, CTO yathu, imakonda, imagwiritsa ntchito mwachangu ndikulimbikitsa Docker. M'nkhani yatsopano, akufotokoza momwe angapangire ogwiritsa ntchito ku Docker. Ntchito yolondola ndi iwo, chifukwa chiyani ogwiritsa ntchito sayenera kusiyidwa ndi ufulu wa mizu ndi momwe angathetsere vuto la zizindikiro zosagwirizana mu Dockerfile.
Njira zonse zomwe zili mumtsuko ziziyenda ngati wogwiritsa ntchito mizu, pokhapokha mutazifotokoza mwanjira yapadera. Izi zikuwoneka bwino kwambiri, chifukwa wosuta alibe zoletsa. Ichi ndichifukwa chake kugwira ntchito ngati mizu ndikolakwika pamalingaliro achitetezo. Ngati palibe amene ali ndi malingaliro abwino omwe amagwira ntchito pakompyuta yakomweko ndi ufulu wa mizu, ndiye kuti ambiri amayendetsa njira pansi pamizu.
Nthawi zonse pamakhala nsikidzi zomwe zimalola pulogalamu yaumbanda kuthawa mu chidebe ndikulowa pakompyuta yolandila. Kungoganiza zoyipa kwambiri, tiyenera kuwonetsetsa kuti njira zomwe zili mkati mwachidebe zimayendetsedwa ndi wogwiritsa ntchito yemwe alibe ufulu pamakina olandila.
Kupanga wosuta
Kupanga wosuta mu chidebe sikusiyana ndi kupanga mu magawo a Linux. Komabe, malamulo amatha kusiyanasiyana pazithunzi zosiyanasiyana.
Pakugawa kochokera ku debian, muyenera kuwonjezera zotsatirazi ku Dockerfile:
RUN groupadd --gid 2000 node
&& useradd --uid 2000 --gid node --shell /bin/bash --create-home nodeKwa alpine:
RUN addgroup -g 2000 node
&& adduser -u 2000 -G node -s /bin/sh -D node
Kuthamanga njira kuchokera kwa wogwiritsa
Kuti mugwiritse ntchito njira zonse zotsatila monga wogwiritsa ntchito UID 2000, thamangani:
USER 2000Kuti mugwiritse ntchito njira zonse zotsatila monga wogwiritsa ntchito node, thamangani:
USER nodeZowonjezera mu .
Kukweza mavoliyumu
Mukayika ma voliyumu mkati mwa chidebe, perekani wogwiritsa ntchito kuwerenga ndi/kapena kulemba mafayilo. Kuti muchite izi, UID (GID) ya wogwiritsa ntchito mu chidebe ndi wogwiritsa ntchito kunja kwa chidebe chomwe ali ndi zilolezo zoyenera kuti apeze fayiloyo ayenera kufanana. Pankhaniyi, mayina olowera alibe kanthu.
Nthawi zambiri pa kompyuta ya Linux, UID ndi GID ya wogwiritsa ntchito ndizofanana ndi 1000. Zozindikiritsa izi zimaperekedwa kwa wogwiritsa ntchito woyamba kompyutayo.
Kupeza zizindikiritso zanu ndikosavuta:
idMudzalandira zambiri za wosuta wanu.
Sinthani 2000 kuchokera kuzitsanzo ndi chizindikiritso chanu ndipo zonse zikhala bwino.
Kupereka UID ndi GID kwa wogwiritsa ntchito
Ngati wosuta adapangidwa kale, koma muyenera kusintha zizindikiritso, mutha kuchita motere:
RUN usermod -u 1000 node
&& groupmod -g 1000 node
Ngati mukugwiritsa ntchito chithunzi cha alpine, muyenera kukhazikitsa phukusi lamthunzi:
RUN apk add βno-cache shadowKupititsa ID ya wogwiritsa ntchito mkati mwa chidebe pomanga chithunzicho
Ngati ID yanu ndi ma ID a anthu onse omwe akugwira ntchitoyo zikugwirizana, ingotchulani ID iyi mu Dockerfile. Komabe, nthawi zambiri ma ID ogwiritsa ntchito samafanana.
Momwe mungakwaniritsire zomwe mukufuna sizidziwika nthawi yomweyo. Kwa ine, ichi chinali chinthu chovuta kwambiri pophunzira Docker. Ogwiritsa ntchito docker ambiri sazindikira kuti pali magawo osiyanasiyana m'moyo wa chithunzi. Choyamba, chithunzicho chimasonkhanitsidwa pogwiritsa ntchito Dockerfile. Mukamayendetsa chidebe kuchokera pa chithunzi, Dockerfile sigwiritsidwanso ntchito.
Kupanga kwa ogwiritsa ntchito kuyenera kuchitika chithunzicho chikamangidwa. Zomwezo zimagwiranso ntchito pozindikira wogwiritsa ntchito yemwe njira zake zimakhazikitsidwa. Izi zikutanthauza kuti tiyenera kudutsa UID (GID) mkati mwa chidebecho.
Malangizo amagwiritsidwa ntchito kugwiritsa ntchito zosintha zakunja mu Dockerfile ΠΈ . Kuyerekeza mwatsatanetsatane kwa malangizo .
Dockerfile
ARG UID=1000
ARG GID=1000
ENV UID=${UID}
ENV GID=${GID}
RUN usermod -u $UID node
&& groupmod -g $GID node
Mutha kupereka mikangano kudzera pa docker-compose motere:
kuyimbira
build:
context: ./src/backend
args:
UID: 1000
GID: 1000
PS Kuti mumvetse zovuta zonse za Docker, sikokwanira kuwerenga zolemba kapena zolemba. Muyenera kuyeseza kwambiri, muyenera kumva za Docker.
Source: www.habr.com