특정 컨테이너 이미지에 대한 build 내용을 확인하고 싶은데 어떻게 해야 할까?
구글링을 통해 Dockerfile 원본 수준의 내용을 추출하는 정도까지는 아니지만 유사한 내용을 확인할 수 있는 방법을 확인하여 그 내용을 정리한다.
$ # alias 설정을 통해 dfimage 별칭을 구성한다.
$ alias dfimage="docker run -v /var/run/docker.sock:/var/run/docker.sock --rm alpine/dfimage"
$ # nginx:latest 이미지의 build 내용을 확인한다.
$ dfimage -sV=1.36 nginx:latestdfimage 별칭을 통해 명령어를 실행하면 dockerhub에서 alpine/dfimage 이미지를 다운로드 한 이후, 비교대상인 ngnix:latest 이미지와의 차이점 (확인하고자 하는 Dockerfile의 설정 내용)을 보여준다.
(이때 -sV=1.36 옵션은 필수는 아니다/)
[root@vm11 ~]# alias dfimage="docker run -v /var/run/docker.sock:/var/run/docker.sock --rm alpine/dfimage"
[root@vm11 ~]# dfimage -sV=1.36 nginx:latest
Unable to find image 'alpine/dfimage:latest' locally
latest: Pulling from alpine/dfimage
df20fa9351a1: Pull complete
820dbffe2156: Pull complete
Digest: sha256:4a271e763d51b7f3cca72eac9bf508502c032665dde0e4c8d5fcf6376600f64a
Status: Downloaded newer image for alpine/dfimage:latest
latest: Pulling from library/nginx
b85a868b505f: Pulling fs layer
f4407ba1f103: Pulling fs layer
4a7307612456: Pulling fs layer
935cecace2a0: Pulling fs layer
8f46223e4234: Pulling fs layer
fe0ef4c895f5: Pulling fs layer
8f46223e4234: Verifying Checksum
8f46223e4234: Download complete
4a7307612456: Verifying Checksum
4a7307612456: Download complete
fe0ef4c895f5: Verifying Checksum
fe0ef4c895f5: Download complete
935cecace2a0: Download complete
f4407ba1f103: Verifying Checksum
f4407ba1f103: Download complete
b85a868b505f: Download complete
b85a868b505f: Pull complete
f4407ba1f103: Pull complete
4a7307612456: Pull complete
935cecace2a0: Pull complete
8f46223e4234: Pull complete
fe0ef4c895f5: Pull complete
Digest: sha256:10f14ffa93f8dedf1057897b745e5ac72ac5655c299dade0aa434c71557697ea
Status: Downloaded newer image for nginx:latest
Analyzing nginx:latest
Docker Version: 20.10.12
GraphDriver: overlay2
Environment Variables
|PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
|NGINX_VERSION=1.23.0
|NJS_VERSION=0.7.5
|PKG_RELEASE=1~bullseye
Open Ports
|80
Image user
|User is root
Potential secrets:
Dockerfile:
CMD ["bash"]
LABEL maintainer=NGINX Docker Maintainers <docker-maint@nginx.com>
ENV NGINX_VERSION=1.23.0
ENV NJS_VERSION=0.7.5
ENV PKG_RELEASE=1~bullseye
RUN set -x \
&& addgroup --system --gid 101 nginx \
&& adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 101 nginx \
&& apt-get update \
&& apt-get install --no-install-recommends --no-install-suggests -y gnupg1 ca-certificates \
&& NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; found=''; for server in hkp://keyserver.ubuntu.com:80 pgp.mit.edu ; do echo "Fetching GPG key $NGINX_GPGKEY from $server"; apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" \
&& found=yes \
&& break; done; test -z "$found" \
&& echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" \
&& exit 1; apt-get remove --purge --auto-remove -y gnupg1 \
&& rm -rf /var/lib/apt/lists/* \
&& dpkgArch="$(dpkg --print-architecture)" \
&& nginxPackages=" nginx=${NGINX_VERSION}-${PKG_RELEASE} nginx-module-xslt=${NGINX_VERSION}-${PKG_RELEASE} nginx-module-geoip=${NGINX_VERSION}-${PKG_RELEASE} nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE} nginx-module-njs=${NGINX_VERSION}+${NJS_VERSION}-${PKG_RELEASE} " \
&& case "$dpkgArch" in amd64|arm64) echo "deb https://nginx.org/packages/mainline/debian/ bullseye nginx" >> /etc/apt/sources.list.d/nginx.list \
&& apt-get update ;; *) echo "deb-src https://nginx.org/packages/mainline/debian/ bullseye nginx" >> /etc/apt/sources.list.d/nginx.list \
&& tempDir="$(mktemp -d)" \
&& chmod 777 "$tempDir" \
&& savedAptMark="$(apt-mark showmanual)" \
&& apt-get update \
&& apt-get build-dep -y $nginxPackages \
&& ( cd "$tempDir" \
&& DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" apt-get source --compile $nginxPackages ) \
&& apt-mark showmanual | xargs apt-mark auto > /dev/null \
&& { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \
&& ls -lAFh "$tempDir" \
&& ( cd "$tempDir" \
&& dpkg-scanpackages . > Packages ) \
&& grep '^Package: ' "$tempDir/Packages" \
&& echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list \
&& apt-get -o Acquire::GzipIndexes=false update ;; esac \
&& apt-get install --no-install-recommends --no-install-suggests -y $nginxPackages gettext-base curl \
&& apt-get remove --purge --auto-remove -y \
&& rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \
&& if [ -n "$tempDir" ]; then apt-get purge -y --auto-remove \
&& rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; fi \
&& ln -sf /dev/stdout /var/log/nginx/access.log \
&& ln -sf /dev/stderr /var/log/nginx/error.log \
&& mkdir /docker-entrypoint.d
COPY file:65504f71f5855ca017fb64d502ce873a31b2e0decd75297a8fb0a287f97acf92 in /
docker-entrypoint.sh
COPY file:0b866ff3fc1ef5b03c4e6c8c513ae014f691fb05d530257dfffd07035c1b75da in /docker-entrypoint.d
docker-entrypoint.d/
docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
COPY file:0fd5fca330dcd6a7de297435e32af634f29f7132ed0550d342cad9fd20158258 in /docker-entrypoint.d
docker-entrypoint.d/
docker-entrypoint.d/20-envsubst-on-templates.sh
COPY file:09a214a3e07c919af2fb2d7c749ccbc446b8c10eb217366e5a65640ee9edcc25 in /docker-entrypoint.d
docker-entrypoint.d/
docker-entrypoint.d/30-tune-worker-processes.sh
ENTRYPOINT ["/docker-entrypoint.sh"]
EXPOSE 80
STOPSIGNAL SIGQUIT
CMD ["nginx" "-g" "daemon off;"]
[root@vm11 ~]#
추가로, 비교 대상의 layer 간 파일 변경 사항을 확인하는 방법도 있다.
$ alias dive="docker run -ti --rm -v /var/run/docker.sock:/var/run/docker.sock wagoodman/dive"
$ dive nginx:latest
출처: https://stackoverflow.com/questions/19104847/how-to-generate-a-dockerfile-from-an-image
How to generate a Dockerfile from an image?
Is it possible to generate a Dockerfile from an image? I want to know for two reasons: I can download images from the repository but would like to see the recipe that generated them. I like the i...
stackoverflow.com
'IT > Container' 카테고리의 다른 글
| Private Docker Register 구성기 (Root CA 인증서가 필요하다!) (0) | 2022.05.23 |
|---|---|
| Hyper-V 에 VM을 만들어 kubernetes 클러스터 구성하기 (0) | 2022.05.22 |
| 쿠버네티스란 무엇인가? (0) | 2022.05.16 |
