possible to somehow reference the Dockerfile itself when deploying?
like so:
FROM [insert something that creates an image using ~/build/Dockerfile] as build-env
... build operations ....
FROM some-image
COPY --from=build-env /built .
ENTRYPOINT [blah]
This won't work but is there some other way to accomplish this?
No you can't do it because you have to provide an image to FROM.
Change the COPY line to
COPY --from=step1 /built .
And write a script to build your image:
cd path1
docker build -t step1 .
cd path2
docker build -t final_image .
(if you don't want to hard code step1 in the Dockerfile, replace it with a var and call with ARG)
Generally things in Docker space like the docker run command and the FROM directive will use a local image if it exists; it doesn't need to be pushed to a repository. That means you can build your first image and refer to it in the later Dockerfile by name. (There's no way to refer to the other Dockerfile per se.)
Newer versions of Docker have an extended form of the Dockerfile COPY command which
accepts a flag --from=<name|index>.... In case a build stage with a specified name can’t be found an image with the same name is attempted to be used instead.
So if you ahead of time run
docker build -t build-env ~/build
then the exact syntax you show in your proposed Dockerfile will work
FROM some-image
COPY --from=build-env /built .
and it doesn't matter that the intermediate build image isn't actually pushed anywhere.
Related
I have two Dockerfile,
Dockerfile1
FROM centos:centos7
WORKDIR /root
ONBUILD COPY ./onbuilddemo.txt /tmp/onbuilddemo.txt
Dockerfile2
FROM onbuilddemo:latest
FROM adoptopenjdk/openjdk8:jre8u352-b05-ea-ubuntu-nightly
EXPOSE 8080
WORKDIR /root
CMD ["npm", "start"]
The image created out of dockerfile1 is onbuilddemo:latest
Now, when Im running the container built out of the image created from Dockerfile2 , then Im not seeing the file (onbuilddemo.txt) created/available in /tmp folder
Can someone please help , what Im missing . Thanks
You never used the onbuilddemo:latest image for anything, and if built with buildkit, this first step would be completely skipped:
FROM onbuilddemo:latest
FROM adoptopenjdk/openjdk8:jre8u352-b05-ea-ubuntu-nightly
A multi-stage build is used to split build dependencies from the runtime image. It does not merge multiple images together (there's no way to universally do this with arbitrary Linux filesystems that would result in a lot of broken use cases).
You need to remove the second from step, or copy the file from the first to second stage (using copy --from), or add the onbuild definition to the other base image.
Note that onbuild tends to be a bad idea, it's hard to debug and is rarely documented in places that someone is looking to explain the behavior of their build. If you can't run the steps in an entrypoint, consider templating the Dockerfile so that it's clear exactly what's being performed in the build.
I have two custom images. One is for developing websites using next.js and the other is to develop APIs.
My company/site image is like:
FROM node:lts-bullseye-slim
# the rest of it
And my company/api image is like:
ARG VARIANT="6.0-bullseye-slim"
FROM mcr.microsoft.com/vscode/devcontainers/dotnet:${VARIANT}
# the rest of it
The problem is that, the COPY commands works when I use company/api as my FROM image, but fails when I use company/site.
In other words, this works:
FROM company/api
COPY . .
RUN /buildScript.sh
But for the same directory, the same context, the same everything, this fails:
FROM compnay/site
COPY . .
RUN /buildScript.sh
In other words, COPY copies no file to the image. Everything is the same. There is no .dockerignore file. The same directory, the same context, the same syntax docker build -t company/api-or-site .
The only thing that causes this fail, is changing the base image.
What can cause this error? How can I debug this?
After spending days on this, I finally realized what the problem was.
When you create a custom image using a Dockerfile, if you use the WORKDIR command, then that would be the . in your future COPY commands.
Consider the following image:
FROM node:lts-bullseye-slim
# Your specific commands
WORKDIR /project
Let's say you build this image and tag it company/node.
Now if you want to use it as the base image for another image, and COPY . . files, then those files would be copied to the /project directory.
FROM company/node
COPY . . # here, the second dot means the relative path inside the company/node image
In AWS ECR I have 2 images, and I wish to create an image that is the result of combining the contents of these two images. I have the following Dockerfile to do this:
FROM *insert image uri of image #1* as a
COPY --from=a . /a
FROM *insert image uri of image #2* as b
COPY --from=b . /b
When I try to run docker build . -t final-image:latest --file ., I get Error response from daemon: unexpected error reading Dockerfile: read /var/lib/docker/tmp/docker-builder590433020: is a directory. Would anyone know what the correct way to build this image would be?
You are passing a directory in place of the file argument.
Since you are used the dot, which is the current dir, you can omit the file argument, given the assumption your Dockerfile is called Dockerfile and exists in the context dir. Otherwise, point to it to the actual file.
In any case, use the dot as (last) positional argument to provide the context dir.
Run one of:
docker build --tag myimge .
docker build --tag myimage --file /path/to/Dockerfile .
Afterwards, your Dockerfile doesn't make a lot of sense. If you want to copy from 2 existing images, you can reference them directly.
As example:
FROM busybox
COPY --from=docker.io/ubuntu /foo /a
COPY --from=docker.io/debian /bar /b
Another problem is that you COPY from the same stage you are currently in, twice:
FROM foo as a
# here you say copy from a but you are currently in a
# so that doesnt make sense
COPY --from=a . /a
If you want to copy from a previous stage, you need to name the previous stage, not the current one:
FROM foo as a
RUN /touch /myfile
FROM bar as b
COPY --from a /myfile /mycopy
You can chain this, of course, with more stages.
I have a very simple Dockerfile like the below :-
FROM my-base-image
COPY abc.properties /opt/conf/
Now my base-image has a docker entrypoint (at the end of its Dockerfile) but this resulting image as you can see has none. Does this work or do we need to have a docker entrypoint/CMD in any given Dockerfile. Also what would be the order of execution for the COPY instruction in the resulting image. With this i mean since this Dockerfile has no entrypoint it would execute one from the base image but will that be executed after the COPY instruction or will the base image entrypoint be executed first and then execute this COPY instruction when the container starts
Just looking for concepts in docker.
Several of the Dockerfile directives (notably ENTRYPOINT and CMD, but also EXPOSE, LABEL, and MAINTAINER) just set metadata in the image; they don't really do anything themselves. Within a single Dockerfile this will work just fine:
FROM ubuntu:18.04
WORKDIR /app
# Just remembers this in the image metadata; doesn't actually run it
CMD ["/app/main.sh"]
# ...we should actually copy the file in too
COPY main.sh /app
When you have one Dockerfile built FROM another image it acts almost entirely like you ran all of the commands in the first Dockerfile, then all of the commands in the second Dockerfile. Since CMD and ENTRYPOINT just set metadata, the second image inherits this metadata.
Building and running an image are two separate steps. In the example you show, the COPY directive happens during the docker build step, and the base image's command doesn't take effect until the later docker run step. (This is also true in Docker Compose; a common question is about why Dockerfile steps can't connect to other containers declared in the Compose YAML file.)
There is one exception, and it's around ENTRYPOINT. If you have a base image that declares an ENTRYPOINT and a CMD both, and you redeclare the ENTRYPOINT in a derived image, it resets the CMD as well (very last paragraph in this section). This usually isn't a practical problem.
When you build an image, the Dockerfiles are merged as per their instructions. Building an image doesnt mean it runs. So ideally your instructions from your Base Dockerfile and your current Dockerfile will be packed. Since you have mentioned CMD entrypoint in the Base Dockerfile, that will be used for execution of your image inside the container, when you use docker run.
So when you build your image, the COPY statement from your child Dockerfile will also get set. and your image must be built fine.
Execute your docker build and docker run and let us know
I am confused about whether . means that it's a shortened abbreviation of the current directory of the image or if it's the current working directory on the local machine. Or is it the same meaning of . in most console commands like essentially selecting all in the current directory.
COPY somecode.java .
#copy the rest of the code
COPY . .
The . also seems to mean find the docker file in the current directory.
docker build -t image-tag .
The . simply means "current working directory"
docker build
In the context of the docker build command, you are using it to signal that the build context for docker build is the current working directory. Like so:
docker build -t mytag:0.1 .
Let's say that you have this structure:
/home/me/myapp/
├── Dockerfile
├── theapp.py
And you invoke the docker build command from /home/me/myapp - you will pass the current working directory as the build context. This means that docker will see the following filestructure when building:
/
├── Dockerfile
├── theapp.py
Dockerfile
In the context of a Dockerfile, it means that same. Both inside and outside the image.
Take this COPY instruction for example:
COPY . /app
Here the . means the current working directory, where the docker build command is executed. This will be relative the to build context that is passed to the docker build command.
For this COPY instruction:
COPY theapp.py .
It means, take the file theapp.py and copy it to the working directory of the docker image that is being built. This directory can be set at build time with the WORKDIR instruction, so that:
WORKDIR /app
COPY theapp.py .
Would leave you with the file /app/theapp.py inside the resulting docker image.
Finally, this COPY instruction:
COPY . .
Means take everything from the working directory where the docker build command is issued, relative to the build context that is passed to it. And copy it to the current working directory of the docker image.
I saw 3 . characters on your question, so let me expand one by one.
The first, as you imagine, the . character means the current directory.
In your Dockerfile
COPY . .
The second dot represented the current location on your virtual machine. Whenever you run cd command in the Dockerfile. That may be easy to understand.
The first dot more unintelligible a little. The first dot character represented the current location on your host machine. The location you input after docker build command like that:"docker build [options] <location>".
Docker build command
The dot character means the current directory whenever you call your docker build command. For example:
[~]$ docker build .
The dot character represented for default home directory of this user on your real machine.
It depends on the context. In your COPY somecode.java . it's the image. In COPY . . it's both. The first dot is in the local machine and the second dot is the image.
In the docker build command, it tells Docker to take files for the newly built image from the working directory on your local machine.
As others said, it's basically just means "current working directory". But when building a Docker image, there are two of those. One in your local machine where you're building the image. The second one is the file system that's built in the image.
.(dot) means current working directory.