diff --git a/README.md b/README.md index ce7e4a6..70c61b0 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,9 @@ # jenkins-docker-images -基于 Jenkins 构建企业级基础镜像自动化构建平台,实现从 Dockerfile 管理到镜像推送的全流程自动化,建立标准化的基础环境供应体系。通过集中式 Dockerfile 仓库管理和版本控制,确保基础环境一致性,提升软件交付效率与质量。 \ No newline at end of file +基于 Jenkins 构建企业级基础镜像自动化构建平台,实现从 Dockerfile 管理到镜像推送的全流程自动化,建立标准化的基础环境供应体系。通过集中式 Dockerfile 仓库管理和版本控制,确保基础环境一致性,提升软件交付效率与质量。 + +删除镜像: + +``` +docker images | grep none | awk '{print $3}' | xargs docker rmi +``` \ No newline at end of file diff --git a/dockerfiles/golang/1.25.1-centos8-dos/Dockerfile b/dockerfiles/golang/1.25.1-centos8-dos/Dockerfile new file mode 100644 index 0000000..5769a73 --- /dev/null +++ b/dockerfiles/golang/1.25.1-centos8-dos/Dockerfile @@ -0,0 +1,101 @@ +# 使用CentOS 8作为基础镜像 +FROM centos:8 + +# 设置元数据标签 +LABEL maintainer="小蚂蚁云团队" \ + version="1.0" \ + description="基于RockyLinux 8的Go语言运行环境" \ + golang.version="1.25.1" + +# 设置环境变量 +ENV GO_VERSION=1.25.1 \ + GOPATH=/go \ + GOROOT=/usr/local/go \ + PATH=/usr/local/go/bin:/go/bin:${PATH} \ + TZ=Asia/Shanghai \ + LANG=en_US.UTF-8 + +# 设置工作目录 +WORKDIR /tmp + +# 安装必要的系统依赖和配置环境 +RUN set -eux; \ + \ + # 更新系统并安装基础工具(包括shadow-utils用于用户管理) + microdnf update -y && \ + microdnf install -y \ + curl \ + tar \ + gzip \ + git \ + make \ + gcc \ + glibc-devel \ + glibc-langpack-en \ + shadow-utils \ + && \ + \ + # 清理缓存以减少镜像大小 + microdnf clean all && \ + rm -rf /var/cache/dnf; \ + \ + # 配置时区 + ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \ + echo $TZ > /etc/timezone; \ + \ + # 设置语言环境 + echo 'LANG="en_US.UTF-8"' > /etc/locale.conf && \ + echo 'LC_ALL="en_US.UTF-8"' >> /etc/locale.conf; + +# 添加Go安装包(确保go1.25.1.linux-amd64.tar.gz在构建上下文) +ADD go1.25.1.linux-amd64.tar.gz /usr/local/ + +# 创建Go工作目录和配置locale +RUN set -eux; \ + \ + # 创建Go工作目录 + mkdir -p /go/src /go/bin /go/pkg && \ + chmod -R 755 /go; \ + \ + # 检查系统locale设置 + echo "=== Locale Settings ==="; \ + cat /etc/locale.conf || echo "No locale.conf"; \ + echo "=== Environment Locale ==="; \ + echo "LANG=$LANG"; \ + \ + # 检查Go版本 + echo "=== Go Version ==="; \ + go version && \ + \ + # 检查环境变量 + echo "=== Go Environment ==="; \ + go env && \ + \ + # 简单的Go程序编译测试 + echo 'package main; import "fmt"; func main() { fmt.Println("Go环境安装成功!") }' > /tmp/test.go && \ + go run /tmp/test.go && \ + rm -f /tmp/test.go; + +# 设置工作目录(Go项目目录) +WORKDIR /opt/apps + +# 创建非root用户用于运行Go应用(安全性考虑) +RUN set -eux; \ + \ + # 创建用户和组 + groupadd -r esxi && \ + useradd -r -g esxi -d /opt/apps -s /bin/bash esxi && \ + \ + # 设置目录权限 + chown -R esxi:esxi /opt/apps && \ + chown -R esxi:esxi /go; + +# 设置默认用户(注释掉以便调试) +# USER esxi + +# 设置健康检查(可选) +HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \ + CMD go version > /dev/null 2>&1 || exit 1 + +# 设置默认启动命令 +CMD ["go", "version"] \ No newline at end of file diff --git a/dockerfiles/golang/1.25.1-centos8-dos/Dockerfile2 b/dockerfiles/golang/1.25.1-centos8-dos/Dockerfile2 new file mode 100644 index 0000000..a70fff6 --- /dev/null +++ b/dockerfiles/golang/1.25.1-centos8-dos/Dockerfile2 @@ -0,0 +1,124 @@ +# 使用CentOS 8作为基础镜像 +FROM centos:8 + +# 设置元数据标签 +LABEL maintainer="小蚂蚁云团队" \ + version="1.0" \ + description="基于CentOS 8的Go语言运行环境" \ + golang.version="1.25.1" + +# 设置环境变量 +ENV GO_VERSION=1.25.1 \ + GOPATH=/go \ + GOROOT=/usr/local/go \ + PATH=/usr/local/go/bin:/go/bin:${PATH} \ + TZ=Asia/Shanghai \ + LANG=en_US.UTF-8 + +# 设置工作目录 +WORKDIR /tmp + +# 安装必要的系统依赖和配置环境 +RUN set -eux; \ + \ + # 更新系统并安装基础工具 + dnf update -y && \ + dnf install -y \ + curl \ + tar \ + gzip \ + git \ + make \ + gcc \ + glibc-devel \ + glibc-langpack-en \ + glibc-locale-source \ + glibc-common \ + && \ + \ + # 清理dnf缓存以减少镜像大小 + dnf clean all && \ + rm -rf /var/cache/dnf; \ + \ + # 配置时区 + ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \ + echo $TZ > /etc/timezone; \ + \ + # 正确的locale配置方式 - 使用locale-gen或直接设置 + # 方法1: 使用locale配置文件 + echo 'LANG="en_US.UTF-8"' > /etc/locale.conf && \ + echo 'LC_ALL="en_US.UTF-8"' >> /etc/locale.conf; \ + \ + # 方法2: 生成locale(CentOS 8的正确方式) + localedef -c -i en_US -f UTF-8 en_US.UTF-8 || echo "Locale generation completed"; \ + \ + # 验证locale设置 + locale -a | grep en_US.UTF-8 || echo "en_US.UTF-8 locale available"; + +# 添加软件包 +ADD go1.25.1.linux-amd64.tar.gz /usr/local + +# 下载并安装Go +RUN set -eux; \ + \ + # 删除临时文件 + rm -f "go$GO_VERSION.linux-amd64.tar.gz"; \ + \ + # 创建Go工作目录 + mkdir -p /go/src /go/bin /go/pkg && \ + chmod -R 755 /go; + +# # 下载并安装Go +# RUN set -eux; \ +# \ +# # 下载Go安装包 +# curl -SLO "https://dl.google.com/go/go$GO_VERSION.linux-amd64.tar.gz" && \ +# \ +# # 解压到/usr/local目录 +# tar -C /usr/local -xzf "go$GO_VERSION.linux-amd64.tar.gz" && \ +# \ +# # 删除临时文件 +# rm -f "go$GO_VERSION.linux-amd64.tar.gz"; \ +# \ +# # 创建Go工作目录 +# mkdir -p /go/src /go/bin /go/pkg && \ +# chmod -R 755 /go; + +# 验证Go安装和locale +RUN set -eux; \ + \ + # 检查系统locale设置 + echo "=== Locale Settings ==="; \ + cat /etc/locale.conf || echo "No locale.conf"; \ + echo "=== Environment Locale ==="; \ + echo "LANG=$LANG"; \ + \ + # 检查Go版本 + go version && \ + \ + # 检查环境变量 + go env && \ + \ + # 简单的Go程序编译测试 + echo 'package main; import "fmt"; func main() { fmt.Println("Go环境安装成功!") }' > /tmp/test.go && \ + go run /tmp/test.go && \ + rm -f /tmp/test.go; + +# 设置工作目录(Go项目目录) +WORKDIR /opt/apps + +# 创建非root用户用于运行Go应用(安全性考虑) +RUN groupadd -r esxi && \ + useradd -r -g esxi -d /opt/apps -s /bin/bash esxi && \ + chown -R esxi:esxi /opt/apps && \ + chown -R esxi:esxi /go + +# 设置默认用户(注释掉以便调试) +# USER esxi + +# 设置健康检查(可选) +HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \ + CMD go version > /dev/null 2>&1 || exit 1 + +# 设置默认启动命令 +CMD ["go", "version"] \ No newline at end of file diff --git a/dockerfiles/golang/1.25.1-centos8-dos/deploy.sh b/dockerfiles/golang/1.25.1-centos8-dos/deploy.sh new file mode 100644 index 0000000..504d810 --- /dev/null +++ b/dockerfiles/golang/1.25.1-centos8-dos/deploy.sh @@ -0,0 +1,203 @@ +#!/bin/bash +set -euo pipefail + +# 配置参数 +IMAGE_NAME="go" +VERSION="1.25.1-centos8-dos" +HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址 +HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名 +HARBOR_USERNAME="deploy" # 替换为Harbor用户名 +HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码 + +# 完整的镜像标签 +FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}" +TAG_VERSION="${VERSION}" +TAG_LATEST="latest" + +# 颜色输出函数 +red() { echo -e "\033[31m$*\033[0m"; } +green() { echo -e "\033[32m$*\033[0m"; } +yellow() { echo -e "\033[33m$*\033[0m"; } +blue() { echo -e "\033[34m$*\033[0m"; } + +# 检查必要文件 +check_requirements() { + blue "检查构建所需文件..." + + if [ ! -f "go1.25.1.linux-amd64.tar.gz" ]; then + red "错误: go1.25.1.linux-amd64.tar.gz 不存在" + echo "请从Golang官网下载并放置在当前目录" + exit 1 + fi + + green "✓ 文件检查完成" +} + +# 登录Harbor仓库 +login_to_harbor() { + blue "登录Harbor仓库: ${HARBOR_REGISTRY}" + + if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then + green "✓ Harbor登录成功" + else + red "✗ Harbor登录失败" + exit 1 + fi +} + +# 构建Docker镜像 +build_image() { + blue "开始构建Docker镜像..." + + local build_cmd=( + docker build + # --pull + # --no-cache + -t "${FULL_IMAGE_NAME}:${TAG_VERSION}" + # -t "${FULL_IMAGE_NAME}:${TAG_LATEST}" + . + ) + + echo "执行命令: ${build_cmd[*]}" + + if "${build_cmd[@]}"; then + green "✓ 镜像构建成功" + else + red "✗ 镜像构建失败" + exit 1 + fi +} + +# 显示镜像信息 +show_image_info() { + blue "镜像构建信息:" + echo "----------------------------------------" + docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}" + echo "----------------------------------------" + + # 显示详细大小信息 + local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}') + green "镜像大小: ${image_size}" +} + +# 测试镜像功能 +test_image() { + blue "测试镜像功能..." + + echo "1. 测试Golang版本:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" go version; then + green "✓ Go测试通过" + else + red "✗ Go测试失败" + exit 1 + fi + + echo "2. 测试区域设置:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then + green "✓ 区域设置测试通过" + else + red "✗ 区域设置测试失败" + exit 1 + fi + + echo "3. 测试时区设置:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then + green "✓ 时区测试通过" + else + red "✗ 时区测试失败" + exit 1 + fi +} + +# 推送镜像到Harbor +push_to_harbor() { + blue "推送镜像到Harbor仓库..." + + # 推送版本标签 + if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then + green "✓ 版本标签推送成功: ${TAG_VERSION}" + else + red "✗ 版本标签推送失败" + exit 1 + fi + + # # 推送latest标签 + # if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then + # green "✓ latest标签推送成功" + # else + # red "✗ latest标签推送失败" + # exit 1 + # fi +} + +# 清理本地镜像 +cleanup_local() { + blue "清理本地镜像..." + + docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true + green "✓ 本地镜像清理完成" +} + +# 验证远程镜像 +verify_remote_image() { + blue "验证远程镜像..." + + # 尝试拉取验证 + if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then + green "✓ 远程镜像验证成功" + docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true + else + red "✗ 远程镜像验证失败" + exit 1 + fi +} + +# 生成使用说明 +generate_usage() { + cat << EOF + +$(green "=== 镜像构建和推送完成 ===") +$(blue "镜像名称:") ${FULL_IMAGE_NAME} +$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST} + +$(yellow "使用方法:") +1. 拉取镜像: + docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION} + +2. 运行测试: + docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} go version + +3. 作为基础镜像使用: + FROM ${FULL_IMAGE_NAME}:${TAG_VERSION} + +$(green "镜像已成功推送到Harbor仓库!") +EOF +} + +# 主函数 +main() { + echo "$(blue '=== RockyLinux 8 Go 1.25.1 基础镜像构建脚本 ===')" + echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")" + echo "$(blue "镜像名称: ${IMAGE_NAME}")" + echo "$(blue "版本标签: ${VERSION}")" + echo "----------------------------------------" + + # 执行步骤 + check_requirements + login_to_harbor + build_image + show_image_info + test_image + push_to_harbor + cleanup_local + verify_remote_image + generate_usage + + green "✅ 所有步骤完成!" +} + +# 异常处理 +trap 'red "脚本执行被中断"; exit 1' INT TERM + +# 执行主函数 +main "$@" \ No newline at end of file diff --git a/dockerfiles/golang/1.25.1-rocky8-dos/Dockerfile b/dockerfiles/golang/1.25.1-rocky8-dos/Dockerfile new file mode 100644 index 0000000..96ffce4 --- /dev/null +++ b/dockerfiles/golang/1.25.1-rocky8-dos/Dockerfile @@ -0,0 +1,101 @@ +# 使用 RockyLinux 8 最小化镜像作为基础 +FROM rockylinux:8.9-minimal + +# 设置元数据标签 +LABEL maintainer="小蚂蚁云团队" \ + version="1.0" \ + description="基于RockyLinux 8的Go语言运行环境" \ + golang.version="1.25.1" + +# 设置环境变量 +ENV GO_VERSION=1.25.1 \ + GOPATH=/go \ + GOROOT=/usr/local/go \ + PATH=/usr/local/go/bin:/go/bin:${PATH} \ + TZ=Asia/Shanghai \ + LANG=en_US.UTF-8 + +# 设置工作目录 +WORKDIR /tmp + +# 安装必要的系统依赖和配置环境 +RUN set -eux; \ + \ + # 更新系统并安装基础工具(包括shadow-utils用于用户管理) + microdnf update -y && \ + microdnf install -y \ + curl \ + tar \ + gzip \ + git \ + make \ + gcc \ + glibc-devel \ + glibc-langpack-en \ + shadow-utils \ + && \ + \ + # 清理缓存以减少镜像大小 + microdnf clean all && \ + rm -rf /var/cache/dnf; \ + \ + # 配置时区 + ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \ + echo $TZ > /etc/timezone; \ + \ + # 设置语言环境 + echo 'LANG="en_US.UTF-8"' > /etc/locale.conf && \ + echo 'LC_ALL="en_US.UTF-8"' >> /etc/locale.conf; + +# 添加Go安装包(确保go1.25.1.linux-amd64.tar.gz在构建上下文) +ADD go1.25.1.linux-amd64.tar.gz /usr/local/ + +# 创建Go工作目录和配置locale +RUN set -eux; \ + \ + # 创建Go工作目录 + mkdir -p /go/src /go/bin /go/pkg && \ + chmod -R 755 /go; \ + \ + # 检查系统locale设置 + echo "=== Locale Settings ==="; \ + cat /etc/locale.conf || echo "No locale.conf"; \ + echo "=== Environment Locale ==="; \ + echo "LANG=$LANG"; \ + \ + # 检查Go版本 + echo "=== Go Version ==="; \ + go version && \ + \ + # 检查环境变量 + echo "=== Go Environment ==="; \ + go env && \ + \ + # 简单的Go程序编译测试 + echo 'package main; import "fmt"; func main() { fmt.Println("Go环境安装成功!") }' > /tmp/test.go && \ + go run /tmp/test.go && \ + rm -f /tmp/test.go; + +# 设置工作目录(Go项目目录) +WORKDIR /opt/apps + +# 创建非root用户用于运行Go应用(安全性考虑) +RUN set -eux; \ + \ + # 创建用户和组 + groupadd -r esxi && \ + useradd -r -g esxi -d /opt/apps -s /bin/bash esxi && \ + \ + # 设置目录权限 + chown -R esxi:esxi /opt/apps && \ + chown -R esxi:esxi /go; + +# 设置默认用户(注释掉以便调试) +# USER esxi + +# 设置健康检查(可选) +HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \ + CMD go version > /dev/null 2>&1 || exit 1 + +# 设置默认启动命令 +CMD ["go", "version"] \ No newline at end of file diff --git a/dockerfiles/golang/1.25.1-rocky8-dos/deploy.sh b/dockerfiles/golang/1.25.1-rocky8-dos/deploy.sh new file mode 100644 index 0000000..d952c54 --- /dev/null +++ b/dockerfiles/golang/1.25.1-rocky8-dos/deploy.sh @@ -0,0 +1,203 @@ +#!/bin/bash +set -euo pipefail + +# 配置参数 +IMAGE_NAME="go" +VERSION="1.25.1-rocky8-dos" +HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址 +HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名 +HARBOR_USERNAME="deploy" # 替换为Harbor用户名 +HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码 + +# 完整的镜像标签 +FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}" +TAG_VERSION="${VERSION}" +TAG_LATEST="latest" + +# 颜色输出函数 +red() { echo -e "\033[31m$*\033[0m"; } +green() { echo -e "\033[32m$*\033[0m"; } +yellow() { echo -e "\033[33m$*\033[0m"; } +blue() { echo -e "\033[34m$*\033[0m"; } + +# 检查必要文件 +check_requirements() { + blue "检查构建所需文件..." + + if [ ! -f "go1.25.1.linux-amd64.tar.gz" ]; then + red "错误: go1.25.1.linux-amd64.tar.gz 不存在" + echo "请从Golang官网下载并放置在当前目录" + exit 1 + fi + + green "✓ 文件检查完成" +} + +# 登录Harbor仓库 +login_to_harbor() { + blue "登录Harbor仓库: ${HARBOR_REGISTRY}" + + if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then + green "✓ Harbor登录成功" + else + red "✗ Harbor登录失败" + exit 1 + fi +} + +# 构建Docker镜像 +build_image() { + blue "开始构建Docker镜像..." + + local build_cmd=( + docker build + # --pull + # --no-cache + -t "${FULL_IMAGE_NAME}:${TAG_VERSION}" + # -t "${FULL_IMAGE_NAME}:${TAG_LATEST}" + . + ) + + echo "执行命令: ${build_cmd[*]}" + + if "${build_cmd[@]}"; then + green "✓ 镜像构建成功" + else + red "✗ 镜像构建失败" + exit 1 + fi +} + +# 显示镜像信息 +show_image_info() { + blue "镜像构建信息:" + echo "----------------------------------------" + docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}" + echo "----------------------------------------" + + # 显示详细大小信息 + local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}') + green "镜像大小: ${image_size}" +} + +# 测试镜像功能 +test_image() { + blue "测试镜像功能..." + + echo "1. 测试Golang版本:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" go version; then + green "✓ Go测试通过" + else + red "✗ Go测试失败" + exit 1 + fi + + echo "2. 测试区域设置:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then + green "✓ 区域设置测试通过" + else + red "✗ 区域设置测试失败" + exit 1 + fi + + echo "3. 测试时区设置:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then + green "✓ 时区测试通过" + else + red "✗ 时区测试失败" + exit 1 + fi +} + +# 推送镜像到Harbor +push_to_harbor() { + blue "推送镜像到Harbor仓库..." + + # 推送版本标签 + if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then + green "✓ 版本标签推送成功: ${TAG_VERSION}" + else + red "✗ 版本标签推送失败" + exit 1 + fi + + # # 推送latest标签 + # if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then + # green "✓ latest标签推送成功" + # else + # red "✗ latest标签推送失败" + # exit 1 + # fi +} + +# 清理本地镜像 +cleanup_local() { + blue "清理本地镜像..." + + docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true + green "✓ 本地镜像清理完成" +} + +# 验证远程镜像 +verify_remote_image() { + blue "验证远程镜像..." + + # 尝试拉取验证 + if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then + green "✓ 远程镜像验证成功" + docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true + else + red "✗ 远程镜像验证失败" + exit 1 + fi +} + +# 生成使用说明 +generate_usage() { + cat << EOF + +$(green "=== 镜像构建和推送完成 ===") +$(blue "镜像名称:") ${FULL_IMAGE_NAME} +$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST} + +$(yellow "使用方法:") +1. 拉取镜像: + docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION} + +2. 运行测试: + docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} go version + +3. 作为基础镜像使用: + FROM ${FULL_IMAGE_NAME}:${TAG_VERSION} + +$(green "镜像已成功推送到Harbor仓库!") +EOF +} + +# 主函数 +main() { + echo "$(blue '=== RockyLinux 8 Go 1.25.1 基础镜像构建脚本 ===')" + echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")" + echo "$(blue "镜像名称: ${IMAGE_NAME}")" + echo "$(blue "版本标签: ${VERSION}")" + echo "----------------------------------------" + + # 执行步骤 + check_requirements + login_to_harbor + build_image + show_image_info + test_image + push_to_harbor + cleanup_local + verify_remote_image + generate_usage + + green "✅ 所有步骤完成!" +} + +# 异常处理 +trap 'red "脚本执行被中断"; exit 1' INT TERM + +# 执行主函数 +main "$@" \ No newline at end of file diff --git a/dockerfiles/golang/1.25.1-ubuntu22-dos/Dockerfile b/dockerfiles/golang/1.25.1-ubuntu22-dos/Dockerfile new file mode 100644 index 0000000..5a13049 --- /dev/null +++ b/dockerfiles/golang/1.25.1-ubuntu22-dos/Dockerfile @@ -0,0 +1,102 @@ +# 使用Ubuntu 22.04最小化镜像作为基础 +FROM ubuntu:22.04 + +# 设置元数据标签 +LABEL maintainer="小蚂蚁云团队" \ + version="1.0" \ + description="基于Ubuntu 22.04的Go语言运行环境" \ + golang.version="1.25.1" + +# 设置环境变量 +ENV GO_VERSION=1.25.1 \ + GOPATH=/go \ + GOROOT=/usr/local/go \ + PATH=/usr/local/go/bin:/go/bin:${PATH} \ + TZ=Asia/Shanghai \ + LANG=en_US.UTF-8 \ + DEBIAN_FRONTEND=noninteractive + +# 设置工作目录 +WORKDIR /tmp + +# 安装必要的系统依赖和配置环境 +RUN set -eux; \ + \ + # 更新系统并安装基础工具 + apt-get update && \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + tar \ + gzip \ + git \ + make \ + gcc \ + libc6-dev \ + locales \ + && \ + \ + # 清理apt缓存以减少镜像大小 + apt-get clean && \ + rm -rf /var/lib/apt/lists/*; \ + \ + # 配置时区 + ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \ + echo $TZ > /etc/timezone; \ + \ + # 设置语言环境(Ubuntu方式) + locale-gen en_US.UTF-8 && \ + update-locale LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8; + +# 添加Go安装包(确保go1.25.1.linux-amd64.tar.gz在构建上下文) +ADD go1.25.1.linux-amd64.tar.gz /usr/local/ + +# 创建Go工作目录和配置 +RUN set -eux; \ + \ + # 创建Go工作目录 + mkdir -p /go/src /go/bin /go/pkg && \ + chmod -R 755 /go; \ + \ + # 检查系统locale设置 + echo "=== Locale Settings ==="; \ + locale || echo "Locale info"; \ + echo "=== Environment Locale ==="; \ + echo "LANG=$LANG"; \ + \ + # 检查Go版本 + echo "=== Go Version ==="; \ + go version && \ + \ + # 检查环境变量 + echo "=== Go Environment ==="; \ + go env && \ + \ + # 简单的Go程序编译测试 + echo 'package main; import "fmt"; func main() { fmt.Println("Go环境安装成功!") }' > /tmp/test.go && \ + go run /tmp/test.go && \ + rm -f /tmp/test.go; + +# 设置工作目录(Go项目目录) +WORKDIR /opt/apps + +# 创建非root用户用于运行Go应用(安全性考虑) +RUN set -eux; \ + \ + # 创建用户和组 + groupadd -r esxi && \ + useradd -r -g esxi -d /opt/apps -s /bin/bash esxi && \ + \ + # 设置目录权限 + chown -R esxi:esxi /opt/apps && \ + chown -R esxi:esxi /go; + +# 设置默认用户(注释掉以便调试) +# USER esxi + +# 设置健康检查(可选) +HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \ + CMD go version > /dev/null 2>&1 || exit 1 + +# 设置默认启动命令 +CMD ["go", "version"] \ No newline at end of file diff --git a/dockerfiles/golang/1.25.1-ubuntu22-dos/deploy.sh b/dockerfiles/golang/1.25.1-ubuntu22-dos/deploy.sh new file mode 100644 index 0000000..11f3fa2 --- /dev/null +++ b/dockerfiles/golang/1.25.1-ubuntu22-dos/deploy.sh @@ -0,0 +1,203 @@ +#!/bin/bash +set -euo pipefail + +# 配置参数 +IMAGE_NAME="go" +VERSION="1.25.1-ubuntu22-dos" +HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址 +HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名 +HARBOR_USERNAME="deploy" # 替换为Harbor用户名 +HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码 + +# 完整的镜像标签 +FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}" +TAG_VERSION="${VERSION}" +TAG_LATEST="latest" + +# 颜色输出函数 +red() { echo -e "\033[31m$*\033[0m"; } +green() { echo -e "\033[32m$*\033[0m"; } +yellow() { echo -e "\033[33m$*\033[0m"; } +blue() { echo -e "\033[34m$*\033[0m"; } + +# 检查必要文件 +check_requirements() { + blue "检查构建所需文件..." + + if [ ! -f "go1.25.1.linux-amd64.tar.gz" ]; then + red "错误: go1.25.1.linux-amd64.tar.gz 不存在" + echo "请从Golang官网下载并放置在当前目录" + exit 1 + fi + + green "✓ 文件检查完成" +} + +# 登录Harbor仓库 +login_to_harbor() { + blue "登录Harbor仓库: ${HARBOR_REGISTRY}" + + if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then + green "✓ Harbor登录成功" + else + red "✗ Harbor登录失败" + exit 1 + fi +} + +# 构建Docker镜像 +build_image() { + blue "开始构建Docker镜像..." + + local build_cmd=( + docker build + # --pull + # --no-cache + -t "${FULL_IMAGE_NAME}:${TAG_VERSION}" + # -t "${FULL_IMAGE_NAME}:${TAG_LATEST}" + . + ) + + echo "执行命令: ${build_cmd[*]}" + + if "${build_cmd[@]}"; then + green "✓ 镜像构建成功" + else + red "✗ 镜像构建失败" + exit 1 + fi +} + +# 显示镜像信息 +show_image_info() { + blue "镜像构建信息:" + echo "----------------------------------------" + docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}" + echo "----------------------------------------" + + # 显示详细大小信息 + local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}') + green "镜像大小: ${image_size}" +} + +# 测试镜像功能 +test_image() { + blue "测试镜像功能..." + + echo "1. 测试Golang版本:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" go version; then + green "✓ Go测试通过" + else + red "✗ Go测试失败" + exit 1 + fi + + echo "2. 测试区域设置:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then + green "✓ 区域设置测试通过" + else + red "✗ 区域设置测试失败" + exit 1 + fi + + echo "3. 测试时区设置:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then + green "✓ 时区测试通过" + else + red "✗ 时区测试失败" + exit 1 + fi +} + +# 推送镜像到Harbor +push_to_harbor() { + blue "推送镜像到Harbor仓库..." + + # 推送版本标签 + if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then + green "✓ 版本标签推送成功: ${TAG_VERSION}" + else + red "✗ 版本标签推送失败" + exit 1 + fi + + # # 推送latest标签 + # if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then + # green "✓ latest标签推送成功" + # else + # red "✗ latest标签推送失败" + # exit 1 + # fi +} + +# 清理本地镜像 +cleanup_local() { + blue "清理本地镜像..." + + docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true + green "✓ 本地镜像清理完成" +} + +# 验证远程镜像 +verify_remote_image() { + blue "验证远程镜像..." + + # 尝试拉取验证 + if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then + green "✓ 远程镜像验证成功" + docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true + else + red "✗ 远程镜像验证失败" + exit 1 + fi +} + +# 生成使用说明 +generate_usage() { + cat << EOF + +$(green "=== 镜像构建和推送完成 ===") +$(blue "镜像名称:") ${FULL_IMAGE_NAME} +$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST} + +$(yellow "使用方法:") +1. 拉取镜像: + docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION} + +2. 运行测试: + docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} go version + +3. 作为基础镜像使用: + FROM ${FULL_IMAGE_NAME}:${TAG_VERSION} + +$(green "镜像已成功推送到Harbor仓库!") +EOF +} + +# 主函数 +main() { + echo "$(blue '=== RockyLinux 8 Go 1.25.1 基础镜像构建脚本 ===')" + echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")" + echo "$(blue "镜像名称: ${IMAGE_NAME}")" + echo "$(blue "版本标签: ${VERSION}")" + echo "----------------------------------------" + + # 执行步骤 + check_requirements + login_to_harbor + build_image + show_image_info + test_image + push_to_harbor + cleanup_local + verify_remote_image + generate_usage + + green "✅ 所有步骤完成!" +} + +# 异常处理 +trap 'red "脚本执行被中断"; exit 1' INT TERM + +# 执行主函数 +main "$@" \ No newline at end of file diff --git a/dockerfiles/jdk/17.0.16-centos8-dos/Dockerfile b/dockerfiles/jdk/17.0.16-centos8-dos/Dockerfile index f53909c..5d2f690 100644 --- a/dockerfiles/jdk/17.0.16-centos8-dos/Dockerfile +++ b/dockerfiles/jdk/17.0.16-centos8-dos/Dockerfile @@ -141,7 +141,7 @@ RUN groupadd -r esxi && \ # 设置最终工作目录 -WORKDIR /app +WORKDIR /opt/apps # 切换到非root用户 #USER esxi diff --git a/dockerfiles/jdk/17.0.16-rocky8-dos/Dockerfile b/dockerfiles/jdk/17.0.16-rocky8-dos/Dockerfile new file mode 100644 index 0000000..e8cafd8 --- /dev/null +++ b/dockerfiles/jdk/17.0.16-rocky8-dos/Dockerfile @@ -0,0 +1,135 @@ +# 使用 RockyLinux 8 最小化镜像作为基础 +FROM rockylinux:8.9-minimal + +# 维护者信息 +LABEL maintainer="XXXX团队" \ + description="Minimal JDK 17.0.16 on RockyLinux 8 with Chinese support" \ + version="1.0" \ + java.version="17.0.16" + +# 设置环境变量 +ENV LANG zh_CN.UTF-8 +ENV LC_ALL zh_CN.UTF-8 +ENV JAVA_HOME /opt/jdk-17.0.16 +ENV PATH $JAVA_HOME/bin:$PATH +ENV CLASSPATH .:$JAVA_HOME/lib/jrt-fs.jar:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar + +# 一次性安装所有依赖并设置环境 +RUN set -eux && \ + # 配置国内镜像源加速 + sed -e 's|^mirrorlist=|#mirrorlist=|g' \ + -e 's|^#baseurl=http://dl.rockylinux.org/$contentdir|baseurl=https://mirrors.aliyun.com/rockylinux|g' \ + -i.bak \ + /etc/yum.repos.d/*.repo && \ + \ + # 安装最小必要包(使用microdnf更轻量) + microdnf update -y && \ + microdnf install -y \ + fontconfig \ + glibc-langpack-zh \ + glibc-locale-source \ + glibc-common \ + && \ + \ + # 设置中文语言环境 + localedef -c -f UTF-8 -i zh_CN zh_CN.utf8 && \ + echo 'LANG="zh_CN.UTF-8"' > /etc/locale.conf && \ + echo 'LC_ALL="zh_CN.UTF-8"' >> /etc/locale.conf && \ + \ + # 设置时区 + ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \ + echo 'Asia/Shanghai' > /etc/timezone && \ + \ + # 创建字体目录 + mkdir -p /usr/share/fonts/ && \ + chmod 755 /usr/share/fonts/ && \ + \ + # 清理缓存 + microdnf clean all && \ + rm -rf /var/cache/yum /var/tmp/* /tmp/* + +# 复制最小字体文件(只复制必需的中文字体) +COPY ./fonts/simsun.ttf /usr/share/fonts/ +# 可选:如果需要更多字体支持,可以添加其他字体 +# COPY ./fonts/msyh.ttc /usr/share/fonts/ + +# 更新字体缓存 +RUN fc-cache -fv && rm -rf /var/cache/fontconfig/* + +# 添加并精简 JDK +ADD jdk-17.0.16_linux-x64_bin.tar.gz /opt/ + +# 精简JDK:删除不必要的文件 +RUN set -eux && \ + # 重命名JDK目录 + mv /opt/jdk-17.0.16 /opt/jdk-17.0.16-original && \ + \ + # 创建新的精简JDK目录 + mkdir -p /opt/jdk-17.0.16 && \ + \ + # 保留必要的目录和文件 + cp -r /opt/jdk-17.0.16-original/bin /opt/jdk-17.0.16/ && \ + cp -r /opt/jdk-17.0.16-original/lib /opt/jdk-17.0.16/ && \ + cp -r /opt/jdk-17.0.16-original/conf /opt/jdk-17.0.16/ && \ + cp -r /opt/jdk-17.0.16-original/include /opt/jdk-17.0.16/ && \ + \ + # 删除调试文件(使用通配符) + rm -rf /opt/jdk-17.0.16/lib/*.diz \ + /opt/jdk-17.0.16/lib/*/*.diz \ + /opt/jdk-17.0.16/lib/*/*/*.diz \ + /opt/jdk-17.0.16/lib/*.debuginfo \ + /opt/jdk-17.0.16/lib/*/*.debuginfo \ + /opt/jdk-17.0.16/lib/*/*/*.debuginfo \ + /opt/jdk-17.0.16/lib/*.pdb \ + /opt/jdk-17.0.16/lib/*/*.pdb \ + /opt/jdk-17.0.16/lib/*/*/*.pdb && \ + \ + # 删除不必要的模块和文件 + rm -rf /opt/jdk-17.0.16/lib/src.zip \ + /opt/jdk-17.0.16/lib/missioncontrol \ + /opt/jdk-17.0.16/lib/visualvm \ + /opt/jdk-17.0.16/lib/jfr \ + /opt/jdk-17.0.16/lib/security/cacerts.dummy \ + \ + # 删除演示和样例 + /opt/jdk-17.0.16-original/demo \ + /opt/jdk-17.0.16-original/sample \ + /opt/jdk-17.0.16-original/man \ + \ + # 删除文档 + /opt/jdk-17.0.16-original/legal \ + /opt/jdk-17.0.16-original/README.md \ + /opt/jdk-17.0.16-original/release && \ + \ + # 删除原始JDK目录 + rm -rf /opt/jdk-17.0.16-original && \ + \ + # 设置权限 + chmod -R 755 /opt/jdk-17.0.16 && \ + chown -R root:root /opt/jdk-17.0.16 &&\ + \ + # 验证JDK安装 + /opt/jdk-17.0.16/bin/java -version && \ + /opt/jdk-17.0.16/bin/javac -version + +# 创建非root用户 +RUN set -eux && \ + groupadd -r esxi -g 1000 && \ + useradd -r -g esxi -u 1000 -m -d /app -s /bin/bash esxi && \ + chown -R esxi:esxi /app + +# 清理临时文件 +RUN rm -rf /tmp/* /var/tmp/* /var/log/*.log /*.repo.bak + +# 设置工作目录 +WORKDIR /opt/apps + +# 切换到非root用户 +#USER esxi + +# # 健康检查 +# HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \ +# CMD java -version || exit 1 + +# 默认命令 +CMD ["java", "-version"] \ No newline at end of file diff --git a/dockerfiles/jdk/17.0.16-rocky8-dos/deploy.sh b/dockerfiles/jdk/17.0.16-rocky8-dos/deploy.sh new file mode 100644 index 0000000..2eb0e3f --- /dev/null +++ b/dockerfiles/jdk/17.0.16-rocky8-dos/deploy.sh @@ -0,0 +1,209 @@ +#!/bin/bash +set -euo pipefail + +# 配置参数 +IMAGE_NAME="jdk" +VERSION="17.0.16-rocky8-dos" +HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址 +HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名 +HARBOR_USERNAME="deploy" # 替换为Harbor用户名 +HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码 + +# 完整的镜像标签 +FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}" +TAG_VERSION="${VERSION}" +TAG_LATEST="latest" + +# 颜色输出函数 +red() { echo -e "\033[31m$*\033[0m"; } +green() { echo -e "\033[32m$*\033[0m"; } +yellow() { echo -e "\033[33m$*\033[0m"; } +blue() { echo -e "\033[34m$*\033[0m"; } + +# 检查必要文件 +check_requirements() { + blue "检查构建所需文件..." + + if [ ! -f "jdk-17.0.16_linux-x64_bin.tar.gz" ]; then + red "错误: jdk-17.0.16_linux-x64_bin.tar.gz 不存在" + echo "请从Oracle官网下载JDK 17.0.16并放置在当前目录" + exit 1 + fi + + if [ ! -d "fonts" ]; then + yellow "提示: fonts 目录不存在,创建空目录" + mkdir -p fonts/ + yellow "可以放置中文字体文件到 fonts/ 目录以获得更好的中文支持" + fi + + green "✓ 文件检查完成" +} + +# 登录Harbor仓库 +login_to_harbor() { + blue "登录Harbor仓库: ${HARBOR_REGISTRY}" + + if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then + green "✓ Harbor登录成功" + else + red "✗ Harbor登录失败" + exit 1 + fi +} + +# 构建Docker镜像 +build_image() { + blue "开始构建Docker镜像..." + + local build_cmd=( + docker build + # --pull + # --no-cache + -t "${FULL_IMAGE_NAME}:${TAG_VERSION}" + # -t "${FULL_IMAGE_NAME}:${TAG_LATEST}" + . + ) + + echo "执行命令: ${build_cmd[*]}" + + if "${build_cmd[@]}"; then + green "✓ 镜像构建成功" + else + red "✗ 镜像构建失败" + exit 1 + fi +} + +# 显示镜像信息 +show_image_info() { + blue "镜像构建信息:" + echo "----------------------------------------" + docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}" + echo "----------------------------------------" + + # 显示详细大小信息 + local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}') + green "镜像大小: ${image_size}" +} + +# 测试镜像功能 +test_image() { + blue "测试镜像功能..." + + echo "1. 测试Java版本:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" java -version; then + green "✓ Java测试通过" + else + red "✗ Java测试失败" + exit 1 + fi + + echo "2. 测试区域设置:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then + green "✓ 区域设置测试通过" + else + red "✗ 区域设置测试失败" + exit 1 + fi + + echo "3. 测试时区设置:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then + green "✓ 时区测试通过" + else + red "✗ 时区测试失败" + exit 1 + fi +} + +# 推送镜像到Harbor +push_to_harbor() { + blue "推送镜像到Harbor仓库..." + + # 推送版本标签 + if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then + green "✓ 版本标签推送成功: ${TAG_VERSION}" + else + red "✗ 版本标签推送失败" + exit 1 + fi + + # # 推送latest标签 + # if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then + # green "✓ latest标签推送成功" + # else + # red "✗ latest标签推送失败" + # exit 1 + # fi +} + +# 清理本地镜像 +cleanup_local() { + blue "清理本地镜像..." + + docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true + green "✓ 本地镜像清理完成" +} + +# 验证远程镜像 +verify_remote_image() { + blue "验证远程镜像..." + + # 尝试拉取验证 + if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then + green "✓ 远程镜像验证成功" + docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true + else + red "✗ 远程镜像验证失败" + exit 1 + fi +} + +# 生成使用说明 +generate_usage() { + cat << EOF + +$(green "=== 镜像构建和推送完成 ===") +$(blue "镜像名称:") ${FULL_IMAGE_NAME} +$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST} + +$(yellow "使用方法:") +1. 拉取镜像: + docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION} + +2. 运行测试: + docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} java -version + +3. 作为基础镜像使用: + FROM ${FULL_IMAGE_NAME}:${TAG_VERSION} + +$(green "镜像已成功推送到Harbor仓库!") +EOF +} + +# 主函数 +main() { + echo "$(blue '=== RockyLinux 8 JDK 17 基础镜像构建脚本 ===')" + echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")" + echo "$(blue "镜像名称: ${IMAGE_NAME}")" + echo "$(blue "版本标签: ${VERSION}")" + echo "----------------------------------------" + + # 执行步骤 + check_requirements + login_to_harbor + build_image + show_image_info + test_image + push_to_harbor + cleanup_local + verify_remote_image + generate_usage + + green "✅ 所有步骤完成!" +} + +# 异常处理 +trap 'red "脚本执行被中断"; exit 1' INT TERM + +# 执行主函数 +main "$@" \ No newline at end of file diff --git a/dockerfiles/jdk/17.0.16-ubuntu22-dos/Dockerfile b/dockerfiles/jdk/17.0.16-ubuntu22-dos/Dockerfile new file mode 100644 index 0000000..19b0c27 --- /dev/null +++ b/dockerfiles/jdk/17.0.16-ubuntu22-dos/Dockerfile @@ -0,0 +1,163 @@ +# 使用 Ubuntu 22.04 LTS 作为基础镜像 +FROM ubuntu:22.04 + +# 维护者信息 +LABEL maintainer="小蚂蚁云团队" \ + description="JDK 17 on Ubuntu with Chinese support" \ + version="1.0" + +# 设置环境变量 +ENV LANG zh_CN.UTF-8 +ENV LC_ALL zh_CN.UTF-8 +ENV JAVA_HOME /opt/jdk-17.0.16 +ENV PATH $JAVA_HOME/bin:$PATH +ENV TZ Asia/Shanghai + +# 设置工作目录 +WORKDIR /tmp + +# 配置阿里云Ubuntu镜像源并安装基础软件包 +RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list && \ + sed -i 's/security.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list && \ + apt-get update && \ + DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ + ca-certificates \ + wget \ + curl \ + fontconfig \ + locales \ + tzdata \ + && \ + # 安装中文语言包 + apt-get install -y --no-install-recommends language-pack-zh-hans && \ + # 生成中文locale + locale-gen zh_CN.UTF-8 && \ + locale-gen en_US.UTF-8 && \ + update-locale LANG=zh_CN.UTF-8 LC_ALL=zh_CN.UTF-8 && \ + # 设置时区 + ln -fs /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \ + echo "Asia/Shanghai" > /etc/timezone && \ + dpkg-reconfigure --frontend noninteractive tzdata && \ + # 清理apt缓存 + apt-get clean && \ + rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# # 下载并安装 JDK 17 +# RUN set -eux && \ +# # 下载JDK +# wget -O jdk-17.0.16_linux-x64_bin.tar.gz \ +# https://download.java.net/java/GA/jdk17.0.16/dfd4a8d0985749f896bed50d7138ee7f/8/GPL/openjdk-17.0.16_linux-x64_bin.tar.gz && \ +# # 创建安装目录 +# mkdir -p /opt && \ +# tar -xzf jdk-17.0.16_linux-x64_bin.tar.gz -C /opt && \ +# # 精简JDK +# cd /opt/jdk-17.0.16 && \ +# rm -rf \ +# demo/ \ +# sample/ \ +# man/ \ +# legal/ \ +# lib/src.zip \ +# lib/missioncontrol/ \ +# lib/visualvm/ \ +# lib/jfr/ \ +# README.md \ +# release && \ +# # 删除调试文件 +# find . -name "*.diz" -delete && \ +# find . -name "*.debuginfo" -delete && \ +# find . -name "*.pdb" -delete && \ +# # 设置权限 +# chmod -R 755 /opt/jdk-17.0.16 && \ +# chown -R root:root /opt/jdk-17.0.16 && \ +# # 清理下载文件 +# rm -f /tmp/jdk-17.0.16_linux-x64_bin.tar.gz + +# 添加并精简 JDK +ADD jdk-17.0.16_linux-x64_bin.tar.gz /opt/ + +# 精简JDK:删除不必要的文件 +RUN set -eux && \ + # 重命名JDK目录 + mv /opt/jdk-17.0.16 /opt/jdk-17.0.16-original && \ + \ + # 创建新的精简JDK目录 + mkdir -p /opt/jdk-17.0.16 && \ + \ + # 保留必要的目录和文件 + cp -r /opt/jdk-17.0.16-original/bin /opt/jdk-17.0.16/ && \ + cp -r /opt/jdk-17.0.16-original/lib /opt/jdk-17.0.16/ && \ + cp -r /opt/jdk-17.0.16-original/conf /opt/jdk-17.0.16/ && \ + cp -r /opt/jdk-17.0.16-original/include /opt/jdk-17.0.16/ && \ + \ + # 删除调试文件(使用通配符) + rm -rf /opt/jdk-17.0.16/lib/*.diz \ + /opt/jdk-17.0.16/lib/*/*.diz \ + /opt/jdk-17.0.16/lib/*/*/*.diz \ + /opt/jdk-17.0.16/lib/*.debuginfo \ + /opt/jdk-17.0.16/lib/*/*.debuginfo \ + /opt/jdk-17.0.16/lib/*/*/*.debuginfo \ + /opt/jdk-17.0.16/lib/*.pdb \ + /opt/jdk-17.0.16/lib/*/*.pdb \ + /opt/jdk-17.0.16/lib/*/*/*.pdb && \ + \ + # 删除不必要的模块和文件 + rm -rf /opt/jdk-17.0.16/lib/src.zip \ + /opt/jdk-17.0.16/lib/missioncontrol \ + /opt/jdk-17.0.16/lib/visualvm \ + /opt/jdk-17.0.16/lib/jfr \ + /opt/jdk-17.0.16/lib/security/cacerts.dummy \ + \ + # 删除演示和样例 + /opt/jdk-17.0.16-original/demo \ + /opt/jdk-17.0.16-original/sample \ + /opt/jdk-17.0.16-original/man \ + \ + # 删除文档 + /opt/jdk-17.0.16-original/legal \ + /opt/jdk-17.0.16-original/README.md \ + /opt/jdk-17.0.16-original/release && \ + \ + # 删除原始JDK目录 + rm -rf /opt/jdk-17.0.16-original && \ + \ + # 设置权限 + chmod -R 755 /opt/jdk-17.0.16 && \ + chown -R root:root /opt/jdk-17.0.16 &&\ + \ + # 验证JDK安装 + /opt/jdk-17.0.16/bin/java -version && \ + /opt/jdk-17.0.16/bin/javac -version + +# 清理临时文件和缓存 +RUN rm -rf /tmp/* /var/tmp/* /var/log/*log /var/log/nginx/*log \ + /var/log/*.log /var/log/dmesg /var/log/audit/*log \ + /root/.cache /*.repo.bak + +# 复制字体文件(如果需要) +# COPY ./fonts/ /usr/share/fonts/ +# RUN fc-cache -fv + +# 创建非 root 用户运行应用 +RUN groupadd -r esxi && \ + useradd -r -g esxi -m -d /app esxi && \ + chown -R esxi:esxi /app && \ + # 设置JDK目录权限 + chown -R esxi:esxi $JAVA_HOME + +# 验证 JDK 安装 +RUN $JAVA_HOME/bin/java -version && \ + $JAVA_HOME/bin/javac -version + +# 设置最终工作目录 +WORKDIR /opt/apps + +# # 切换到非root用户 +# USER esxi + +# 健康检查(可选) +HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \ + CMD $JAVA_HOME/bin/java -version || exit 1 + +# 默认命令 +CMD ["java", "-version"] \ No newline at end of file diff --git a/dockerfiles/jdk/17.0.16-ubuntu22-dos/deploy.sh b/dockerfiles/jdk/17.0.16-ubuntu22-dos/deploy.sh new file mode 100644 index 0000000..bb408c3 --- /dev/null +++ b/dockerfiles/jdk/17.0.16-ubuntu22-dos/deploy.sh @@ -0,0 +1,209 @@ +#!/bin/bash +set -euo pipefail + +# 配置参数 +IMAGE_NAME="jdk" +VERSION="17.0.16-ubuntu22-dos" +HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址 +HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名 +HARBOR_USERNAME="deploy" # 替换为Harbor用户名 +HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码 + +# 完整的镜像标签 +FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}" +TAG_VERSION="${VERSION}" +TAG_LATEST="latest" + +# 颜色输出函数 +red() { echo -e "\033[31m$*\033[0m"; } +green() { echo -e "\033[32m$*\033[0m"; } +yellow() { echo -e "\033[33m$*\033[0m"; } +blue() { echo -e "\033[34m$*\033[0m"; } + +# 检查必要文件 +check_requirements() { + blue "检查构建所需文件..." + + if [ ! -f "jdk-17.0.16_linux-x64_bin.tar.gz" ]; then + red "错误: jdk-17.0.16_linux-x64_bin.tar.gz 不存在" + echo "请从Oracle官网下载JDK 17.0.16并放置在当前目录" + exit 1 + fi + + if [ ! -d "fonts" ]; then + yellow "提示: fonts 目录不存在,创建空目录" + mkdir -p fonts/ + yellow "可以放置中文字体文件到 fonts/ 目录以获得更好的中文支持" + fi + + green "✓ 文件检查完成" +} + +# 登录Harbor仓库 +login_to_harbor() { + blue "登录Harbor仓库: ${HARBOR_REGISTRY}" + + if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then + green "✓ Harbor登录成功" + else + red "✗ Harbor登录失败" + exit 1 + fi +} + +# 构建Docker镜像 +build_image() { + blue "开始构建Docker镜像..." + + local build_cmd=( + docker build + # --pull + # --no-cache + -t "${FULL_IMAGE_NAME}:${TAG_VERSION}" + # -t "${FULL_IMAGE_NAME}:${TAG_LATEST}" + . + ) + + echo "执行命令: ${build_cmd[*]}" + + if "${build_cmd[@]}"; then + green "✓ 镜像构建成功" + else + red "✗ 镜像构建失败" + exit 1 + fi +} + +# 显示镜像信息 +show_image_info() { + blue "镜像构建信息:" + echo "----------------------------------------" + docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}" + echo "----------------------------------------" + + # 显示详细大小信息 + local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}') + green "镜像大小: ${image_size}" +} + +# 测试镜像功能 +test_image() { + blue "测试镜像功能..." + + echo "1. 测试Java版本:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" java -version; then + green "✓ Java测试通过" + else + red "✗ Java测试失败" + exit 1 + fi + + echo "2. 测试区域设置:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then + green "✓ 区域设置测试通过" + else + red "✗ 区域设置测试失败" + exit 1 + fi + + echo "3. 测试时区设置:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then + green "✓ 时区测试通过" + else + red "✗ 时区测试失败" + exit 1 + fi +} + +# 推送镜像到Harbor +push_to_harbor() { + blue "推送镜像到Harbor仓库..." + + # 推送版本标签 + if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then + green "✓ 版本标签推送成功: ${TAG_VERSION}" + else + red "✗ 版本标签推送失败" + exit 1 + fi + + # # 推送latest标签 + # if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then + # green "✓ latest标签推送成功" + # else + # red "✗ latest标签推送失败" + # exit 1 + # fi +} + +# 清理本地镜像 +cleanup_local() { + blue "清理本地镜像..." + + docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true + green "✓ 本地镜像清理完成" +} + +# 验证远程镜像 +verify_remote_image() { + blue "验证远程镜像..." + + # 尝试拉取验证 + if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then + green "✓ 远程镜像验证成功" + docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true + else + red "✗ 远程镜像验证失败" + exit 1 + fi +} + +# 生成使用说明 +generate_usage() { + cat << EOF + +$(green "=== 镜像构建和推送完成 ===") +$(blue "镜像名称:") ${FULL_IMAGE_NAME} +$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST} + +$(yellow "使用方法:") +1. 拉取镜像: + docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION} + +2. 运行测试: + docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} java -version + +3. 作为基础镜像使用: + FROM ${FULL_IMAGE_NAME}:${TAG_VERSION} + +$(green "镜像已成功推送到Harbor仓库!") +EOF +} + +# 主函数 +main() { + echo "$(blue '=== Ubuntu 22.04 JDK 17 基础镜像构建脚本 ===')" + echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")" + echo "$(blue "镜像名称: ${IMAGE_NAME}")" + echo "$(blue "版本标签: ${VERSION}")" + echo "----------------------------------------" + + # 执行步骤 + check_requirements + login_to_harbor + build_image + show_image_info + test_image + push_to_harbor + cleanup_local + verify_remote_image + generate_usage + + green "✅ 所有步骤完成!" +} + +# 异常处理 +trap 'red "脚本执行被中断"; exit 1' INT TERM + +# 执行主函数 +main "$@" \ No newline at end of file diff --git a/dockerfiles/jre/8u202-centos8-dos/Dockerfile b/dockerfiles/jre/8u202-centos8-dos/Dockerfile new file mode 100644 index 0000000..d83c094 --- /dev/null +++ b/dockerfiles/jre/8u202-centos8-dos/Dockerfile @@ -0,0 +1,95 @@ +# 使用CentOS 8作为基础镜像 +FROM centos:8 + +# 设置元数据标签 +LABEL maintainer="小蚂蚁云团队" \ + version="1.0" \ + description="基于Rocky Linux 8的JRE 8u202运行环境(支持中英文)" \ + java.version="1.8.0_202" + +# 设置环境变量 +ENV TZ=Asia/Shanghai \ + LANG=zh_CN.UTF-8 \ + LANGUAGE=zh_CN:zh:en_US:en \ + LC_ALL=zh_CN.UTF-8 \ + JAVA_HOME=/usr/local/jre1.8.0_202 \ + PATH=/usr/local/jre1.8.0_202/bin:$PATH + +# 设置工作目录 +WORKDIR /tmp + +# 复制本地JRE压缩包到镜像中 +COPY jre-8u202-linux-x64.tar.gz /tmp/ + +# 安装必要的系统包并配置环境 +RUN set -eux; \ + \ + # 更新系统并安装中文语言支持 + dnf update -y && \ + dnf install -y \ + tzdata \ + glibc-langpack-zh \ + glibc-langpack-en \ + fontconfig \ + dejavu-sans-fonts \ + dejavu-serif-fonts \ + dejavu-sans-mono-fonts \ + wqy-microhei-fonts \ + && \ + \ + # 清理dnf缓存以减少镜像大小 + dnf clean all && \ + rm -rf /var/cache/dnf; \ + \ + # 配置时区 + ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \ + echo $TZ > /etc/timezone; \ + \ + # 生成中文本地化配置 + localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8 && \ + localedef -c -f UTF-8 -i en_US en_US.UTF-8; \ + \ + # 设置系统语言环境 + echo 'LANG="zh_CN.UTF-8"' > /etc/locale.conf; \ + \ + # 创建Java安装目录 + mkdir -p /usr/local/java; \ + \ + # 解压JRE并设置权限(JRE包解压后通常直接包含jre目录) + tar -xzf jre-8u202-linux-x64.tar.gz -C /usr/local/ && \ + \ + # 删除临时文件 + rm -f jre-8u202-linux-x64.tar.gz; \ + \ + # 创建符号链接以便版本升级时更容易管理 + ln -sf /usr/local/jre1.8.0_202 /usr/bin/jre; \ + \ + # 创建字体目录 + mkdir -p /usr/share/fonts/ && \ + chmod 755 /usr/share/fonts/ && \ + cp ./fonts/simsun.ttf /usr/share/fonts/ && \ + \ + # 更新字体缓存 + fc-cache -fv; \ + \ + # 验证JRE安装 + java -version; \ + \ + # 创建非root用户用于运行Java应用 + groupadd -r esxi && \ + useradd -r -g esxi -d /opt/esxi -s /bin/bash esxi && \ + mkdir -p /opt/esxi && \ + chown -R esxi:esxi /opt/esxi; + +# 切换到应用目录 +WORKDIR /opt/apps + +# 设置默认用户(推荐在生产环境中启用) +#USER esxi + +# 设置健康检查 +HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \ + CMD java -version > /dev/null 2>&1 || exit 1 + +# 设置默认启动命令 +CMD ["java", "-version"] \ No newline at end of file diff --git a/dockerfiles/jre/8u202-centos8-dos/deploy.sh b/dockerfiles/jre/8u202-centos8-dos/deploy.sh new file mode 100644 index 0000000..efa4987 --- /dev/null +++ b/dockerfiles/jre/8u202-centos8-dos/deploy.sh @@ -0,0 +1,209 @@ +#!/bin/bash +set -euo pipefail + +# 配置参数 +IMAGE_NAME="jre" +VERSION="8u202-centos8-dos" +HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址 +HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名 +HARBOR_USERNAME="deploy" # 替换为Harbor用户名 +HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码 + +# 完整的镜像标签 +FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}" +TAG_VERSION="${VERSION}" +TAG_LATEST="latest" + +# 颜色输出函数 +red() { echo -e "\033[31m$*\033[0m"; } +green() { echo -e "\033[32m$*\033[0m"; } +yellow() { echo -e "\033[33m$*\033[0m"; } +blue() { echo -e "\033[34m$*\033[0m"; } + +# 检查必要文件 +check_requirements() { + blue "检查构建所需文件..." + + if [ ! -f "jre-8u202-linux-x64.tar.gz" ]; then + red "错误: jre-8u202-linux-x64.tar.gz 不存在" + echo "请从Oracle官网下载JRE 8u202并放置在当前目录" + exit 1 + fi + + if [ ! -d "fonts" ]; then + yellow "提示: fonts 目录不存在,创建空目录" + mkdir -p fonts/ + yellow "可以放置中文字体文件到 fonts/ 目录以获得更好的中文支持" + fi + + green "✓ 文件检查完成" +} + +# 登录Harbor仓库 +login_to_harbor() { + blue "登录Harbor仓库: ${HARBOR_REGISTRY}" + + if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then + green "✓ Harbor登录成功" + else + red "✗ Harbor登录失败" + exit 1 + fi +} + +# 构建Docker镜像 +build_image() { + blue "开始构建Docker镜像..." + + local build_cmd=( + docker build + # --pull + # --no-cache + -t "${FULL_IMAGE_NAME}:${TAG_VERSION}" + # -t "${FULL_IMAGE_NAME}:${TAG_LATEST}" + . + ) + + echo "执行命令: ${build_cmd[*]}" + + if "${build_cmd[@]}"; then + green "✓ 镜像构建成功" + else + red "✗ 镜像构建失败" + exit 1 + fi +} + +# 显示镜像信息 +show_image_info() { + blue "镜像构建信息:" + echo "----------------------------------------" + docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}" + echo "----------------------------------------" + + # 显示详细大小信息 + local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}') + green "镜像大小: ${image_size}" +} + +# 测试镜像功能 +test_image() { + blue "测试镜像功能..." + + echo "1. 测试Java版本:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" java -version; then + green "✓ Java测试通过" + else + red "✗ Java测试失败" + exit 1 + fi + + echo "2. 测试区域设置:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then + green "✓ 区域设置测试通过" + else + red "✗ 区域设置测试失败" + exit 1 + fi + + echo "3. 测试时区设置:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then + green "✓ 时区测试通过" + else + red "✗ 时区测试失败" + exit 1 + fi +} + +# 推送镜像到Harbor +push_to_harbor() { + blue "推送镜像到Harbor仓库..." + + # 推送版本标签 + if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then + green "✓ 版本标签推送成功: ${TAG_VERSION}" + else + red "✗ 版本标签推送失败" + exit 1 + fi + + # # 推送latest标签 + # if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then + # green "✓ latest标签推送成功" + # else + # red "✗ latest标签推送失败" + # exit 1 + # fi +} + +# 清理本地镜像 +cleanup_local() { + blue "清理本地镜像..." + + docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true + green "✓ 本地镜像清理完成" +} + +# 验证远程镜像 +verify_remote_image() { + blue "验证远程镜像..." + + # 尝试拉取验证 + if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then + green "✓ 远程镜像验证成功" + docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true + else + red "✗ 远程镜像验证失败" + exit 1 + fi +} + +# 生成使用说明 +generate_usage() { + cat << EOF + +$(green "=== 镜像构建和推送完成 ===") +$(blue "镜像名称:") ${FULL_IMAGE_NAME} +$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST} + +$(yellow "使用方法:") +1. 拉取镜像: + docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION} + +2. 运行测试: + docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} java -version + +3. 作为基础镜像使用: + FROM ${FULL_IMAGE_NAME}:${TAG_VERSION} + +$(green "镜像已成功推送到Harbor仓库!") +EOF +} + +# 主函数 +main() { + echo "$(blue '=== RockyLinux 8 JRE 8u202 基础镜像构建脚本 ===')" + echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")" + echo "$(blue "镜像名称: ${IMAGE_NAME}")" + echo "$(blue "版本标签: ${VERSION}")" + echo "----------------------------------------" + + # 执行步骤 + check_requirements + login_to_harbor + build_image + show_image_info + test_image + push_to_harbor + cleanup_local + verify_remote_image + generate_usage + + green "✅ 所有步骤完成!" +} + +# 异常处理 +trap 'red "脚本执行被中断"; exit 1' INT TERM + +# 执行主函数 +main "$@" \ No newline at end of file diff --git a/dockerfiles/jre/8u202-rocky8-dos/Dockerfile b/dockerfiles/jre/8u202-rocky8-dos/Dockerfile new file mode 100644 index 0000000..ffd8f42 --- /dev/null +++ b/dockerfiles/jre/8u202-rocky8-dos/Dockerfile @@ -0,0 +1,95 @@ +# 使用Rocky Linux 8作为基础镜像 +FROM rockylinux:8 + +# 设置元数据标签 +LABEL maintainer="小蚂蚁云团队" \ + version="1.0" \ + description="基于Rocky Linux 8的JRE 8u202运行环境(支持中英文)" \ + java.version="1.8.0_202" + +# 设置环境变量 +ENV TZ=Asia/Shanghai \ + LANG=zh_CN.UTF-8 \ + LANGUAGE=zh_CN:zh:en_US:en \ + LC_ALL=zh_CN.UTF-8 \ + JAVA_HOME=/usr/local/jre1.8.0_202 \ + PATH=/usr/local/jre1.8.0_202/bin:$PATH + +# 设置工作目录 +WORKDIR /tmp + +# 复制本地JRE压缩包到镜像中 +COPY jre-8u202-linux-x64.tar.gz /tmp/ + +# 安装必要的系统包并配置环境 +RUN set -eux; \ + \ + # 更新系统并安装中文语言支持 + dnf update -y && \ + dnf install -y \ + tzdata \ + glibc-langpack-zh \ + glibc-langpack-en \ + fontconfig \ + dejavu-sans-fonts \ + dejavu-serif-fonts \ + dejavu-sans-mono-fonts \ + wqy-microhei-fonts \ + && \ + \ + # 清理dnf缓存以减少镜像大小 + dnf clean all && \ + rm -rf /var/cache/dnf; \ + \ + # 配置时区 + ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \ + echo $TZ > /etc/timezone; \ + \ + # 生成中文本地化配置 + localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8 && \ + localedef -c -f UTF-8 -i en_US en_US.UTF-8; \ + \ + # 设置系统语言环境 + echo 'LANG="zh_CN.UTF-8"' > /etc/locale.conf; \ + \ + # 创建Java安装目录 + mkdir -p /usr/local/java; \ + \ + # 解压JRE并设置权限(JRE包解压后通常直接包含jre目录) + tar -xzf jre-8u202-linux-x64.tar.gz -C /usr/local/ && \ + \ + # 删除临时文件 + rm -f jre-8u202-linux-x64.tar.gz; \ + \ + # 创建符号链接以便版本升级时更容易管理 + ln -sf /usr/local/jre1.8.0_202 /usr/bin/jre; \ + \ + # 创建字体目录 + mkdir -p /usr/share/fonts/ && \ + chmod 755 /usr/share/fonts/ && \ + cp ./fonts/simsun.ttf /usr/share/fonts/ && \ + \ + # 更新字体缓存 + fc-cache -fv; \ + \ + # 验证JRE安装 + java -version; \ + \ + # 创建非root用户用于运行Java应用 + groupadd -r esxi && \ + useradd -r -g esxi -d /opt/esxi -s /bin/bash esxi && \ + mkdir -p /opt/esxi && \ + chown -R esxi:esxi /opt/esxi; + +# 切换到应用目录 +WORKDIR /opt/apps + +# 设置默认用户(推荐在生产环境中启用) +#USER esxi + +# 设置健康检查 +HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \ + CMD java -version > /dev/null 2>&1 || exit 1 + +# 设置默认启动命令 +CMD ["java", "-version"] \ No newline at end of file diff --git a/dockerfiles/jre/8u202-rocky8-dos/README.md b/dockerfiles/jre/8u202-rocky8-dos/README.md new file mode 100644 index 0000000..548ea91 --- /dev/null +++ b/dockerfiles/jre/8u202-rocky8-dos/README.md @@ -0,0 +1,133 @@ +1、下载jdk/jre + +[官网下载地址](https://www.oracle.com/java/technologies/downloads/archive/) ,由于服务器上只需要java运行时环境,所以这里选择下载jre,如下图下载需要的对应的版本: + +2、删除jre中无用的文件 + +``` +#解压 +tar -zxvf jre-8u202-linux-x64.tar.gz + +cd jre1.8.0_202 +#删除文本文件 +rm -rf COPYRIGHT LICENSE README release THIRDPARTYLICENSEREADME-JAVAFX.txt THIRDPARTYLICENSEREADME.txt Welcome.html + +#删除其他无用文件 +rm -rf lib/plugin.jar \ + lib/ext/jfxrt.jar \ + bin/javaws \ + lib/javaws.jar \ + lib/desktop \ + plugin \ + lib/deploy* \ + lib/*javafx* \ + lib/*jfx* \ + lib/amd64/libdecora_sse.so \ + lib/amd64/libprism_*.so \ + lib/amd64/libfxplugins.so \ + lib/amd64/libglass.so \ + lib/amd64/libgstreamer-lite.so \ + lib/amd64/libjavafx*.so \ + lib/amd64/libjfx*.so + +#将解压文件重新压缩 +tar -zcvf jre-8u202.tar.gz jre/ +``` + +3、制作Dockerfile文件 + +``` +# 使用CentOS 8作为基础镜像 +FROM centos:8 + +# 维护者 +MAINTAINER author 小蚂蚁 + +# 创建一个新目录来存储jdk文件 +RUN mkdir /usr/local/java + +# 将jdk压缩文件复制到镜像中,它将自动解压缩tar文件 +ADD jre-8u202.tar.gz /usr/local/java/ + +# 设置时区 +RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime + +# 设置环境变量 +ENV LANG=en_US.UTF-8 LANGUAGE=en_US.UTF-8 +ENV JAVA_HOME /usr/local/java/jre1.8.0_202 +ENV PATH $JAVA_HOME/bin:$PATH + +# VOLUME 指定了临时文件目录为/tmp +# 其效果是在主机 /var/lib/docker 目录下创建了一个临时文件,并链接到容器的/tmp +VOLUME /tmp + +# 工作目录 +WORKDIR /opt/ +``` + +4、构建镜像 + +``` +docker build -t jre:8u202-centos8 . +``` + +5、创建容器 + +``` +docker run -it --name docker_jre8 jre:8u202-centos8 +``` + +``` +docker run -i -t jre:8u202-centos8 /bin/bash + +查看版本: +[root@3a881fab5716 opt]# java -version +java version "1.8.0_202" +Java(TM) SE Runtime Environment (build 1.8.0_202-b08) +Java HotSpot(TM) 64-Bit Server VM (build 25.202-b08, mixed mode) +``` + +6、上传 + +``` +# 打标签 +docker tag jre:8u202-centos8 192.168.10.101:8001/xiaomayi-base/jre:8u202-centos8 +# 上传镜像 +docker push 192.168.10.101:8001/xiaomayi-base/jre:8u202-centos8 +``` + + +特别备注: + +目标服务器非 root 用户权限问题解决: + +``` +WARNING! Using --password via the CLI is insecure. Use --password-stdin. +permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/auth": dial unix /var/run/docker.sock: connect: permission denied +permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/images/create?fromImage=manage.harbor.djangoadmin.cn%2Fxiaomayi%2Fxiaomayi-elevue&tag=dev-137": dial unix /var/run/docker.sock: connect: permission denied +``` + +解决办法:把我们当前的用户添加到docker组中就可以了; + +参考地址:https://blog.csdn.net/weixin_43321041/article/details/120399194 +chmod 666 /var/run/docker.sock + +或者 + +权限问题: +chmod 600 ~/.docker/config.json +chmod 700 ~/.docker + +sudo chown $USER:$USER ~/.docker +sudo chown $USER:$USER ~/.docker/config.json + +应用部署服务器需要设置docker配置: + +``` +vim /usr/lib/systemd/system/docker.service +--insecure-registry manage.harbor.xiaomayicloud.com --insecure-registry 192.168.10.202:8001 + +chmod 666 /var/run/docker.sock +``` + + diff --git a/dockerfiles/jre/8u202-rocky8-dos/deploy.sh b/dockerfiles/jre/8u202-rocky8-dos/deploy.sh new file mode 100644 index 0000000..dbb1abf --- /dev/null +++ b/dockerfiles/jre/8u202-rocky8-dos/deploy.sh @@ -0,0 +1,209 @@ +#!/bin/bash +set -euo pipefail + +# 配置参数 +IMAGE_NAME="jre" +VERSION="8u202-rocky8-dos" +HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址 +HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名 +HARBOR_USERNAME="deploy" # 替换为Harbor用户名 +HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码 + +# 完整的镜像标签 +FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}" +TAG_VERSION="${VERSION}" +TAG_LATEST="latest" + +# 颜色输出函数 +red() { echo -e "\033[31m$*\033[0m"; } +green() { echo -e "\033[32m$*\033[0m"; } +yellow() { echo -e "\033[33m$*\033[0m"; } +blue() { echo -e "\033[34m$*\033[0m"; } + +# 检查必要文件 +check_requirements() { + blue "检查构建所需文件..." + + if [ ! -f "jre-8u202-linux-x64.tar.gz" ]; then + red "错误: jre-8u202-linux-x64.tar.gz 不存在" + echo "请从Oracle官网下载JRE 8u202并放置在当前目录" + exit 1 + fi + + if [ ! -d "fonts" ]; then + yellow "提示: fonts 目录不存在,创建空目录" + mkdir -p fonts/ + yellow "可以放置中文字体文件到 fonts/ 目录以获得更好的中文支持" + fi + + green "✓ 文件检查完成" +} + +# 登录Harbor仓库 +login_to_harbor() { + blue "登录Harbor仓库: ${HARBOR_REGISTRY}" + + if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then + green "✓ Harbor登录成功" + else + red "✗ Harbor登录失败" + exit 1 + fi +} + +# 构建Docker镜像 +build_image() { + blue "开始构建Docker镜像..." + + local build_cmd=( + docker build + # --pull + # --no-cache + -t "${FULL_IMAGE_NAME}:${TAG_VERSION}" + # -t "${FULL_IMAGE_NAME}:${TAG_LATEST}" + . + ) + + echo "执行命令: ${build_cmd[*]}" + + if "${build_cmd[@]}"; then + green "✓ 镜像构建成功" + else + red "✗ 镜像构建失败" + exit 1 + fi +} + +# 显示镜像信息 +show_image_info() { + blue "镜像构建信息:" + echo "----------------------------------------" + docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}" + echo "----------------------------------------" + + # 显示详细大小信息 + local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}') + green "镜像大小: ${image_size}" +} + +# 测试镜像功能 +test_image() { + blue "测试镜像功能..." + + echo "1. 测试Java版本:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" java -version; then + green "✓ Java测试通过" + else + red "✗ Java测试失败" + exit 1 + fi + + echo "2. 测试区域设置:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then + green "✓ 区域设置测试通过" + else + red "✗ 区域设置测试失败" + exit 1 + fi + + echo "3. 测试时区设置:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then + green "✓ 时区测试通过" + else + red "✗ 时区测试失败" + exit 1 + fi +} + +# 推送镜像到Harbor +push_to_harbor() { + blue "推送镜像到Harbor仓库..." + + # 推送版本标签 + if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then + green "✓ 版本标签推送成功: ${TAG_VERSION}" + else + red "✗ 版本标签推送失败" + exit 1 + fi + + # # 推送latest标签 + # if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then + # green "✓ latest标签推送成功" + # else + # red "✗ latest标签推送失败" + # exit 1 + # fi +} + +# 清理本地镜像 +cleanup_local() { + blue "清理本地镜像..." + + docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true + green "✓ 本地镜像清理完成" +} + +# 验证远程镜像 +verify_remote_image() { + blue "验证远程镜像..." + + # 尝试拉取验证 + if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then + green "✓ 远程镜像验证成功" + docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true + else + red "✗ 远程镜像验证失败" + exit 1 + fi +} + +# 生成使用说明 +generate_usage() { + cat << EOF + +$(green "=== 镜像构建和推送完成 ===") +$(blue "镜像名称:") ${FULL_IMAGE_NAME} +$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST} + +$(yellow "使用方法:") +1. 拉取镜像: + docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION} + +2. 运行测试: + docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} java -version + +3. 作为基础镜像使用: + FROM ${FULL_IMAGE_NAME}:${TAG_VERSION} + +$(green "镜像已成功推送到Harbor仓库!") +EOF +} + +# 主函数 +main() { + echo "$(blue '=== RockyLinux 8 JRE 8u202 基础镜像构建脚本 ===')" + echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")" + echo "$(blue "镜像名称: ${IMAGE_NAME}")" + echo "$(blue "版本标签: ${VERSION}")" + echo "----------------------------------------" + + # 执行步骤 + check_requirements + login_to_harbor + build_image + show_image_info + test_image + push_to_harbor + cleanup_local + verify_remote_image + generate_usage + + green "✅ 所有步骤完成!" +} + +# 异常处理 +trap 'red "脚本执行被中断"; exit 1' INT TERM + +# 执行主函数 +main "$@" \ No newline at end of file diff --git a/dockerfiles/jre/8u202-utunbu22-dos/Dockerfile b/dockerfiles/jre/8u202-utunbu22-dos/Dockerfile new file mode 100644 index 0000000..7389dab --- /dev/null +++ b/dockerfiles/jre/8u202-utunbu22-dos/Dockerfile @@ -0,0 +1,100 @@ +# 使用Ubuntu 22.04作为基础镜像 +FROM ubuntu:22.04 + +# 设置元数据标签 +LABEL maintainer="小蚂蚁云团队" \ + version="1.0" \ + description="基于Ubuntu 22.04的JRE 8u202运行环境(支持中英文)" \ + java.version="1.8.0_202" + +# 设置环境变量 +ENV TZ=Asia/Shanghai \ + LANG=zh_CN.UTF-8 \ + LANGUAGE=zh_CN:zh:en_US:en \ + LC_ALL=zh_CN.UTF-8 \ + JAVA_HOME=/usr/local/jre1.8.0_202 \ + PATH=/usr/local/jre1.8.0_202/bin:$PATH \ + DEBIAN_FRONTEND=noninteractive + +# 设置工作目录 +WORKDIR /tmp + +# 复制本地JRE压缩包到镜像中 +COPY jre-8u202-linux-x64.tar.gz /tmp/ + +# 安装必要的系统包并配置环境 +RUN set -eux; \ + \ + # 更新系统并安装中文语言支持 + apt-get update && \ + apt-get install -y --no-install-recommends \ + tzdata \ + locales \ + fontconfig \ + fonts-dejavu \ + fonts-wqy-microhei \ + ca-certificates \ + && \ + \ + # 清理apt缓存以减少镜像大小 + apt-get clean && \ + rm -rf /var/lib/apt/lists/*; \ + \ + # 配置时区 + ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \ + echo $TZ > /etc/timezone; \ + \ + # 生成中文本地化配置 + locale-gen zh_CN.UTF-8 && \ + locale-gen en_US.UTF-8; \ + \ + # 设置系统语言环境 + update-locale LANG=zh_CN.UTF-8; \ + \ + # 解压JRE到/usr/local目录 + tar -xzf jre-8u202-linux-x64.tar.gz -C /usr/local/ && \ + \ + # 删除临时文件 + rm -f jre-8u202-linux-x64.tar.gz; \ + \ + # 创建符号链接以便版本升级时更容易管理 + ln -sf /usr/local/jre1.8.0_202 /usr/local/jre; \ + \ + # 创建全局可执行文件链接 + update-alternatives --install "/usr/bin/java" "java" "/usr/local/jre/bin/java" 1 && \ + update-alternatives --install "/usr/bin/javac" "javac" "/usr/local/jre/bin/javac" 1 && \ + update-alternatives --set java /usr/local/jre/bin/java; \ + \ + # 创建字体目录并设置权限 + mkdir -p /usr/share/fonts/truetype/ && \ + chmod 755 /usr/share/fonts/truetype/; \ + \ + # 更新字体缓存 + fc-cache -fv; \ + \ + # 验证JRE安装 + java -version && \ + /usr/local/jre/bin/java -version; \ + \ + # 创建非root用户用于运行Java应用 + groupadd -r esxi && \ + useradd -r -g esxi -d /opt/esxi -s /bin/bash esxi && \ + mkdir -p /opt/esxi && \ + chown -R esxi:esxi /opt/esxi; \ + \ + # 设置文件权限 + chmod -R 755 /usr/local/jre1.8.0_202 && \ + chown -R root:root /usr/local/jre1.8.0_202 + +# 切换到应用目录 +WORKDIR /opt/apps + +# 设置默认用户 +#USER esxi + +# 设置健康检查 +HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \ + CMD java -version > /dev/null 2>&1 || exit 1 + +# 设置默认启动命令 +CMD ["java", "-version"] \ No newline at end of file diff --git a/dockerfiles/jre/8u202-utunbu22-dos/deploy.sh b/dockerfiles/jre/8u202-utunbu22-dos/deploy.sh new file mode 100644 index 0000000..d94d841 --- /dev/null +++ b/dockerfiles/jre/8u202-utunbu22-dos/deploy.sh @@ -0,0 +1,209 @@ +#!/bin/bash +set -euo pipefail + +# 配置参数 +IMAGE_NAME="jre" +VERSION="8u202-ubuntu22-dos" +HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址 +HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名 +HARBOR_USERNAME="deploy" # 替换为Harbor用户名 +HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码 + +# 完整的镜像标签 +FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}" +TAG_VERSION="${VERSION}" +TAG_LATEST="latest" + +# 颜色输出函数 +red() { echo -e "\033[31m$*\033[0m"; } +green() { echo -e "\033[32m$*\033[0m"; } +yellow() { echo -e "\033[33m$*\033[0m"; } +blue() { echo -e "\033[34m$*\033[0m"; } + +# 检查必要文件 +check_requirements() { + blue "检查构建所需文件..." + + if [ ! -f "jre-8u202-linux-x64.tar.gz" ]; then + red "错误: jre-8u202-linux-x64.tar.gz 不存在" + echo "请从Oracle官网下载JRE 8u202并放置在当前目录" + exit 1 + fi + + if [ ! -d "fonts" ]; then + yellow "提示: fonts 目录不存在,创建空目录" + mkdir -p fonts/ + yellow "可以放置中文字体文件到 fonts/ 目录以获得更好的中文支持" + fi + + green "✓ 文件检查完成" +} + +# 登录Harbor仓库 +login_to_harbor() { + blue "登录Harbor仓库: ${HARBOR_REGISTRY}" + + if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then + green "✓ Harbor登录成功" + else + red "✗ Harbor登录失败" + exit 1 + fi +} + +# 构建Docker镜像 +build_image() { + blue "开始构建Docker镜像..." + + local build_cmd=( + docker build + # --pull + # --no-cache + -t "${FULL_IMAGE_NAME}:${TAG_VERSION}" + # -t "${FULL_IMAGE_NAME}:${TAG_LATEST}" + . + ) + + echo "执行命令: ${build_cmd[*]}" + + if "${build_cmd[@]}"; then + green "✓ 镜像构建成功" + else + red "✗ 镜像构建失败" + exit 1 + fi +} + +# 显示镜像信息 +show_image_info() { + blue "镜像构建信息:" + echo "----------------------------------------" + docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}" + echo "----------------------------------------" + + # 显示详细大小信息 + local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}') + green "镜像大小: ${image_size}" +} + +# 测试镜像功能 +test_image() { + blue "测试镜像功能..." + + echo "1. 测试Java版本:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" java -version; then + green "✓ Java测试通过" + else + red "✗ Java测试失败" + exit 1 + fi + + echo "2. 测试区域设置:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then + green "✓ 区域设置测试通过" + else + red "✗ 区域设置测试失败" + exit 1 + fi + + echo "3. 测试时区设置:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then + green "✓ 时区测试通过" + else + red "✗ 时区测试失败" + exit 1 + fi +} + +# 推送镜像到Harbor +push_to_harbor() { + blue "推送镜像到Harbor仓库..." + + # 推送版本标签 + if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then + green "✓ 版本标签推送成功: ${TAG_VERSION}" + else + red "✗ 版本标签推送失败" + exit 1 + fi + + # # 推送latest标签 + # if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then + # green "✓ latest标签推送成功" + # else + # red "✗ latest标签推送失败" + # exit 1 + # fi +} + +# 清理本地镜像 +cleanup_local() { + blue "清理本地镜像..." + + docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true + green "✓ 本地镜像清理完成" +} + +# 验证远程镜像 +verify_remote_image() { + blue "验证远程镜像..." + + # 尝试拉取验证 + if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then + green "✓ 远程镜像验证成功" + docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true + else + red "✗ 远程镜像验证失败" + exit 1 + fi +} + +# 生成使用说明 +generate_usage() { + cat << EOF + +$(green "=== 镜像构建和推送完成 ===") +$(blue "镜像名称:") ${FULL_IMAGE_NAME} +$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST} + +$(yellow "使用方法:") +1. 拉取镜像: + docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION} + +2. 运行测试: + docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} java -version + +3. 作为基础镜像使用: + FROM ${FULL_IMAGE_NAME}:${TAG_VERSION} + +$(green "镜像已成功推送到Harbor仓库!") +EOF +} + +# 主函数 +main() { + echo "$(blue '=== Ubuntu 22.04 JDK 17 基础镜像构建脚本 ===')" + echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")" + echo "$(blue "镜像名称: ${IMAGE_NAME}")" + echo "$(blue "版本标签: ${VERSION}")" + echo "----------------------------------------" + + # 执行步骤 + check_requirements + login_to_harbor + build_image + show_image_info + test_image + push_to_harbor + cleanup_local + verify_remote_image + generate_usage + + green "✅ 所有步骤完成!" +} + +# 异常处理 +trap 'red "脚本执行被中断"; exit 1' INT TERM + +# 执行主函数 +main "$@" \ No newline at end of file diff --git a/dockerfiles/nginx/nginx1.24-alpine/Dockerfile b/dockerfiles/nginx/nginx1.24-alpine/Dockerfile new file mode 100644 index 0000000..1134d6a --- /dev/null +++ b/dockerfiles/nginx/nginx1.24-alpine/Dockerfile @@ -0,0 +1,45 @@ +# 使用官方Nginx Alpine基础镜像(更轻量) +FROM nginx:1.24-alpine + +# 维护者信息 +LABEL maintainer="xiaomayicloud@163.com" +LABEL description="Nginx 1.24 for Node.js frontend deployment" +LABEL version="1.24" + +# 安装必要的工具 +RUN apk update && \ + apk add --no-cache \ + curl \ + bash \ + tzdata \ + && rm -rf /var/cache/apk/* + +# 设置时区(可选,根据需要修改) +ENV TZ=Asia/Shanghai +RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone + +# 创建应用目录 +RUN mkdir -p /app/dist && \ + mkdir -p /app/logs && \ + mkdir -p /app/conf + +# 移除默认的Nginx配置 +RUN rm -rf /etc/nginx/conf.d/default.conf + +# 复制自定义Nginx配置 +COPY nginx.conf /etc/nginx/nginx.conf +COPY conf.d/ /etc/nginx/conf.d/ + +# 复制健康检查脚本 +COPY healthcheck.sh /usr/local/bin/healthcheck.sh +RUN chmod +x /usr/local/bin/healthcheck.sh + +# 暴露端口 +EXPOSE 80 443 + +# 健康检查 +HEALTHCHECK --interval=30s --timeout=10s --retries=3 \ + CMD /usr/local/bin/healthcheck.sh + +# 启动Nginx +CMD ["nginx", "-g", "daemon off;"] \ No newline at end of file diff --git a/dockerfiles/nginx/nginx1.24-alpine/conf.d/app.conf b/dockerfiles/nginx/nginx1.24-alpine/conf.d/app.conf new file mode 100644 index 0000000..607e9c9 --- /dev/null +++ b/dockerfiles/nginx/nginx1.24-alpine/conf.d/app.conf @@ -0,0 +1,44 @@ +server { + listen 80; + server_name localhost; + root /app/dist; + index index.html index.htm; + + # 访问日志 + access_log /app/logs/access.log main; + error_log /app/logs/error.log warn; + + # 静态文件缓存 + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ { + expires 1y; + add_header Cache-Control "public, immutable"; + add_header Access-Control-Allow-Origin "*"; + try_files $uri $uri/ =404; + } + + # HTML文件不缓存 + location ~* \.(html|htm)$ { + expires -1; + add_header Cache-Control "no-store, no-cache, must-revalidate"; + try_files $uri $uri/ =404; + } + + # SPA应用路由处理 + location / { + try_files $uri $uri/ /index.html; + } + + # 健康检查端点 + location /health { + access_log off; + return 200 "healthy\n"; + add_header Content-Type text/plain; + } + + # 禁止访问隐藏文件 + location ~ /\. { + deny all; + access_log off; + log_not_found off; + } +} \ No newline at end of file diff --git a/dockerfiles/nginx/nginx1.24-alpine/deploy.sh b/dockerfiles/nginx/nginx1.24-alpine/deploy.sh new file mode 100644 index 0000000..e827bbe --- /dev/null +++ b/dockerfiles/nginx/nginx1.24-alpine/deploy.sh @@ -0,0 +1,175 @@ +#!/bin/bash + +# 颜色定义 +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +BLUE='\033[0;34m' +NC='\033[0m' # No Color + +# 配置变量 +IMAGE_NAME="nginx" +IMAGE_TAG="1.24-alpine" +HARBOR_URL="192.168.10.102:8001" # 替换为你的Harbor地址 +HARBOR_PROJECT="xiaomayi-base" # 替换为你的项目名 +HARBOR_USERNAME="deploy" # 从环境变量获取 +HARBOR_PASSWORD="Harbor20240330" # 从环境变量获取 + +# 日志函数 +log_info() { echo -e "${BLUE}[INFO]${NC} $1"; } +log_success() { echo -e "${GREEN}[SUCCESS]${NC} $1"; } +log_warning() { echo -e "${YELLOW}[WARNING]${NC} $1"; } +log_error() { echo -e "${RED}[ERROR]${NC} $1"; } + +# 检查依赖 +check_dependencies() { + local deps=("docker" "curl") + for dep in "${deps[@]}"; do + if ! command -v "$dep" &> /dev/null; then + log_error "缺少依赖: $dep" + exit 1 + fi + done +} + +# 检查Docker服务 +check_docker() { + if ! docker info > /dev/null 2>&1; then + log_error "Docker服务未运行" + exit 1 + fi +} + +# 构建镜像 +build_image() { + log_info "开始构建Nginx镜像..." + + if docker build -t "${IMAGE_NAME}:${IMAGE_TAG}" . ; then + log_success "镜像构建成功: ${IMAGE_NAME}:${IMAGE_TAG}" + else + log_error "镜像构建失败" + exit 1 + fi +} + +# 添加额外标签(可选) +add_additional_tags() { + local tags=("latest" "prod" "dev") + + for extra_tag in "${tags[@]}"; do + log_info "添加额外标签: ${extra_tag}" + docker tag "${IMAGE_NAME}:${IMAGE_TAG}" "${IMAGE_NAME}:${extra_tag}" + done +} + +# 登录Harbor +login_to_harbor() { + if [ -z "$HARBOR_USERNAME" ] || [ -z "$HARBOR_PASSWORD" ]; then + log_error "Harbor用户名或密码未设置" + log_warning "请设置环境变量: HARBOR_USERNAME 和 HARBOR_PASSWORD" + exit 1 + fi + + log_info "登录到Harbor仓库..." + if echo "$HARBOR_PASSWORD" | docker login -u "$HARBOR_USERNAME" --password-stdin "$HARBOR_URL"; then + log_success "Harbor登录成功" + else + log_error "Harbor登录失败" + exit 1 + fi +} + +# 打标签 +tag_image() { + local target_tag="${1:-$IMAGE_TAG}" + local full_image_name="${HARBOR_URL}/${HARBOR_PROJECT}/${IMAGE_NAME}:${target_tag}" + + log_info "打标签: ${full_image_name}" + if docker tag "${IMAGE_NAME}:${target_tag}" "$full_image_name"; then + log_success "标签打成功" + else + log_error "标签打失败" + exit 1 + fi +} + +# 推送镜像 +push_image() { + local target_tag="${1:-$IMAGE_TAG}" + local full_image_name="${HARBOR_URL}/${HARBOR_PROJECT}/${IMAGE_NAME}:${target_tag}" + + log_info "推送镜像: ${full_image_name}" + if docker push "$full_image_name"; then + log_success "镜像推送成功" + else + log_error "镜像推送失败" + exit 1 + fi +} + +# 清理本地镜像 +cleanup() { + log_info "清理本地镜像..." + + # 清理主标签 + docker rmi "${IMAGE_NAME}:${IMAGE_TAG}" 2>/dev/null || true + + # 清理额外标签 + local tags=("latest" "prod" "dev") + for tag in "${tags[@]}"; do + docker rmi "${IMAGE_NAME}:${tag}" 2>/dev/null || true + done + + # 清理Harbor标签 + local harbor_tags=("$IMAGE_TAG" "latest" "prod" "dev") + for tag in "${harbor_tags[@]}"; do + docker rmi "${HARBOR_URL}/${HARBOR_PROJECT}/${IMAGE_NAME}:${tag}" 2>/dev/null || true + done + + log_success "清理完成" +} + +# 显示镜像信息 +show_image_info() { + log_info "镜像信息:" + echo "名称: ${IMAGE_NAME}" + echo "版本: ${IMAGE_TAG}" + echo "Harbor地址: ${HARBOR_URL}" + echo "项目: ${HARBOR_PROJECT}" + echo "完整镜像名: ${HARBOR_URL}/${HARBOR_PROJECT}/${IMAGE_NAME}:${IMAGE_TAG}" +} + +# 主函数 +main() { + log_info "====== Nginx镜像构建推送脚本 ======" + + check_dependencies + check_docker + show_image_info + + # 构建镜像 + build_image + + # 添加额外标签 + #add_additional_tags + + # 登录Harbor + login_to_harbor + + # 推送所有标签 + #local tags=("$IMAGE_TAG" "latest" "prod" "dev") + local tags=("$IMAGE_TAG") + for tag in "${tags[@]}"; do + tag_image "$tag" + push_image "$tag" + done + + # 清理 + cleanup + + log_success "====== 所有操作完成! ======" + log_info "镜像地址: ${HARBOR_URL}/${HARBOR_PROJECT}/${IMAGE_NAME}:${IMAGE_TAG}" +} + +# 执行主函数 +main "$@" \ No newline at end of file diff --git a/dockerfiles/nginx/nginx1.24-alpine/healthcheck.sh b/dockerfiles/nginx/nginx1.24-alpine/healthcheck.sh new file mode 100644 index 0000000..c3f876f --- /dev/null +++ b/dockerfiles/nginx/nginx1.24-alpine/healthcheck.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +# Nginx健康检查脚本 +if curl -f http://localhost/health > /dev/null 2>&1; then + exit 0 +else + exit 1 +fi \ No newline at end of file diff --git a/dockerfiles/nginx/nginx1.24-alpine/nginx.conf b/dockerfiles/nginx/nginx1.24-alpine/nginx.conf new file mode 100644 index 0000000..d941e38 --- /dev/null +++ b/dockerfiles/nginx/nginx1.24-alpine/nginx.conf @@ -0,0 +1,40 @@ +user nginx; +worker_processes auto; +error_log /var/log/nginx/error.log warn; +pid /var/run/nginx.pid; + +events { + worker_connections 1024; + use epoll; + multi_accept on; +} + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + + # Gzip压缩配置 + gzip on; + gzip_vary on; + gzip_min_length 1024; + gzip_types text/plain text/css text/xml text/javascript + application/javascript application/xml+rss + application/json; + + # 文件上传大小限制 + client_max_body_size 100M; + + include /etc/nginx/conf.d/*.conf; +} \ No newline at end of file diff --git a/dockerfiles/python/3.9.13-centos8-dos/Dockerfile b/dockerfiles/python/3.9.13-centos8-dos/Dockerfile new file mode 100644 index 0000000..046ab01 --- /dev/null +++ b/dockerfiles/python/3.9.13-centos8-dos/Dockerfile @@ -0,0 +1,149 @@ +# 使用CentOS 8作为基础镜像 +FROM centos:8 + +# 设置元数据标签 +LABEL maintainer="小蚂蚁云团队" \ + version="1.0" \ + description="基于CentOS 8的Python 3.9.13运行环境" \ + python.version="3.9.13" + +# 设置环境变量 +ENV PYTHON_VERSION=3.9.13 \ + PYTHON_HOME=/usr/local/python3.9.13 \ + TZ=Asia/Shanghai \ + LANG=en_US.UTF-8 + +# 设置工作目录 +WORKDIR /tmp + +# 第一步:修复CentOS 8的软件源并安装编译工具 +RUN set -eux; \ + \ + # 由于CentOS 8已停止维护,需要修改软件源 + sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-* && \ + sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-* && \ + \ + # 更新系统并安装必要的开发工具 + dnf update -y && \ + dnf install -y \ + make \ + gcc \ + gcc-c++ \ + kernel-devel \ + openssl-devel \ + bzip2-devel \ + libffi-devel \ + zlib-devel \ + readline-devel \ + sqlite-devel \ + # 系统工具 + curl \ + tar \ + xz \ + gzip \ + git \ + glibc-langpack-en \ + shadow-utils \ + which \ + && \ + \ + # 清理缓存以减少镜像大小 + dnf clean all && \ + rm -rf /var/cache/dnf; \ + \ + # 配置时区 + ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \ + echo $TZ > /etc/timezone; \ + \ + # 设置语言环境 + echo 'LANG="en_US.UTF-8"' > /etc/locale.conf && \ + echo 'LC_ALL="en_US.UTF-8"' >> /etc/locale.conf; + +# 第二步:验证编译器安装 +RUN set -eux; \ + \ + # 检查编译器是否安装成功 + echo "=== 检查编译工具 ==="; \ + make --version; \ + gcc --version; \ + g++ --version; + +# 添加Python安装包(确保Python-3.9.13.tar.xz在构建上下文) +ADD Python-3.9.13.tar.xz /tmp/ + +# 第三步:编译和安装Python +RUN set -eux; \ + \ + # 进入解压后的Python目录 + cd /tmp/Python-3.9.13 && \ + \ + # 配置编译选项 + ./configure \ + --prefix=${PYTHON_HOME} \ + --enable-optimizations \ + --enable-shared \ + --with-system-ffi \ + --with-ensurepip=install \ + && \ + \ + # 编译和安装 + make -j$(nproc) && \ + make install && \ + \ + # 创建软链接 + ln -sf ${PYTHON_HOME}/bin/python3.9 /usr/bin/python3 && \ + ln -sf ${PYTHON_HOME}/bin/python3.9 /usr/bin/python && \ + ln -sf ${PYTHON_HOME}/bin/pip3 /usr/bin/pip && \ + \ + # 配置动态链接库路径 + echo "${PYTHON_HOME}/lib" > /etc/ld.so.conf.d/python3.conf && \ + ldconfig && \ + \ + # 清理编译文件和源码 + cd /tmp && \ + rm -rf /tmp/Python-3.9.13; + +# 设置全局PATH环境变量 +ENV PATH=${PYTHON_HOME}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + +# 第四步:验证Python安装 +RUN set -eux; \ + \ + # 检查Python版本 + echo "=== Python版本 ==="; \ + python3 --version; \ + python --version; \ + \ + # 检查pip版本 + echo "=== Pip版本 ==="; \ + pip --version; + +# 第五步:升级pip和安装常用工具 +RUN set -eux; \ + \ + # 升级pip + pip install --upgrade pip setuptools wheel && \ + \ + # 安装常用Python工具 + pip install virtualenv; + +# 设置工作目录(Python项目目录) +WORKDIR /opt/apps + +# 创建非root用户用于运行Python应用 +RUN set -eux; \ + \ + # 创建用户和组 + groupadd -r esxi && \ + useradd -r -g esxi -d /opt/apps -s /bin/bash esxi && \ + \ + # 设置目录权限 + chown -R esxi:esxi /opt/apps && \ + chown -R esxi:esxi ${PYTHON_HOME}; + +# 设置健康检查 +HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \ + CMD python3 --version > /dev/null 2>&1 || exit 1 + +# 设置默认启动命令 +CMD ["python3", "--version"] \ No newline at end of file diff --git a/dockerfiles/python/3.9.13-centos8-dos/deploy.sh b/dockerfiles/python/3.9.13-centos8-dos/deploy.sh new file mode 100644 index 0000000..2b6654b --- /dev/null +++ b/dockerfiles/python/3.9.13-centos8-dos/deploy.sh @@ -0,0 +1,203 @@ +#!/bin/bash +set -euo pipefail + +# 配置参数 +IMAGE_NAME="python" +VERSION="3.9.13-centos8-dos" +HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址 +HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名 +HARBOR_USERNAME="deploy" # 替换为Harbor用户名 +HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码 + +# 完整的镜像标签 +FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}" +TAG_VERSION="${VERSION}" +TAG_LATEST="latest" + +# 颜色输出函数 +red() { echo -e "\033[31m$*\033[0m"; } +green() { echo -e "\033[32m$*\033[0m"; } +yellow() { echo -e "\033[33m$*\033[0m"; } +blue() { echo -e "\033[34m$*\033[0m"; } + +# 检查必要文件 +check_requirements() { + blue "检查构建所需文件..." + + if [ ! -f "Python-3.9.13.tar.xz" ]; then + red "错误: Python-3.9.13.tar.xz 不存在" + echo "请从Python官网下载并放置在当前目录" + exit 1 + fi + + green "✓ 文件检查完成" +} + +# 登录Harbor仓库 +login_to_harbor() { + blue "登录Harbor仓库: ${HARBOR_REGISTRY}" + + if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then + green "✓ Harbor登录成功" + else + red "✗ Harbor登录失败" + exit 1 + fi +} + +# 构建Docker镜像 +build_image() { + blue "开始构建Docker镜像..." + + local build_cmd=( + docker build + # --pull + # --no-cache + -t "${FULL_IMAGE_NAME}:${TAG_VERSION}" + # -t "${FULL_IMAGE_NAME}:${TAG_LATEST}" + . + ) + + echo "执行命令: ${build_cmd[*]}" + + if "${build_cmd[@]}"; then + green "✓ 镜像构建成功" + else + red "✗ 镜像构建失败" + exit 1 + fi +} + +# 显示镜像信息 +show_image_info() { + blue "镜像构建信息:" + echo "----------------------------------------" + docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}" + echo "----------------------------------------" + + # 显示详细大小信息 + local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}') + green "镜像大小: ${image_size}" +} + +# 测试镜像功能 +test_image() { + blue "测试镜像功能..." + + echo "1. 测试Python版本:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" python3 --version; then + green "✓ 测试通过" + else + red "✗ 测试失败" + exit 1 + fi + + echo "2. 测试区域设置:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then + green "✓ 区域设置测试通过" + else + red "✗ 区域设置测试失败" + exit 1 + fi + + echo "3. 测试时区设置:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then + green "✓ 时区测试通过" + else + red "✗ 时区测试失败" + exit 1 + fi +} + +# 推送镜像到Harbor +push_to_harbor() { + blue "推送镜像到Harbor仓库..." + + # 推送版本标签 + if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then + green "✓ 版本标签推送成功: ${TAG_VERSION}" + else + red "✗ 版本标签推送失败" + exit 1 + fi + + # # 推送latest标签 + # if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then + # green "✓ latest标签推送成功" + # else + # red "✗ latest标签推送失败" + # exit 1 + # fi +} + +# 清理本地镜像 +cleanup_local() { + blue "清理本地镜像..." + + docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true + green "✓ 本地镜像清理完成" +} + +# 验证远程镜像 +verify_remote_image() { + blue "验证远程镜像..." + + # 尝试拉取验证 + if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then + green "✓ 远程镜像验证成功" + docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true + else + red "✗ 远程镜像验证失败" + exit 1 + fi +} + +# 生成使用说明 +generate_usage() { + cat << EOF + +$(green "=== 镜像构建和推送完成 ===") +$(blue "镜像名称:") ${FULL_IMAGE_NAME} +$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST} + +$(yellow "使用方法:") +1. 拉取镜像: + docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION} + +2. 运行测试: + docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} python3 --version + +3. 作为基础镜像使用: + FROM ${FULL_IMAGE_NAME}:${TAG_VERSION} + +$(green "镜像已成功推送到Harbor仓库!") +EOF +} + +# 主函数 +main() { + echo "$(blue '=== CentOS 8 Python 3.9.13 基础镜像构建脚本 ===')" + echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")" + echo "$(blue "镜像名称: ${IMAGE_NAME}")" + echo "$(blue "版本标签: ${VERSION}")" + echo "----------------------------------------" + + # 执行步骤 + check_requirements + login_to_harbor + build_image + show_image_info + test_image + push_to_harbor + cleanup_local + verify_remote_image + generate_usage + + green "✅ 所有步骤完成!" +} + +# 异常处理 +trap 'red "脚本执行被中断"; exit 1' INT TERM + +# 执行主函数 +main "$@" \ No newline at end of file diff --git a/dockerfiles/python/3.9.13-rocky8-dos/Dockerfile b/dockerfiles/python/3.9.13-rocky8-dos/Dockerfile new file mode 100644 index 0000000..c6a05b3 --- /dev/null +++ b/dockerfiles/python/3.9.13-rocky8-dos/Dockerfile @@ -0,0 +1,150 @@ +# 使用 RockyLinux 8 最小化镜像作为基础 +FROM rockylinux:8 + +# 设置元数据标签 +LABEL maintainer="小蚂蚁云团队" \ + version="1.0" \ + description="基于CentOS 8的Python 3.9.13运行环境" \ + python.version="3.9.13" + +# 设置环境变量 +ENV PYTHON_VERSION=3.9.13 \ + PYTHON_HOME=/usr/local/python3.9.13 \ + TZ=Asia/Shanghai \ + LANG=en_US.UTF-8 + +# 设置工作目录 +WORKDIR /tmp + +# 第一步:修复CentOS 8的软件源并安装编译工具 +RUN set -eux; \ + # 配置国内镜像源加速 + sed -e 's|^mirrorlist=|#mirrorlist=|g' \ + -e 's|^#baseurl=http://dl.rockylinux.org/$contentdir|baseurl=https://mirrors.aliyun.com/rockylinux|g' \ + -i.bak \ + /etc/yum.repos.d/*.repo && \ + \ + # 更新系统并安装必要的开发工具 + dnf update -y && \ + dnf install -y \ + make \ + gcc \ + gcc-c++ \ + kernel-devel \ + openssl-devel \ + bzip2-devel \ + libffi-devel \ + zlib-devel \ + readline-devel \ + sqlite-devel \ + # 系统工具 + curl \ + tar \ + xz \ + gzip \ + git \ + glibc-langpack-en \ + shadow-utils \ + which \ + && \ + \ + # 清理缓存以减少镜像大小 + dnf clean all && \ + rm -rf /var/cache/dnf; \ + \ + # 配置时区 + ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \ + echo $TZ > /etc/timezone; \ + \ + # 设置语言环境 + echo 'LANG="en_US.UTF-8"' > /etc/locale.conf && \ + echo 'LC_ALL="en_US.UTF-8"' >> /etc/locale.conf; + +# 第二步:验证编译器安装 +RUN set -eux; \ + \ + # 检查编译器是否安装成功 + echo "=== 检查编译工具 ==="; \ + make --version; \ + gcc --version; \ + g++ --version; + +# 添加Python安装包(确保Python-3.9.13.tar.xz在构建上下文) +ADD Python-3.9.13.tar.xz /tmp/ + +# 第三步:编译和安装Python +RUN set -eux; \ + \ + # 进入解压后的Python目录 + cd /tmp/Python-3.9.13 && \ + \ + # 配置编译选项 + ./configure \ + --prefix=${PYTHON_HOME} \ + --enable-optimizations \ + --enable-shared \ + --with-system-ffi \ + --with-ensurepip=install \ + && \ + \ + # 编译和安装 + make -j$(nproc) && \ + make install && \ + \ + # 创建软链接 + ln -sf ${PYTHON_HOME}/bin/python3.9 /usr/bin/python3 && \ + ln -sf ${PYTHON_HOME}/bin/python3.9 /usr/bin/python && \ + ln -sf ${PYTHON_HOME}/bin/pip3 /usr/bin/pip && \ + \ + # 配置动态链接库路径 + echo "${PYTHON_HOME}/lib" > /etc/ld.so.conf.d/python3.conf && \ + ldconfig && \ + \ + # 清理编译文件和源码 + cd /tmp && \ + rm -rf /tmp/Python-3.9.13; + +# 设置全局PATH环境变量 +ENV PATH=${PYTHON_HOME}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + +# 第四步:验证Python安装 +RUN set -eux; \ + \ + # 检查Python版本 + echo "=== Python版本 ==="; \ + python3 --version; \ + python --version; \ + \ + # 检查pip版本 + echo "=== Pip版本 ==="; \ + pip --version; + +# 第五步:升级pip和安装常用工具 +RUN set -eux; \ + \ + # 升级pip + pip install --upgrade pip setuptools wheel && \ + \ + # 安装常用Python工具 + pip install virtualenv; + +# 设置工作目录(Python项目目录) +WORKDIR /opt/apps + +# 创建非root用户用于运行Python应用 +RUN set -eux; \ + \ + # 创建用户和组 + groupadd -r esxi && \ + useradd -r -g esxi -d /opt/apps -s /bin/bash esxi && \ + \ + # 设置目录权限 + chown -R esxi:esxi /opt/apps && \ + chown -R esxi:esxi ${PYTHON_HOME}; + +# 设置健康检查 +HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \ + CMD python3 --version > /dev/null 2>&1 || exit 1 + +# 设置默认启动命令 +CMD ["python3", "--version"] \ No newline at end of file diff --git a/dockerfiles/python/3.9.13-rocky8-dos/deploy.sh b/dockerfiles/python/3.9.13-rocky8-dos/deploy.sh new file mode 100644 index 0000000..b6293be --- /dev/null +++ b/dockerfiles/python/3.9.13-rocky8-dos/deploy.sh @@ -0,0 +1,203 @@ +#!/bin/bash +set -euo pipefail + +# 配置参数 +IMAGE_NAME="python" +VERSION="3.9.13-rocky8-dos" +HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址 +HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名 +HARBOR_USERNAME="deploy" # 替换为Harbor用户名 +HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码 + +# 完整的镜像标签 +FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}" +TAG_VERSION="${VERSION}" +TAG_LATEST="latest" + +# 颜色输出函数 +red() { echo -e "\033[31m$*\033[0m"; } +green() { echo -e "\033[32m$*\033[0m"; } +yellow() { echo -e "\033[33m$*\033[0m"; } +blue() { echo -e "\033[34m$*\033[0m"; } + +# 检查必要文件 +check_requirements() { + blue "检查构建所需文件..." + + if [ ! -f "Python-3.9.13.tar.xz" ]; then + red "错误: Python-3.9.13.tar.xz 不存在" + echo "请从Python官网下载并放置在当前目录" + exit 1 + fi + + green "✓ 文件检查完成" +} + +# 登录Harbor仓库 +login_to_harbor() { + blue "登录Harbor仓库: ${HARBOR_REGISTRY}" + + if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then + green "✓ Harbor登录成功" + else + red "✗ Harbor登录失败" + exit 1 + fi +} + +# 构建Docker镜像 +build_image() { + blue "开始构建Docker镜像..." + + local build_cmd=( + docker build + # --pull + # --no-cache + -t "${FULL_IMAGE_NAME}:${TAG_VERSION}" + # -t "${FULL_IMAGE_NAME}:${TAG_LATEST}" + . + ) + + echo "执行命令: ${build_cmd[*]}" + + if "${build_cmd[@]}"; then + green "✓ 镜像构建成功" + else + red "✗ 镜像构建失败" + exit 1 + fi +} + +# 显示镜像信息 +show_image_info() { + blue "镜像构建信息:" + echo "----------------------------------------" + docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}" + echo "----------------------------------------" + + # 显示详细大小信息 + local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}') + green "镜像大小: ${image_size}" +} + +# 测试镜像功能 +test_image() { + blue "测试镜像功能..." + + echo "1. 测试Python版本:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" python3 --version; then + green "✓ 测试通过" + else + red "✗ 测试失败" + exit 1 + fi + + echo "2. 测试区域设置:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then + green "✓ 区域设置测试通过" + else + red "✗ 区域设置测试失败" + exit 1 + fi + + echo "3. 测试时区设置:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then + green "✓ 时区测试通过" + else + red "✗ 时区测试失败" + exit 1 + fi +} + +# 推送镜像到Harbor +push_to_harbor() { + blue "推送镜像到Harbor仓库..." + + # 推送版本标签 + if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then + green "✓ 版本标签推送成功: ${TAG_VERSION}" + else + red "✗ 版本标签推送失败" + exit 1 + fi + + # # 推送latest标签 + # if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then + # green "✓ latest标签推送成功" + # else + # red "✗ latest标签推送失败" + # exit 1 + # fi +} + +# 清理本地镜像 +cleanup_local() { + blue "清理本地镜像..." + + docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true + green "✓ 本地镜像清理完成" +} + +# 验证远程镜像 +verify_remote_image() { + blue "验证远程镜像..." + + # 尝试拉取验证 + if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then + green "✓ 远程镜像验证成功" + docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true + else + red "✗ 远程镜像验证失败" + exit 1 + fi +} + +# 生成使用说明 +generate_usage() { + cat << EOF + +$(green "=== 镜像构建和推送完成 ===") +$(blue "镜像名称:") ${FULL_IMAGE_NAME} +$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST} + +$(yellow "使用方法:") +1. 拉取镜像: + docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION} + +2. 运行测试: + docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} python3 --version + +3. 作为基础镜像使用: + FROM ${FULL_IMAGE_NAME}:${TAG_VERSION} + +$(green "镜像已成功推送到Harbor仓库!") +EOF +} + +# 主函数 +main() { + echo "$(blue '=== RockyLinux 8 Python 3.9.13 基础镜像构建脚本 ===')" + echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")" + echo "$(blue "镜像名称: ${IMAGE_NAME}")" + echo "$(blue "版本标签: ${VERSION}")" + echo "----------------------------------------" + + # 执行步骤 + check_requirements + login_to_harbor + build_image + show_image_info + test_image + push_to_harbor + cleanup_local + verify_remote_image + generate_usage + + green "✅ 所有步骤完成!" +} + +# 异常处理 +trap 'red "脚本执行被中断"; exit 1' INT TERM + +# 执行主函数 +main "$@" \ No newline at end of file diff --git a/dockerfiles/python/3.9.13-ubuntu22-dos/Dockerfile b/dockerfiles/python/3.9.13-ubuntu22-dos/Dockerfile new file mode 100644 index 0000000..a7d71be --- /dev/null +++ b/dockerfiles/python/3.9.13-ubuntu22-dos/Dockerfile @@ -0,0 +1,143 @@ +# 使用 Ubuntu 22.04 作为基础镜像 +FROM ubuntu:22.04 + +# 设置元数据标签 +LABEL maintainer="小蚂蚁云团队" \ + version="1.0" \ + description="基于Ubuntu 22.04的Python 3.9.13运行环境" \ + python.version="3.9.13" + +# 设置环境变量 +ENV PYTHON_VERSION=3.9.13 \ + PYTHON_HOME=/usr/local/python3.9.13 \ + TZ=Asia/Shanghai \ + LANG=en_US.UTF-8 \ + DEBIAN_FRONTEND=noninteractive + +# 设置工作目录 +WORKDIR /tmp + +# 第一步:安装编译工具和系统依赖 +RUN set -eux; \ + \ + # 更新软件包列表并安装必要的开发工具 + apt-get update && \ + apt-get install -y --no-install-recommends \ + build-essential \ + libssl-dev \ + libbz2-dev \ + libffi-dev \ + zlib1g-dev \ + libreadline-dev \ + libsqlite3-dev \ + # 系统工具 + curl \ + wget \ + tar \ + xz-utils \ + gzip \ + git \ + locales \ + tzdata \ + && \ + \ + # 清理缓存以减少镜像大小 + apt-get clean && \ + rm -rf /var/lib/apt/lists/*; \ + \ + # 配置时区 + ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \ + echo $TZ > /etc/timezone; \ + \ + # 设置语言环境 + locale-gen en_US.UTF-8 && \ + update-locale LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8; + +# 第二步:验证编译器安装 +RUN set -eux; \ + \ + # 检查编译器是否安装成功 + echo "=== 检查编译工具 ==="; \ + make --version; \ + gcc --version; \ + g++ --version; + +# 添加Python安装包(确保Python-3.9.13.tar.xz在构建上下文) +ADD Python-3.9.13.tar.xz /tmp/ + +# 第三步:编译和安装Python +RUN set -eux; \ + \ + # 进入解压后的Python目录 + cd /tmp/Python-3.9.13 && \ + \ + # 配置编译选项 + ./configure \ + --prefix=${PYTHON_HOME} \ + --enable-optimizations \ + --enable-shared \ + --with-system-ffi \ + --with-ensurepip=install \ + && \ + \ + # 编译和安装 + make -j$(nproc) && \ + make install && \ + \ + # 创建软链接 + ln -sf ${PYTHON_HOME}/bin/python3.9 /usr/bin/python3 && \ + ln -sf ${PYTHON_HOME}/bin/python3.9 /usr/bin/python && \ + ln -sf ${PYTHON_HOME}/bin/pip3 /usr/bin/pip && \ + \ + # 配置动态链接库路径 + echo "${PYTHON_HOME}/lib" > /etc/ld.so.conf.d/python3.conf && \ + ldconfig && \ + \ + # 清理编译文件和源码 + cd /tmp && \ + rm -rf /tmp/Python-3.9.13; + +# 设置全局PATH环境变量 +ENV PATH=${PYTHON_HOME}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + +# 第四步:验证Python安装 +RUN set -eux; \ + \ + # 检查Python版本 + echo "=== Python版本 ==="; \ + python3 --version; \ + python --version; \ + \ + # 检查pip版本 + echo "=== Pip版本 ==="; \ + pip --version; + +# 第五步:升级pip和安装常用工具 +RUN set -eux; \ + \ + # 升级pip + pip install --upgrade pip setuptools wheel && \ + \ + # 安装常用Python工具 + pip install virtualenv; + +# 设置工作目录(Python项目目录) +WORKDIR /opt/apps + +# 创建非root用户用于运行Python应用 +RUN set -eux; \ + \ + # 创建用户和组 + groupadd -r esxi && \ + useradd -r -g esxi -d /opt/apps -s /bin/bash esxi && \ + \ + # 设置目录权限 + chown -R esxi:esxi /opt/apps && \ + chown -R esxi:esxi ${PYTHON_HOME}; + +# 设置健康检查 +HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \ + CMD python3 --version > /dev/null 2>&1 || exit 1 + +# 设置默认启动命令 +CMD ["python3", "--version"] \ No newline at end of file diff --git a/dockerfiles/python/3.9.13-ubuntu22-dos/deploy.sh b/dockerfiles/python/3.9.13-ubuntu22-dos/deploy.sh new file mode 100644 index 0000000..b53ab9e --- /dev/null +++ b/dockerfiles/python/3.9.13-ubuntu22-dos/deploy.sh @@ -0,0 +1,203 @@ +#!/bin/bash +set -euo pipefail + +# 配置参数 +IMAGE_NAME="python" +VERSION="3.9.13-ubuntu22-dos" +HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址 +HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名 +HARBOR_USERNAME="deploy" # 替换为Harbor用户名 +HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码 + +# 完整的镜像标签 +FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}" +TAG_VERSION="${VERSION}" +TAG_LATEST="latest" + +# 颜色输出函数 +red() { echo -e "\033[31m$*\033[0m"; } +green() { echo -e "\033[32m$*\033[0m"; } +yellow() { echo -e "\033[33m$*\033[0m"; } +blue() { echo -e "\033[34m$*\033[0m"; } + +# 检查必要文件 +check_requirements() { + blue "检查构建所需文件..." + + if [ ! -f "Python-3.9.13.tar.xz" ]; then + red "错误: Python-3.9.13.tar.xz 不存在" + echo "请从Python官网下载并放置在当前目录" + exit 1 + fi + + green "✓ 文件检查完成" +} + +# 登录Harbor仓库 +login_to_harbor() { + blue "登录Harbor仓库: ${HARBOR_REGISTRY}" + + if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then + green "✓ Harbor登录成功" + else + red "✗ Harbor登录失败" + exit 1 + fi +} + +# 构建Docker镜像 +build_image() { + blue "开始构建Docker镜像..." + + local build_cmd=( + docker build + # --pull + # --no-cache + -t "${FULL_IMAGE_NAME}:${TAG_VERSION}" + # -t "${FULL_IMAGE_NAME}:${TAG_LATEST}" + . + ) + + echo "执行命令: ${build_cmd[*]}" + + if "${build_cmd[@]}"; then + green "✓ 镜像构建成功" + else + red "✗ 镜像构建失败" + exit 1 + fi +} + +# 显示镜像信息 +show_image_info() { + blue "镜像构建信息:" + echo "----------------------------------------" + docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}" + echo "----------------------------------------" + + # 显示详细大小信息 + local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}') + green "镜像大小: ${image_size}" +} + +# 测试镜像功能 +test_image() { + blue "测试镜像功能..." + + echo "1. 测试Python版本:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" python3 --version; then + green "✓ 测试通过" + else + red "✗ 测试失败" + exit 1 + fi + + echo "2. 测试区域设置:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then + green "✓ 区域设置测试通过" + else + red "✗ 区域设置测试失败" + exit 1 + fi + + echo "3. 测试时区设置:" + if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then + green "✓ 时区测试通过" + else + red "✗ 时区测试失败" + exit 1 + fi +} + +# 推送镜像到Harbor +push_to_harbor() { + blue "推送镜像到Harbor仓库..." + + # 推送版本标签 + if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then + green "✓ 版本标签推送成功: ${TAG_VERSION}" + else + red "✗ 版本标签推送失败" + exit 1 + fi + + # # 推送latest标签 + # if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then + # green "✓ latest标签推送成功" + # else + # red "✗ latest标签推送失败" + # exit 1 + # fi +} + +# 清理本地镜像 +cleanup_local() { + blue "清理本地镜像..." + + docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true + green "✓ 本地镜像清理完成" +} + +# 验证远程镜像 +verify_remote_image() { + blue "验证远程镜像..." + + # 尝试拉取验证 + if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then + green "✓ 远程镜像验证成功" + docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true + else + red "✗ 远程镜像验证失败" + exit 1 + fi +} + +# 生成使用说明 +generate_usage() { + cat << EOF + +$(green "=== 镜像构建和推送完成 ===") +$(blue "镜像名称:") ${FULL_IMAGE_NAME} +$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST} + +$(yellow "使用方法:") +1. 拉取镜像: + docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION} + +2. 运行测试: + docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} python3 --version + +3. 作为基础镜像使用: + FROM ${FULL_IMAGE_NAME}:${TAG_VERSION} + +$(green "镜像已成功推送到Harbor仓库!") +EOF +} + +# 主函数 +main() { + echo "$(blue '=== Ubuntu 22.04 Python 3.9.13 基础镜像构建脚本 ===')" + echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")" + echo "$(blue "镜像名称: ${IMAGE_NAME}")" + echo "$(blue "版本标签: ${VERSION}")" + echo "----------------------------------------" + + # 执行步骤 + check_requirements + login_to_harbor + build_image + show_image_info + test_image + push_to_harbor + cleanup_local + verify_remote_image + generate_usage + + green "✅ 所有步骤完成!" +} + +# 异常处理 +trap 'red "脚本执行被中断"; exit 1' INT TERM + +# 执行主函数 +main "$@" \ No newline at end of file diff --git a/resources/Python-3.9.13.tar.xz b/resources/Python-3.9.13.tar.xz new file mode 100644 index 0000000..bb1bfb0 Binary files /dev/null and b/resources/Python-3.9.13.tar.xz differ diff --git a/resources/go1.25.1.linux-amd64.tar.gz b/resources/go1.25.1.linux-amd64.tar.gz new file mode 100644 index 0000000..4d0e3dd Binary files /dev/null and b/resources/go1.25.1.linux-amd64.tar.gz differ diff --git a/resources/jre-8u202-linux-x64.tar.gz b/resources/jre-8u202-linux-x64.tar.gz new file mode 100644 index 0000000..de1f8f0 Binary files /dev/null and b/resources/jre-8u202-linux-x64.tar.gz differ