问题描述
我是为开发人员提供docker映像的基础管理员。
我创建了 A映像,然后告诉docker run命令是
docker run --add-host = a-lic:10.0.0.1 --add-host = b-lic:10.0.0.2 A
每个开发人员都向我索要,请删除--add-host选项,因为它很长。
因此,如果可能的话,我想在docker build时编辑/ etc / hosts文件。
我发现 docker build --add- host
选项是从17.04
新创建的,但是它没有按我的预期工作。
有人说--add-host选项是仅在构建映像
时,另一个表示--add-host选项将按以下方式工作(我的想法)。
docker build --add-host = a-lic:10.0.0.1 -t A。
docker run -it A
而docker的文档不足以实现这一点。
$ docker build --help
用法:docker build [选项]路径|网址| -
从Dockerfile构建映像
选项:
--add-host list添加自定义的主机到IP映射(host:ip)
什么是正确的?
这是设计使然(请参阅 / ); -add-host
功能在构建过程中旨在允许在构建过程中覆盖主机,但 not 将该配置保留在映像中。 / p>
如果图像中会保留;
- 该图像不可移植(即只能在您的特定环境中使用)
- 图像将能够欺骗DNS(如果图像包含
google.com,该怎么办? 123.123.123.123
吗?)
正在运行图像的人控制主要主机,而不是映像作者;
可能的解决方案根据您的情况;
- 运行内部DNS;您可以设置要在守护程序中使用的默认DNS服务器;这样,每个启动的容器默认都会自动使用配置的DNS
- 使用docker compose并为您提供
docker-compose.yml
开发人员。 docker compose文件允许您指定启动容器时应使用的所有选项,因此开发人员只需docker compose up
即可使用所需的所有选项启动容器设置。
I am an infra admin for providing docker images to developers.
I created "A" images and then tell docker run command is
docker run --add-host=a-lic:10.0.0.1 --add-host=b-lic:10.0.0.2 A
every developers request to me, please remove --add-host option because it is long.So I want to edit /etc/hosts file when docker build if possible.
I find out docker build --add-host
option newly create from 17.04but it does not work as my expected.
someone said --add-host option is for only during building imageand another said --add-host option will work as below (my thoughts).
docker build --add-host=a-lic:10.0.0.1 -t A .
docker run -it A
And docker's documentation is not sufficient for this.
$ docker build --help
Usage: docker build [OPTIONS] PATH | URL | -
Build an image from a Dockerfile
Options:
--add-host list Add a custom host-to-IP mapping (host:ip)
What is the correct??
It's by design (see https://github.com/moby/moby/issues/34078#issuecomment-314798584 / https://github.com/moby/moby/pull/30383#issuecomment-314797629); the --add-host
feature during build is designed to allow overriding a host during build, but not to persist that configuration in the image.
If it would persist in the image;
- the image would not be portable (i.e., only work in your specific environment)
- images would be able to spoof DNS (what if an image contained
google.com 123.123.123.123
?)
The person running an image should remain in control over overriding hosts, not the image author; it's a runtime configuration.
Possible solutions For your situation;
- Run an internal DNS; you can set the default DNS server to use in the daemon; that way every container started will automatically use the configured DNS by default
- Use docker compose and provide a
docker-compose.yml
to your developers. The docker compose file allows you to specify all the options that should be used when starting a container, so developers could justdocker compose up
to start the container with all the options they need to set.
这篇关于docker build --add-host命令的问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!