if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \
if ! grep -q stretch /etc/apt/sources.list; then \
only add stretch if we’re not already building from within stretch
{ \
echo 'deb http://deb.debian.org/debian stretch main'; \
echo 'deb http://security.debian.org stretch/updates main'; \
echo 'deb http://deb.debian.org/debian stretch-updates main'; \
} > /etc/apt/sources.list.d/stretch.list; \
{ \
add a negative “Pin-Priority” so that we never ever get packages from stretch unless we explicitly request them
echo 'Package: *'; \
echo 'Pin: release n=stretch*'; \
echo 'Pin-Priority: -10'; \
echo; \
… except OpenSSL, which is the reason we’re here
echo 'Package: openssl libssl*'; \
echo "Pin: version $OPENSSL_VERSION"; \
echo 'Pin-Priority: 990'; \
} > /etc/apt/preferences.d/stretch-openssl; \
fi; \
apt-get update; \
apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \
rm -rf /var/lib/apt/lists/*; \
fi
RUN apt-get update && apt-get install -y --no-install-recommends
libapr1
&& rm -rf /var/lib/apt/lists/*
see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS
see also “update.sh” (https://github.com/docker-library/tomcat/blob/master/update.sh)
ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 713DA88BE50911535FE716F5208B0AB1D63011C7 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23
ENV TOMCAT_MAJOR 8
ENV TOMCAT_VERSION 8.0.50
ENV TOMCAT_SHA1 ec66581d322a8ef58e3988fc72e2c076968f3e2eENV TOMCAT_TGZ_URLS \
https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394
https://www.apache.org/dyn/closer.cgi?action=download&filename=tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz \
if the version is outdated, we might have to pull from the dist/archive 😕
https://www-us.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz \
https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz \
https://archive.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz
ENV TOMCAT_ASC_URLS
https://www.apache.org/dyn/closer.cgi?action=download&filename=tomcat/tomcat-TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc \
not all the mirrors actually carry the .asc files 😢
https://www-us.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc \
https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc \
https://archive.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc
RUN set -eux;
savedAptMark=“(mktemp -d)”;
for key in key";
done;
apt-get install -y --no-install-recommends wget ca-certificates;
success=;
for url in url"; then
success=1;
break;
fi;
done;
[ -n “TOMCAT_SHA1 *tomcat.tar.gz” | sha1sum -c -;
success=;
for url in url"; then
success=1;
break;
fi;
done;
[ -n “GNUPGHOME”;
nativeBuildDir=“nativeBuildDir” --strip-compnotallow=1;
apt-get install -y --no-install-recommends
dpkg-dev
gcc
libapr1-dev
libssl-dev
make
“openjdk-KaTeX parse error: Expected '}', got 'EOF' at end of input: …%[.~bu-]*}-jdk=JAVA_DEBIAN_VERSION”
;
(
export CATALINA_HOME=“nativeBuildDir/native”;
gnuArch=“gnuArch”
–libdir=“CATALINA_HOME”
–with-apr=“(docker-java-home)”
–with-ssl=yes;
make -j “nativeBuildDir”;
rm bin/tomcat-native.tar.gz;
\reset apt-mark’s “manual” list so that “purge --auto-remove” will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
sh removes env vars it doesn’t support (ones with periods)
https://github.com/docker-library/tomcat/issues/77
find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +
verify Tomcat Native is working properly
RUN set -e
&& nativeLines="KaTeX parse error: Expected 'EOF', got '&' at position 27: …h configtest 2>&̲1)" \ && nativ…(echo "KaTeX parse error: Expected 'EOF', got '&' at position 49: …t Native')" \ &̲& nativeLines="(echo “KaTeX parse error: Expected 'EOF', got '&' at position 29: …| sort -u)" \ &̲& if ! echo "nativeLines” | grep ‘INFO: Loaded APR based Apache Tomcat Native library’ >&2; then
echo >&2 "KaTeX parse error: Expected 'EOF', got '&' at position 39: …1; \ fi \ &̲& sed -i "107c …"1 \n echo “2” \n echo “3” \n if [ "$“3 == 1 ] \n then \n echo “1” \n sed -i ‘135,138d’ /usr/local/tomcat/conf/server.xml \n echo “2” \n else \n echo “3” \n fi” /usr/local/tomcat/bin/catalina.sh
this step can be cancel until this dockerfile is done
#RUN apt-get update && apt-get install -y \
vim \
&& rm -rf /var/lib/apt/lists/*
#EXPOSE 8080
#CMD [“catalina.sh”, “run”]
#MAINTAINER admin admin@domain.com ENTRYPOINT [“catalina.sh”,“run”]
将dockerfile生成镜像tomcat:wave1.0
启动时:
docker run -it --name mdhtomcat -d -p 80:8080 tomcat:wave1.0 :默认走catalina.sh命令;默认访问日志开启;
docker run -it --name mdhtomcat -d -p 80:8080 tomcat:wave1.0 catalina.sh 1 :通过传参1,告诉catalina.sh 修改server.xml,该容器不开启访问日志。
3.注意点
ENTRYPOINT和CMD的区别;
sed中如果需要传送特殊字符($),需要用 [“”]括住。
往\*.sh文件中插入语句时,如果需要使用换行符,则用:[ \n ]
shell中 if 的判断中[ 空格 a == b 空格 ],其中 == 用于数值,-eq 用于字符串
4.附录一些docker的基本命令
[docker build -t tomcat:wave1.0 . ]
[docker run -it --name mdhtomcat -d -p 80:8080 tomcat:wave1.0]