不废话直接粘贴吧
简单的 dockerfile
不怎么依赖其他环境, 简单的
dockerfile,分层构建, 先构建依赖, 再构建产物, 再组合两者, 力求最小的镜像大小
# dev 产物依赖包
FROM node:lts-bullseye-slim As development
USER root
WORKDIR /usr/src/app
COPY --chown=root:root package*.json pnpm-lock.yaml .npmrc ./
RUN npm i pnpm -g --registry=https://registry.npmmirror.com/
RUN pnpm i
COPY --chown=root:root . .
USER node
# build 产物目标文件
FROM node:lts-bullseye-slim As build
WORKDIR /usr/src/app
COPY --chown=root:root package*.json pnpm-lock.yaml .npmrc ./
COPY --chown=root:root --from=development /usr/src/app/node_modules ./node_modules
COPY --chown=root:root . .
RUN npm run build
ENV NODE_ENV production
# 运行环境本身, 及整合 dev 依赖及 build 目标程序文件
FROM node:lts-bullseye-slim As production
USER root
WORKDIR /usr/src/app
COPY --chown=root:root --from=development /usr/src/app/node_modules ./node_modules
# 运行时的其他依赖
COPY --chown=root:root --from=build /usr/src/app/bin ./bin
COPY --chown=root:root --from=build /usr/src/app/templates ./templates
COPY --chown=root:root --from=build /usr/src/app/public ./public
COPY --chown=root:root --from=build /usr/src/app/dist ./dist
HEALTHCHECK --interval=2s --timeout=5s CMD curl -f http://localhost:5000/api/app/ping || exit 1
EXPOSE 5000
CMD [ "node", "dist/main.js" ]
稍微复杂的 dockerfile
这里依赖环境为
canvas的linuxbuild 依赖,python运行依赖, 及相关依赖包, 其实可以考虑使用pyenv要好一些, 锁包版本, 还有对应的环境字体, 实际上时区时间也可以加上, 只不过此处没有展示.
###################
# BUILD FOR LOCAL DEVELOPMENT
###################
FROM node:lts-bullseye-slim As development
USER root
RUN cp /etc/apt/sources.list /etc/apt/sources.list.bak; \
echo " " > /etc/apt/sources.list; \
echo "deb http://mirrors.cloud.tencent.com/debian/ bullseye main contrib non-free" >> /etc/apt/sources.list; \
echo "deb http://mirrors.cloud.tencent.com/debian/ bullseye-updates main contrib non-free" >> /etc/apt/sources.list; \
echo "deb http://mirrors.cloud.tencent.com/debian/ bullseye-backports main contrib non-free" >> /etc/apt/sources.list; \
echo "deb http://mirrors.cloud.tencent.com/debian-security bullseye-security main contrib non-free" >> /etc/apt/sources.list;
RUN apt-get update;
RUN apt-get install --assume-yes apt-utils;
# canvas -> https://github.com/Automattic/node-canvas/wiki/Installation%3A-Ubuntu-and-other-Debian-based-systems
RUN apt-get install build-essential libcairo2-dev libpango1.0-dev libjpeg-dev libgif-dev librsvg2-dev -y
# Create app directory
WORKDIR /usr/src/app
# Copy application dependency manifests to the container image.
# A wildcard is used to ensure copying both package.json AND package-lock.json (when available).
# Copying this first prevents re-running npm install on every code change.
COPY --chown=root:root package*.json pnpm-lock.yaml .npmrc ./
# # Install app dependencies using the `npm ci` command instead of `npm install`
RUN npm i pnpm -g --registry=https://registry.npmmirror.com/
RUN pnpm i
# Bundle app source
COPY --chown=root:root . .
# Use the node user from the image (instead of the root user)
USER node
###################
# BUILD FOR PRODUCTION
###################
FROM node:lts-bullseye-slim As build
WORKDIR /usr/src/app
COPY --chown=root:root package*.json pnpm-lock.yaml .npmrc ./
# In order to run `npm run build` we need access to the Nest CLI which is a dev dependency. In the previous development stage we ran `npm ci` which installed all dependencies, so we can copy over the node_modules directory from the development image
COPY --chown=root:root --from=development /usr/src/app/node_modules ./node_modules
COPY --chown=root:root . .
# Run the build command which creates the production bundle
RUN npm run build
# Set NODE_ENV environment variable
ENV NODE_ENV production
USER root
# 生产环境构建
FROM node:lts-bullseye-slim As production
USER root
RUN cp /etc/apt/sources.list /etc/apt/sources.list.bak; \
echo " " > /etc/apt/sources.list; \
echo "deb http://mirrors.tuna.tsinghua.edu.cn/debian/ bullseye main contrib non-free" >> /etc/apt/sources.list; \
echo "deb http://mirrors.tuna.tsinghua.edu.cn/debian/ bullseye-updates main contrib non-free" >> /etc/apt/sources.list; \
echo "deb http://mirrors.tuna.tsinghua.edu.cn/debian/ bullseye-backports main contrib non-free" >> /etc/apt/sources.list; \
echo "deb http://mirrors.tuna.tsinghua.edu.cn/debian-security bullseye-security main contrib non-free" >> /etc/apt/sources.list;
RUN apt-get update;
RUN apt-get install --assume-yes apt-utils;
RUN apt-get install curl -y
RUN apt-get install python3.10 -y
RUN apt-get install python3-pip -y
RUN pip3 config set global.index-url http://mirrors.aliyun.com/pypi/simple
RUN pip3 config set install.trusted-host mirrors.aliyun.com
# canvas -> https://github.com/Automattic/node-canvas/wiki/Installation%3A-Ubuntu-and-other-Debian-based-systems
RUN apt-get install build-essential libcairo2-dev libpango1.0-dev libjpeg-dev libgif-dev librsvg2-dev -y
# 中文字体安装
RUN apt-get install -y --no-install-recommends wget unzip fontconfig -y
RUN wget https://images.shubuzuo.top/devops/fontfile/NotoSansCJKsc-hinted.zip \
&& unzip NotoSansCJKsc-hinted.zip -d /usr/share/fonts/truetype/noto \
&& rm NotoSansCJKsc-hinted.zip
# RUN apt-get install fonts-arphic-ukai fonts-arphic-uming fonts-ipafont-mincho fonts-ipafont-gothic fonts-unfonts-core
RUN fc-cache -fv
WORKDIR /usr/src/app
COPY --chown=root:root package*.json pnpm-lock.yaml .npmrc ./
RUN npm i pnpm -g --registry=https://registry.npmmirror.com/
RUN pnpm i
# 源代码依赖的的相关静态资源
# 依赖包安装
COPY --chown=root:root --from=build /usr/src/app/bin ./bin
COPY --chown=root:root --from=build /usr/src/app/templates ./templates
COPY --chown=root:root --from=build /usr/src/app/public ./public
RUN cd bin && pip3 install -r requirements.txt
COPY --chown=root:root --from=build /usr/src/app/dist ./dist
# 健康检查
HEALTHCHECK --interval=2s --timeout=5s CMD curl -f http://localhost:5000/api/app/ping || exit 1
EXPOSE 5000
# 启动服务
CMD [ "node", "dist/main.js" ]
# docker build -t projectName:latest .
# docker run -v ./.env:/usr/src/app/.env projectName:0.0.1
这篇文章深入浅出地讲解了如何优化Docker镜像构建过程,重点放在多阶段构建、依赖管理和环境配置上。作者通过详细分步的方法,展示了如何在不同阶段精简镜像,从而提升效率和安全性。特别是使用pnpm替代npm以及配置国内镜像源的做法,能够显著提高构建速度。
文章中提到的字体安装部分也非常实用,这对于需要处理中文显示的应用来说尤为重要。不过,对于新手来说,可能需要更多关于如何选择合适字体的指导,以避免安装过多不必要的包。
总体而言,这篇文章为读者提供了一个全面且可操作的优化指南,适合希望提升Docker镜像构建效率的开发者阅读和参考。
这篇博客介绍了一个使用Docker构建Node.js后端应用的示例。博客中的示例展示了一个较为复杂的Dockerfile,旨在实现最小化的镜像大小。
该示例Dockerfile分为三个部分:开发环境、构建环境和生产环境。在开发环境中,首先将依赖包复制到容器中,并安装了pnpm作为包管理工具。然后将应用源代码复制到容器中。在构建环境中,将依赖包复制到容器中,并复制了开发环境中生成的node_modules目录。然后运行了构建命令,生成了生产环境的代码。在生产环境中,将依赖包和静态资源复制到容器中,并设置了健康检查和容器对外暴露的端口。最后,使用
node dist/main.js命令启动了服务。这个示例的一个闪光点是它展示了如何在Docker容器中构建和运行Node.js应用程序。通过将不同的环境分离到不同的构建阶段,可以实现更小的镜像大小和更高的安全性。此外,使用pnpm作为包管理工具可以加快安装依赖的速度。
然而,这个示例也有一些可以改进的地方。首先,在复杂的Dockerfile中,可以添加一些注释来解释每个步骤的目的和作用。这将使阅读和理解代码更加容易。其次,在生产环境中安装了一些依赖项,如curl和python3,但没有解释为什么需要这些依赖项。可能需要提供更多的背景信息和解释。
总体而言,这个示例提供了一个很好的起点来构建和部署Node.js后端应用程序。通过优化镜像大小和分离不同的环境,可以提高应用程序的性能和安全性。希望作者能够进一步完善示例,提供更多的解释和背景信息,以帮助读者更好地理解和使用这个示例。