如何重用另一个dockerfile设置的docker映像?

时间:2018-10-04 10:10:49

标签: asp.net docker .net-core docker-compose dockerfile

我遇到了以下问题(不确定是否要实现这种正确模式,但这就是我对本主题的理解程度)

情况:

  • 我有一个具有多个项目(一些类库和两个服务)的ASP.NET core 2.1解决方案
  • 我想生成两个基于linux的docker容器:每个服务一个
  • 我希望其中两个使用相同的(自签名) SSL证书(不确定这是否是一种好的模式,但是它们将位于同一域中,并且两者都将与用户)
  • 我计划使用docker compose生成一个基础docker镜像,然后在两个服务docker中重用此基础
  • 我有一个仅适用于一个docker容器的解决方案,但两个容器似乎无法同时工作

问题:

  • 如果我的Dockerfile是由另一个Dockerfile创建的,那么该如何在我的Dockerfile中重用该镜像,并在docker-compose.yml文件中定义此行为?如何创建带有证书的docker镜像,以作为两个服务docker镜像的基础?
  • 上述构想的图案是否正确/正确/设计合理?设计上是否有可能改进?

这适用于一个容器:

docker-compose.yml: 

version: '3.4'
services:
  afr_webapi:
    image: afr/webapi:latest
    environment:
      - ASPNETCORE_ENVIRONMENT=Development
      - ASPNETCORE_URLS=https://+:443;http://+:80
    ports:
      - "53538:80"
      - "44376:443"
    build:
      context: .
      dockerfile: AFRWebAPI/Dockerfile
  #afr_webui: ... (an another service)

AFRWebAPI / Dockerfile: 

FROM microsoft/dotnet:2.1-aspnetcore-runtime AS base
WORKDIR /app
# Set password for the certificate as 1234
ENV certPassword 1234
# Use opnssl to generate a self signed certificate cert.pfx with password $env:certPassword
RUN openssl genrsa -des3 -passout pass:${certPassword} -out server.key 2048 \
    && openssl rsa -passin pass:${certPassword} -in server.key -out server.key \
    && openssl req -sha256 -new -key server.key -out server.csr -subj '/CN=localhost' \
    && openssl x509 -req -sha256 -days 365 -in server.csr -signkey server.key -out server.crt \
    && openssl pkcs12 -export -out cert.pfx -inkey server.key -in server.crt -certfile server.crt -passout pass:${certPassword}
# Expose port 443 for the application.
EXPOSE 443
EXPOSE 53538
EXPOSE 44376

FROM microsoft/dotnet:2.1-sdk AS build
WORKDIR /src
COPY . .
WORKDIR "/src"
RUN dir \
    && dotnet build "AFRCore/AFRCore.csproj" -c Release -o /app \
    && dotnet build "AFRCoreWorkflow/AFRCoreWorkflow.csproj" -c Release -o /app \
    && dotnet build "DBFHandler/DBFHandler.csproj" -c Release -o /app \
    && dotnet build "AFRInfrastructure/AFRInfrastructure.csproj" -c Release -o /app \
    && dotnet build "AFRWebAPI/AFRWebAPI.csproj" -c Release -o /app

FROM build AS publish
WORKDIR "/src/AFRWebAPI"
RUN dotnet publish "AFRWebAPI.csproj" -c Release -o /app

FROM base AS final
WORKDIR /app
COPY --from=publish /app .
ENTRYPOINT ["dotnet", "AFRWebAPI.dll"]

结果:

afr_webapi_1  | Hosting environment: Development
afr_webapi_1  | Content root path: /app
afr_webapi_1  | Now listening on: https://0.0.0.0:443
afr_webapi_1  | Application started. Press Ctrl+C to shut down.

当我想将证书生成部分移到另一个docker映像以供两个服务容器稍后重用时,上述模式不起作用:

(请注意,在此示例中,只有一个服务容器足以说明问题)

docker-compose.yml: 

version: '3.4'
services:
  afr_certbase:
    image: afr/certbase:latest                      # <------ This image I want to reuse ...
    build:
      context: .
      dockerfile: Certificate/Dockerfile
  afr_webapi:                                       # <------ ... during composing this image
    image: afr/webapi:latest
    environment:
      - ASPNETCORE_ENVIRONMENT=Development
      - ASPNETCORE_URLS=https://+:443;http://+:80
    ports:
      - "53538:80"
      - "44376:443"
    build:
      context: .
      dockerfile: AFRWebAPI/Dockerfile
    depends_on:
      - afr_certbase
  #afr_webui: ... (an another service)

证书/ Dockerfile: 

FROM microsoft/dotnet:2.1-aspnetcore-runtime AS cert_base   # <------- This should be an image used by the two services
# Set password for the certificate as 1234
ENV certPassword 1234
# Use opnssl to generate a self signed certificate cert.pfx with password $env:certPassword
RUN openssl genrsa -des3 -passout pass:${certPassword} -out server.key 2048 \
    && openssl rsa -passin pass:${certPassword} -in server.key -out server.key \
    && openssl req -sha256 -new -key server.key -out server.csr -subj '/CN=localhost' \
    && openssl x509 -req -sha256 -days 365 -in server.csr -signkey server.key -out server.crt \
    && openssl pkcs12 -export -out cert.pfx -inkey server.key -in server.crt -certfile server.crt -passout pass:${certPassword}
# Expose port 443 for the application.
EXPOSE 443

AFRWebAPI / Dockerfile: 

FROM afr/certbase:latest AS base            # <------- This is were I want to reuse the afr/certbase
WORKDIR /app
EXPOSE 53538
EXPOSE 44376

FROM microsoft/dotnet:2.1-sdk AS build
WORKDIR /src
COPY . .
WORKDIR "/src"
RUN dir \
    && dotnet build "AFRCore/AFRCore.csproj" -c Release -o /app \
    && dotnet build "AFRCoreWorkflow/AFRCoreWorkflow.csproj" -c Release -o /app \
    && dotnet build "DBFHandler/DBFHandler.csproj" -c Release -o /app \
    && dotnet build "AFRInfrastructure/AFRInfrastructure.csproj" -c Release -o /app \
    && dotnet build "AFRWebAPI/AFRWebAPI.csproj" -c Release -o /app

FROM build AS publish
WORKDIR "/src/AFRWebAPI"
RUN dir
RUN dotnet publish "AFRWebAPI.csproj" -c Release -o /app

FROM base AS final
WORKDIR /app
COPY --from=publish /app .
ENTRYPOINT ["dotnet", "AFRWebAPI.dll"]

结果:

afr_webapi_1    | Application startup exception: Interop+Crypto+OpenSslCryptographicException: error:2006D080:BIO routines:BIO_new_file:no such file
afr_webapi_1    |    at Interop.Crypto.CheckValidOpenSslHandle(SafeHandle handle)
afr_webapi_1    |    at Internal.Cryptography.Pal.CertificatePal.FromFile(String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
afr_webapi_1    |    at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
afr_webapi_1    |    at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password)
afr_webapi_1    |    at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions, String fileName, String password)
afr_webapi_1    |    at AFRWebAPI.Program.<>c__DisplayClass2_0.<BuildWebHost>b__1(ListenOptions listenOptions) in /src/AFRWebAPI/Program.cs:line 30
afr_webapi_1    |    at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerOptions.Listen(IPEndPoint endPoint, Action`1 configure)
afr_webapi_1    |    at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerOptions.Listen(IPAddress address, Int32 port, Action`1 configure)
afr_webapi_1    |    at Microsoft.Extensions.Options.ConfigureNamedOptions`1.Configure(String name, TOptions options)
afr_webapi_1    |    at Microsoft.Extensions.Options.OptionsFactory`1.Create(String name)
afr_webapi_1    |    at Microsoft.Extensions.Options.OptionsManager`1.<>c__DisplayClass5_0.<Get>b__0()
afr_webapi_1    |    at System.Lazy`1.ViaFactory(LazyThreadSafetyMode mode)
afr_webapi_1    |    at System.Lazy`1.ExecutionAndPublication(LazyHelper executionAndPublication, Boolean useDefaultConstructor)
afr_webapi_1    |    at System.Lazy`1.CreateValue()
afr_webapi_1    |    at Microsoft.Extensions.Options.OptionsCache`1.GetOrAdd(String name, Func`1 createOptions)
afr_webapi_1    |    at Microsoft.Extensions.Options.OptionsManager`1.Get(String name)
afr_webapi_1    |    at Microsoft.Extensions.Options.OptionsManager`1.get_Value()
afr_webapi_1    |    at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer.CreateServiceContext(IOptions`1 options, ILoggerFactory loggerFactory)
afr_webapi_1    |    at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer..ctor(IOptions`1 options, ITransportFactory transportFactory, ILoggerFactory loggerFactory)
afr_webapi_1    | --- End of stack trace from previous location where exception was thrown ---
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitConstructor(ConstructorCallSite constructorCallSite, ServiceProviderEngineScope scope)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSite(IServiceCallSite callSite, TArgument argument)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitScoped(ScopedCallSite scopedCallSite, ServiceProviderEngineScope scope)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitSingleton(SingletonCallSite singletonCallSite, ServiceProviderEngineScope scope)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSite(IServiceCallSite callSite, TArgument argument)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.DynamicServiceProviderEngine.<>c__DisplayClass1_0.<RealizeService>b__0(ServiceProviderEngineScope scope)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.ServiceProviderEngine.GetService(Type serviceType, ServiceProviderEngineScope serviceProviderEngineScope)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.ServiceProviderEngine.GetService(Type serviceType)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceProvider.GetService(Type serviceType)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetRequiredService(IServiceProvider provider, Type serviceType)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetRequiredService[T](IServiceProvider provider)
afr_webapi_1    |    at Microsoft.AspNetCore.Hosting.Internal.WebHost.EnsureServer()
afr_webapi_1    |    at Microsoft.AspNetCore.Hosting.Internal.WebHost.BuildApplication()
afr_webapi_1    | crit: Microsoft.AspNetCore.Hosting.Internal.WebHost[6]
afr_webapi_1    |       Application startup exception
afr_webapi_1    | Interop+Crypto+OpenSslCryptographicException: error:2006D080:BIO routines:BIO_new_file:no such file
afr_webapi_1    |    at Interop.Crypto.CheckValidOpenSslHandle(SafeHandle handle)
afr_webapi_1    |    at Internal.Cryptography.Pal.CertificatePal.FromFile(String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
afr_webapi_1    |    at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
afr_webapi_1    |    at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password)
afr_webapi_1    |    at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions, String fileName, String password)
afr_webapi_1    |    at AFRWebAPI.Program.<>c__DisplayClass2_0.<BuildWebHost>b__1(ListenOptions listenOptions) in /src/AFRWebAPI/Program.cs:line 30
afr_webapi_1    |    at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerOptions.Listen(IPEndPoint endPoint, Action`1 configure)
afr_webapi_1    |    at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerOptions.Listen(IPAddress address, Int32 port, Action`1 configure)
afr_webapi_1    |    at Microsoft.Extensions.Options.ConfigureNamedOptions`1.Configure(String name, TOptions options)
afr_webapi_1    |    at Microsoft.Extensions.Options.OptionsFactory`1.Create(String name)
afr_webapi_1    |    at Microsoft.Extensions.Options.OptionsManager`1.<>c__DisplayClass5_0.<Get>b__0()
afr_webapi_1    |    at System.Lazy`1.ViaFactory(LazyThreadSafetyMode mode)
afr_webapi_1    |    at System.Lazy`1.ExecutionAndPublication(LazyHelper executionAndPublication, Boolean useDefaultConstructor)
afr_webapi_1    |    at System.Lazy`1.CreateValue()
afr_webapi_1    |    at Microsoft.Extensions.Options.OptionsCache`1.GetOrAdd(String name, Func`1 createOptions)
afr_webapi_1    |    at Microsoft.Extensions.Options.OptionsManager`1.Get(String name)
afr_webapi_1    |    at Microsoft.Extensions.Options.OptionsManager`1.get_Value()
afr_webapi_1    |    at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer.CreateServiceContext(IOptions`1 options, ILoggerFactory loggerFactory)
afr_webapi_1    |    at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer..ctor(IOptions`1 options, ITransportFactory transportFactory, ILoggerFactory loggerFactory)
afr_webapi_1    | --- End of stack trace from previous location where exception was thrown ---
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitConstructor(ConstructorCallSite constructorCallSite, ServiceProviderEngineScope scope)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSite(IServiceCallSite callSite, TArgument argument)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitScoped(ScopedCallSite scopedCallSite, ServiceProviderEngineScope scope)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitSingleton(SingletonCallSite singletonCallSite, ServiceProviderEngineScope scope)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSite(IServiceCallSite callSite, TArgument argument)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.DynamicServiceProviderEngine.<>c__DisplayClass1_0.<RealizeService>b__0(ServiceProviderEngineScope scope)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.ServiceProviderEngine.GetService(Type serviceType, ServiceProviderEngineScope serviceProviderEngineScope)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.ServiceProviderEngine.GetService(Type serviceType)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceProvider.GetService(Type serviceType)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetRequiredService(IServiceProvider provider, Type serviceType)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetRequiredService[T](IServiceProvider provider)
afr_webapi_1    |    at Microsoft.AspNetCore.Hosting.Internal.WebHost.EnsureServer()
afr_webapi_1    |    at Microsoft.AspNetCore.Hosting.Internal.WebHost.BuildApplication()
afr_webapi_1    |
afr_webapi_1    | Unhandled Exception: Interop+Crypto+OpenSslCryptographicException: error:2006D080:BIO routines:BIO_new_file:no such file
afr_webapi_1    |    at Interop.Crypto.CheckValidOpenSslHandle(SafeHandle handle)
afr_webapi_1    |    at Internal.Cryptography.Pal.CertificatePal.FromFile(String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
afr_webapi_1    |    at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
afr_webapi_1    |    at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password)
afr_webapi_1    |    at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions, String fileName, String password)
afr_webapi_1    |    at AFRWebAPI.Program.<>c__DisplayClass2_0.<BuildWebHost>b__1(ListenOptions listenOptions) in /src/AFRWebAPI/Program.cs:line 30
afr_webapi_1    |    at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerOptions.Listen(IPEndPoint endPoint, Action`1 configure)
afr_webapi_1    |    at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerOptions.Listen(IPAddress address, Int32 port, Action`1 configure)
afr_webapi_1    |    at Microsoft.Extensions.Options.ConfigureNamedOptions`1.Configure(String name, TOptions options)
afr_webapi_1    |    at Microsoft.Extensions.Options.OptionsFactory`1.Create(String name)
afr_webapi_1    |    at Microsoft.Extensions.Options.OptionsManager`1.<>c__DisplayClass5_0.<Get>b__0()
afr_webapi_1    |    at System.Lazy`1.ViaFactory(LazyThreadSafetyMode mode)
afr_webapi_1    |    at System.Lazy`1.ExecutionAndPublication(LazyHelper executionAndPublication, Boolean useDefaultConstructor)
afr_webapi_1    |    at System.Lazy`1.CreateValue()
afr_webapi_1    |    at Microsoft.Extensions.Options.OptionsCache`1.GetOrAdd(String name, Func`1 createOptions)
afr_webapi_1    |    at Microsoft.Extensions.Options.OptionsManager`1.Get(String name)
afr_webapi_1    |    at Microsoft.Extensions.Options.OptionsManager`1.get_Value()
afr_webapi_1    |    at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer.CreateServiceContext(IOptions`1 options, ILoggerFactory loggerFactory)
afr_webapi_1    |    at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer..ctor(IOptions`1 options, ITransportFactory transportFactory, ILoggerFactory loggerFactory)
afr_webapi_1    | --- End of stack trace from previous location where exception was thrown ---
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitConstructor(ConstructorCallSite constructorCallSite, ServiceProviderEngineScope scope)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSite(IServiceCallSite callSite, TArgument argument)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitScoped(ScopedCallSite scopedCallSite, ServiceProviderEngineScope scope)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitSingleton(SingletonCallSite singletonCallSite, ServiceProviderEngineScope scope)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSite(IServiceCallSite callSite, TArgument argument)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.DynamicServiceProviderEngine.<>c__DisplayClass1_0.<RealizeService>b__0(ServiceProviderEngineScope scope)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.ServiceProviderEngine.GetService(Type serviceType, ServiceProviderEngineScope serviceProviderEngineScope)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceLookup.ServiceProviderEngine.GetService(Type serviceType)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceProvider.GetService(Type serviceType)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetRequiredService(IServiceProvider provider, Type serviceType)
afr_webapi_1    |    at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetRequiredService[T](IServiceProvider provider)
afr_webapi_1    |    at Microsoft.AspNetCore.Hosting.Internal.WebHost.EnsureServer()
afr_webapi_1    |    at Microsoft.AspNetCore.Hosting.Internal.WebHost.BuildApplication()
afr_webapi_1    |    at Microsoft.AspNetCore.Hosting.Internal.WebHost.StartAsync(CancellationToken cancellationToken)
afr_webapi_1    |    at Microsoft.AspNetCore.Hosting.WebHostExtensions.RunAsync(IWebHost host, CancellationToken token, String shutdownMessage)
afr_webapi_1    |    at Microsoft.AspNetCore.Hosting.WebHostExtensions.RunAsync(IWebHost host, CancellationToken token)
afr_webapi_1    |    at Microsoft.AspNetCore.Hosting.WebHostExtensions.Run(IWebHost host)
afr_webapi_1    |    at AFRWebAPI.Program.Main(String[] args) in /src/AFRWebAPI/Program.cs:line 14
aruforgalmirendszer_afr_webapi_1 exited with code 139

0 个答案:

没有答案
相关问题
最新问题