随着云计算和微服务架构的发展,支持多种CPU架构(如AMD64、ARM64等)的容器镜像构建能力对于确保应用程序的广泛兼容性和高效部署变得至关重要。Docker Buildx作为官方提供的增强工具,使得开发者能够更简单、更高效地为不同架构创建一致的容器镜像,极大地提升了开发效率和应用的可移植性。
01
Docker Buildx是什么?
Docker Buildx 是 Docker 官方提供的一个 CLI 插件,用于扩展 Docker 的构建能力。它使得用户可以创建多平台(包括不同的CPU架构如AMD64、ARM等)的 Docker 镜像,并且支持更复杂的构建场景。以下是 Docker Buildx 的一些关键特性:
-
多平台镜像构建:Buildx 可以在单一平台上生成适用于多种不同 CPU 架构和操作系统的 Docker 镜像。这对于需要支持多个目标环境的应用程序特别有用。
-
Builder 实例管理:允许用户管理和使用多个 builder 实例,每个实例都可以配置为特定的构建选项集。这有助于优化构建过程,特别是在 CI/CD 管道中。
-
分布式构建:通过与远程构建节点结合,Buildx 支持分布式构建,从而加速了大型项目的构建时间。
02
配置Docker Buildx环境
先决条件
-
Docker版本: 19.03 或者 更高版本;
-
内核版本:高于或者等于4.8;
下载buildx工具
$ sudo mkdir -p /root/.docker/cli-plugins
$ sudo curl -L -o /root/.docker/cli-plugins/docker-buildx https://github.com/docker/buildx/releases/download/v0.20.1/buildx-v0.20.1.linux-amd64
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
100 62.2M 100 62.2M 0 0 11.2M 0 0:00:05 0:00:05 --:--:-- 14.1M
$ sudo chmod +x /root/.docker/cli-plugins/docker-buildx
$ docker buildx version
github.com/docker/buildx v0.20.1 245093b99ab74aa2c729a496759afca0704d6470创建builder实例
# builder配置
$ cat <<'EOF' | tee /tmp/buildkitd.toml > /dev/null
debug = true
[registry."docker.io"]
mirrors = ["https://docker.xuanyuan.me"]
[registry."core.jiaxzeng.com"]
ca=["/etc/docker/certs.d/core.jiaxzeng.com/ca.crt"]
EOF
# 创建builder实例
$ sudo docker buildx create --use --name mybuilder --driver docker-container --config /tmp/buildkitd.toml
# 查看builder详情并初始化
$ sudo docker buildx inspect --bootstrap
[+] Building 8.7s (1/1) FINISHED
=> [internal] booting buildkit 8.7s
=> => pulling image moby/buildkit:buildx-stable-1 7.9s
=> => creating container buildx_buildkit_mybuilder0 0.8s
Name: mybuilder
Driver: docker-container
Last Activity: 2025-01-23 09:06:53 +0000 UTC
Nodes:
Name: mybuilder0
Endpoint: unix:///var/run/docker.sock
Status: running
BuildKit daemon flags: --allow-insecure-entitlement=network.host
BuildKit version: v0.18.2
Platforms: linux/amd64, linux/amd64/v2, linux/amd64/v3, linux/386
Labels:
org.mobyproject.buildkit.worker.executor: oci
org.mobyproject.buildkit.worker.hostname: 9dfffc994d5e
org.mobyproject.buildkit.worker.network: host
org.mobyproject.buildkit.worker.oci.process-mode: sandbox
org.mobyproject.buildkit.worker.selinux.enabled: false
org.mobyproject.buildkit.worker.snapshotter: overlayfs
GC Policy rule#0:
All: false
Filters: type==source.local,type==exec.cachemount,type==source.git.checkout
Keep Duration: 48h0m0s
Max Used Space: 488.3MiB
GC Policy rule#1:
All: false
Keep Duration: 1440h0m0s
Reserved Space: 6.519GiB
Max Used Space: 46.57GiB
Min Free Space: 12.11GiB
GC Policy rule#2:
All: false
Reserved Space: 6.519GiB
Max Used Space: 46.57GiB
Min Free Space: 12.11GiB
GC Policy rule#3:
All: true
Reserved Space: 6.519GiB
Max Used Space: 46.57GiB
Min Free Space: 12.11GiB
File#buildkitd.toml:
> debug = true
>
> [registry]
>
> [registry."core.jiaxzeng.com"]
> ca = ["/etc/buildkit/certs/core.jiaxzeng.com/ca.crt"]
>
> [registry."docker.io"]
> mirrors = ["https://docker.xuanyuan.me"]
>
File#certs/core.jiaxzeng.com/ca.crt:
> -----BEGIN CERTIFICATE-----
> -----END CERTIFICATE-----
> 03
构建多架构镜像
# harbor仓库域名解析
$ sudo docker exec -it buildx_buildkit_mybuilder0 sh
/ # echo '172.139.20.100 core.jiaxzeng.com' >> /etc/hosts
/ # exit
# 测试dockerfile
$ mkdir client
$ cd client ; echo "FROM ubuntu:24.10" > client/Dockerfile
# 打包(amd64和arm64)镜像并推送到harbor仓库
$ sudo docker buildx build --platform linux/amd64,linux/arm64 -t core.jiaxzeng.com/jiaxzeng/ubuntu:24.10 . --push
[+] Building 13.9s (8/8) FINISHED docker-container:mybuilder
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 114B 0.0s
=> [linux/arm64 internal] load metadata for docker.io/library/ubuntu:24.10 2.2s
=> [linux/amd64 internal] load metadata for docker.io/library/ubuntu:24.10 2.2s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [linux/amd64 1/1] FROM docker.io/library/ubuntu:24.10@sha256:102bc1874fdb136fc2d218473f03cf84135cb7496fefdb9c026c0f553cfe1b 3.2s
=> => resolve docker.io/library/ubuntu:24.10@sha256:102bc1874fdb136fc2d218473f03cf84135cb7496fefdb9c026c0f553cfe1b6d 0.0s
=> => sha256:31734b193a814b7d6f96f0d11a89c942ca61ac79d819105323c548bf31f98613 30.60MB / 30.60MB 3.1s
=> [linux/arm64 1/1] FROM docker.io/library/ubuntu:24.10@sha256:102bc1874fdb136fc2d218473f03cf84135cb7496fefdb9c026c0f553cfe1b 3.2s
=> => resolve docker.io/library/ubuntu:24.10@sha256:102bc1874fdb136fc2d218473f03cf84135cb7496fefdb9c026c0f553cfe1b6d 0.1s
=> => sha256:6d229850a7784435237486a1406ffb5a4f0a4ac3b993928d18b30ad6853c6845 30.28MB / 30.28MB 3.1s
=> exporting to image 11.3s
=> => exporting layers 0.0s
=> => exporting manifest sha256:a5709cca2e8eb8a3f8a4a229908243157ab1540354da2e61d963d2c265ec3a39 0.0s
=> => exporting config sha256:9de79a04b0228fb28eed03e8ed10f06a8ffcc91ac829efb610b38671a977b2b0 0.0s
=> => exporting attestation manifest sha256:9669a69ca1922978abab2d3b986d519e38f2c346495d41acef1401caa6813054 0.0s
=> => exporting manifest sha256:4d303832d7426116b976da22e186b8f33b938cacc08e301ccd687882552d95ea 0.0s
=> => exporting config sha256:c750db44f0b78436edd21d12f63402fc4871f800c335dd3074d4be627460df57 0.0s
=> => exporting attestation manifest sha256:ede6cdf8fc654e023f2babc788511de4330813d57c929613334274c9c5093ee9 0.0s
=> => exporting manifest list sha256:42f944bbe891cad6a9fbca47c2a9f7f0c435042abe7981060137dabdf06e59a6 0.0s
=> => pushing layers 7.6s
=> => pushing manifest for core.jiaxzeng.com/jiaxzeng/ubuntu:24.10@sha256:42f944bbe891cad6a9fbca47c2a9f7f0c435042abe7981060137 3.4s
=> [auth] jiaxzeng/ubuntu:pull,push token for core.jiaxzeng.com Tip:
-
私有仓库做域名解析
-
主机需要docker login
-
主机需要信任私有仓库证书
验证
04
结语
通过利用Docker Buildx进行多平台架构镜像构建,不仅简化了开发者的日常工作流程,也确保了应用程序能够在多种环境中稳定运行。随着技术的不断演进,我们期待Docker Buildx能带来更多创新功能,继续推动容器化技术和云原生应用的发展,帮助开发者更好地满足多样化的业务需求。
扫一扫
1110
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
