Dockerfile and container images
Building container images using a Dockerfile.
Here's a Dockerfile example that runs a simple nmap.
Dockerfile
# Start with a base image
FROM redhat/ubi8
# Maintainer information
LABEL org.opencontainers.image.authors="mail@clusterapps.com"
LABEL description="Simple Network scan"
# Run commands to build the container
# Do as much with the fewest RUN lines
RUN dnf -y update && \
dnf -y install \
nmap iproute procps-ng && \
bash && \
dnf clean all
# Entrypoint is the command that run when the ccontainer starts
ENTRYPOINT ["/usr/bin/nmap"]
# The arguments for the entrypoint
CMD ["-sn", "192.168.252.0/24"]
What to know about the file:
- FROM
The FROM is the base used for the new image.
- LABEL
LABEL adds metadata to an image
- RUN
The run command is that steps taken to build the image. Each RUN command will build an additional layer to the image. It is best to use the fewest RUN entries as possible.
- ENTRYPOINT
This is the what the container will run when it first starts. This might be a binary or a script that starts jobs or services.
- CMD
These are the arguments to the ENTRYPOINT. The CMD can be overwritten on the command line.
See https://docs.docker.com/engine/reference/builder/ for more detais.
Build, run, tag, and push
Build with a tag.
podman build -t nmap:latest .
Run the image with the built in CMD.
podman run nmap
Run with different CMD
podman run nmap -sT -Pn -p80 192.168.252.210
Tag for a repository
podman tag localhost/nmap:latest quay.io/clearyme/nmap:latest
Push to repository
podman push quay.io/clearyme/nmap:latest
No Comments