We write CI by declaring the mirror as the execution environment for the job, and each job is executed in a pure container. Sometimes, we need a Docker container environment to perform docker build, Docker push, and so on. Docker :latest, Docker :dind, and Docker :git

docker:dind

The image contains the Docker client (command line tool) and the Docker daemon.

By using docker history Docker :dind command, we can find that Docker :dind is a daemon installed on the basis of Docker :latest, and the last two build commands are:

IMAGE CREATED CREATED BY SIZE COMMENT 66dc2d45749a 8 weeks ago /bin/sh -c #(nop) CMD [] 0B <missing> 8 weeks ago /bin/sh -c #(nop) ENTRYPOINT ["dockerd-entr... 0B...Copy the code

The sh CMD parameter cannot be specified when the image is run. The dockerd-entrypoint.sh command does not start the Docker daemon after receiving this parameter. To properly start the Docker daemon in the container and enter the container, you need to do the following steps:

$ docker run -d --name dind --privileged docker:dind # start container
$ docker logs -f dind View the startup log
$ docker exec -it dind sh # Enter container
Copy the code

When docker: Dind container is started, the parameter — Privileged must be added, otherwise docker Daemon will report an error when started.

docker:latest

This image only contains Docker client, which needs to be supported by Docker daemon. You can use Docker :dind or mount /var/run/docker.sock from the host.

The image boot does not require the –privileged parameter.

Docker history docker:latest CMD default is sh:

81f5749c9058 3 months ago /bin/sh -c #(nop) CMD ["sh"] 0B <missing> 3 months ago /bin/sh -c #(nop) ENTRYPOINT [" docker - entry... 0 b...Copy the code

Boot method 1: Mount the sock file on the host

$ docker run -it --rm -v /var/run/docker.sock:/var/run/docker.sock docker:latest
Copy the code

Startup mode 2: With Docker: Dind

Put docker: Dind and docker:latest on the same network and alias the dind container as docker because the default daemon host in the latest container is docker.

Docker: Dind will generate the certificate to the directory specified by the environment variable DOCKER_TLS_CERTDIR. The certificate needs to be mounted and supplied to the Docker: Latest container for use.

$docker run --privileged --name some-docker -d \ --network some-network --network-alias docker \ -e DOCKER_TLS_CERTDIR=/certs \ -v some-docker-certs-ca:/certs/ca \ -v some-docker-certs-client:/certs/client \ docker:dind
$docker run --rm --network some-network \ -e DOCKER_TLS_CERTDIR=/certs \ -v some-docker-certs-client:/certs/client:ro \ docker:latest
Copy the code

docker:git

Git is the latest docker command that contains git.

Refer to the link

  • Docker Hub – docker