devops/jenkins-docker-images
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: devops:4a53ed21cb14b26ea3dd70c9df852406d8089106
Branches Tags
devops:master
...
compare: devops:6830263bae0c5ff09b57b74930327d2f7a4fe2b7
Branches Tags
devops:master

No commits in common. "4a53ed21cb14b26ea3dd70c9df852406d8089106" and "6830263bae0c5ff09b57b74930327d2f7a4fe2b7" have entirely different histories.
4a53ed21cb ... 6830263bae

48 changed files with 5890 additions and 2 deletions
Show Stats Expand all files Collapse all files

3
.jenkins/.env.yml Normal file
View File

@ -0,0 +1,3 @@
masterProfiles: ['','uat','prod']
Profiles: ['','dev']
jobConfigFile: "imagesConfig.yml"

3
.jenkins/Jenkinsfile vendored Normal file
View File

@ -0,0 +1,3 @@
@Library('share-library@master')_
orgName = 'xiaomayi'
pipelineDockerService(orgName)

2
LICENSE
View File

@ -58,7 +58,7 @@ APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives.
Copyright 2026 devops Copyright 2025 cicd
Licensed under the Apache License, Version 2.0 (the "License"); Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License. you may not use this file except in compliance with the License.

8
README.md
View File

@ -1,3 +1,9 @@
# jenkins-docker-images # jenkins-docker-images
Jenkins 自定义 Docker 镜像仓库。用于存放 Jenkins 构建环境所需的 Dockerfile 及相关配置文件涵盖不同语言Java、Node.js、Python、Go 等和工具链Maven、Gradle、npm、pip 等)的基础镜像,支持 Agent 按需运行与 CI/CD 环境一致性。 基于 Jenkins 构建企业级基础镜像自动化构建平台,实现从 Dockerfile 管理到镜像推送的全流程自动化,建立标准化的基础环境供应体系。通过集中式 Dockerfile 仓库管理和版本控制,确保基础环境一致性,提升软件交付效率与质量。
删除镜像:
```
docker images | grep none | awk '{print $3}' | xargs docker rmi
```

101
dockerfiles/golang/1.25.1-centos8-dos/Dockerfile Normal file
View File

@ -0,0 +1,101 @@
# 使用CentOS 8作为基础镜像
FROM centos:8
# 设置元数据标签
LABEL maintainer="小蚂蚁云团队" \
version="1.0" \
description="基于RockyLinux 8的Go语言运行环境" \
golang.version="1.25.1"
# 设置环境变量
ENV GO_VERSION=1.25.1 \
GOPATH=/go \
GOROOT=/usr/local/go \
PATH=/usr/local/go/bin:/go/bin:${PATH} \
TZ=Asia/Shanghai \
LANG=en_US.UTF-8
# 设置工作目录
WORKDIR /tmp
# 安装必要的系统依赖和配置环境
RUN set -eux; \
\
# 更新系统并安装基础工具包括shadow-utils用于用户管理
microdnf update -y && \
microdnf install -y \
curl \
tar \
gzip \
git \
make \
gcc \
glibc-devel \
glibc-langpack-en \
shadow-utils \
&& \
\
# 清理缓存以减少镜像大小
microdnf clean all && \
rm -rf /var/cache/dnf; \
\
# 配置时区
ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \
echo $TZ > /etc/timezone; \
\
# 设置语言环境
echo 'LANG="en_US.UTF-8"' > /etc/locale.conf && \
echo 'LC_ALL="en_US.UTF-8"' >> /etc/locale.conf;
# 添加Go安装包确保go1.25.1.linux-amd64.tar.gz在构建上下文
ADD go1.25.1.linux-amd64.tar.gz /usr/local/
# 创建Go工作目录和配置locale
RUN set -eux; \
\
# 创建Go工作目录
mkdir -p /go/src /go/bin /go/pkg && \
chmod -R 755 /go; \
\
# 检查系统locale设置
echo "=== Locale Settings ==="; \
cat /etc/locale.conf || echo "No locale.conf"; \
echo "=== Environment Locale ==="; \
echo "LANG=$LANG"; \
\
# 检查Go版本
echo "=== Go Version ==="; \
go version && \
\
# 检查环境变量
echo "=== Go Environment ==="; \
go env && \
\
# 简单的Go程序编译测试
echo 'package main; import "fmt"; func main() { fmt.Println("Go环境安装成功!") }' > /tmp/test.go && \
go run /tmp/test.go && \
rm -f /tmp/test.go;
# 设置工作目录Go项目目录
WORKDIR /opt/apps
# 创建非root用户用于运行Go应用安全性考虑
RUN set -eux; \
\
# 创建用户和组
groupadd -r esxi && \
useradd -r -g esxi -d /opt/apps -s /bin/bash esxi && \
\
# 设置目录权限
chown -R esxi:esxi /opt/apps && \
chown -R esxi:esxi /go;
# 设置默认用户(注释掉以便调试)
# USER esxi
# 设置健康检查(可选)
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD go version > /dev/null 2>&1 || exit 1
# 设置默认启动命令
CMD ["go", "version"]

124
dockerfiles/golang/1.25.1-centos8-dos/Dockerfile2 Normal file
View File

@ -0,0 +1,124 @@
# 使用CentOS 8作为基础镜像
FROM centos:8
# 设置元数据标签
LABEL maintainer="小蚂蚁云团队" \
version="1.0" \
description="基于CentOS 8的Go语言运行环境" \
golang.version="1.25.1"
# 设置环境变量
ENV GO_VERSION=1.25.1 \
GOPATH=/go \
GOROOT=/usr/local/go \
PATH=/usr/local/go/bin:/go/bin:${PATH} \
TZ=Asia/Shanghai \
LANG=en_US.UTF-8
# 设置工作目录
WORKDIR /tmp
# 安装必要的系统依赖和配置环境
RUN set -eux; \
\
# 更新系统并安装基础工具
dnf update -y && \
dnf install -y \
curl \
tar \
gzip \
git \
make \
gcc \
glibc-devel \
glibc-langpack-en \
glibc-locale-source \
glibc-common \
&& \
\
# 清理dnf缓存以减少镜像大小
dnf clean all && \
rm -rf /var/cache/dnf; \
\
# 配置时区
ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \
echo $TZ > /etc/timezone; \
\
# 正确的locale配置方式 - 使用locale-gen或直接设置
# 方法1: 使用locale配置文件
echo 'LANG="en_US.UTF-8"' > /etc/locale.conf && \
echo 'LC_ALL="en_US.UTF-8"' >> /etc/locale.conf; \
\
# 方法2: 生成localeCentOS 8的正确方式
localedef -c -i en_US -f UTF-8 en_US.UTF-8 || echo "Locale generation completed"; \
\
# 验证locale设置
locale -a | grep en_US.UTF-8 || echo "en_US.UTF-8 locale available";
# 添加软件包
ADD go1.25.1.linux-amd64.tar.gz /usr/local
# 下载并安装Go
RUN set -eux; \
\
# 删除临时文件
rm -f "go$GO_VERSION.linux-amd64.tar.gz"; \
\
# 创建Go工作目录
mkdir -p /go/src /go/bin /go/pkg && \
chmod -R 755 /go;
# # 下载并安装Go
# RUN set -eux; \
# \
# # 下载Go安装包
# curl -SLO "https://dl.google.com/go/go$GO_VERSION.linux-amd64.tar.gz" && \
# \
# # 解压到/usr/local目录
# tar -C /usr/local -xzf "go$GO_VERSION.linux-amd64.tar.gz" && \
# \
# # 删除临时文件
# rm -f "go$GO_VERSION.linux-amd64.tar.gz"; \
# \
# # 创建Go工作目录
# mkdir -p /go/src /go/bin /go/pkg && \
# chmod -R 755 /go;
# 验证Go安装和locale
RUN set -eux; \
\
# 检查系统locale设置
echo "=== Locale Settings ==="; \
cat /etc/locale.conf || echo "No locale.conf"; \
echo "=== Environment Locale ==="; \
echo "LANG=$LANG"; \
\
# 检查Go版本
go version && \
\
# 检查环境变量
go env && \
\
# 简单的Go程序编译测试
echo 'package main; import "fmt"; func main() { fmt.Println("Go环境安装成功!") }' > /tmp/test.go && \
go run /tmp/test.go && \
rm -f /tmp/test.go;
# 设置工作目录Go项目目录
WORKDIR /opt/apps
# 创建非root用户用于运行Go应用安全性考虑
RUN groupadd -r esxi && \
useradd -r -g esxi -d /opt/apps -s /bin/bash esxi && \
chown -R esxi:esxi /opt/apps && \
chown -R esxi:esxi /go
# 设置默认用户(注释掉以便调试)
# USER esxi
# 设置健康检查(可选)
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD go version > /dev/null 2>&1 || exit 1
# 设置默认启动命令
CMD ["go", "version"]

203
dockerfiles/golang/1.25.1-centos8-dos/deploy.sh Normal file
View File

@ -0,0 +1,203 @@
#!/bin/bash
set -euo pipefail
# 配置参数
IMAGE_NAME="go"
VERSION="1.25.1-centos8-dos"
HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址
HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名
HARBOR_USERNAME="deploy" # 替换为Harbor用户名
HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码
# 完整的镜像标签
FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}"
TAG_VERSION="${VERSION}"
TAG_LATEST="latest"
# 颜色输出函数
red() { echo -e "\033[31m$*\033[0m"; }
green() { echo -e "\033[32m$*\033[0m"; }
yellow() { echo -e "\033[33m$*\033[0m"; }
blue() { echo -e "\033[34m$*\033[0m"; }
# 检查必要文件
check_requirements() {
blue "检查构建所需文件..."
if [ ! -f "go1.25.1.linux-amd64.tar.gz" ]; then
red "错误: go1.25.1.linux-amd64.tar.gz 不存在"
echo "请从Golang官网下载并放置在当前目录"
exit 1
fi
green "✓ 文件检查完成"
}
# 登录Harbor仓库
login_to_harbor() {
blue "登录Harbor仓库: ${HARBOR_REGISTRY}"
if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then
green "✓ Harbor登录成功"
else
red "✗ Harbor登录失败"
exit 1
fi
}
# 构建Docker镜像
build_image() {
blue "开始构建Docker镜像..."
local build_cmd=(
docker build
# --pull
# --no-cache
-t "${FULL_IMAGE_NAME}:${TAG_VERSION}"
# -t "${FULL_IMAGE_NAME}:${TAG_LATEST}"
.
)
echo "执行命令: ${build_cmd[*]}"
if "${build_cmd[@]}"; then
green "✓ 镜像构建成功"
else
red "✗ 镜像构建失败"
exit 1
fi
}
# 显示镜像信息
show_image_info() {
blue "镜像构建信息:"
echo "----------------------------------------"
docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}"
echo "----------------------------------------"
# 显示详细大小信息
local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}')
green "镜像大小: ${image_size}"
}
# 测试镜像功能
test_image() {
blue "测试镜像功能..."
echo "1. 测试Golang版本:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" go version; then
green "✓ Go测试通过"
else
red "✗ Go测试失败"
exit 1
fi
echo "2. 测试区域设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then
green "✓ 区域设置测试通过"
else
red "✗ 区域设置测试失败"
exit 1
fi
echo "3. 测试时区设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then
green "✓ 时区测试通过"
else
red "✗ 时区测试失败"
exit 1
fi
}
# 推送镜像到Harbor
push_to_harbor() {
blue "推送镜像到Harbor仓库..."
# 推送版本标签
if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 版本标签推送成功: ${TAG_VERSION}"
else
red "✗ 版本标签推送失败"
exit 1
fi
# # 推送latest标签
# if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then
# green "✓ latest标签推送成功"
# else
# red "✗ latest标签推送失败"
# exit 1
# fi
}
# 清理本地镜像
cleanup_local() {
blue "清理本地镜像..."
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true
green "✓ 本地镜像清理完成"
}
# 验证远程镜像
verify_remote_image() {
blue "验证远程镜像..."
# 尝试拉取验证
if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 远程镜像验证成功"
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true
else
red "✗ 远程镜像验证失败"
exit 1
fi
}
# 生成使用说明
generate_usage() {
cat << EOF
$(green "=== 镜像构建和推送完成 ===")
$(blue "镜像名称:") ${FULL_IMAGE_NAME}
$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST}
$(yellow "使用方法:")
1. 拉取镜像:
docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION}
2. 运行测试:
docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} go version
3. 作为基础镜像使用:
FROM ${FULL_IMAGE_NAME}:${TAG_VERSION}
$(green "镜像已成功推送到Harbor仓库!")
EOF
}
# 主函数
main() {
echo "$(blue '=== RockyLinux 8 Go 1.25.1 基础镜像构建脚本 ===')"
echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")"
echo "$(blue "镜像名称: ${IMAGE_NAME}")"
echo "$(blue "版本标签: ${VERSION}")"
echo "----------------------------------------"
# 执行步骤
check_requirements
login_to_harbor
build_image
show_image_info
test_image
push_to_harbor
cleanup_local
verify_remote_image
generate_usage
green "✅ 所有步骤完成!"
}
# 异常处理
trap 'red "脚本执行被中断"; exit 1' INT TERM
# 执行主函数
main "$@"

122
dockerfiles/golang/1.25.1-debian12-dos/Dockerfile Normal file
View File

@ -0,0 +1,122 @@
# 使用Debian 12 (bookworm) 最小化镜像作为基础
FROM debian:bookworm-slim
# 设置元数据标签
LABEL maintainer="小蚂蚁云团队" \
version="1.0" \
description="基于Debian的Go语言运行环境" \
golang.version="1.25.1"
# 设置环境变量
ENV GO_VERSION=1.25.1 \
GOPATH=/go \
GOROOT=/usr/local/go \
PATH=/usr/local/go/bin:/go/bin:${PATH} \
TZ=Asia/Shanghai \
LANG=en_US.UTF-8 \
LC_ALL=en_US.UTF-8 \
DEBIAN_FRONTEND=noninteractive
# 设置工作目录
WORKDIR /tmp
# 安装必要的系统依赖和配置环境
RUN set -eux; \
\
# 配置阿里云Debian镜像源
echo "deb http://mirrors.aliyun.com/debian/ bookworm main non-free non-free-firmware" > /etc/apt/sources.list; \
echo "deb http://mirrors.aliyun.com/debian/ bookworm-updates main non-free non-free-firmware" >> /etc/apt/sources.list; \
echo "deb http://mirrors.aliyun.com/debian/ bookworm-backports main non-free non-free-firmware" >> /etc/apt/sources.list; \
echo "deb http://mirrors.aliyun.com/debian-security bookworm-security main non-free non-free-firmware" >> /etc/apt/sources.list; \
\
# 更新系统并安装基础工具
apt-get update && \
apt-get install -y --no-install-recommends \
ca-certificates \
curl \
tar \
gzip \
git \
make \
gcc \
libc6-dev \
locales \
&& \
\
# 配置时区
ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \
echo $TZ > /etc/timezone; \
\
# 设置语言环境Debian方式
echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && \
echo "zh_CN.UTF-8 UTF-8" >> /etc/locale.gen && \
locale-gen && \
update-locale LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8; \
\
# 清理apt缓存以减少镜像大小
apt-get clean && \
rm -rf /var/lib/apt/lists/*
# 添加Go安装包确保go1.25.1.linux-amd64.tar.gz在构建上下文
ADD go1.25.1.linux-amd64.tar.gz /usr/local/
# 创建Go工作目录和配置
RUN set -eux; \
\
# 创建Go工作目录
mkdir -p /go/src /go/bin /go/pkg && \
chmod -R 755 /go; \
\
# 验证Go安装
echo "=== 验证Go安装 ==="; \
echo "Go二进制路径: $(which go)"; \
echo "=== Go Version ==="; \
go version && \
\
# 检查环境变量
echo "=== Go Environment ==="; \
go env && \
\
# 设置GOPROXY为国内镜像加速后续的go get操作
go env -w GOPROXY=https://goproxy.cn,direct; \
go env -w GOSUMDB=off; \
\
# 简单的Go程序编译测试
echo 'package main; import "fmt"; func main() { fmt.Println("Go环境安装成功!") }' > /tmp/test.go && \
go run /tmp/test.go && \
rm -f /tmp/test.go; \
\
# 验证locale设置
echo "=== Locale验证 ==="; \
echo "系统Locale: $(locale)"; \
echo "环境变量LANG: $LANG"; \
echo "环境变量LC_ALL: $LC_ALL"
# 设置工作目录Go项目目录
WORKDIR /opt/apps
# 创建非root用户用于运行Go应用安全性考虑
RUN set -eux; \
\
# 创建用户和组
groupadd -r esxi && \
useradd -r -g esxi -d /opt/apps -s /bin/bash esxi && \
\
# 设置目录权限
chown -R esxi:esxi /opt/apps && \
chown -R esxi:esxi /go; \
\
# 验证用户创建
echo "=== 用户验证 ==="; \
id esxi && \
echo "家目录权限: $(ls -ld /opt/apps)"
# 设置默认用户(注释掉以便调试)
# USER esxi
# 设置健康检查(可选)
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD go version > /dev/null 2>&1 || exit 1
# 设置默认启动命令
CMD ["go", "version"]

203
dockerfiles/golang/1.25.1-debian12-dos/deploy.sh Normal file
View File

@ -0,0 +1,203 @@
#!/bin/bash
set -euo pipefail
# 配置参数
IMAGE_NAME="go"
VERSION="1.25.1-debian12-dos"
HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址
HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名
HARBOR_USERNAME="deploy" # 替换为Harbor用户名
HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码
# 完整的镜像标签
FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}"
TAG_VERSION="${VERSION}"
TAG_LATEST="latest"
# 颜色输出函数
red() { echo -e "\033[31m$*\033[0m"; }
green() { echo -e "\033[32m$*\033[0m"; }
yellow() { echo -e "\033[33m$*\033[0m"; }
blue() { echo -e "\033[34m$*\033[0m"; }
# 检查必要文件
check_requirements() {
blue "检查构建所需文件..."
if [ ! -f "go1.25.1.linux-amd64.tar.gz" ]; then
red "错误: go1.25.1.linux-amd64.tar.gz 不存在"
echo "请从Golang官网下载并放置在当前目录"
exit 1
fi
green "✓ 文件检查完成"
}
# 登录Harbor仓库
login_to_harbor() {
blue "登录Harbor仓库: ${HARBOR_REGISTRY}"
if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then
green "✓ Harbor登录成功"
else
red "✗ Harbor登录失败"
exit 1
fi
}
# 构建Docker镜像
build_image() {
blue "开始构建Docker镜像..."
local build_cmd=(
docker build
# --pull
# --no-cache
-t "${FULL_IMAGE_NAME}:${TAG_VERSION}"
# -t "${FULL_IMAGE_NAME}:${TAG_LATEST}"
.
)
echo "执行命令: ${build_cmd[*]}"
if "${build_cmd[@]}"; then
green "✓ 镜像构建成功"
else
red "✗ 镜像构建失败"
exit 1
fi
}
# 显示镜像信息
show_image_info() {
blue "镜像构建信息:"
echo "----------------------------------------"
docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}"
echo "----------------------------------------"
# 显示详细大小信息
local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}')
green "镜像大小: ${image_size}"
}
# 测试镜像功能
test_image() {
blue "测试镜像功能..."
echo "1. 测试Golang版本:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" go version; then
green "✓ Go测试通过"
else
red "✗ Go测试失败"
exit 1
fi
echo "2. 测试区域设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then
green "✓ 区域设置测试通过"
else
red "✗ 区域设置测试失败"
exit 1
fi
echo "3. 测试时区设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then
green "✓ 时区测试通过"
else
red "✗ 时区测试失败"
exit 1
fi
}
# 推送镜像到Harbor
push_to_harbor() {
blue "推送镜像到Harbor仓库..."
# 推送版本标签
if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 版本标签推送成功: ${TAG_VERSION}"
else
red "✗ 版本标签推送失败"
exit 1
fi
# # 推送latest标签
# if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then
# green "✓ latest标签推送成功"
# else
# red "✗ latest标签推送失败"
# exit 1
# fi
}
# 清理本地镜像
cleanup_local() {
blue "清理本地镜像..."
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true
green "✓ 本地镜像清理完成"
}
# 验证远程镜像
verify_remote_image() {
blue "验证远程镜像..."
# 尝试拉取验证
if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 远程镜像验证成功"
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true
else
red "✗ 远程镜像验证失败"
exit 1
fi
}
# 生成使用说明
generate_usage() {
cat << EOF
$(green "=== 镜像构建和推送完成 ===")
$(blue "镜像名称:") ${FULL_IMAGE_NAME}
$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST}
$(yellow "使用方法:")
1. 拉取镜像:
docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION}
2. 运行测试:
docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} go version
3. 作为基础镜像使用:
FROM ${FULL_IMAGE_NAME}:${TAG_VERSION}
$(green "镜像已成功推送到Harbor仓库!")
EOF
}
# 主函数
main() {
echo "$(blue '=== Debian 12 Go 1.25.1 基础镜像构建脚本 ===')"
echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")"
echo "$(blue "镜像名称: ${IMAGE_NAME}")"
echo "$(blue "版本标签: ${VERSION}")"
echo "----------------------------------------"
# 执行步骤
check_requirements
login_to_harbor
build_image
show_image_info
test_image
push_to_harbor
cleanup_local
verify_remote_image
generate_usage
green "✅ 所有步骤完成!"
}
# 异常处理
trap 'red "脚本执行被中断"; exit 1' INT TERM
# 执行主函数
main "$@"

101
dockerfiles/golang/1.25.1-rocky8-dos/Dockerfile Normal file
View File

@ -0,0 +1,101 @@
# 使用 RockyLinux 8 最小化镜像作为基础
FROM rockylinux:8.9-minimal
# 设置元数据标签
LABEL maintainer="小蚂蚁云团队" \
version="1.0" \
description="基于RockyLinux 8的Go语言运行环境" \
golang.version="1.25.1"
# 设置环境变量
ENV GO_VERSION=1.25.1 \
GOPATH=/go \
GOROOT=/usr/local/go \
PATH=/usr/local/go/bin:/go/bin:${PATH} \
TZ=Asia/Shanghai \
LANG=en_US.UTF-8
# 设置工作目录
WORKDIR /tmp
# 安装必要的系统依赖和配置环境
RUN set -eux; \
\
# 更新系统并安装基础工具包括shadow-utils用于用户管理
microdnf update -y && \
microdnf install -y \
curl \
tar \
gzip \
git \
make \
gcc \
glibc-devel \
glibc-langpack-en \
shadow-utils \
&& \
\
# 清理缓存以减少镜像大小
microdnf clean all && \
rm -rf /var/cache/dnf; \
\
# 配置时区
ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \
echo $TZ > /etc/timezone; \
\
# 设置语言环境
echo 'LANG="en_US.UTF-8"' > /etc/locale.conf && \
echo 'LC_ALL="en_US.UTF-8"' >> /etc/locale.conf;
# 添加Go安装包确保go1.25.1.linux-amd64.tar.gz在构建上下文
ADD go1.25.1.linux-amd64.tar.gz /usr/local/
# 创建Go工作目录和配置locale
RUN set -eux; \
\
# 创建Go工作目录
mkdir -p /go/src /go/bin /go/pkg && \
chmod -R 755 /go; \
\
# 检查系统locale设置
echo "=== Locale Settings ==="; \
cat /etc/locale.conf || echo "No locale.conf"; \
echo "=== Environment Locale ==="; \
echo "LANG=$LANG"; \
\
# 检查Go版本
echo "=== Go Version ==="; \
go version && \
\
# 检查环境变量
echo "=== Go Environment ==="; \
go env && \
\
# 简单的Go程序编译测试
echo 'package main; import "fmt"; func main() { fmt.Println("Go环境安装成功!") }' > /tmp/test.go && \
go run /tmp/test.go && \
rm -f /tmp/test.go;
# 设置工作目录Go项目目录
WORKDIR /opt/apps
# 创建非root用户用于运行Go应用安全性考虑
RUN set -eux; \
\
# 创建用户和组
groupadd -r esxi && \
useradd -r -g esxi -d /opt/apps -s /bin/bash esxi && \
\
# 设置目录权限
chown -R esxi:esxi /opt/apps && \
chown -R esxi:esxi /go;
# 设置默认用户(注释掉以便调试)
# USER esxi
# 设置健康检查(可选)
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD go version > /dev/null 2>&1 || exit 1
# 设置默认启动命令
CMD ["go", "version"]

203
dockerfiles/golang/1.25.1-rocky8-dos/deploy.sh Normal file
View File

@ -0,0 +1,203 @@
#!/bin/bash
set -euo pipefail
# 配置参数
IMAGE_NAME="go"
VERSION="1.25.1-rocky8-dos"
HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址
HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名
HARBOR_USERNAME="deploy" # 替换为Harbor用户名
HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码
# 完整的镜像标签
FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}"
TAG_VERSION="${VERSION}"
TAG_LATEST="latest"
# 颜色输出函数
red() { echo -e "\033[31m$*\033[0m"; }
green() { echo -e "\033[32m$*\033[0m"; }
yellow() { echo -e "\033[33m$*\033[0m"; }
blue() { echo -e "\033[34m$*\033[0m"; }
# 检查必要文件
check_requirements() {
blue "检查构建所需文件..."
if [ ! -f "go1.25.1.linux-amd64.tar.gz" ]; then
red "错误: go1.25.1.linux-amd64.tar.gz 不存在"
echo "请从Golang官网下载并放置在当前目录"
exit 1
fi
green "✓ 文件检查完成"
}
# 登录Harbor仓库
login_to_harbor() {
blue "登录Harbor仓库: ${HARBOR_REGISTRY}"
if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then
green "✓ Harbor登录成功"
else
red "✗ Harbor登录失败"
exit 1
fi
}
# 构建Docker镜像
build_image() {
blue "开始构建Docker镜像..."
local build_cmd=(
docker build
# --pull
# --no-cache
-t "${FULL_IMAGE_NAME}:${TAG_VERSION}"
# -t "${FULL_IMAGE_NAME}:${TAG_LATEST}"
.
)
echo "执行命令: ${build_cmd[*]}"
if "${build_cmd[@]}"; then
green "✓ 镜像构建成功"
else
red "✗ 镜像构建失败"
exit 1
fi
}
# 显示镜像信息
show_image_info() {
blue "镜像构建信息:"
echo "----------------------------------------"
docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}"
echo "----------------------------------------"
# 显示详细大小信息
local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}')
green "镜像大小: ${image_size}"
}
# 测试镜像功能
test_image() {
blue "测试镜像功能..."
echo "1. 测试Golang版本:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" go version; then
green "✓ Go测试通过"
else
red "✗ Go测试失败"
exit 1
fi
echo "2. 测试区域设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then
green "✓ 区域设置测试通过"
else
red "✗ 区域设置测试失败"
exit 1
fi
echo "3. 测试时区设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then
green "✓ 时区测试通过"
else
red "✗ 时区测试失败"
exit 1
fi
}
# 推送镜像到Harbor
push_to_harbor() {
blue "推送镜像到Harbor仓库..."
# 推送版本标签
if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 版本标签推送成功: ${TAG_VERSION}"
else
red "✗ 版本标签推送失败"
exit 1
fi
# # 推送latest标签
# if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then
# green "✓ latest标签推送成功"
# else
# red "✗ latest标签推送失败"
# exit 1
# fi
}
# 清理本地镜像
cleanup_local() {
blue "清理本地镜像..."
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true
green "✓ 本地镜像清理完成"
}
# 验证远程镜像
verify_remote_image() {
blue "验证远程镜像..."
# 尝试拉取验证
if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 远程镜像验证成功"
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true
else
red "✗ 远程镜像验证失败"
exit 1
fi
}
# 生成使用说明
generate_usage() {
cat << EOF
$(green "=== 镜像构建和推送完成 ===")
$(blue "镜像名称:") ${FULL_IMAGE_NAME}
$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST}
$(yellow "使用方法:")
1. 拉取镜像:
docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION}
2. 运行测试:
docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} go version
3. 作为基础镜像使用:
FROM ${FULL_IMAGE_NAME}:${TAG_VERSION}
$(green "镜像已成功推送到Harbor仓库!")
EOF
}
# 主函数
main() {
echo "$(blue '=== RockyLinux 8 Go 1.25.1 基础镜像构建脚本 ===')"
echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")"
echo "$(blue "镜像名称: ${IMAGE_NAME}")"
echo "$(blue "版本标签: ${VERSION}")"
echo "----------------------------------------"
# 执行步骤
check_requirements
login_to_harbor
build_image
show_image_info
test_image
push_to_harbor
cleanup_local
verify_remote_image
generate_usage
green "✅ 所有步骤完成!"
}
# 异常处理
trap 'red "脚本执行被中断"; exit 1' INT TERM
# 执行主函数
main "$@"

102
dockerfiles/golang/1.25.1-ubuntu22-dos/Dockerfile Normal file
View File

@ -0,0 +1,102 @@
# 使用Ubuntu 22.04最小化镜像作为基础
FROM ubuntu:22.04
# 设置元数据标签
LABEL maintainer="小蚂蚁云团队" \
version="1.0" \
description="基于Ubuntu 22.04的Go语言运行环境" \
golang.version="1.25.1"
# 设置环境变量
ENV GO_VERSION=1.25.1 \
GOPATH=/go \
GOROOT=/usr/local/go \
PATH=/usr/local/go/bin:/go/bin:${PATH} \
TZ=Asia/Shanghai \
LANG=en_US.UTF-8 \
DEBIAN_FRONTEND=noninteractive
# 设置工作目录
WORKDIR /tmp
# 安装必要的系统依赖和配置环境
RUN set -eux; \
\
# 更新系统并安装基础工具
apt-get update && \
apt-get install -y --no-install-recommends \
ca-certificates \
curl \
tar \
gzip \
git \
make \
gcc \
libc6-dev \
locales \
&& \
\
# 清理apt缓存以减少镜像大小
apt-get clean && \
rm -rf /var/lib/apt/lists/*; \
\
# 配置时区
ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \
echo $TZ > /etc/timezone; \
\
# 设置语言环境Ubuntu方式
locale-gen en_US.UTF-8 && \
update-locale LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8;
# 添加Go安装包确保go1.25.1.linux-amd64.tar.gz在构建上下文
ADD go1.25.1.linux-amd64.tar.gz /usr/local/
# 创建Go工作目录和配置
RUN set -eux; \
\
# 创建Go工作目录
mkdir -p /go/src /go/bin /go/pkg && \
chmod -R 755 /go; \
\
# 检查系统locale设置
echo "=== Locale Settings ==="; \
locale || echo "Locale info"; \
echo "=== Environment Locale ==="; \
echo "LANG=$LANG"; \
\
# 检查Go版本
echo "=== Go Version ==="; \
go version && \
\
# 检查环境变量
echo "=== Go Environment ==="; \
go env && \
\
# 简单的Go程序编译测试
echo 'package main; import "fmt"; func main() { fmt.Println("Go环境安装成功!") }' > /tmp/test.go && \
go run /tmp/test.go && \
rm -f /tmp/test.go;
# 设置工作目录Go项目目录
WORKDIR /opt/apps
# 创建非root用户用于运行Go应用安全性考虑
RUN set -eux; \
\
# 创建用户和组
groupadd -r esxi && \
useradd -r -g esxi -d /opt/apps -s /bin/bash esxi && \
\
# 设置目录权限
chown -R esxi:esxi /opt/apps && \
chown -R esxi:esxi /go;
# 设置默认用户(注释掉以便调试)
# USER esxi
# 设置健康检查(可选)
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD go version > /dev/null 2>&1 || exit 1
# 设置默认启动命令
CMD ["go", "version"]

203
dockerfiles/golang/1.25.1-ubuntu22-dos/deploy.sh Normal file
View File

@ -0,0 +1,203 @@
#!/bin/bash
set -euo pipefail
# 配置参数
IMAGE_NAME="go"
VERSION="1.25.1-ubuntu22-dos"
HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址
HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名
HARBOR_USERNAME="deploy" # 替换为Harbor用户名
HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码
# 完整的镜像标签
FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}"
TAG_VERSION="${VERSION}"
TAG_LATEST="latest"
# 颜色输出函数
red() { echo -e "\033[31m$*\033[0m"; }
green() { echo -e "\033[32m$*\033[0m"; }
yellow() { echo -e "\033[33m$*\033[0m"; }
blue() { echo -e "\033[34m$*\033[0m"; }
# 检查必要文件
check_requirements() {
blue "检查构建所需文件..."
if [ ! -f "go1.25.1.linux-amd64.tar.gz" ]; then
red "错误: go1.25.1.linux-amd64.tar.gz 不存在"
echo "请从Golang官网下载并放置在当前目录"
exit 1
fi
green "✓ 文件检查完成"
}
# 登录Harbor仓库
login_to_harbor() {
blue "登录Harbor仓库: ${HARBOR_REGISTRY}"
if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then
green "✓ Harbor登录成功"
else
red "✗ Harbor登录失败"
exit 1
fi
}
# 构建Docker镜像
build_image() {
blue "开始构建Docker镜像..."
local build_cmd=(
docker build
# --pull
# --no-cache
-t "${FULL_IMAGE_NAME}:${TAG_VERSION}"
# -t "${FULL_IMAGE_NAME}:${TAG_LATEST}"
.
)
echo "执行命令: ${build_cmd[*]}"
if "${build_cmd[@]}"; then
green "✓ 镜像构建成功"
else
red "✗ 镜像构建失败"
exit 1
fi
}
# 显示镜像信息
show_image_info() {
blue "镜像构建信息:"
echo "----------------------------------------"
docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}"
echo "----------------------------------------"
# 显示详细大小信息
local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}')
green "镜像大小: ${image_size}"
}
# 测试镜像功能
test_image() {
blue "测试镜像功能..."
echo "1. 测试Golang版本:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" go version; then
green "✓ Go测试通过"
else
red "✗ Go测试失败"
exit 1
fi
echo "2. 测试区域设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then
green "✓ 区域设置测试通过"
else
red "✗ 区域设置测试失败"
exit 1
fi
echo "3. 测试时区设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then
green "✓ 时区测试通过"
else
red "✗ 时区测试失败"
exit 1
fi
}
# 推送镜像到Harbor
push_to_harbor() {
blue "推送镜像到Harbor仓库..."
# 推送版本标签
if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 版本标签推送成功: ${TAG_VERSION}"
else
red "✗ 版本标签推送失败"
exit 1
fi
# # 推送latest标签
# if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then
# green "✓ latest标签推送成功"
# else
# red "✗ latest标签推送失败"
# exit 1
# fi
}
# 清理本地镜像
cleanup_local() {
blue "清理本地镜像..."
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true
green "✓ 本地镜像清理完成"
}
# 验证远程镜像
verify_remote_image() {
blue "验证远程镜像..."
# 尝试拉取验证
if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 远程镜像验证成功"
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true
else
red "✗ 远程镜像验证失败"
exit 1
fi
}
# 生成使用说明
generate_usage() {
cat << EOF
$(green "=== 镜像构建和推送完成 ===")
$(blue "镜像名称:") ${FULL_IMAGE_NAME}
$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST}
$(yellow "使用方法:")
1. 拉取镜像:
docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION}
2. 运行测试:
docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} go version
3. 作为基础镜像使用:
FROM ${FULL_IMAGE_NAME}:${TAG_VERSION}
$(green "镜像已成功推送到Harbor仓库!")
EOF
}
# 主函数
main() {
echo "$(blue '=== Ubuntu 22 Go 1.25.1 基础镜像构建脚本 ===')"
echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")"
echo "$(blue "镜像名称: ${IMAGE_NAME}")"
echo "$(blue "版本标签: ${VERSION}")"
echo "----------------------------------------"
# 执行步骤
check_requirements
login_to_harbor
build_image
show_image_info
test_image
push_to_harbor
cleanup_local
verify_remote_image
generate_usage
green "✅ 所有步骤完成!"
}
# 异常处理
trap 'red "脚本执行被中断"; exit 1' INT TERM
# 执行主函数
main "$@"

154
dockerfiles/jdk/17.0.16-centos8-dos/Dockerfile Normal file
View File

@ -0,0 +1,154 @@
# 使用 CentOS 8 作为基础镜像
FROM centos:8
# 维护者信息
LABEL maintainer="小蚂蚁云团队" \
description="JDK 17 on CentOS 8 with Chinese support" \
version="1.0"
# 设置环境变量
ENV LANG zh_CN.UTF-8
ENV LC_ALL zh_CN.UTF-8
ENV JAVA_HOME /opt/jdk-17.0.16
ENV PATH $JAVA_HOME/bin:$PATH
ENV CLASSPATH .:$JAVA_HOME/lib/jrt-fs.jar:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
# 设置工作目录
WORKDIR /tmp
# 备份并替换 yum 源(解决 CentOS 8 EOL 问题)
RUN cd /etc/yum.repos.d/ && \
# 备份原有 repo 文件
rename '.repo' '.repo.bak' /etc/yum.repos.d/*.repo && \
# 安装阿里云的 CentOS 8 归档镜像源
curl -s -o /etc/yum.repos.d/Centos-vault-8.5.2111.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo && \
# 启用阿里云仓库并禁用官方仓库
sed -i 's|^mirrorlist=|#mirrorlist=|g' /etc/yum.repos.d/Centos-*.repo && \
sed -i 's|^#baseurl=http://mirror.centos.org|baseurl=https://mirrors.aliyun.com|g' /etc/yum.repos.d/Centos-*.repo && \
sed -i 's|^baseurl=http://mirror.centos.org|baseurl=https://mirrors.aliyun.com|g' /etc/yum.repos.d/Centos-*.repo && \
# 确保仓库启用
sed -i 's|^enabled=.*|enabled=1|g' /etc/yum.repos.d/Centos-*.repo
# 安装基础软件包和中文支持,并一次性清理缓存
RUN yum install -y \
fontconfig \
glibc-langpack-zh \
glibc-locale-source \
glibc-common && \
# yum-utils \
# net-tools \
# vim \
# curl && \
# 设置中文语言环境
localedef -c -f UTF-8 -i zh_CN zh_CN.utf8 && \
localedef -c -f UTF-8 -i C UTF-8 && \
# 设置系统locale
echo 'LANG="zh_CN.UTF-8"' > /etc/locale.conf && \
echo 'LC_ALL="zh_CN.UTF-8"' >> /etc/locale.conf && \
# 创建字体目录
mkdir -p /usr/share/fonts/ && \
chmod 755 /usr/share/fonts/ && \
# 清理yum缓存
yum clean all && \
rm -rf /var/cache/yum && \
yum makecache
# 复制字体文件
RUN mkdir -p /usr/share/fonts
COPY ./fonts/ /usr/share/fonts/
# 更新字体缓存并设置时区
RUN fc-cache -fv && \
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \
echo 'Asia/Shanghai' > /etc/timezone
# # 安装 JDK
# WORKDIR /usr/local
# ADD jdk-17.0.16_linux-x64_bin.tar.gz /usr/local/
# # 验证 JDK 安装
# RUN ln -sf ${JAVA_HOME} /usr/local/jdk-17.0.16 && \
# java -version && \
# javac -version
# 添加并精简 JDK
ADD jdk-17.0.16_linux-x64_bin.tar.gz /opt/
# 精简JDK删除不必要的文件
RUN set -eux && \
# 重命名JDK目录
mv /opt/jdk-17.0.16 /opt/jdk-17.0.16-original && \
\
# 创建新的精简JDK目录
mkdir -p /opt/jdk-17.0.16 && \
\
# 保留必要的目录和文件
cp -r /opt/jdk-17.0.16-original/bin /opt/jdk-17.0.16/ && \
cp -r /opt/jdk-17.0.16-original/lib /opt/jdk-17.0.16/ && \
cp -r /opt/jdk-17.0.16-original/conf /opt/jdk-17.0.16/ && \
cp -r /opt/jdk-17.0.16-original/include /opt/jdk-17.0.16/ && \
\
# 删除调试文件(使用通配符)
rm -rf /opt/jdk-17.0.16/lib/*.diz \
/opt/jdk-17.0.16/lib/*/*.diz \
/opt/jdk-17.0.16/lib/*/*/*.diz \
/opt/jdk-17.0.16/lib/*.debuginfo \
/opt/jdk-17.0.16/lib/*/*.debuginfo \
/opt/jdk-17.0.16/lib/*/*/*.debuginfo \
/opt/jdk-17.0.16/lib/*.pdb \
/opt/jdk-17.0.16/lib/*/*.pdb \
/opt/jdk-17.0.16/lib/*/*/*.pdb && \
\
# 删除不必要的模块和文件
rm -rf /opt/jdk-17.0.16/lib/src.zip \
/opt/jdk-17.0.16/lib/missioncontrol \
/opt/jdk-17.0.16/lib/visualvm \
/opt/jdk-17.0.16/lib/jfr \
/opt/jdk-17.0.16/lib/security/cacerts.dummy \
\
# 删除演示和样例
/opt/jdk-17.0.16-original/demo \
/opt/jdk-17.0.16-original/sample \
/opt/jdk-17.0.16-original/man \
\
# 删除文档
/opt/jdk-17.0.16-original/legal \
/opt/jdk-17.0.16-original/README.md \
/opt/jdk-17.0.16-original/release && \
\
# 删除原始JDK目录
rm -rf /opt/jdk-17.0.16-original && \
\
# 设置权限
chmod -R 755 /opt/jdk-17.0.16 && \
chown -R root:root /opt/jdk-17.0.16 &&\
\
# 验证JDK安装
/opt/jdk-17.0.16/bin/java -version && \
/opt/jdk-17.0.16/bin/javac -version
# 清理临时文件和缓存
RUN rm -rf /tmp/* /var/tmp/* /var/log/*log /var/log/nginx/*log \
/var/log/*.log /var/log/dmesg /var/log/audit/*log \
/root/.cache /*.repo.bak
# 创建非 root 用户运行应用
RUN groupadd -r esxi && \
useradd -r -g esxi -m -d /app esxi && \
chown -R esxi:esxi /app && \
# 设置JDK目录权限
chown -R esxi:esxi $JAVA_HOME
# 设置最终工作目录
WORKDIR /opt/apps
# 切换到非root用户
#USER esxi
# 健康检查(可选)
# HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
# CMD java -version || exit 1
# 默认命令
CMD ["java", "-version"]

209
dockerfiles/jdk/17.0.16-centos8-dos/deploy.sh Normal file
View File

@ -0,0 +1,209 @@
#!/bin/bash
set -euo pipefail
# 配置参数
IMAGE_NAME="jdk"
VERSION="17.0.16-centos8-dos"
HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址
HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名
HARBOR_USERNAME="deploy" # 替换为Harbor用户名
HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码
# 完整的镜像标签
FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}"
TAG_VERSION="${VERSION}"
TAG_LATEST="latest"
# 颜色输出函数
red() { echo -e "\033[31m$*\033[0m"; }
green() { echo -e "\033[32m$*\033[0m"; }
yellow() { echo -e "\033[33m$*\033[0m"; }
blue() { echo -e "\033[34m$*\033[0m"; }
# 检查必要文件
check_requirements() {
blue "检查构建所需文件..."
if [ ! -f "jdk-17.0.16_linux-x64_bin.tar.gz" ]; then
red "错误: jdk-17.0.16_linux-x64_bin.tar.gz 不存在"
echo "请从Oracle官网下载JDK 17.0.16并放置在当前目录"
exit 1
fi
if [ ! -d "fonts" ]; then
yellow "提示: fonts 目录不存在,创建空目录"
mkdir -p fonts/
yellow "可以放置中文字体文件到 fonts/ 目录以获得更好的中文支持"
fi
green "✓ 文件检查完成"
}
# 登录Harbor仓库
login_to_harbor() {
blue "登录Harbor仓库: ${HARBOR_REGISTRY}"
if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then
green "✓ Harbor登录成功"
else
red "✗ Harbor登录失败"
exit 1
fi
}
# 构建Docker镜像
build_image() {
blue "开始构建Docker镜像..."
local build_cmd=(
docker build
# --pull
# --no-cache
-t "${FULL_IMAGE_NAME}:${TAG_VERSION}"
# -t "${FULL_IMAGE_NAME}:${TAG_LATEST}"
.
)
echo "执行命令: ${build_cmd[*]}"
if "${build_cmd[@]}"; then
green "✓ 镜像构建成功"
else
red "✗ 镜像构建失败"
exit 1
fi
}
# 显示镜像信息
show_image_info() {
blue "镜像构建信息:"
echo "----------------------------------------"
docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}"
echo "----------------------------------------"
# 显示详细大小信息
local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}')
green "镜像大小: ${image_size}"
}
# 测试镜像功能
test_image() {
blue "测试镜像功能..."
echo "1. 测试Java版本:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" java -version; then
green "✓ Java测试通过"
else
red "✗ Java测试失败"
exit 1
fi
echo "2. 测试区域设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then
green "✓ 区域设置测试通过"
else
red "✗ 区域设置测试失败"
exit 1
fi
echo "3. 测试时区设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then
green "✓ 时区测试通过"
else
red "✗ 时区测试失败"
exit 1
fi
}
# 推送镜像到Harbor
push_to_harbor() {
blue "推送镜像到Harbor仓库..."
# 推送版本标签
if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 版本标签推送成功: ${TAG_VERSION}"
else
red "✗ 版本标签推送失败"
exit 1
fi
# # 推送latest标签
# if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then
# green "✓ latest标签推送成功"
# else
# red "✗ latest标签推送失败"
# exit 1
# fi
}
# 清理本地镜像
cleanup_local() {
blue "清理本地镜像..."
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true
green "✓ 本地镜像清理完成"
}
# 验证远程镜像
verify_remote_image() {
blue "验证远程镜像..."
# 尝试拉取验证
if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 远程镜像验证成功"
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true
else
red "✗ 远程镜像验证失败"
exit 1
fi
}
# 生成使用说明
generate_usage() {
cat << EOF
$(green "=== 镜像构建和推送完成 ===")
$(blue "镜像名称:") ${FULL_IMAGE_NAME}
$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST}
$(yellow "使用方法:")
1. 拉取镜像:
docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION}
2. 运行测试:
docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} java -version
3. 作为基础镜像使用:
FROM ${FULL_IMAGE_NAME}:${TAG_VERSION}
$(green "镜像已成功推送到Harbor仓库!")
EOF
}
# 主函数
main() {
echo "$(blue '=== RockyLinux 8 JDK 17 基础镜像构建脚本 ===')"
echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")"
echo "$(blue "镜像名称: ${IMAGE_NAME}")"
echo "$(blue "版本标签: ${VERSION}")"
echo "----------------------------------------"
# 执行步骤
check_requirements
login_to_harbor
build_image
show_image_info
test_image
push_to_harbor
cleanup_local
verify_remote_image
generate_usage
green "✅ 所有步骤完成!"
}
# 异常处理
trap 'red "脚本执行被中断"; exit 1' INT TERM
# 执行主函数
main "$@"

129
dockerfiles/jdk/17.0.16-debian13-dos/Dockerfile Normal file
View File

@ -0,0 +1,129 @@
# 使用 Debian 13 (trixie) 作为基础镜像
# debian:trixie-slimDebian 13 的代号)
FROM debian:trixie-slim
# 维护者信息
LABEL maintainer="小蚂蚁云团队" \
description="JDK 17 on Debian with Chinese support" \
version="1.0"
# 设置环境变量
ENV LANG zh_CN.UTF-8
ENV LC_ALL zh_CN.UTF-8
ENV JAVA_HOME /opt/jdk-17.0.16
ENV PATH $JAVA_HOME/bin:$PATH
ENV TZ Asia/Shanghai
# 设置工作目录
WORKDIR /tmp
# 配置阿里云 Debian 镜像源并安装基础软件包
RUN echo "deb http://mirrors.aliyun.com/debian/ trixie main non-free non-free-firmware" > /etc/apt/sources.list && \
echo "deb http://mirrors.aliyun.com/debian/ trixie-updates main non-free non-free-firmware" >> /etc/apt/sources.list && \
echo "deb http://mirrors.aliyun.com/debian/ trixie-backports main non-free non-free-firmware" >> /etc/apt/sources.list && \
echo "deb http://mirrors.aliyun.com/debian-security trixie-security main non-free non-free-firmware" >> /etc/apt/sources.list && \
apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
ca-certificates \
wget \
curl \
fontconfig \
locales \
tzdata \
&& \
# 安装中文语言支持
apt-get install -y --no-install-recommends locales-all && \
# 生成中文locale
echo "zh_CN.UTF-8 UTF-8" > /etc/locale.gen && \
echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen && \
locale-gen && \
update-locale LANG=zh_CN.UTF-8 LC_ALL=zh_CN.UTF-8 && \
# 设置时区
ln -fs /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \
echo "Asia/Shanghai" > /etc/timezone && \
dpkg-reconfigure --frontend noninteractive tzdata && \
# 清理apt缓存
apt-get clean && \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
# 添加并精简 JDK
ADD jdk-17.0.16_linux-x64_bin.tar.gz /opt/
# 精简JDK删除不必要的文件
RUN set -eux && \
# 重命名JDK目录
mv /opt/jdk-17.0.16 /opt/jdk-17.0.16-original && \
\
# 创建新的精简JDK目录
mkdir -p /opt/jdk-17.0.16 && \
\
# 保留必要的目录和文件
cp -r /opt/jdk-17.0.16-original/bin /opt/jdk-17.0.16/ && \
cp -r /opt/jdk-17.0.16-original/lib /opt/jdk-17.0.16/ && \
cp -r /opt/jdk-17.0.16-original/conf /opt/jdk-17.0.16/ && \
cp -r /opt/jdk-17.0.16-original/include /opt/jdk-17.0.16/ && \
\
# 使用find命令删除调试文件更可靠
find /opt/jdk-17.0.16 -name "*.diz" -delete && \
find /opt/jdk-17.0.16 -name "*.debuginfo" -delete && \
find /opt/jdk-17.0.16 -name "*.pdb" -delete && \
\
# 删除不必要的模块和文件
rm -rf /opt/jdk-17.0.16/lib/src.zip \
/opt/jdk-17.0.16/lib/missioncontrol \
/opt/jdk-17.0.16/lib/visualvm \
/opt/jdk-17.0.16/lib/jfr \
\
# 删除演示和样例
/opt/jdk-17.0.16-original/demo \
/opt/jdk-17.0.16-original/sample \
/opt/jdk-17.0.16-original/man \
\
# 删除文档
/opt/jdk-17.0.16-original/legal \
/opt/jdk-17.0.16-original/README.md \
/opt/jdk-17.0.16-original/release && \
\
# 删除原始JDK目录
rm -rf /opt/jdk-17.0.16-original && \
\
# 设置权限
chmod -R 755 /opt/jdk-17.0.16 && \
chown -R root:root /opt/jdk-17.0.16 &&\
\
# 验证JDK安装
/opt/jdk-17.0.16/bin/java -version && \
/opt/jdk-17.0.16/bin/javac -version
# 清理临时文件和缓存
RUN rm -rf /tmp/* /var/tmp/* /var/log/*log \
/var/log/*.log /var/log/dmesg /var/log/audit/*log \
/root/.cache
# 复制字体文件(如果需要)
# COPY ./fonts/ /usr/share/fonts/
# RUN fc-cache -fv
# 创建非 root 用户运行应用
RUN groupadd -r esxi && \
useradd -r -g esxi -m -d /app esxi && \
chown -R esxi:esxi /app && \
# 设置JDK目录权限
chown -R esxi:esxi $JAVA_HOME
# 验证 JDK 安装
RUN $JAVA_HOME/bin/java -version && \
$JAVA_HOME/bin/javac -version
# 设置最终工作目录
WORKDIR /opt/apps
# # 切换到非root用户
# USER esxi
# 健康检查(可选)
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD $JAVA_HOME/bin/java -version || exit 1
# 默认命令
CMD ["java", "-version"]

209
dockerfiles/jdk/17.0.16-debian13-dos/deploy.sh Normal file
View File

@ -0,0 +1,209 @@
#!/bin/bash
set -euo pipefail
# 配置参数
IMAGE_NAME="jdk"
VERSION="17.0.16-debian13-dos"
HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址
HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名
HARBOR_USERNAME="deploy" # 替换为Harbor用户名
HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码
# 完整的镜像标签
FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}"
TAG_VERSION="${VERSION}"
TAG_LATEST="latest"
# 颜色输出函数
red() { echo -e "\033[31m$*\033[0m"; }
green() { echo -e "\033[32m$*\033[0m"; }
yellow() { echo -e "\033[33m$*\033[0m"; }
blue() { echo -e "\033[34m$*\033[0m"; }
# 检查必要文件
check_requirements() {
blue "检查构建所需文件..."
if [ ! -f "jdk-17.0.16_linux-x64_bin.tar.gz" ]; then
red "错误: jdk-17.0.16_linux-x64_bin.tar.gz 不存在"
echo "请从Oracle官网下载JDK 17.0.16并放置在当前目录"
exit 1
fi
if [ ! -d "fonts" ]; then
yellow "提示: fonts 目录不存在,创建空目录"
mkdir -p fonts/
yellow "可以放置中文字体文件到 fonts/ 目录以获得更好的中文支持"
fi
green "✓ 文件检查完成"
}
# 登录Harbor仓库
login_to_harbor() {
blue "登录Harbor仓库: ${HARBOR_REGISTRY}"
if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then
green "✓ Harbor登录成功"
else
red "✗ Harbor登录失败"
exit 1
fi
}
# 构建Docker镜像
build_image() {
blue "开始构建Docker镜像..."
local build_cmd=(
docker build
# --pull
# --no-cache
-t "${FULL_IMAGE_NAME}:${TAG_VERSION}"
# -t "${FULL_IMAGE_NAME}:${TAG_LATEST}"
.
)
echo "执行命令: ${build_cmd[*]}"
if "${build_cmd[@]}"; then
green "✓ 镜像构建成功"
else
red "✗ 镜像构建失败"
exit 1
fi
}
# 显示镜像信息
show_image_info() {
blue "镜像构建信息:"
echo "----------------------------------------"
docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}"
echo "----------------------------------------"
# 显示详细大小信息
local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}')
green "镜像大小: ${image_size}"
}
# 测试镜像功能
test_image() {
blue "测试镜像功能..."
echo "1. 测试Java版本:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" java -version; then
green "✓ Java测试通过"
else
red "✗ Java测试失败"
exit 1
fi
echo "2. 测试区域设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then
green "✓ 区域设置测试通过"
else
red "✗ 区域设置测试失败"
exit 1
fi
echo "3. 测试时区设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then
green "✓ 时区测试通过"
else
red "✗ 时区测试失败"
exit 1
fi
}
# 推送镜像到Harbor
push_to_harbor() {
blue "推送镜像到Harbor仓库..."
# 推送版本标签
if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 版本标签推送成功: ${TAG_VERSION}"
else
red "✗ 版本标签推送失败"
exit 1
fi
# # 推送latest标签
# if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then
# green "✓ latest标签推送成功"
# else
# red "✗ latest标签推送失败"
# exit 1
# fi
}
# 清理本地镜像
cleanup_local() {
blue "清理本地镜像..."
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true
green "✓ 本地镜像清理完成"
}
# 验证远程镜像
verify_remote_image() {
blue "验证远程镜像..."
# 尝试拉取验证
if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 远程镜像验证成功"
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true
else
red "✗ 远程镜像验证失败"
exit 1
fi
}
# 生成使用说明
generate_usage() {
cat << EOF
$(green "=== 镜像构建和推送完成 ===")
$(blue "镜像名称:") ${FULL_IMAGE_NAME}
$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST}
$(yellow "使用方法:")
1. 拉取镜像:
docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION}
2. 运行测试:
docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} java -version
3. 作为基础镜像使用:
FROM ${FULL_IMAGE_NAME}:${TAG_VERSION}
$(green "镜像已成功推送到Harbor仓库!")
EOF
}
# 主函数
main() {
echo "$(blue '=== Debian 13.10 JDK 17 基础镜像构建脚本 ===')"
echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")"
echo "$(blue "镜像名称: ${IMAGE_NAME}")"
echo "$(blue "版本标签: ${VERSION}")"
echo "----------------------------------------"
# 执行步骤
check_requirements
login_to_harbor
build_image
show_image_info
test_image
push_to_harbor
cleanup_local
verify_remote_image
generate_usage
green "✅ 所有步骤完成!"
}
# 异常处理
trap 'red "脚本执行被中断"; exit 1' INT TERM
# 执行主函数
main "$@"

135
dockerfiles/jdk/17.0.16-rocky8-dos/Dockerfile Normal file
View File

@ -0,0 +1,135 @@
# 使用 RockyLinux 8 最小化镜像作为基础
FROM rockylinux:8.9-minimal
# 维护者信息
LABEL maintainer="XXXX团队" \
description="Minimal JDK 17.0.16 on RockyLinux 8 with Chinese support" \
version="1.0" \
java.version="17.0.16"
# 设置环境变量
ENV LANG zh_CN.UTF-8
ENV LC_ALL zh_CN.UTF-8
ENV JAVA_HOME /opt/jdk-17.0.16
ENV PATH $JAVA_HOME/bin:$PATH
ENV CLASSPATH .:$JAVA_HOME/lib/jrt-fs.jar:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
# 一次性安装所有依赖并设置环境
RUN set -eux && \
# 配置国内镜像源加速
sed -e 's|^mirrorlist=|#mirrorlist=|g' \
-e 's|^#baseurl=http://dl.rockylinux.org/$contentdir|baseurl=https://mirrors.aliyun.com/rockylinux|g' \
-i.bak \
/etc/yum.repos.d/*.repo && \
\
# 安装最小必要包使用microdnf更轻量
microdnf update -y && \
microdnf install -y \
fontconfig \
glibc-langpack-zh \
glibc-locale-source \
glibc-common \
&& \
\
# 设置中文语言环境
localedef -c -f UTF-8 -i zh_CN zh_CN.utf8 && \
echo 'LANG="zh_CN.UTF-8"' > /etc/locale.conf && \
echo 'LC_ALL="zh_CN.UTF-8"' >> /etc/locale.conf && \
\
# 设置时区
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \
echo 'Asia/Shanghai' > /etc/timezone && \
\
# 创建字体目录
mkdir -p /usr/share/fonts/ && \
chmod 755 /usr/share/fonts/ && \
\
# 清理缓存
microdnf clean all && \
rm -rf /var/cache/yum /var/tmp/* /tmp/*
# 复制最小字体文件(只复制必需的中文字体)
COPY ./fonts/simsun.ttf /usr/share/fonts/
# 可选:如果需要更多字体支持,可以添加其他字体
# COPY ./fonts/msyh.ttc /usr/share/fonts/
# 更新字体缓存
RUN fc-cache -fv && rm -rf /var/cache/fontconfig/*
# 添加并精简 JDK
ADD jdk-17.0.16_linux-x64_bin.tar.gz /opt/
# 精简JDK删除不必要的文件
RUN set -eux && \
# 重命名JDK目录
mv /opt/jdk-17.0.16 /opt/jdk-17.0.16-original && \
\
# 创建新的精简JDK目录
mkdir -p /opt/jdk-17.0.16 && \
\
# 保留必要的目录和文件
cp -r /opt/jdk-17.0.16-original/bin /opt/jdk-17.0.16/ && \
cp -r /opt/jdk-17.0.16-original/lib /opt/jdk-17.0.16/ && \
cp -r /opt/jdk-17.0.16-original/conf /opt/jdk-17.0.16/ && \
cp -r /opt/jdk-17.0.16-original/include /opt/jdk-17.0.16/ && \
\
# 删除调试文件(使用通配符)
rm -rf /opt/jdk-17.0.16/lib/*.diz \
/opt/jdk-17.0.16/lib/*/*.diz \
/opt/jdk-17.0.16/lib/*/*/*.diz \
/opt/jdk-17.0.16/lib/*.debuginfo \
/opt/jdk-17.0.16/lib/*/*.debuginfo \
/opt/jdk-17.0.16/lib/*/*/*.debuginfo \
/opt/jdk-17.0.16/lib/*.pdb \
/opt/jdk-17.0.16/lib/*/*.pdb \
/opt/jdk-17.0.16/lib/*/*/*.pdb && \
\
# 删除不必要的模块和文件
rm -rf /opt/jdk-17.0.16/lib/src.zip \
/opt/jdk-17.0.16/lib/missioncontrol \
/opt/jdk-17.0.16/lib/visualvm \
/opt/jdk-17.0.16/lib/jfr \
/opt/jdk-17.0.16/lib/security/cacerts.dummy \
\
# 删除演示和样例
/opt/jdk-17.0.16-original/demo \
/opt/jdk-17.0.16-original/sample \
/opt/jdk-17.0.16-original/man \
\
# 删除文档
/opt/jdk-17.0.16-original/legal \
/opt/jdk-17.0.16-original/README.md \
/opt/jdk-17.0.16-original/release && \
\
# 删除原始JDK目录
rm -rf /opt/jdk-17.0.16-original && \
\
# 设置权限
chmod -R 755 /opt/jdk-17.0.16 && \
chown -R root:root /opt/jdk-17.0.16 &&\
\
# 验证JDK安装
/opt/jdk-17.0.16/bin/java -version && \
/opt/jdk-17.0.16/bin/javac -version
# 创建非root用户
RUN set -eux && \
groupadd -r esxi -g 1000 && \
useradd -r -g esxi -u 1000 -m -d /app -s /bin/bash esxi && \
chown -R esxi:esxi /app
# 清理临时文件
RUN rm -rf /tmp/* /var/tmp/* /var/log/*.log /*.repo.bak
# 设置工作目录
WORKDIR /opt/apps
# 切换到非root用户
#USER esxi
# # 健康检查
# HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
# CMD java -version || exit 1
# 默认命令
CMD ["java", "-version"]

209
dockerfiles/jdk/17.0.16-rocky8-dos/deploy.sh Normal file
View File

@ -0,0 +1,209 @@
#!/bin/bash
set -euo pipefail
# 配置参数
IMAGE_NAME="jdk"
VERSION="17.0.16-rocky8-dos"
HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址
HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名
HARBOR_USERNAME="deploy" # 替换为Harbor用户名
HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码
# 完整的镜像标签
FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}"
TAG_VERSION="${VERSION}"
TAG_LATEST="latest"
# 颜色输出函数
red() { echo -e "\033[31m$*\033[0m"; }
green() { echo -e "\033[32m$*\033[0m"; }
yellow() { echo -e "\033[33m$*\033[0m"; }
blue() { echo -e "\033[34m$*\033[0m"; }
# 检查必要文件
check_requirements() {
blue "检查构建所需文件..."
if [ ! -f "jdk-17.0.16_linux-x64_bin.tar.gz" ]; then
red "错误: jdk-17.0.16_linux-x64_bin.tar.gz 不存在"
echo "请从Oracle官网下载JDK 17.0.16并放置在当前目录"
exit 1
fi
if [ ! -d "fonts" ]; then
yellow "提示: fonts 目录不存在,创建空目录"
mkdir -p fonts/
yellow "可以放置中文字体文件到 fonts/ 目录以获得更好的中文支持"
fi
green "✓ 文件检查完成"
}
# 登录Harbor仓库
login_to_harbor() {
blue "登录Harbor仓库: ${HARBOR_REGISTRY}"
if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then
green "✓ Harbor登录成功"
else
red "✗ Harbor登录失败"
exit 1
fi
}
# 构建Docker镜像
build_image() {
blue "开始构建Docker镜像..."
local build_cmd=(
docker build
# --pull
# --no-cache
-t "${FULL_IMAGE_NAME}:${TAG_VERSION}"
# -t "${FULL_IMAGE_NAME}:${TAG_LATEST}"
.
)
echo "执行命令: ${build_cmd[*]}"
if "${build_cmd[@]}"; then
green "✓ 镜像构建成功"
else
red "✗ 镜像构建失败"
exit 1
fi
}
# 显示镜像信息
show_image_info() {
blue "镜像构建信息:"
echo "----------------------------------------"
docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}"
echo "----------------------------------------"
# 显示详细大小信息
local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}')
green "镜像大小: ${image_size}"
}
# 测试镜像功能
test_image() {
blue "测试镜像功能..."
echo "1. 测试Java版本:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" java -version; then
green "✓ Java测试通过"
else
red "✗ Java测试失败"
exit 1
fi
echo "2. 测试区域设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then
green "✓ 区域设置测试通过"
else
red "✗ 区域设置测试失败"
exit 1
fi
echo "3. 测试时区设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then
green "✓ 时区测试通过"
else
red "✗ 时区测试失败"
exit 1
fi
}
# 推送镜像到Harbor
push_to_harbor() {
blue "推送镜像到Harbor仓库..."
# 推送版本标签
if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 版本标签推送成功: ${TAG_VERSION}"
else
red "✗ 版本标签推送失败"
exit 1
fi
# # 推送latest标签
# if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then
# green "✓ latest标签推送成功"
# else
# red "✗ latest标签推送失败"
# exit 1
# fi
}
# 清理本地镜像
cleanup_local() {
blue "清理本地镜像..."
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true
green "✓ 本地镜像清理完成"
}
# 验证远程镜像
verify_remote_image() {
blue "验证远程镜像..."
# 尝试拉取验证
if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 远程镜像验证成功"
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true
else
red "✗ 远程镜像验证失败"
exit 1
fi
}
# 生成使用说明
generate_usage() {
cat << EOF
$(green "=== 镜像构建和推送完成 ===")
$(blue "镜像名称:") ${FULL_IMAGE_NAME}
$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST}
$(yellow "使用方法:")
1. 拉取镜像:
docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION}
2. 运行测试:
docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} java -version
3. 作为基础镜像使用:
FROM ${FULL_IMAGE_NAME}:${TAG_VERSION}
$(green "镜像已成功推送到Harbor仓库!")
EOF
}
# 主函数
main() {
echo "$(blue '=== RockyLinux 8 JDK 17 基础镜像构建脚本 ===')"
echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")"
echo "$(blue "镜像名称: ${IMAGE_NAME}")"
echo "$(blue "版本标签: ${VERSION}")"
echo "----------------------------------------"
# 执行步骤
check_requirements
login_to_harbor
build_image
show_image_info
test_image
push_to_harbor
cleanup_local
verify_remote_image
generate_usage
green "✅ 所有步骤完成!"
}
# 异常处理
trap 'red "脚本执行被中断"; exit 1' INT TERM
# 执行主函数
main "$@"

163
dockerfiles/jdk/17.0.16-ubuntu22-dos/Dockerfile Normal file
View File

@ -0,0 +1,163 @@
# 使用 Ubuntu 22.04 LTS 作为基础镜像
FROM ubuntu:22.04
# 维护者信息
LABEL maintainer="小蚂蚁云团队" \
description="JDK 17 on Ubuntu with Chinese support" \
version="1.0"
# 设置环境变量
ENV LANG zh_CN.UTF-8
ENV LC_ALL zh_CN.UTF-8
ENV JAVA_HOME /opt/jdk-17.0.16
ENV PATH $JAVA_HOME/bin:$PATH
ENV TZ Asia/Shanghai
# 设置工作目录
WORKDIR /tmp
# 配置阿里云Ubuntu镜像源并安装基础软件包
RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list && \
sed -i 's/security.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list && \
apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
ca-certificates \
wget \
curl \
fontconfig \
locales \
tzdata \
&& \
# 安装中文语言包
apt-get install -y --no-install-recommends language-pack-zh-hans && \
# 生成中文locale
locale-gen zh_CN.UTF-8 && \
locale-gen en_US.UTF-8 && \
update-locale LANG=zh_CN.UTF-8 LC_ALL=zh_CN.UTF-8 && \
# 设置时区
ln -fs /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \
echo "Asia/Shanghai" > /etc/timezone && \
dpkg-reconfigure --frontend noninteractive tzdata && \
# 清理apt缓存
apt-get clean && \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
# # 下载并安装 JDK 17
# RUN set -eux && \
# # 下载JDK
# wget -O jdk-17.0.16_linux-x64_bin.tar.gz \
# https://download.java.net/java/GA/jdk17.0.16/dfd4a8d0985749f896bed50d7138ee7f/8/GPL/openjdk-17.0.16_linux-x64_bin.tar.gz && \
# # 创建安装目录
# mkdir -p /opt && \
# tar -xzf jdk-17.0.16_linux-x64_bin.tar.gz -C /opt && \
# # 精简JDK
# cd /opt/jdk-17.0.16 && \
# rm -rf \
# demo/ \
# sample/ \
# man/ \
# legal/ \
# lib/src.zip \
# lib/missioncontrol/ \
# lib/visualvm/ \
# lib/jfr/ \
# README.md \
# release && \
# # 删除调试文件
# find . -name "*.diz" -delete && \
# find . -name "*.debuginfo" -delete && \
# find . -name "*.pdb" -delete && \
# # 设置权限
# chmod -R 755 /opt/jdk-17.0.16 && \
# chown -R root:root /opt/jdk-17.0.16 && \
# # 清理下载文件
# rm -f /tmp/jdk-17.0.16_linux-x64_bin.tar.gz
# 添加并精简 JDK
ADD jdk-17.0.16_linux-x64_bin.tar.gz /opt/
# 精简JDK删除不必要的文件
RUN set -eux && \
# 重命名JDK目录
mv /opt/jdk-17.0.16 /opt/jdk-17.0.16-original && \
\
# 创建新的精简JDK目录
mkdir -p /opt/jdk-17.0.16 && \
\
# 保留必要的目录和文件
cp -r /opt/jdk-17.0.16-original/bin /opt/jdk-17.0.16/ && \
cp -r /opt/jdk-17.0.16-original/lib /opt/jdk-17.0.16/ && \
cp -r /opt/jdk-17.0.16-original/conf /opt/jdk-17.0.16/ && \
cp -r /opt/jdk-17.0.16-original/include /opt/jdk-17.0.16/ && \
\
# 删除调试文件(使用通配符)
rm -rf /opt/jdk-17.0.16/lib/*.diz \
/opt/jdk-17.0.16/lib/*/*.diz \
/opt/jdk-17.0.16/lib/*/*/*.diz \
/opt/jdk-17.0.16/lib/*.debuginfo \
/opt/jdk-17.0.16/lib/*/*.debuginfo \
/opt/jdk-17.0.16/lib/*/*/*.debuginfo \
/opt/jdk-17.0.16/lib/*.pdb \
/opt/jdk-17.0.16/lib/*/*.pdb \
/opt/jdk-17.0.16/lib/*/*/*.pdb && \
\
# 删除不必要的模块和文件
rm -rf /opt/jdk-17.0.16/lib/src.zip \
/opt/jdk-17.0.16/lib/missioncontrol \
/opt/jdk-17.0.16/lib/visualvm \
/opt/jdk-17.0.16/lib/jfr \
/opt/jdk-17.0.16/lib/security/cacerts.dummy \
\
# 删除演示和样例
/opt/jdk-17.0.16-original/demo \
/opt/jdk-17.0.16-original/sample \
/opt/jdk-17.0.16-original/man \
\
# 删除文档
/opt/jdk-17.0.16-original/legal \
/opt/jdk-17.0.16-original/README.md \
/opt/jdk-17.0.16-original/release && \
\
# 删除原始JDK目录
rm -rf /opt/jdk-17.0.16-original && \
\
# 设置权限
chmod -R 755 /opt/jdk-17.0.16 && \
chown -R root:root /opt/jdk-17.0.16 &&\
\
# 验证JDK安装
/opt/jdk-17.0.16/bin/java -version && \
/opt/jdk-17.0.16/bin/javac -version
# 清理临时文件和缓存
RUN rm -rf /tmp/* /var/tmp/* /var/log/*log /var/log/nginx/*log \
/var/log/*.log /var/log/dmesg /var/log/audit/*log \
/root/.cache /*.repo.bak
# 复制字体文件(如果需要)
# COPY ./fonts/ /usr/share/fonts/
# RUN fc-cache -fv
# 创建非 root 用户运行应用
RUN groupadd -r esxi && \
useradd -r -g esxi -m -d /app esxi && \
chown -R esxi:esxi /app && \
# 设置JDK目录权限
chown -R esxi:esxi $JAVA_HOME
# 验证 JDK 安装
RUN $JAVA_HOME/bin/java -version && \
$JAVA_HOME/bin/javac -version
# 设置最终工作目录
WORKDIR /opt/apps
# # 切换到非root用户
# USER esxi
# 健康检查(可选)
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD $JAVA_HOME/bin/java -version || exit 1
# 默认命令
CMD ["java", "-version"]

209
dockerfiles/jdk/17.0.16-ubuntu22-dos/deploy.sh Normal file
View File

@ -0,0 +1,209 @@
#!/bin/bash
set -euo pipefail
# 配置参数
IMAGE_NAME="jdk"
VERSION="17.0.16-ubuntu22-dos"
HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址
HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名
HARBOR_USERNAME="deploy" # 替换为Harbor用户名
HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码
# 完整的镜像标签
FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}"
TAG_VERSION="${VERSION}"
TAG_LATEST="latest"
# 颜色输出函数
red() { echo -e "\033[31m$*\033[0m"; }
green() { echo -e "\033[32m$*\033[0m"; }
yellow() { echo -e "\033[33m$*\033[0m"; }
blue() { echo -e "\033[34m$*\033[0m"; }
# 检查必要文件
check_requirements() {
blue "检查构建所需文件..."
if [ ! -f "jdk-17.0.16_linux-x64_bin.tar.gz" ]; then
red "错误: jdk-17.0.16_linux-x64_bin.tar.gz 不存在"
echo "请从Oracle官网下载JDK 17.0.16并放置在当前目录"
exit 1
fi
if [ ! -d "fonts" ]; then
yellow "提示: fonts 目录不存在,创建空目录"
mkdir -p fonts/
yellow "可以放置中文字体文件到 fonts/ 目录以获得更好的中文支持"
fi
green "✓ 文件检查完成"
}
# 登录Harbor仓库
login_to_harbor() {
blue "登录Harbor仓库: ${HARBOR_REGISTRY}"
if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then
green "✓ Harbor登录成功"
else
red "✗ Harbor登录失败"
exit 1
fi
}
# 构建Docker镜像
build_image() {
blue "开始构建Docker镜像..."
local build_cmd=(
docker build
# --pull
# --no-cache
-t "${FULL_IMAGE_NAME}:${TAG_VERSION}"
# -t "${FULL_IMAGE_NAME}:${TAG_LATEST}"
.
)
echo "执行命令: ${build_cmd[*]}"
if "${build_cmd[@]}"; then
green "✓ 镜像构建成功"
else
red "✗ 镜像构建失败"
exit 1
fi
}
# 显示镜像信息
show_image_info() {
blue "镜像构建信息:"
echo "----------------------------------------"
docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}"
echo "----------------------------------------"
# 显示详细大小信息
local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}')
green "镜像大小: ${image_size}"
}
# 测试镜像功能
test_image() {
blue "测试镜像功能..."
echo "1. 测试Java版本:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" java -version; then
green "✓ Java测试通过"
else
red "✗ Java测试失败"
exit 1
fi
echo "2. 测试区域设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then
green "✓ 区域设置测试通过"
else
red "✗ 区域设置测试失败"
exit 1
fi
echo "3. 测试时区设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then
green "✓ 时区测试通过"
else
red "✗ 时区测试失败"
exit 1
fi
}
# 推送镜像到Harbor
push_to_harbor() {
blue "推送镜像到Harbor仓库..."
# 推送版本标签
if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 版本标签推送成功: ${TAG_VERSION}"
else
red "✗ 版本标签推送失败"
exit 1
fi
# # 推送latest标签
# if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then
# green "✓ latest标签推送成功"
# else
# red "✗ latest标签推送失败"
# exit 1
# fi
}
# 清理本地镜像
cleanup_local() {
blue "清理本地镜像..."
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true
green "✓ 本地镜像清理完成"
}
# 验证远程镜像
verify_remote_image() {
blue "验证远程镜像..."
# 尝试拉取验证
if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 远程镜像验证成功"
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true
else
red "✗ 远程镜像验证失败"
exit 1
fi
}
# 生成使用说明
generate_usage() {
cat << EOF
$(green "=== 镜像构建和推送完成 ===")
$(blue "镜像名称:") ${FULL_IMAGE_NAME}
$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST}
$(yellow "使用方法:")
1. 拉取镜像:
docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION}
2. 运行测试:
docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} java -version
3. 作为基础镜像使用:
FROM ${FULL_IMAGE_NAME}:${TAG_VERSION}
$(green "镜像已成功推送到Harbor仓库!")
EOF
}
# 主函数
main() {
echo "$(blue '=== Ubuntu 22.04 JDK 17 基础镜像构建脚本 ===')"
echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")"
echo "$(blue "镜像名称: ${IMAGE_NAME}")"
echo "$(blue "版本标签: ${VERSION}")"
echo "----------------------------------------"
# 执行步骤
check_requirements
login_to_harbor
build_image
show_image_info
test_image
push_to_harbor
cleanup_local
verify_remote_image
generate_usage
green "✅ 所有步骤完成!"
}
# 异常处理
trap 'red "脚本执行被中断"; exit 1' INT TERM
# 执行主函数
main "$@"

95
dockerfiles/jre/8u202-centos8-dos/Dockerfile Normal file
View File

@ -0,0 +1,95 @@
# 使用CentOS 8作为基础镜像
FROM centos:8
# 设置元数据标签
LABEL maintainer="小蚂蚁云团队" \
version="1.0" \
description="基于CentOS 8的JRE 8u202运行环境支持中英文" \
java.version="1.8.0_202"
# 设置环境变量
ENV TZ=Asia/Shanghai \
LANG=zh_CN.UTF-8 \
LANGUAGE=zh_CN:zh:en_US:en \
LC_ALL=zh_CN.UTF-8 \
JAVA_HOME=/usr/local/jre1.8.0_202 \
PATH=/usr/local/jre1.8.0_202/bin:$PATH
# 设置工作目录
WORKDIR /tmp
# 复制本地JRE压缩包到镜像中
COPY jre-8u202-linux-x64.tar.gz /tmp/
# 安装必要的系统包并配置环境
RUN set -eux; \
\
# 更新系统并安装中文语言支持
dnf update -y && \
dnf install -y \
tzdata \
glibc-langpack-zh \
glibc-langpack-en \
fontconfig \
dejavu-sans-fonts \
dejavu-serif-fonts \
dejavu-sans-mono-fonts \
wqy-microhei-fonts \
&& \
\
# 清理dnf缓存以减少镜像大小
dnf clean all && \
rm -rf /var/cache/dnf; \
\
# 配置时区
ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \
echo $TZ > /etc/timezone; \
\
# 生成中文本地化配置
localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8 && \
localedef -c -f UTF-8 -i en_US en_US.UTF-8; \
\
# 设置系统语言环境
echo 'LANG="zh_CN.UTF-8"' > /etc/locale.conf; \
\
# 创建Java安装目录
mkdir -p /usr/local/java; \
\
# 解压JRE并设置权限JRE包解压后通常直接包含jre目录
tar -xzf jre-8u202-linux-x64.tar.gz -C /usr/local/ && \
\
# 删除临时文件
rm -f jre-8u202-linux-x64.tar.gz; \
\
# 创建符号链接以便版本升级时更容易管理
ln -sf /usr/local/jre1.8.0_202 /usr/bin/jre; \
\
# 创建字体目录
mkdir -p /usr/share/fonts/ && \
chmod 755 /usr/share/fonts/ && \
cp ./fonts/simsun.ttf /usr/share/fonts/ && \
\
# 更新字体缓存
fc-cache -fv; \
\
# 验证JRE安装
java -version; \
\
# 创建非root用户用于运行Java应用
groupadd -r esxi && \
useradd -r -g esxi -d /opt/esxi -s /bin/bash esxi && \
mkdir -p /opt/esxi && \
chown -R esxi:esxi /opt/esxi;
# 切换到应用目录
WORKDIR /opt/apps
# 设置默认用户(推荐在生产环境中启用)
#USER esxi
# 设置健康检查
HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \
CMD java -version > /dev/null 2>&1 || exit 1
# 设置默认启动命令
CMD ["java", "-version"]

209
dockerfiles/jre/8u202-centos8-dos/deploy.sh Normal file
View File

@ -0,0 +1,209 @@
#!/bin/bash
set -euo pipefail
# 配置参数
IMAGE_NAME="jre"
VERSION="8u202-centos8-dos"
HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址
HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名
HARBOR_USERNAME="deploy" # 替换为Harbor用户名
HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码
# 完整的镜像标签
FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}"
TAG_VERSION="${VERSION}"
TAG_LATEST="latest"
# 颜色输出函数
red() { echo -e "\033[31m$*\033[0m"; }
green() { echo -e "\033[32m$*\033[0m"; }
yellow() { echo -e "\033[33m$*\033[0m"; }
blue() { echo -e "\033[34m$*\033[0m"; }
# 检查必要文件
check_requirements() {
blue "检查构建所需文件..."
if [ ! -f "jre-8u202-linux-x64.tar.gz" ]; then
red "错误: jre-8u202-linux-x64.tar.gz 不存在"
echo "请从Oracle官网下载JRE 8u202并放置在当前目录"
exit 1
fi
if [ ! -d "fonts" ]; then
yellow "提示: fonts 目录不存在,创建空目录"
mkdir -p fonts/
yellow "可以放置中文字体文件到 fonts/ 目录以获得更好的中文支持"
fi
green "✓ 文件检查完成"
}
# 登录Harbor仓库
login_to_harbor() {
blue "登录Harbor仓库: ${HARBOR_REGISTRY}"
if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then
green "✓ Harbor登录成功"
else
red "✗ Harbor登录失败"
exit 1
fi
}
# 构建Docker镜像
build_image() {
blue "开始构建Docker镜像..."
local build_cmd=(
docker build
# --pull
# --no-cache
-t "${FULL_IMAGE_NAME}:${TAG_VERSION}"
# -t "${FULL_IMAGE_NAME}:${TAG_LATEST}"
.
)
echo "执行命令: ${build_cmd[*]}"
if "${build_cmd[@]}"; then
green "✓ 镜像构建成功"
else
red "✗ 镜像构建失败"
exit 1
fi
}
# 显示镜像信息
show_image_info() {
blue "镜像构建信息:"
echo "----------------------------------------"
docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}"
echo "----------------------------------------"
# 显示详细大小信息
local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}')
green "镜像大小: ${image_size}"
}
# 测试镜像功能
test_image() {
blue "测试镜像功能..."
echo "1. 测试Java版本:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" java -version; then
green "✓ Java测试通过"
else
red "✗ Java测试失败"
exit 1
fi
echo "2. 测试区域设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then
green "✓ 区域设置测试通过"
else
red "✗ 区域设置测试失败"
exit 1
fi
echo "3. 测试时区设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then
green "✓ 时区测试通过"
else
red "✗ 时区测试失败"
exit 1
fi
}
# 推送镜像到Harbor
push_to_harbor() {
blue "推送镜像到Harbor仓库..."
# 推送版本标签
if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 版本标签推送成功: ${TAG_VERSION}"
else
red "✗ 版本标签推送失败"
exit 1
fi
# # 推送latest标签
# if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then
# green "✓ latest标签推送成功"
# else
# red "✗ latest标签推送失败"
# exit 1
# fi
}
# 清理本地镜像
cleanup_local() {
blue "清理本地镜像..."
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true
green "✓ 本地镜像清理完成"
}
# 验证远程镜像
verify_remote_image() {
blue "验证远程镜像..."
# 尝试拉取验证
if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 远程镜像验证成功"
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true
else
red "✗ 远程镜像验证失败"
exit 1
fi
}
# 生成使用说明
generate_usage() {
cat << EOF
$(green "=== 镜像构建和推送完成 ===")
$(blue "镜像名称:") ${FULL_IMAGE_NAME}
$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST}
$(yellow "使用方法:")
1. 拉取镜像:
docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION}
2. 运行测试:
docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} java -version
3. 作为基础镜像使用:
FROM ${FULL_IMAGE_NAME}:${TAG_VERSION}
$(green "镜像已成功推送到Harbor仓库!")
EOF
}
# 主函数
main() {
echo "$(blue '=== RockyLinux 8 JRE 8u202 基础镜像构建脚本 ===')"
echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")"
echo "$(blue "镜像名称: ${IMAGE_NAME}")"
echo "$(blue "版本标签: ${VERSION}")"
echo "----------------------------------------"
# 执行步骤
check_requirements
login_to_harbor
build_image
show_image_info
test_image
push_to_harbor
cleanup_local
verify_remote_image
generate_usage
green "✅ 所有步骤完成!"
}
# 异常处理
trap 'red "脚本执行被中断"; exit 1' INT TERM
# 执行主函数
main "$@"

110
dockerfiles/jre/8u202-debian13-dos/Dockerfile Normal file
View File

@ -0,0 +1,110 @@
# 使用 Debian 13 (trixie) 作为基础镜像
# debian:trixie-slimDebian 13 的代号)
FROM debian:trixie-slim
# 设置元数据标签
LABEL maintainer="小蚂蚁云团队" \
version="1.0" \
description="基于Debian的JRE 8u202运行环境支持中英文" \
java.version="1.8.0_202"
# 设置环境变量
ENV TZ=Asia/Shanghai \
LANG=zh_CN.UTF-8 \
LANGUAGE=zh_CN:zh:en_US:en \
LC_ALL=zh_CN.UTF-8 \
JAVA_HOME=/usr/local/jre1.8.0_202 \
PATH=/usr/local/jre1.8.0_202/bin:$PATH \
DEBIAN_FRONTEND=noninteractive
# 设置工作目录
WORKDIR /tmp
# 复制本地JRE压缩包到镜像中
COPY jre-8u202-linux-x64.tar.gz /tmp/
# 安装必要的系统包并配置环境
RUN set -eux; \
\
# 配置阿里云Debian镜像源
echo "deb http://mirrors.aliyun.com/debian/ bookworm main non-free non-free-firmware" > /etc/apt/sources.list; \
echo "deb http://mirrors.aliyun.com/debian/ bookworm-updates main non-free non-free-firmware" >> /etc/apt/sources.list; \
echo "deb http://mirrors.aliyun.com/debian/ bookworm-backports main non-free non-free-firmware" >> /etc/apt/sources.list; \
echo "deb http://mirrors.aliyun.com/debian-security bookworm-security main non-free non-free-firmware" >> /etc/apt/sources.list; \
\
# 更新系统并安装必要的基础工具
apt-get update && \
apt-get install -y --no-install-recommends \
tzdata \
locales \
fontconfig \
fonts-dejavu \
fonts-wqy-microhei \
ca-certificates \
tar \
bash \
&& \
\
# 清理apt缓存以减少镜像大小
apt-get clean && \
rm -rf /var/lib/apt/lists/*; \
\
# 配置时区
ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \
echo $TZ > /etc/timezone; \
\
# 生成中文本地化配置
echo "zh_CN.UTF-8 UTF-8" > /etc/locale.gen; \
echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen; \
locale-gen; \
\
# 设置系统语言环境
update-locale LANG=zh_CN.UTF-8; \
\
# 解压JRE到/usr/local目录
tar -xzf jre-8u202-linux-x64.tar.gz -C /usr/local/ && \
\
# 删除临时文件
rm -f jre-8u202-linux-x64.tar.gz; \
\
# 创建符号链接以便版本升级时更容易管理
ln -sf /usr/local/jre1.8.0_202 /usr/local/jre; \
\
# 创建全局可执行文件链接
update-alternatives --install "/usr/bin/java" "java" "/usr/local/jre/bin/java" 1 && \
update-alternatives --install "/usr/bin/javac" "javac" "/usr/local/jre/bin/javac" 1 && \
update-alternatives --set java /usr/local/jre/bin/java; \
\
# 创建字体目录并设置权限
mkdir -p /usr/share/fonts/truetype/ && \
chmod 755 /usr/share/fonts/truetype/; \
\
# 更新字体缓存
fc-cache -fv; \
\
# 验证JRE安装
java -version && \
/usr/local/jre/bin/java -version; \
\
# 创建非root用户用于运行Java应用使用sh而不是bash
groupadd -r esxi && \
useradd -r -g esxi -d /opt/esxi -s /bin/sh esxi && \
mkdir -p /opt/esxi && \
chown -R esxi:esxi /opt/esxi; \
\
# 设置文件权限
chmod -R 755 /usr/local/jre1.8.0_202 && \
chown -R root:root /usr/local/jre1.8.0_202
# 切换到应用目录
WORKDIR /opt/apps
# 设置默认用户
#USER esxi
# 设置健康检查
HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \
CMD java -version > /dev/null 2>&1 || exit 1
# 设置默认启动命令
CMD ["java", "-version"]

209
dockerfiles/jre/8u202-debian13-dos/deploy.sh Normal file
View File

@ -0,0 +1,209 @@
#!/bin/bash
set -euo pipefail
# 配置参数
IMAGE_NAME="jre"
VERSION="8u202-debian13-dos"
HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址
HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名
HARBOR_USERNAME="deploy" # 替换为Harbor用户名
HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码
# 完整的镜像标签
FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}"
TAG_VERSION="${VERSION}"
TAG_LATEST="latest"
# 颜色输出函数
red() { echo -e "\033[31m$*\033[0m"; }
green() { echo -e "\033[32m$*\033[0m"; }
yellow() { echo -e "\033[33m$*\033[0m"; }
blue() { echo -e "\033[34m$*\033[0m"; }
# 检查必要文件
check_requirements() {
blue "检查构建所需文件..."
if [ ! -f "jre-8u202-linux-x64.tar.gz" ]; then
red "错误: jre-8u202-linux-x64.tar.gz 不存在"
echo "请从Oracle官网下载JRE 8u202并放置在当前目录"
exit 1
fi
if [ ! -d "fonts" ]; then
yellow "提示: fonts 目录不存在,创建空目录"
mkdir -p fonts/
yellow "可以放置中文字体文件到 fonts/ 目录以获得更好的中文支持"
fi
green "✓ 文件检查完成"
}
# 登录Harbor仓库
login_to_harbor() {
blue "登录Harbor仓库: ${HARBOR_REGISTRY}"
if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then
green "✓ Harbor登录成功"
else
red "✗ Harbor登录失败"
exit 1
fi
}
# 构建Docker镜像
build_image() {
blue "开始构建Docker镜像..."
local build_cmd=(
docker build
# --pull
# --no-cache
-t "${FULL_IMAGE_NAME}:${TAG_VERSION}"
# -t "${FULL_IMAGE_NAME}:${TAG_LATEST}"
.
)
echo "执行命令: ${build_cmd[*]}"
if "${build_cmd[@]}"; then
green "✓ 镜像构建成功"
else
red "✗ 镜像构建失败"
exit 1
fi
}
# 显示镜像信息
show_image_info() {
blue "镜像构建信息:"
echo "----------------------------------------"
docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}"
echo "----------------------------------------"
# 显示详细大小信息
local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}')
green "镜像大小: ${image_size}"
}
# 测试镜像功能
test_image() {
blue "测试镜像功能..."
echo "1. 测试Java版本:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" java -version; then
green "✓ Java测试通过"
else
red "✗ Java测试失败"
exit 1
fi
echo "2. 测试区域设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then
green "✓ 区域设置测试通过"
else
red "✗ 区域设置测试失败"
exit 1
fi
echo "3. 测试时区设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then
green "✓ 时区测试通过"
else
red "✗ 时区测试失败"
exit 1
fi
}
# 推送镜像到Harbor
push_to_harbor() {
blue "推送镜像到Harbor仓库..."
# 推送版本标签
if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 版本标签推送成功: ${TAG_VERSION}"
else
red "✗ 版本标签推送失败"
exit 1
fi
# # 推送latest标签
# if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then
# green "✓ latest标签推送成功"
# else
# red "✗ latest标签推送失败"
# exit 1
# fi
}
# 清理本地镜像
cleanup_local() {
blue "清理本地镜像..."
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true
green "✓ 本地镜像清理完成"
}
# 验证远程镜像
verify_remote_image() {
blue "验证远程镜像..."
# 尝试拉取验证
if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 远程镜像验证成功"
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true
else
red "✗ 远程镜像验证失败"
exit 1
fi
}
# 生成使用说明
generate_usage() {
cat << EOF
$(green "=== 镜像构建和推送完成 ===")
$(blue "镜像名称:") ${FULL_IMAGE_NAME}
$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST}
$(yellow "使用方法:")
1. 拉取镜像:
docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION}
2. 运行测试:
docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} java -version
3. 作为基础镜像使用:
FROM ${FULL_IMAGE_NAME}:${TAG_VERSION}
$(green "镜像已成功推送到Harbor仓库!")
EOF
}
# 主函数
main() {
echo "$(blue '=== Debian 13 JRE 8u202 基础镜像构建脚本 ===')"
echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")"
echo "$(blue "镜像名称: ${IMAGE_NAME}")"
echo "$(blue "版本标签: ${VERSION}")"
echo "----------------------------------------"
# 执行步骤
check_requirements
login_to_harbor
build_image
show_image_info
test_image
push_to_harbor
cleanup_local
verify_remote_image
generate_usage
green "✅ 所有步骤完成!"
}
# 异常处理
trap 'red "脚本执行被中断"; exit 1' INT TERM
# 执行主函数
main "$@"

95
dockerfiles/jre/8u202-rocky8-dos/Dockerfile Normal file
View File

@ -0,0 +1,95 @@
# 使用Rocky Linux 8作为基础镜像
FROM rockylinux:8
# 设置元数据标签
LABEL maintainer="小蚂蚁云团队" \
version="1.0" \
description="基于Rocky Linux 8的JRE 8u202运行环境支持中英文" \
java.version="1.8.0_202"
# 设置环境变量
ENV TZ=Asia/Shanghai \
LANG=zh_CN.UTF-8 \
LANGUAGE=zh_CN:zh:en_US:en \
LC_ALL=zh_CN.UTF-8 \
JAVA_HOME=/usr/local/jre1.8.0_202 \
PATH=/usr/local/jre1.8.0_202/bin:$PATH
# 设置工作目录
WORKDIR /tmp
# 复制本地JRE压缩包到镜像中
COPY jre-8u202-linux-x64.tar.gz /tmp/
# 安装必要的系统包并配置环境
RUN set -eux; \
\
# 更新系统并安装中文语言支持
dnf update -y && \
dnf install -y \
tzdata \
glibc-langpack-zh \
glibc-langpack-en \
fontconfig \
dejavu-sans-fonts \
dejavu-serif-fonts \
dejavu-sans-mono-fonts \
wqy-microhei-fonts \
&& \
\
# 清理dnf缓存以减少镜像大小
dnf clean all && \
rm -rf /var/cache/dnf; \
\
# 配置时区
ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \
echo $TZ > /etc/timezone; \
\
# 生成中文本地化配置
localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8 && \
localedef -c -f UTF-8 -i en_US en_US.UTF-8; \
\
# 设置系统语言环境
echo 'LANG="zh_CN.UTF-8"' > /etc/locale.conf; \
\
# 创建Java安装目录
mkdir -p /usr/local/java; \
\
# 解压JRE并设置权限JRE包解压后通常直接包含jre目录
tar -xzf jre-8u202-linux-x64.tar.gz -C /usr/local/ && \
\
# 删除临时文件
rm -f jre-8u202-linux-x64.tar.gz; \
\
# 创建符号链接以便版本升级时更容易管理
ln -sf /usr/local/jre1.8.0_202 /usr/bin/jre; \
\
# 创建字体目录
mkdir -p /usr/share/fonts/ && \
chmod 755 /usr/share/fonts/ && \
cp ./fonts/simsun.ttf /usr/share/fonts/ && \
\
# 更新字体缓存
fc-cache -fv; \
\
# 验证JRE安装
java -version; \
\
# 创建非root用户用于运行Java应用
groupadd -r esxi && \
useradd -r -g esxi -d /opt/esxi -s /bin/bash esxi && \
mkdir -p /opt/esxi && \
chown -R esxi:esxi /opt/esxi;
# 切换到应用目录
WORKDIR /opt/apps
# 设置默认用户(推荐在生产环境中启用)
#USER esxi
# 设置健康检查
HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \
CMD java -version > /dev/null 2>&1 || exit 1
# 设置默认启动命令
CMD ["java", "-version"]

133
dockerfiles/jre/8u202-rocky8-dos/README.md Normal file
View File

@ -0,0 +1,133 @@
1、下载jdk/jre
[官网下载地址](https://www.oracle.com/java/technologies/downloads/archive/) 由于服务器上只需要java运行时环境所以这里选择下载jre如下图下载需要的对应的版本
2、删除jre中无用的文件
```
#解压
tar -zxvf jre-8u202-linux-x64.tar.gz
cd jre1.8.0_202
#删除文本文件
rm -rf COPYRIGHT LICENSE README release THIRDPARTYLICENSEREADME-JAVAFX.txt THIRDPARTYLICENSEREADME.txt Welcome.html
#删除其他无用文件
rm -rf lib/plugin.jar \
lib/ext/jfxrt.jar \
bin/javaws \
lib/javaws.jar \
lib/desktop \
plugin \
lib/deploy* \
lib/*javafx* \
lib/*jfx* \
lib/amd64/libdecora_sse.so \
lib/amd64/libprism_*.so \
lib/amd64/libfxplugins.so \
lib/amd64/libglass.so \
lib/amd64/libgstreamer-lite.so \
lib/amd64/libjavafx*.so \
lib/amd64/libjfx*.so
#将解压文件重新压缩
tar -zcvf jre-8u202.tar.gz jre/
```
3、制作Dockerfile文件
```
# 使用CentOS 8作为基础镜像
FROM centos:8
# 维护者
MAINTAINER author 小蚂蚁
# 创建一个新目录来存储jdk文件
RUN mkdir /usr/local/java
# 将jdk压缩文件复制到镜像中它将自动解压缩tar文件
ADD jre-8u202.tar.gz /usr/local/java/
# 设置时区
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
# 设置环境变量
ENV LANG=en_US.UTF-8 LANGUAGE=en_US.UTF-8
ENV JAVA_HOME /usr/local/java/jre1.8.0_202
ENV PATH $JAVA_HOME/bin:$PATH
# VOLUME 指定了临时文件目录为/tmp
# 其效果是在主机 /var/lib/docker 目录下创建了一个临时文件,并链接到容器的/tmp
VOLUME /tmp
# 工作目录
WORKDIR /opt/
```
4、构建镜像
```
docker build -t jre:8u202-centos8 .
```
5、创建容器
```
docker run -it --name docker_jre8 jre:8u202-centos8
```
```
docker run -i -t jre:8u202-centos8 /bin/bash
查看版本:
[root@3a881fab5716 opt]# java -version
java version "1.8.0_202"
Java(TM) SE Runtime Environment (build 1.8.0_202-b08)
Java HotSpot(TM) 64-Bit Server VM (build 25.202-b08, mixed mode)
```
6、上传
```
# 打标签
docker tag jre:8u202-centos8 192.168.10.101:8001/xiaomayi-base/jre:8u202-centos8
# 上传镜像
docker push 192.168.10.101:8001/xiaomayi-base/jre:8u202-centos8
```
特别备注:
目标服务器非 root 用户权限问题解决:
```
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/auth": dial unix /var/run/docker.sock: connect: permission denied
permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/images/create?fromImage=manage.harbor.djangoadmin.cn%2Fxiaomayi%2Fxiaomayi-elevue&tag=dev-137": dial unix /var/run/docker.sock: connect: permission denied
```
解决办法把我们当前的用户添加到docker组中就可以了
参考地址https://blog.csdn.net/weixin_43321041/article/details/120399194
chmod 666 /var/run/docker.sock
或者
权限问题:
chmod 600 ~/.docker/config.json
chmod 700 ~/.docker
sudo chown $USER:$USER ~/.docker
sudo chown $USER:$USER ~/.docker/config.json
应用部署服务器需要设置docker配置
```
vim /usr/lib/systemd/system/docker.service
--insecure-registry manage.harbor.xiaomayicloud.com --insecure-registry 192.168.10.202:8001
chmod 666 /var/run/docker.sock
```

209
dockerfiles/jre/8u202-rocky8-dos/deploy.sh Normal file
View File

@ -0,0 +1,209 @@
#!/bin/bash
set -euo pipefail
# 配置参数
IMAGE_NAME="jre"
VERSION="8u202-rocky8-dos"
HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址
HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名
HARBOR_USERNAME="deploy" # 替换为Harbor用户名
HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码
# 完整的镜像标签
FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}"
TAG_VERSION="${VERSION}"
TAG_LATEST="latest"
# 颜色输出函数
red() { echo -e "\033[31m$*\033[0m"; }
green() { echo -e "\033[32m$*\033[0m"; }
yellow() { echo -e "\033[33m$*\033[0m"; }
blue() { echo -e "\033[34m$*\033[0m"; }
# 检查必要文件
check_requirements() {
blue "检查构建所需文件..."
if [ ! -f "jre-8u202-linux-x64.tar.gz" ]; then
red "错误: jre-8u202-linux-x64.tar.gz 不存在"
echo "请从Oracle官网下载JRE 8u202并放置在当前目录"
exit 1
fi
if [ ! -d "fonts" ]; then
yellow "提示: fonts 目录不存在,创建空目录"
mkdir -p fonts/
yellow "可以放置中文字体文件到 fonts/ 目录以获得更好的中文支持"
fi
green "✓ 文件检查完成"
}
# 登录Harbor仓库
login_to_harbor() {
blue "登录Harbor仓库: ${HARBOR_REGISTRY}"
if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then
green "✓ Harbor登录成功"
else
red "✗ Harbor登录失败"
exit 1
fi
}
# 构建Docker镜像
build_image() {
blue "开始构建Docker镜像..."
local build_cmd=(
docker build
# --pull
# --no-cache
-t "${FULL_IMAGE_NAME}:${TAG_VERSION}"
# -t "${FULL_IMAGE_NAME}:${TAG_LATEST}"
.
)
echo "执行命令: ${build_cmd[*]}"
if "${build_cmd[@]}"; then
green "✓ 镜像构建成功"
else
red "✗ 镜像构建失败"
exit 1
fi
}
# 显示镜像信息
show_image_info() {
blue "镜像构建信息:"
echo "----------------------------------------"
docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}"
echo "----------------------------------------"
# 显示详细大小信息
local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}')
green "镜像大小: ${image_size}"
}
# 测试镜像功能
test_image() {
blue "测试镜像功能..."
echo "1. 测试Java版本:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" java -version; then
green "✓ Java测试通过"
else
red "✗ Java测试失败"
exit 1
fi
echo "2. 测试区域设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then
green "✓ 区域设置测试通过"
else
red "✗ 区域设置测试失败"
exit 1
fi
echo "3. 测试时区设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then
green "✓ 时区测试通过"
else
red "✗ 时区测试失败"
exit 1
fi
}
# 推送镜像到Harbor
push_to_harbor() {
blue "推送镜像到Harbor仓库..."
# 推送版本标签
if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 版本标签推送成功: ${TAG_VERSION}"
else
red "✗ 版本标签推送失败"
exit 1
fi
# # 推送latest标签
# if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then
# green "✓ latest标签推送成功"
# else
# red "✗ latest标签推送失败"
# exit 1
# fi
}
# 清理本地镜像
cleanup_local() {
blue "清理本地镜像..."
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true
green "✓ 本地镜像清理完成"
}
# 验证远程镜像
verify_remote_image() {
blue "验证远程镜像..."
# 尝试拉取验证
if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 远程镜像验证成功"
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true
else
red "✗ 远程镜像验证失败"
exit 1
fi
}
# 生成使用说明
generate_usage() {
cat << EOF
$(green "=== 镜像构建和推送完成 ===")
$(blue "镜像名称:") ${FULL_IMAGE_NAME}
$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST}
$(yellow "使用方法:")
1. 拉取镜像:
docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION}
2. 运行测试:
docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} java -version
3. 作为基础镜像使用:
FROM ${FULL_IMAGE_NAME}:${TAG_VERSION}
$(green "镜像已成功推送到Harbor仓库!")
EOF
}
# 主函数
main() {
echo "$(blue '=== RockyLinux 8 JRE 8u202 基础镜像构建脚本 ===')"
echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")"
echo "$(blue "镜像名称: ${IMAGE_NAME}")"
echo "$(blue "版本标签: ${VERSION}")"
echo "----------------------------------------"
# 执行步骤
check_requirements
login_to_harbor
build_image
show_image_info
test_image
push_to_harbor
cleanup_local
verify_remote_image
generate_usage
green "✅ 所有步骤完成!"
}
# 异常处理
trap 'red "脚本执行被中断"; exit 1' INT TERM
# 执行主函数
main "$@"

100
dockerfiles/jre/8u202-utunbu22-dos/Dockerfile Normal file
View File

@ -0,0 +1,100 @@
# 使用Ubuntu 22.04作为基础镜像
FROM ubuntu:22.04
# 设置元数据标签
LABEL maintainer="小蚂蚁云团队" \
version="1.0" \
description="基于Ubuntu 22.04的JRE 8u202运行环境支持中英文" \
java.version="1.8.0_202"
# 设置环境变量
ENV TZ=Asia/Shanghai \
LANG=zh_CN.UTF-8 \
LANGUAGE=zh_CN:zh:en_US:en \
LC_ALL=zh_CN.UTF-8 \
JAVA_HOME=/usr/local/jre1.8.0_202 \
PATH=/usr/local/jre1.8.0_202/bin:$PATH \
DEBIAN_FRONTEND=noninteractive
# 设置工作目录
WORKDIR /tmp
# 复制本地JRE压缩包到镜像中
COPY jre-8u202-linux-x64.tar.gz /tmp/
# 安装必要的系统包并配置环境
RUN set -eux; \
\
# 更新系统并安装中文语言支持
apt-get update && \
apt-get install -y --no-install-recommends \
tzdata \
locales \
fontconfig \
fonts-dejavu \
fonts-wqy-microhei \
ca-certificates \
&& \
\
# 清理apt缓存以减少镜像大小
apt-get clean && \
rm -rf /var/lib/apt/lists/*; \
\
# 配置时区
ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \
echo $TZ > /etc/timezone; \
\
# 生成中文本地化配置
locale-gen zh_CN.UTF-8 && \
locale-gen en_US.UTF-8; \
\
# 设置系统语言环境
update-locale LANG=zh_CN.UTF-8; \
\
# 解压JRE到/usr/local目录
tar -xzf jre-8u202-linux-x64.tar.gz -C /usr/local/ && \
\
# 删除临时文件
rm -f jre-8u202-linux-x64.tar.gz; \
\
# 创建符号链接以便版本升级时更容易管理
ln -sf /usr/local/jre1.8.0_202 /usr/local/jre; \
\
# 创建全局可执行文件链接
update-alternatives --install "/usr/bin/java" "java" "/usr/local/jre/bin/java" 1 && \
update-alternatives --install "/usr/bin/javac" "javac" "/usr/local/jre/bin/javac" 1 && \
update-alternatives --set java /usr/local/jre/bin/java; \
\
# 创建字体目录并设置权限
mkdir -p /usr/share/fonts/truetype/ && \
chmod 755 /usr/share/fonts/truetype/; \
\
# 更新字体缓存
fc-cache -fv; \
\
# 验证JRE安装
java -version && \
/usr/local/jre/bin/java -version; \
\
# 创建非root用户用于运行Java应用
groupadd -r esxi && \
useradd -r -g esxi -d /opt/esxi -s /bin/bash esxi && \
mkdir -p /opt/esxi && \
chown -R esxi:esxi /opt/esxi; \
\
# 设置文件权限
chmod -R 755 /usr/local/jre1.8.0_202 && \
chown -R root:root /usr/local/jre1.8.0_202
# 切换到应用目录
WORKDIR /opt/apps
# 设置默认用户
#USER esxi
# 设置健康检查
HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \
CMD java -version > /dev/null 2>&1 || exit 1
# 设置默认启动命令
CMD ["java", "-version"]

209
dockerfiles/jre/8u202-utunbu22-dos/deploy.sh Normal file
View File

@ -0,0 +1,209 @@
#!/bin/bash
set -euo pipefail
# 配置参数
IMAGE_NAME="jre"
VERSION="8u202-ubuntu22-dos"
HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址
HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名
HARBOR_USERNAME="deploy" # 替换为Harbor用户名
HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码
# 完整的镜像标签
FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}"
TAG_VERSION="${VERSION}"
TAG_LATEST="latest"
# 颜色输出函数
red() { echo -e "\033[31m$*\033[0m"; }
green() { echo -e "\033[32m$*\033[0m"; }
yellow() { echo -e "\033[33m$*\033[0m"; }
blue() { echo -e "\033[34m$*\033[0m"; }
# 检查必要文件
check_requirements() {
blue "检查构建所需文件..."
if [ ! -f "jre-8u202-linux-x64.tar.gz" ]; then
red "错误: jre-8u202-linux-x64.tar.gz 不存在"
echo "请从Oracle官网下载JRE 8u202并放置在当前目录"
exit 1
fi
if [ ! -d "fonts" ]; then
yellow "提示: fonts 目录不存在,创建空目录"
mkdir -p fonts/
yellow "可以放置中文字体文件到 fonts/ 目录以获得更好的中文支持"
fi
green "✓ 文件检查完成"
}
# 登录Harbor仓库
login_to_harbor() {
blue "登录Harbor仓库: ${HARBOR_REGISTRY}"
if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then
green "✓ Harbor登录成功"
else
red "✗ Harbor登录失败"
exit 1
fi
}
# 构建Docker镜像
build_image() {
blue "开始构建Docker镜像..."
local build_cmd=(
docker build
# --pull
# --no-cache
-t "${FULL_IMAGE_NAME}:${TAG_VERSION}"
# -t "${FULL_IMAGE_NAME}:${TAG_LATEST}"
.
)
echo "执行命令: ${build_cmd[*]}"
if "${build_cmd[@]}"; then
green "✓ 镜像构建成功"
else
red "✗ 镜像构建失败"
exit 1
fi
}
# 显示镜像信息
show_image_info() {
blue "镜像构建信息:"
echo "----------------------------------------"
docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}"
echo "----------------------------------------"
# 显示详细大小信息
local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}')
green "镜像大小: ${image_size}"
}
# 测试镜像功能
test_image() {
blue "测试镜像功能..."
echo "1. 测试Java版本:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" java -version; then
green "✓ Java测试通过"
else
red "✗ Java测试失败"
exit 1
fi
echo "2. 测试区域设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then
green "✓ 区域设置测试通过"
else
red "✗ 区域设置测试失败"
exit 1
fi
echo "3. 测试时区设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then
green "✓ 时区测试通过"
else
red "✗ 时区测试失败"
exit 1
fi
}
# 推送镜像到Harbor
push_to_harbor() {
blue "推送镜像到Harbor仓库..."
# 推送版本标签
if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 版本标签推送成功: ${TAG_VERSION}"
else
red "✗ 版本标签推送失败"
exit 1
fi
# # 推送latest标签
# if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then
# green "✓ latest标签推送成功"
# else
# red "✗ latest标签推送失败"
# exit 1
# fi
}
# 清理本地镜像
cleanup_local() {
blue "清理本地镜像..."
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true
green "✓ 本地镜像清理完成"
}
# 验证远程镜像
verify_remote_image() {
blue "验证远程镜像..."
# 尝试拉取验证
if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 远程镜像验证成功"
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true
else
red "✗ 远程镜像验证失败"
exit 1
fi
}
# 生成使用说明
generate_usage() {
cat << EOF
$(green "=== 镜像构建和推送完成 ===")
$(blue "镜像名称:") ${FULL_IMAGE_NAME}
$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST}
$(yellow "使用方法:")
1. 拉取镜像:
docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION}
2. 运行测试:
docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} java -version
3. 作为基础镜像使用:
FROM ${FULL_IMAGE_NAME}:${TAG_VERSION}
$(green "镜像已成功推送到Harbor仓库!")
EOF
}
# 主函数
main() {
echo "$(blue '=== Ubuntu 22.04 JRE 8u202 基础镜像构建脚本 ===')"
echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")"
echo "$(blue "镜像名称: ${IMAGE_NAME}")"
echo "$(blue "版本标签: ${VERSION}")"
echo "----------------------------------------"
# 执行步骤
check_requirements
login_to_harbor
build_image
show_image_info
test_image
push_to_harbor
cleanup_local
verify_remote_image
generate_usage
green "✅ 所有步骤完成!"
}
# 异常处理
trap 'red "脚本执行被中断"; exit 1' INT TERM
# 执行主函数
main "$@"

45
dockerfiles/nginx/nginx1.24-alpine/Dockerfile Normal file
View File

@ -0,0 +1,45 @@
# 使用官方Nginx Alpine基础镜像更轻量
FROM nginx:1.24-alpine
# 维护者信息
LABEL maintainer="xiaomayicloud@163.com"
LABEL description="Nginx 1.24 for Node.js frontend deployment"
LABEL version="1.24"
# 安装必要的工具
RUN apk update && \
apk add --no-cache \
curl \
bash \
tzdata \
&& rm -rf /var/cache/apk/*
# 设置时区(可选,根据需要修改)
ENV TZ=Asia/Shanghai
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
# 创建应用目录
RUN mkdir -p /app/dist && \
mkdir -p /app/logs && \
mkdir -p /app/conf
# 移除默认的Nginx配置
RUN rm -rf /etc/nginx/conf.d/default.conf
# 复制自定义Nginx配置
COPY nginx.conf /etc/nginx/nginx.conf
COPY conf.d/ /etc/nginx/conf.d/
# 复制健康检查脚本
COPY healthcheck.sh /usr/local/bin/healthcheck.sh
RUN chmod +x /usr/local/bin/healthcheck.sh
# 暴露端口
EXPOSE 80 443
# 健康检查
HEALTHCHECK --interval=30s --timeout=10s --retries=3 \
CMD /usr/local/bin/healthcheck.sh
# 启动Nginx
CMD ["nginx", "-g", "daemon off;"]

44
dockerfiles/nginx/nginx1.24-alpine/conf.d/app.conf Normal file
View File

@ -0,0 +1,44 @@
server {
listen 80;
server_name localhost;
root /app/dist;
index index.html index.htm;
# 访问日志
access_log /app/logs/access.log main;
error_log /app/logs/error.log warn;
# 静态文件缓存
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
expires 1y;
add_header Cache-Control "public, immutable";
add_header Access-Control-Allow-Origin "*";
try_files $uri $uri/ =404;
}
# HTML文件不缓存
location ~* \.(html|htm)$ {
expires -1;
add_header Cache-Control "no-store, no-cache, must-revalidate";
try_files $uri $uri/ =404;
}
# SPA应用路由处理
location / {
try_files $uri $uri/ /index.html;
}
# 健康检查端点
location /health {
access_log off;
return 200 "healthy\n";
add_header Content-Type text/plain;
}
# 禁止访问隐藏文件
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
}

175
dockerfiles/nginx/nginx1.24-alpine/deploy.sh Normal file
View File

@ -0,0 +1,175 @@
#!/bin/bash
# 颜色定义
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
# 配置变量
IMAGE_NAME="nginx"
IMAGE_TAG="1.24-alpine"
HARBOR_URL="192.168.10.102:8001" # 替换为你的Harbor地址
HARBOR_PROJECT="xiaomayi-base" # 替换为你的项目名
HARBOR_USERNAME="deploy" # 从环境变量获取
HARBOR_PASSWORD="Harbor20240330" # 从环境变量获取
# 日志函数
log_info() { echo -e "${BLUE}[INFO]${NC} $1"; }
log_success() { echo -e "${GREEN}[SUCCESS]${NC} $1"; }
log_warning() { echo -e "${YELLOW}[WARNING]${NC} $1"; }
log_error() { echo -e "${RED}[ERROR]${NC} $1"; }
# 检查依赖
check_dependencies() {
local deps=("docker" "curl")
for dep in "${deps[@]}"; do
if ! command -v "$dep" &> /dev/null; then
log_error "缺少依赖: $dep"
exit 1
fi
done
}
# 检查Docker服务
check_docker() {
if ! docker info > /dev/null 2>&1; then
log_error "Docker服务未运行"
exit 1
fi
}
# 构建镜像
build_image() {
log_info "开始构建Nginx镜像..."
if docker build -t "${IMAGE_NAME}:${IMAGE_TAG}" . ; then
log_success "镜像构建成功: ${IMAGE_NAME}:${IMAGE_TAG}"
else
log_error "镜像构建失败"
exit 1
fi
}
# 添加额外标签(可选)
add_additional_tags() {
local tags=("latest" "prod" "dev")
for extra_tag in "${tags[@]}"; do
log_info "添加额外标签: ${extra_tag}"
docker tag "${IMAGE_NAME}:${IMAGE_TAG}" "${IMAGE_NAME}:${extra_tag}"
done
}
# 登录Harbor
login_to_harbor() {
if [ -z "$HARBOR_USERNAME" ] || [ -z "$HARBOR_PASSWORD" ]; then
log_error "Harbor用户名或密码未设置"
log_warning "请设置环境变量: HARBOR_USERNAME 和 HARBOR_PASSWORD"
exit 1
fi
log_info "登录到Harbor仓库..."
if echo "$HARBOR_PASSWORD" | docker login -u "$HARBOR_USERNAME" --password-stdin "$HARBOR_URL"; then
log_success "Harbor登录成功"
else
log_error "Harbor登录失败"
exit 1
fi
}
# 打标签
tag_image() {
local target_tag="${1:-$IMAGE_TAG}"
local full_image_name="${HARBOR_URL}/${HARBOR_PROJECT}/${IMAGE_NAME}:${target_tag}"
log_info "打标签: ${full_image_name}"
if docker tag "${IMAGE_NAME}:${target_tag}" "$full_image_name"; then
log_success "标签打成功"
else
log_error "标签打失败"
exit 1
fi
}
# 推送镜像
push_image() {
local target_tag="${1:-$IMAGE_TAG}"
local full_image_name="${HARBOR_URL}/${HARBOR_PROJECT}/${IMAGE_NAME}:${target_tag}"
log_info "推送镜像: ${full_image_name}"
if docker push "$full_image_name"; then
log_success "镜像推送成功"
else
log_error "镜像推送失败"
exit 1
fi
}
# 清理本地镜像
cleanup() {
log_info "清理本地镜像..."
# 清理主标签
docker rmi "${IMAGE_NAME}:${IMAGE_TAG}" 2>/dev/null || true
# 清理额外标签
local tags=("latest" "prod" "dev")
for tag in "${tags[@]}"; do
docker rmi "${IMAGE_NAME}:${tag}" 2>/dev/null || true
done
# 清理Harbor标签
local harbor_tags=("$IMAGE_TAG" "latest" "prod" "dev")
for tag in "${harbor_tags[@]}"; do
docker rmi "${HARBOR_URL}/${HARBOR_PROJECT}/${IMAGE_NAME}:${tag}" 2>/dev/null || true
done
log_success "清理完成"
}
# 显示镜像信息
show_image_info() {
log_info "镜像信息:"
echo "名称: ${IMAGE_NAME}"
echo "版本: ${IMAGE_TAG}"
echo "Harbor地址: ${HARBOR_URL}"
echo "项目: ${HARBOR_PROJECT}"
echo "完整镜像名: ${HARBOR_URL}/${HARBOR_PROJECT}/${IMAGE_NAME}:${IMAGE_TAG}"
}
# 主函数
main() {
log_info "====== Nginx镜像构建推送脚本 ======"
check_dependencies
check_docker
show_image_info
# 构建镜像
build_image
# 添加额外标签
#add_additional_tags
# 登录Harbor
login_to_harbor
# 推送所有标签
#local tags=("$IMAGE_TAG" "latest" "prod" "dev")
local tags=("$IMAGE_TAG")
for tag in "${tags[@]}"; do
tag_image "$tag"
push_image "$tag"
done
# 清理
cleanup
log_success "====== 所有操作完成! ======"
log_info "镜像地址: ${HARBOR_URL}/${HARBOR_PROJECT}/${IMAGE_NAME}:${IMAGE_TAG}"
}
# 执行主函数
main "$@"

8
dockerfiles/nginx/nginx1.24-alpine/healthcheck.sh Normal file
View File

@ -0,0 +1,8 @@
#!/bin/sh
# Nginx健康检查脚本
if curl -f http://localhost/health > /dev/null 2>&1; then
exit 0
else
exit 1
fi

40
dockerfiles/nginx/nginx1.24-alpine/nginx.conf Normal file
View File

@ -0,0 +1,40 @@
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
use epoll;
multi_accept on;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# Gzip压缩配置
gzip on;
gzip_vary on;
gzip_min_length 1024;
gzip_types text/plain text/css text/xml text/javascript
application/javascript application/xml+rss
application/json;
# 文件上传大小限制
client_max_body_size 100M;
include /etc/nginx/conf.d/*.conf;
}

149
dockerfiles/python/3.9.13-centos8-dos/Dockerfile Normal file
View File

@ -0,0 +1,149 @@
# 使用CentOS 8作为基础镜像
FROM centos:8
# 设置元数据标签
LABEL maintainer="小蚂蚁云团队" \
version="1.0" \
description="基于CentOS 8的Python 3.9.13运行环境" \
python.version="3.9.13"
# 设置环境变量
ENV PYTHON_VERSION=3.9.13 \
PYTHON_HOME=/usr/local/python3.9.13 \
TZ=Asia/Shanghai \
LANG=en_US.UTF-8
# 设置工作目录
WORKDIR /tmp
# 第一步修复CentOS 8的软件源并安装编译工具
RUN set -eux; \
\
# 由于CentOS 8已停止维护需要修改软件源
sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-* && \
sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-* && \
\
# 更新系统并安装必要的开发工具
dnf update -y && \
dnf install -y \
make \
gcc \
gcc-c++ \
kernel-devel \
openssl-devel \
bzip2-devel \
libffi-devel \
zlib-devel \
readline-devel \
sqlite-devel \
# 系统工具
curl \
tar \
xz \
gzip \
git \
glibc-langpack-en \
shadow-utils \
which \
&& \
\
# 清理缓存以减少镜像大小
dnf clean all && \
rm -rf /var/cache/dnf; \
\
# 配置时区
ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \
echo $TZ > /etc/timezone; \
\
# 设置语言环境
echo 'LANG="en_US.UTF-8"' > /etc/locale.conf && \
echo 'LC_ALL="en_US.UTF-8"' >> /etc/locale.conf;
# 第二步:验证编译器安装
RUN set -eux; \
\
# 检查编译器是否安装成功
echo "=== 检查编译工具 ==="; \
make --version; \
gcc --version; \
g++ --version;
# 添加Python安装包确保Python-3.9.13.tar.xz在构建上下文
ADD Python-3.9.13.tar.xz /tmp/
# 第三步编译和安装Python
RUN set -eux; \
\
# 进入解压后的Python目录
cd /tmp/Python-3.9.13 && \
\
# 配置编译选项
./configure \
--prefix=${PYTHON_HOME} \
--enable-optimizations \
--enable-shared \
--with-system-ffi \
--with-ensurepip=install \
&& \
\
# 编译和安装
make -j$(nproc) && \
make install && \
\
# 创建软链接
ln -sf ${PYTHON_HOME}/bin/python3.9 /usr/bin/python3 && \
ln -sf ${PYTHON_HOME}/bin/python3.9 /usr/bin/python && \
ln -sf ${PYTHON_HOME}/bin/pip3 /usr/bin/pip && \
\
# 配置动态链接库路径
echo "${PYTHON_HOME}/lib" > /etc/ld.so.conf.d/python3.conf && \
ldconfig && \
\
# 清理编译文件和源码
cd /tmp && \
rm -rf /tmp/Python-3.9.13;
# 设置全局PATH环境变量
ENV PATH=${PYTHON_HOME}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
# 第四步验证Python安装
RUN set -eux; \
\
# 检查Python版本
echo "=== Python版本 ==="; \
python3 --version; \
python --version; \
\
# 检查pip版本
echo "=== Pip版本 ==="; \
pip --version;
# 第五步升级pip和安装常用工具
RUN set -eux; \
\
# 升级pip
pip install --upgrade pip setuptools wheel && \
\
# 安装常用Python工具
pip install virtualenv;
# 设置工作目录Python项目目录
WORKDIR /opt/apps
# 创建非root用户用于运行Python应用
RUN set -eux; \
\
# 创建用户和组
groupadd -r esxi && \
useradd -r -g esxi -d /opt/apps -s /bin/bash esxi && \
\
# 设置目录权限
chown -R esxi:esxi /opt/apps && \
chown -R esxi:esxi ${PYTHON_HOME};
# 设置健康检查
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD python3 --version > /dev/null 2>&1 || exit 1
# 设置默认启动命令
CMD ["python3", "--version"]

203
dockerfiles/python/3.9.13-centos8-dos/deploy.sh Normal file
View File

@ -0,0 +1,203 @@
#!/bin/bash
set -euo pipefail
# 配置参数
IMAGE_NAME="python"
VERSION="3.9.13-centos8-dos"
HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址
HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名
HARBOR_USERNAME="deploy" # 替换为Harbor用户名
HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码
# 完整的镜像标签
FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}"
TAG_VERSION="${VERSION}"
TAG_LATEST="latest"
# 颜色输出函数
red() { echo -e "\033[31m$*\033[0m"; }
green() { echo -e "\033[32m$*\033[0m"; }
yellow() { echo -e "\033[33m$*\033[0m"; }
blue() { echo -e "\033[34m$*\033[0m"; }
# 检查必要文件
check_requirements() {
blue "检查构建所需文件..."
if [ ! -f "Python-3.9.13.tar.xz" ]; then
red "错误: Python-3.9.13.tar.xz 不存在"
echo "请从Python官网下载并放置在当前目录"
exit 1
fi
green "✓ 文件检查完成"
}
# 登录Harbor仓库
login_to_harbor() {
blue "登录Harbor仓库: ${HARBOR_REGISTRY}"
if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then
green "✓ Harbor登录成功"
else
red "✗ Harbor登录失败"
exit 1
fi
}
# 构建Docker镜像
build_image() {
blue "开始构建Docker镜像..."
local build_cmd=(
docker build
# --pull
# --no-cache
-t "${FULL_IMAGE_NAME}:${TAG_VERSION}"
# -t "${FULL_IMAGE_NAME}:${TAG_LATEST}"
.
)
echo "执行命令: ${build_cmd[*]}"
if "${build_cmd[@]}"; then
green "✓ 镜像构建成功"
else
red "✗ 镜像构建失败"
exit 1
fi
}
# 显示镜像信息
show_image_info() {
blue "镜像构建信息:"
echo "----------------------------------------"
docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}"
echo "----------------------------------------"
# 显示详细大小信息
local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}')
green "镜像大小: ${image_size}"
}
# 测试镜像功能
test_image() {
blue "测试镜像功能..."
echo "1. 测试Python版本:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" python3 --version; then
green "✓ 测试通过"
else
red "✗ 测试失败"
exit 1
fi
echo "2. 测试区域设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then
green "✓ 区域设置测试通过"
else
red "✗ 区域设置测试失败"
exit 1
fi
echo "3. 测试时区设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then
green "✓ 时区测试通过"
else
red "✗ 时区测试失败"
exit 1
fi
}
# 推送镜像到Harbor
push_to_harbor() {
blue "推送镜像到Harbor仓库..."
# 推送版本标签
if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 版本标签推送成功: ${TAG_VERSION}"
else
red "✗ 版本标签推送失败"
exit 1
fi
# # 推送latest标签
# if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then
# green "✓ latest标签推送成功"
# else
# red "✗ latest标签推送失败"
# exit 1
# fi
}
# 清理本地镜像
cleanup_local() {
blue "清理本地镜像..."
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true
green "✓ 本地镜像清理完成"
}
# 验证远程镜像
verify_remote_image() {
blue "验证远程镜像..."
# 尝试拉取验证
if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 远程镜像验证成功"
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true
else
red "✗ 远程镜像验证失败"
exit 1
fi
}
# 生成使用说明
generate_usage() {
cat << EOF
$(green "=== 镜像构建和推送完成 ===")
$(blue "镜像名称:") ${FULL_IMAGE_NAME}
$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST}
$(yellow "使用方法:")
1. 拉取镜像:
docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION}
2. 运行测试:
docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} python3 --version
3. 作为基础镜像使用:
FROM ${FULL_IMAGE_NAME}:${TAG_VERSION}
$(green "镜像已成功推送到Harbor仓库!")
EOF
}
# 主函数
main() {
echo "$(blue '=== CentOS 8 Python 3.9.13 基础镜像构建脚本 ===')"
echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")"
echo "$(blue "镜像名称: ${IMAGE_NAME}")"
echo "$(blue "版本标签: ${VERSION}")"
echo "----------------------------------------"
# 执行步骤
check_requirements
login_to_harbor
build_image
show_image_info
test_image
push_to_harbor
cleanup_local
verify_remote_image
generate_usage
green "✅ 所有步骤完成!"
}
# 异常处理
trap 'red "脚本执行被中断"; exit 1' INT TERM
# 执行主函数
main "$@"

162
dockerfiles/python/3.9.13-debian12-dos/Dockerfile Normal file
View File

@ -0,0 +1,162 @@
# 使用 Debian 12 (bookworm-slim) 作为基础镜像
FROM debian:bookworm-slim
# 设置元数据标签
LABEL maintainer="小蚂蚁云团队" \
version="1.0" \
description="基于Debian的Python 3.9.13运行环境" \
python.version="3.9.13"
# 设置环境变量
ENV PYTHON_VERSION=3.9.13 \
PYTHON_HOME=/usr/local/python3.9.13 \
TZ=Asia/Shanghai \
LANG=en_US.UTF-8 \
DEBIAN_FRONTEND=noninteractive
# 设置工作目录
WORKDIR /tmp
# 第一步:安装编译工具和系统依赖
RUN set -eux; \
\
# 配置阿里云Debian镜像源
echo "deb http://mirrors.aliyun.com/debian/ bookworm main non-free non-free-firmware" > /etc/apt/sources.list; \
echo "deb http://mirrors.aliyun.com/debian/ bookworm-updates main non-free non-free-firmware" >> /etc/apt/sources.list; \
echo "deb http://mirrors.aliyun.com/debian/ bookworm-backports main non-free non-free-firmware" >> /etc/apt/sources.list; \
echo "deb http://mirrors.aliyun.com/debian-security bookworm-security main non-free non-free-firmware" >> /etc/apt/sources.list; \
\
# 更新软件包列表并安装必要的开发工具
apt-get update && \
apt-get install -y --no-install-recommends \
build-essential \
libssl-dev \
libbz2-dev \
libffi-dev \
zlib1g-dev \
libreadline-dev \
libsqlite3-dev \
liblzma-dev \
libncursesw5-dev \
# 系统工具
curl \
wget \
tar \
xz-utils \
gzip \
git \
locales \
tzdata \
make \
gcc \
g++ \
&& \
\
# 清理缓存以减少镜像大小
apt-get clean && \
rm -rf /var/lib/apt/lists/*; \
\
# 配置时区
ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \
echo $TZ > /etc/timezone; \
\
# 设置语言环境
echo "en_US.UTF-8 UTF-8" > /etc/locale.gen; \
locale-gen; \
update-locale LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8;
# 第二步:验证编译器安装
RUN set -eux; \
\
# 检查编译器是否安装成功
echo "=== 检查编译工具 ==="; \
make --version; \
gcc --version; \
g++ --version;
# 添加Python安装包确保Python-3.9.13.tar.xz在构建上下文
ADD Python-3.9.13.tar.xz /tmp/
# 第三步编译和安装Python
RUN set -eux; \
\
# 进入解压后的Python目录
cd /tmp/Python-3.9.13 && \
\
# 配置编译选项
./configure \
--prefix=${PYTHON_HOME} \
--enable-optimizations \
--enable-shared \
--with-system-ffi \
--with-ensurepip=install \
--enable-loadable-sqlite-extensions \
&& \
\
# 编译和安装
make -j$(nproc) && \
make install && \
\
# 创建软链接
ln -sf ${PYTHON_HOME}/bin/python3.9 /usr/local/bin/python3 && \
ln -sf ${PYTHON_HOME}/bin/python3.9 /usr/local/bin/python && \
ln -sf ${PYTHON_HOME}/bin/pip3 /usr/local/bin/pip && \
\
# 配置动态链接库路径
echo "${PYTHON_HOME}/lib" > /etc/ld.so.conf.d/python3.conf && \
ldconfig && \
\
# 清理编译文件和源码
cd /tmp && \
rm -rf /tmp/Python-3.9.13;
# 设置全局PATH环境变量
ENV PATH=${PYTHON_HOME}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
# 第四步验证Python安装
RUN set -eux; \
\
# 检查Python版本
echo "=== Python版本 ==="; \
python3 --version; \
python --version; \
\
# 检查pip版本
echo "=== Pip版本 ==="; \
pip --version;
# 第五步升级pip和安装常用工具
RUN set -eux; \
\
# 升级pip
pip install --upgrade pip setuptools wheel && \
\
# 安装常用Python工具
pip install virtualenv;
# 设置工作目录Python项目目录
WORKDIR /opt/apps
# 创建非root用户用于运行Python应用
RUN set -eux; \
\
# 创建用户和组
groupadd -r esxi && \
useradd -r -g esxi -d /opt/apps -s /bin/bash esxi && \
\
# 安装bashDebian slim可能不包含
apt-get update && \
apt-get install -y --no-install-recommends bash && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*; \
\
# 设置目录权限
chown -R esxi:esxi /opt/apps && \
chown -R esxi:esxi ${PYTHON_HOME};
# 设置健康检查
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD python3 --version > /dev/null 2>&1 || exit 1
# 设置默认启动命令
CMD ["python3", "--version"]

203
dockerfiles/python/3.9.13-debian12-dos/deploy.sh Normal file
View File

@ -0,0 +1,203 @@
#!/bin/bash
set -euo pipefail
# 配置参数
IMAGE_NAME="python"
VERSION="3.9.13-debian12-dos"
HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址
HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名
HARBOR_USERNAME="deploy" # 替换为Harbor用户名
HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码
# 完整的镜像标签
FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}"
TAG_VERSION="${VERSION}"
TAG_LATEST="latest"
# 颜色输出函数
red() { echo -e "\033[31m$*\033[0m"; }
green() { echo -e "\033[32m$*\033[0m"; }
yellow() { echo -e "\033[33m$*\033[0m"; }
blue() { echo -e "\033[34m$*\033[0m"; }
# 检查必要文件
check_requirements() {
blue "检查构建所需文件..."
if [ ! -f "Python-3.9.13.tar.xz" ]; then
red "错误: Python-3.9.13.tar.xz 不存在"
echo "请从Python官网下载并放置在当前目录"
exit 1
fi
green "✓ 文件检查完成"
}
# 登录Harbor仓库
login_to_harbor() {
blue "登录Harbor仓库: ${HARBOR_REGISTRY}"
if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then
green "✓ Harbor登录成功"
else
red "✗ Harbor登录失败"
exit 1
fi
}
# 构建Docker镜像
build_image() {
blue "开始构建Docker镜像..."
local build_cmd=(
docker build
# --pull
# --no-cache
-t "${FULL_IMAGE_NAME}:${TAG_VERSION}"
# -t "${FULL_IMAGE_NAME}:${TAG_LATEST}"
.
)
echo "执行命令: ${build_cmd[*]}"
if "${build_cmd[@]}"; then
green "✓ 镜像构建成功"
else
red "✗ 镜像构建失败"
exit 1
fi
}
# 显示镜像信息
show_image_info() {
blue "镜像构建信息:"
echo "----------------------------------------"
docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}"
echo "----------------------------------------"
# 显示详细大小信息
local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}')
green "镜像大小: ${image_size}"
}
# 测试镜像功能
test_image() {
blue "测试镜像功能..."
echo "1. 测试Python版本:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" python3 --version; then
green "✓ 测试通过"
else
red "✗ 测试失败"
exit 1
fi
echo "2. 测试区域设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then
green "✓ 区域设置测试通过"
else
red "✗ 区域设置测试失败"
exit 1
fi
echo "3. 测试时区设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then
green "✓ 时区测试通过"
else
red "✗ 时区测试失败"
exit 1
fi
}
# 推送镜像到Harbor
push_to_harbor() {
blue "推送镜像到Harbor仓库..."
# 推送版本标签
if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 版本标签推送成功: ${TAG_VERSION}"
else
red "✗ 版本标签推送失败"
exit 1
fi
# # 推送latest标签
# if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then
# green "✓ latest标签推送成功"
# else
# red "✗ latest标签推送失败"
# exit 1
# fi
}
# 清理本地镜像
cleanup_local() {
blue "清理本地镜像..."
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true
green "✓ 本地镜像清理完成"
}
# 验证远程镜像
verify_remote_image() {
blue "验证远程镜像..."
# 尝试拉取验证
if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 远程镜像验证成功"
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true
else
red "✗ 远程镜像验证失败"
exit 1
fi
}
# 生成使用说明
generate_usage() {
cat << EOF
$(green "=== 镜像构建和推送完成 ===")
$(blue "镜像名称:") ${FULL_IMAGE_NAME}
$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST}
$(yellow "使用方法:")
1. 拉取镜像:
docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION}
2. 运行测试:
docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} python3 --version
3. 作为基础镜像使用:
FROM ${FULL_IMAGE_NAME}:${TAG_VERSION}
$(green "镜像已成功推送到Harbor仓库!")
EOF
}
# 主函数
main() {
echo "$(blue '=== Debian 12 Python 3.9.13 基础镜像构建脚本 ===')"
echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")"
echo "$(blue "镜像名称: ${IMAGE_NAME}")"
echo "$(blue "版本标签: ${VERSION}")"
echo "----------------------------------------"
# 执行步骤
check_requirements
login_to_harbor
build_image
show_image_info
test_image
push_to_harbor
cleanup_local
verify_remote_image
generate_usage
green "✅ 所有步骤完成!"
}
# 异常处理
trap 'red "脚本执行被中断"; exit 1' INT TERM
# 执行主函数
main "$@"

150
dockerfiles/python/3.9.13-rocky8-dos/Dockerfile Normal file
View File

@ -0,0 +1,150 @@
# 使用 RockyLinux 8 最小化镜像作为基础
FROM rockylinux:8
# 设置元数据标签
LABEL maintainer="小蚂蚁云团队" \
version="1.0" \
description="基于CentOS 8的Python 3.9.13运行环境" \
python.version="3.9.13"
# 设置环境变量
ENV PYTHON_VERSION=3.9.13 \
PYTHON_HOME=/usr/local/python3.9.13 \
TZ=Asia/Shanghai \
LANG=en_US.UTF-8
# 设置工作目录
WORKDIR /tmp
# 第一步修复CentOS 8的软件源并安装编译工具
RUN set -eux; \
# 配置国内镜像源加速
sed -e 's|^mirrorlist=|#mirrorlist=|g' \
-e 's|^#baseurl=http://dl.rockylinux.org/$contentdir|baseurl=https://mirrors.aliyun.com/rockylinux|g' \
-i.bak \
/etc/yum.repos.d/*.repo && \
\
# 更新系统并安装必要的开发工具
dnf update -y && \
dnf install -y \
make \
gcc \
gcc-c++ \
kernel-devel \
openssl-devel \
bzip2-devel \
libffi-devel \
zlib-devel \
readline-devel \
sqlite-devel \
# 系统工具
curl \
tar \
xz \
gzip \
git \
glibc-langpack-en \
shadow-utils \
which \
&& \
\
# 清理缓存以减少镜像大小
dnf clean all && \
rm -rf /var/cache/dnf; \
\
# 配置时区
ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \
echo $TZ > /etc/timezone; \
\
# 设置语言环境
echo 'LANG="en_US.UTF-8"' > /etc/locale.conf && \
echo 'LC_ALL="en_US.UTF-8"' >> /etc/locale.conf;
# 第二步:验证编译器安装
RUN set -eux; \
\
# 检查编译器是否安装成功
echo "=== 检查编译工具 ==="; \
make --version; \
gcc --version; \
g++ --version;
# 添加Python安装包确保Python-3.9.13.tar.xz在构建上下文
ADD Python-3.9.13.tar.xz /tmp/
# 第三步编译和安装Python
RUN set -eux; \
\
# 进入解压后的Python目录
cd /tmp/Python-3.9.13 && \
\
# 配置编译选项
./configure \
--prefix=${PYTHON_HOME} \
--enable-optimizations \
--enable-shared \
--with-system-ffi \
--with-ensurepip=install \
&& \
\
# 编译和安装
make -j$(nproc) && \
make install && \
\
# 创建软链接
ln -sf ${PYTHON_HOME}/bin/python3.9 /usr/bin/python3 && \
ln -sf ${PYTHON_HOME}/bin/python3.9 /usr/bin/python && \
ln -sf ${PYTHON_HOME}/bin/pip3 /usr/bin/pip && \
\
# 配置动态链接库路径
echo "${PYTHON_HOME}/lib" > /etc/ld.so.conf.d/python3.conf && \
ldconfig && \
\
# 清理编译文件和源码
cd /tmp && \
rm -rf /tmp/Python-3.9.13;
# 设置全局PATH环境变量
ENV PATH=${PYTHON_HOME}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
# 第四步验证Python安装
RUN set -eux; \
\
# 检查Python版本
echo "=== Python版本 ==="; \
python3 --version; \
python --version; \
\
# 检查pip版本
echo "=== Pip版本 ==="; \
pip --version;
# 第五步升级pip和安装常用工具
RUN set -eux; \
\
# 升级pip
pip install --upgrade pip setuptools wheel && \
\
# 安装常用Python工具
pip install virtualenv;
# 设置工作目录Python项目目录
WORKDIR /opt/apps
# 创建非root用户用于运行Python应用
RUN set -eux; \
\
# 创建用户和组
groupadd -r esxi && \
useradd -r -g esxi -d /opt/apps -s /bin/bash esxi && \
\
# 设置目录权限
chown -R esxi:esxi /opt/apps && \
chown -R esxi:esxi ${PYTHON_HOME};
# 设置健康检查
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD python3 --version > /dev/null 2>&1 || exit 1
# 设置默认启动命令
CMD ["python3", "--version"]

203
dockerfiles/python/3.9.13-rocky8-dos/deploy.sh Normal file
View File

@ -0,0 +1,203 @@
#!/bin/bash
set -euo pipefail
# 配置参数
IMAGE_NAME="python"
VERSION="3.9.13-rocky8-dos"
HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址
HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名
HARBOR_USERNAME="deploy" # 替换为Harbor用户名
HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码
# 完整的镜像标签
FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}"
TAG_VERSION="${VERSION}"
TAG_LATEST="latest"
# 颜色输出函数
red() { echo -e "\033[31m$*\033[0m"; }
green() { echo -e "\033[32m$*\033[0m"; }
yellow() { echo -e "\033[33m$*\033[0m"; }
blue() { echo -e "\033[34m$*\033[0m"; }
# 检查必要文件
check_requirements() {
blue "检查构建所需文件..."
if [ ! -f "Python-3.9.13.tar.xz" ]; then
red "错误: Python-3.9.13.tar.xz 不存在"
echo "请从Python官网下载并放置在当前目录"
exit 1
fi
green "✓ 文件检查完成"
}
# 登录Harbor仓库
login_to_harbor() {
blue "登录Harbor仓库: ${HARBOR_REGISTRY}"
if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then
green "✓ Harbor登录成功"
else
red "✗ Harbor登录失败"
exit 1
fi
}
# 构建Docker镜像
build_image() {
blue "开始构建Docker镜像..."
local build_cmd=(
docker build
# --pull
# --no-cache
-t "${FULL_IMAGE_NAME}:${TAG_VERSION}"
# -t "${FULL_IMAGE_NAME}:${TAG_LATEST}"
.
)
echo "执行命令: ${build_cmd[*]}"
if "${build_cmd[@]}"; then
green "✓ 镜像构建成功"
else
red "✗ 镜像构建失败"
exit 1
fi
}
# 显示镜像信息
show_image_info() {
blue "镜像构建信息:"
echo "----------------------------------------"
docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}"
echo "----------------------------------------"
# 显示详细大小信息
local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}')
green "镜像大小: ${image_size}"
}
# 测试镜像功能
test_image() {
blue "测试镜像功能..."
echo "1. 测试Python版本:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" python3 --version; then
green "✓ 测试通过"
else
red "✗ 测试失败"
exit 1
fi
echo "2. 测试区域设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then
green "✓ 区域设置测试通过"
else
red "✗ 区域设置测试失败"
exit 1
fi
echo "3. 测试时区设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then
green "✓ 时区测试通过"
else
red "✗ 时区测试失败"
exit 1
fi
}
# 推送镜像到Harbor
push_to_harbor() {
blue "推送镜像到Harbor仓库..."
# 推送版本标签
if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 版本标签推送成功: ${TAG_VERSION}"
else
red "✗ 版本标签推送失败"
exit 1
fi
# # 推送latest标签
# if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then
# green "✓ latest标签推送成功"
# else
# red "✗ latest标签推送失败"
# exit 1
# fi
}
# 清理本地镜像
cleanup_local() {
blue "清理本地镜像..."
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true
green "✓ 本地镜像清理完成"
}
# 验证远程镜像
verify_remote_image() {
blue "验证远程镜像..."
# 尝试拉取验证
if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 远程镜像验证成功"
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true
else
red "✗ 远程镜像验证失败"
exit 1
fi
}
# 生成使用说明
generate_usage() {
cat << EOF
$(green "=== 镜像构建和推送完成 ===")
$(blue "镜像名称:") ${FULL_IMAGE_NAME}
$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST}
$(yellow "使用方法:")
1. 拉取镜像:
docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION}
2. 运行测试:
docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} python3 --version
3. 作为基础镜像使用:
FROM ${FULL_IMAGE_NAME}:${TAG_VERSION}
$(green "镜像已成功推送到Harbor仓库!")
EOF
}
# 主函数
main() {
echo "$(blue '=== RockyLinux 8 Python 3.9.13 基础镜像构建脚本 ===')"
echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")"
echo "$(blue "镜像名称: ${IMAGE_NAME}")"
echo "$(blue "版本标签: ${VERSION}")"
echo "----------------------------------------"
# 执行步骤
check_requirements
login_to_harbor
build_image
show_image_info
test_image
push_to_harbor
cleanup_local
verify_remote_image
generate_usage
green "✅ 所有步骤完成!"
}
# 异常处理
trap 'red "脚本执行被中断"; exit 1' INT TERM
# 执行主函数
main "$@"

143
dockerfiles/python/3.9.13-ubuntu22-dos/Dockerfile Normal file
View File

@ -0,0 +1,143 @@
# 使用 Ubuntu 22.04 作为基础镜像
FROM ubuntu:22.04
# 设置元数据标签
LABEL maintainer="小蚂蚁云团队" \
version="1.0" \
description="基于Ubuntu 22.04的Python 3.9.13运行环境" \
python.version="3.9.13"
# 设置环境变量
ENV PYTHON_VERSION=3.9.13 \
PYTHON_HOME=/usr/local/python3.9.13 \
TZ=Asia/Shanghai \
LANG=en_US.UTF-8 \
DEBIAN_FRONTEND=noninteractive
# 设置工作目录
WORKDIR /tmp
# 第一步:安装编译工具和系统依赖
RUN set -eux; \
\
# 更新软件包列表并安装必要的开发工具
apt-get update && \
apt-get install -y --no-install-recommends \
build-essential \
libssl-dev \
libbz2-dev \
libffi-dev \
zlib1g-dev \
libreadline-dev \
libsqlite3-dev \
# 系统工具
curl \
wget \
tar \
xz-utils \
gzip \
git \
locales \
tzdata \
&& \
\
# 清理缓存以减少镜像大小
apt-get clean && \
rm -rf /var/lib/apt/lists/*; \
\
# 配置时区
ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \
echo $TZ > /etc/timezone; \
\
# 设置语言环境
locale-gen en_US.UTF-8 && \
update-locale LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8;
# 第二步:验证编译器安装
RUN set -eux; \
\
# 检查编译器是否安装成功
echo "=== 检查编译工具 ==="; \
make --version; \
gcc --version; \
g++ --version;
# 添加Python安装包确保Python-3.9.13.tar.xz在构建上下文
ADD Python-3.9.13.tar.xz /tmp/
# 第三步编译和安装Python
RUN set -eux; \
\
# 进入解压后的Python目录
cd /tmp/Python-3.9.13 && \
\
# 配置编译选项
./configure \
--prefix=${PYTHON_HOME} \
--enable-optimizations \
--enable-shared \
--with-system-ffi \
--with-ensurepip=install \
&& \
\
# 编译和安装
make -j$(nproc) && \
make install && \
\
# 创建软链接
ln -sf ${PYTHON_HOME}/bin/python3.9 /usr/bin/python3 && \
ln -sf ${PYTHON_HOME}/bin/python3.9 /usr/bin/python && \
ln -sf ${PYTHON_HOME}/bin/pip3 /usr/bin/pip && \
\
# 配置动态链接库路径
echo "${PYTHON_HOME}/lib" > /etc/ld.so.conf.d/python3.conf && \
ldconfig && \
\
# 清理编译文件和源码
cd /tmp && \
rm -rf /tmp/Python-3.9.13;
# 设置全局PATH环境变量
ENV PATH=${PYTHON_HOME}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
# 第四步验证Python安装
RUN set -eux; \
\
# 检查Python版本
echo "=== Python版本 ==="; \
python3 --version; \
python --version; \
\
# 检查pip版本
echo "=== Pip版本 ==="; \
pip --version;
# 第五步升级pip和安装常用工具
RUN set -eux; \
\
# 升级pip
pip install --upgrade pip setuptools wheel && \
\
# 安装常用Python工具
pip install virtualenv;
# 设置工作目录Python项目目录
WORKDIR /opt/apps
# 创建非root用户用于运行Python应用
RUN set -eux; \
\
# 创建用户和组
groupadd -r esxi && \
useradd -r -g esxi -d /opt/apps -s /bin/bash esxi && \
\
# 设置目录权限
chown -R esxi:esxi /opt/apps && \
chown -R esxi:esxi ${PYTHON_HOME};
# 设置健康检查
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD python3 --version > /dev/null 2>&1 || exit 1
# 设置默认启动命令
CMD ["python3", "--version"]

203
dockerfiles/python/3.9.13-ubuntu22-dos/deploy.sh Normal file
View File

@ -0,0 +1,203 @@
#!/bin/bash
set -euo pipefail
# 配置参数
IMAGE_NAME="python"
VERSION="3.9.13-ubuntu22-dos"
HARBOR_REGISTRY="192.168.10.102:8001" # 替换为实际的Harbor地址
HARBOR_PROJECT="xiaomayi-base" # 替换为实际的Harbor项目名
HARBOR_USERNAME="deploy" # 替换为Harbor用户名
HARBOR_PASSWORD="Harbor20240330" # 替换为Harbor密码
# 完整的镜像标签
FULL_IMAGE_NAME="${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${IMAGE_NAME}"
TAG_VERSION="${VERSION}"
TAG_LATEST="latest"
# 颜色输出函数
red() { echo -e "\033[31m$*\033[0m"; }
green() { echo -e "\033[32m$*\033[0m"; }
yellow() { echo -e "\033[33m$*\033[0m"; }
blue() { echo -e "\033[34m$*\033[0m"; }
# 检查必要文件
check_requirements() {
blue "检查构建所需文件..."
if [ ! -f "Python-3.9.13.tar.xz" ]; then
red "错误: Python-3.9.13.tar.xz 不存在"
echo "请从Python官网下载并放置在当前目录"
exit 1
fi
green "✓ 文件检查完成"
}
# 登录Harbor仓库
login_to_harbor() {
blue "登录Harbor仓库: ${HARBOR_REGISTRY}"
if echo "${HARBOR_PASSWORD}" | docker login -u "${HARBOR_USERNAME}" --password-stdin "${HARBOR_REGISTRY}"; then
green "✓ Harbor登录成功"
else
red "✗ Harbor登录失败"
exit 1
fi
}
# 构建Docker镜像
build_image() {
blue "开始构建Docker镜像..."
local build_cmd=(
docker build
# --pull
# --no-cache
-t "${FULL_IMAGE_NAME}:${TAG_VERSION}"
# -t "${FULL_IMAGE_NAME}:${TAG_LATEST}"
.
)
echo "执行命令: ${build_cmd[*]}"
if "${build_cmd[@]}"; then
green "✓ 镜像构建成功"
else
red "✗ 镜像构建失败"
exit 1
fi
}
# 显示镜像信息
show_image_info() {
blue "镜像构建信息:"
echo "----------------------------------------"
docker images "${FULL_IMAGE_NAME}" --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}"
echo "----------------------------------------"
# 显示详细大小信息
local image_size=$(docker image inspect "${FULL_IMAGE_NAME}:${TAG_VERSION}" --format='{{.Size}}' | awk '{printf "%.2f MB", $1/1024/1024}')
green "镜像大小: ${image_size}"
}
# 测试镜像功能
test_image() {
blue "测试镜像功能..."
echo "1. 测试Python版本:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" python3 --version; then
green "✓ 测试通过"
else
red "✗ 测试失败"
exit 1
fi
echo "2. 测试区域设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" locale; then
green "✓ 区域设置测试通过"
else
red "✗ 区域设置测试失败"
exit 1
fi
echo "3. 测试时区设置:"
if docker run --rm "${FULL_IMAGE_NAME}:${TAG_VERSION}" date; then
green "✓ 时区测试通过"
else
red "✗ 时区测试失败"
exit 1
fi
}
# 推送镜像到Harbor
push_to_harbor() {
blue "推送镜像到Harbor仓库..."
# 推送版本标签
if docker push "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 版本标签推送成功: ${TAG_VERSION}"
else
red "✗ 版本标签推送失败"
exit 1
fi
# # 推送latest标签
# if docker push "${FULL_IMAGE_NAME}:${TAG_LATEST}"; then
# green "✓ latest标签推送成功"
# else
# red "✗ latest标签推送失败"
# exit 1
# fi
}
# 清理本地镜像
cleanup_local() {
blue "清理本地镜像..."
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" "${FULL_IMAGE_NAME}:${TAG_LATEST}" 2>/dev/null || true
green "✓ 本地镜像清理完成"
}
# 验证远程镜像
verify_remote_image() {
blue "验证远程镜像..."
# 尝试拉取验证
if docker pull "${FULL_IMAGE_NAME}:${TAG_VERSION}"; then
green "✓ 远程镜像验证成功"
docker rmi "${FULL_IMAGE_NAME}:${TAG_VERSION}" 2>/dev/null || true
else
red "✗ 远程镜像验证失败"
exit 1
fi
}
# 生成使用说明
generate_usage() {
cat << EOF
$(green "=== 镜像构建和推送完成 ===")
$(blue "镜像名称:") ${FULL_IMAGE_NAME}
$(blue "可用标签:") ${TAG_VERSION}, ${TAG_LATEST}
$(yellow "使用方法:")
1. 拉取镜像:
docker pull ${FULL_IMAGE_NAME}:${TAG_VERSION}
2. 运行测试:
docker run --rm ${FULL_IMAGE_NAME}:${TAG_VERSION} python3 --version
3. 作为基础镜像使用:
FROM ${FULL_IMAGE_NAME}:${TAG_VERSION}
$(green "镜像已成功推送到Harbor仓库!")
EOF
}
# 主函数
main() {
echo "$(blue '=== Ubuntu 22.04 Python 3.9.13 基础镜像构建脚本 ===')"
echo "$(blue "目标仓库: ${HARBOR_REGISTRY}")"
echo "$(blue "镜像名称: ${IMAGE_NAME}")"
echo "$(blue "版本标签: ${VERSION}")"
echo "----------------------------------------"
# 执行步骤
check_requirements
login_to_harbor
build_image
show_image_info
test_image
push_to_harbor
cleanup_local
verify_remote_image
generate_usage
green "✅ 所有步骤完成!"
}
# 异常处理
trap 'red "脚本执行被中断"; exit 1' INT TERM
# 执行主函数
main "$@"

BIN
resources/Python-3.9.13.tar.xz Normal file
View File

Binary file not shown.

BIN
resources/fonts/simsun.ttf Normal file
View File

Binary file not shown.

BIN
resources/go1.25.1.linux-amd64.tar.gz Normal file
View File

Binary file not shown.

BIN
resources/jdk-17.0.16_linux-x64_bin.tar.gz Normal file
View File

Binary file not shown.

BIN
resources/jre-8u202-linux-x64.tar.gz Normal file
View File

Binary file not shown.