Alpine简称高山的 是一款非常适合做k8s基础镜像的linux

  1. 小巧:基于Musl libc和busybox,和busybox一样小巧,最小的Docker镜像只有5MB;
  2. 安全:面向安全的轻量发行版;
  3. 简单:提供APK包管理工具,软件的搜索、安装、删除、升级都非常方便。
  4. 适合容器使用:由于小巧、功能完备,非常适合作为容器的基础镜像。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
# nodejs环境,
FROM alpine+glibc环境

WORKDIR /app

RUN  sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories &&\
apk --no-cache add ca-certificates wget &&\
wget -q -O /etc/apk/keys/sgerrand.rsa.pub http://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub &&\
wget http://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.28-r0/glibc-2.28-r0.apk &&\
apk add --no-cache npm &&\
apk add --no-cache nodejs &&\
apk add --no-cache glibc-2.28-r0.apk &&\
apk add --no-cache curl &&\
rm -rf * &&\
apk add --no-cache -U tzdata && \
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

构建推送至镜像仓库

1
docker build . -t registry.cn-shanghai.aliyuncs.com/******/cake:alpine-glibc-nodejs

2024更新

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
FROM alpine:latest AS builder

WORKDIR /app
RUN  sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories &&\
apk --no-cache add ca-certificates wget &&\
wget http://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.35-r1/glibc-2.35-r1.apk 

FROM alpine:latest
WORKDIR /app
COPY --from=builder /app/glibc-2.35-r1.apk .
RUN  sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories &&\
wget -q -O /etc/apk/keys/sgerrand.rsa.pub http://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub &&\
apk add --no-cache glibc-2.35-r1.apk &&\
rm -rf * &&\
apk add --no-cache -U tzdata && \

# 修改时区
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

# 设置环境变量,确保应用使用 glibc
ENV LD_LIBRARY_PATH /usr/glibc-compat/lib

# 构建docker build ./ -t alpine-glibc-shanghai:v1.0

测试

1
2
3
4
5
6
7
8
9
10
11
root@nvm-jscs02-sys-devops-03:/fei# docker run -it alpine-glibc-shanghai:v1.0 /bin/sh
/app # cat /etc/alpine-release 
3.20.3
/app # env
HOSTNAME=9cc999ef3a61
LD_LIBRARY_PATH=/usr/glibc-compat/lib
SHLVL=1
HOME=/root
TERM=xterm
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PWD=/app

接下去就可以用这个镜像作为golang程序的基础镜像了

例如:一个kratos程序容器化

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
root@nvm-jscs02-sys-devops-03:~/ares-build# tree 
.
├── api
│   └── interface
│       └── v1
│           ├── sync.bm.go
│           ├── sync.pb.go
│           ├── sync.proto
│           └── sync.swagger.json
├── app
│   └── interface
│       └── v1
│           ├── cmd
│           │   ├── main.go
│           │   ├── wire_gen.go
│           │   └── wire.go
│           ├── configs
│           │   ├── 忽略
│           └── internal
│               ├── biz
│               │   ├── 忽略
│               ├── data
│               │   ├── 忽略
│               ├── server
│               │   ├── grpc.go
│               │   └── http.go
│               └── service
│                   ├── 忽略

├── cloudrepo
...
├── dockerfile
├── go.mod
├── go.sum
└── utils
...
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
#dockerfile内容,多阶段构建
FROM golang:1.22 AS builder

WORKDIR /app

COPY . ./
RUN go env -w GOPROXY=https://mirrors.aliyun.com/goproxy/,direct
RUN go mod tidy
RUN go mod download

WORKDIR /app/app/interface/v1/cmd

RUN CGO_ENABLED=0 GOOS=linux go build -o ares .

# 这里用到了上一步构建的带glibc的alpine基础镜像
FROM alpine-glibc-shanghai:v1.0
WORKDIR /app
COPY --from=builder /app/app/interface/v1/cmd/ares .
RUN chmod +x ares
RUN mkdir configs
COPY --from=builder /app/app/interface/v1/configs/application.toml ./configs

EXPOSE 8001

CMD ["./ares"]