英文:
Unable to exec -it into the container
问题
从 golang:1.13.8-alpine3.11 作为构建环境
工作目录设为 /app
将所有的 .go 文件复制到 /app 目录下
运行命令:CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o docker-simple-app
从 scratch 镜像开始
复制构建环境中的 /app/docker-simple-app 到当前目录
暴露端口 8000
运行命令:["./docker-simple-app"]
错误信息:
OCI runtime exec failed: exec failed: container_linux.go:380: starting container process caused: exec: "-it": 可执行文件在 $PATH 中未找到: 未知
英文:
FROM golang:1.13.8-alpine3.11 as build-env
WORKDIR /app
COPY *.go /app
RUN CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o docker-simple-app
FROM scratch
COPY --from=build-env /app/docker-simple-app .
EXPOSE 8000
CMD ["./docker-simple-app"]
Error :
OCI runtime exec failed: exec failed: container_linux.go:380: starting container process caused: exec: "-it": executable file not found in $PATH: unknown
答案1
得分: 2
由于最终的镜像是一个FROM scratch镜像,它只包含/docker-simple-app二进制文件。你将无法使用docker exec执行其他任何操作,甚至无法使用交互式shell,因为在镜像中根本不存在。如果你有一种查看文件系统的方式(也许在应用程序代码中调用os.ReadDir?),你将看不到像你期望的/bin或/usr目录;没有/bin/sh可供运行。
通常情况下,这是可以接受的,特别是对于静态链接的Go应用程序来说:它给你一个非常轻量级的镜像(甚至比Alpine还要小),如果你担心最终用户阅读你的代码,这是Docker中最大的保护措施,而且由于镜像非常简单,如果可以使用docker exec的话,实际上没有什么可以调试的内容。
如果这对你很重要,将最终镜像改为FROM alpine将为你提供一个shell和一组基本的Unix工具,但会稍微增加一些空间成本。
英文:
Since the final image is a FROM scratch image, the only thing it contains at all is the /docker-simple-app binary. You won't be able to docker exec anything else, even an interactive shell, because it literally doesn't exist in the image. If you had some way of looking at the filesystem (maybe call os.ReadDir in your application code?) you wouldn't see a /bin or /usr directory the way you might expect; there is no /bin/sh to run.
This is usually fine, especially for a statically-linked Go application: it gives you a very lightweight image (even smaller than Alpine), if you're concerned about an end user reading your code this is the most protection it's possible to have in Docker, and since the image is so simple there's not really anything to debug if it were possible to use docker exec.
If this does matter to you, changing the final image to FROM alpine would give you a shell and a base set of Unix tools, at a small cost in space.
答案2
得分: 1
FROM golang:1.13.8-alpine3.11 as build-env
WORKDIR /app
COPY *.go /app
RUN CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o docker-simple-app
FROM scratch
WORKDIR /app
COPY --from=build-env /app/docker-simple-app .
EXPOSE 8000
CMD ["./docker-simple-app"]
你忘记为 scratch/base 容器指定 WORKDIR。
英文:
FROM golang:1.13.8-alpine3.11 as build-env
WORKDIR /app
COPY *.go /app
RUN CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o docker-simple-app
FROM scratch
WORKDIR /app
COPY --from=build-env /app/docker-simple-app .
EXPOSE 8000
CMD ["./docker-simple-app"]
You forgot to specify WORKDIR for scratch/base container
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论