# 使用 Ubuntu 22.04 LTS 作为基础镜像 FROM ubuntu:22.04 # 维护者信息 LABEL maintainer="小蚂蚁云团队" \ description="JDK 17 on Ubuntu with Chinese support" \ version="1.0" # 设置环境变量 ENV LANG zh_CN.UTF-8 ENV LC_ALL zh_CN.UTF-8 ENV JAVA_HOME /opt/jdk-17.0.16 ENV PATH $JAVA_HOME/bin:$PATH ENV TZ Asia/Shanghai # 设置工作目录 WORKDIR /tmp # 配置阿里云Ubuntu镜像源并安装基础软件包 RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list && \ sed -i 's/security.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list && \ apt-get update && \ DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ ca-certificates \ wget \ curl \ fontconfig \ locales \ tzdata \ && \ # 安装中文语言包 apt-get install -y --no-install-recommends language-pack-zh-hans && \ # 生成中文locale locale-gen zh_CN.UTF-8 && \ locale-gen en_US.UTF-8 && \ update-locale LANG=zh_CN.UTF-8 LC_ALL=zh_CN.UTF-8 && \ # 设置时区 ln -fs /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \ echo "Asia/Shanghai" > /etc/timezone && \ dpkg-reconfigure --frontend noninteractive tzdata && \ # 清理apt缓存 apt-get clean && \ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* # # 下载并安装 JDK 17 # RUN set -eux && \ # # 下载JDK # wget -O jdk-17.0.16_linux-x64_bin.tar.gz \ # https://download.java.net/java/GA/jdk17.0.16/dfd4a8d0985749f896bed50d7138ee7f/8/GPL/openjdk-17.0.16_linux-x64_bin.tar.gz && \ # # 创建安装目录 # mkdir -p /opt && \ # tar -xzf jdk-17.0.16_linux-x64_bin.tar.gz -C /opt && \ # # 精简JDK # cd /opt/jdk-17.0.16 && \ # rm -rf \ # demo/ \ # sample/ \ # man/ \ # legal/ \ # lib/src.zip \ # lib/missioncontrol/ \ # lib/visualvm/ \ # lib/jfr/ \ # README.md \ # release && \ # # 删除调试文件 # find . -name "*.diz" -delete && \ # find . -name "*.debuginfo" -delete && \ # find . -name "*.pdb" -delete && \ # # 设置权限 # chmod -R 755 /opt/jdk-17.0.16 && \ # chown -R root:root /opt/jdk-17.0.16 && \ # # 清理下载文件 # rm -f /tmp/jdk-17.0.16_linux-x64_bin.tar.gz # 添加并精简 JDK ADD jdk-17.0.16_linux-x64_bin.tar.gz /opt/ # 精简JDK:删除不必要的文件 RUN set -eux && \ # 重命名JDK目录 mv /opt/jdk-17.0.16 /opt/jdk-17.0.16-original && \ \ # 创建新的精简JDK目录 mkdir -p /opt/jdk-17.0.16 && \ \ # 保留必要的目录和文件 cp -r /opt/jdk-17.0.16-original/bin /opt/jdk-17.0.16/ && \ cp -r /opt/jdk-17.0.16-original/lib /opt/jdk-17.0.16/ && \ cp -r /opt/jdk-17.0.16-original/conf /opt/jdk-17.0.16/ && \ cp -r /opt/jdk-17.0.16-original/include /opt/jdk-17.0.16/ && \ \ # 删除调试文件(使用通配符) rm -rf /opt/jdk-17.0.16/lib/*.diz \ /opt/jdk-17.0.16/lib/*/*.diz \ /opt/jdk-17.0.16/lib/*/*/*.diz \ /opt/jdk-17.0.16/lib/*.debuginfo \ /opt/jdk-17.0.16/lib/*/*.debuginfo \ /opt/jdk-17.0.16/lib/*/*/*.debuginfo \ /opt/jdk-17.0.16/lib/*.pdb \ /opt/jdk-17.0.16/lib/*/*.pdb \ /opt/jdk-17.0.16/lib/*/*/*.pdb && \ \ # 删除不必要的模块和文件 rm -rf /opt/jdk-17.0.16/lib/src.zip \ /opt/jdk-17.0.16/lib/missioncontrol \ /opt/jdk-17.0.16/lib/visualvm \ /opt/jdk-17.0.16/lib/jfr \ /opt/jdk-17.0.16/lib/security/cacerts.dummy \ \ # 删除演示和样例 /opt/jdk-17.0.16-original/demo \ /opt/jdk-17.0.16-original/sample \ /opt/jdk-17.0.16-original/man \ \ # 删除文档 /opt/jdk-17.0.16-original/legal \ /opt/jdk-17.0.16-original/README.md \ /opt/jdk-17.0.16-original/release && \ \ # 删除原始JDK目录 rm -rf /opt/jdk-17.0.16-original && \ \ # 设置权限 chmod -R 755 /opt/jdk-17.0.16 && \ chown -R root:root /opt/jdk-17.0.16 &&\ \ # 验证JDK安装 /opt/jdk-17.0.16/bin/java -version && \ /opt/jdk-17.0.16/bin/javac -version # 清理临时文件和缓存 RUN rm -rf /tmp/* /var/tmp/* /var/log/*log /var/log/nginx/*log \ /var/log/*.log /var/log/dmesg /var/log/audit/*log \ /root/.cache /*.repo.bak # 复制字体文件(如果需要) # COPY ./fonts/ /usr/share/fonts/ # RUN fc-cache -fv # 创建非 root 用户运行应用 RUN groupadd -r esxi && \ useradd -r -g esxi -m -d /app esxi && \ chown -R esxi:esxi /app && \ # 设置JDK目录权限 chown -R esxi:esxi $JAVA_HOME # 验证 JDK 安装 RUN $JAVA_HOME/bin/java -version && \ $JAVA_HOME/bin/javac -version # 设置最终工作目录 WORKDIR /opt/apps # # 切换到非root用户 # USER esxi # 健康检查(可选) HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \ CMD $JAVA_HOME/bin/java -version || exit 1 # 默认命令 CMD ["java", "-version"]