共享 Docker 文件和共享 Docker 图片之间的区别?
Difference between sharing a Dockerfile and a Docker image?
我正在努力更好地理解 Docker 最佳实践,并阐明以下两者之间的区别:
- 共享
Dockerfile(specs/build 配置),包括特定于语言的配置文件(例如 Python 的 requirements.txt 或 Node 的 package.json)。
和
- 通过注册表(例如 Docker Hub)创建和共享 Docker 图像?
在第一种情况下,用户需要克隆存储库以获取规格,运行 docker build 以创建映像。
_
在开始使用 Docker 或处理个人项目时,存储和共享“Docker 代码”(缺少更好的术语)的一般最佳做法是什么?
在哪种情况下更愿意通过注册表共享构建的映像?
TL;DR
正在本地推送 image to a public repository would enable others to pull the built image and run it. Providing access to the source code and Dockerfile would enable others to build 图像。它们并不相互排斥。
例如,我将 public 图像发布到 Docker Hub for running self-hosted GitHub Actions Runners in Kubernetes. The releases are done using GitHub Actions from the public GitHub repository. I plan on supporting released versions (tagged builds from a git tag) (i.e. if someone installs a released version and reports an issue) but at the same time everything is available for people to hack at it if they want too (+1 for opensource) without limits on what you're allowed to do (MIT License) - say you wanted to add some apt packages to the runner image, just do eeet then build and use your own image (... and if it makes sense for other users then maybe consider creating a pull request 进行更改)。
你绝对可以拥有一个私人存储库并发布 public 图片,但要注意,如果你想隐藏你的 codez 那么你应该期望像我这样的人 inspect your image if I get my hands on it so I'd suggest building compiled binaries (i.e. go program built FROM scratch) .
您当然也可以托管私人存储库并将图像发布到 private docker registry then control access to your images (i.e. distribute a docker-compose.yml configured with your private images and require that customer docker login 到 pull 图像)。
我正在努力更好地理解 Docker 最佳实践,并阐明以下两者之间的区别:
- 共享
Dockerfile(specs/build 配置),包括特定于语言的配置文件(例如 Python 的requirements.txt或 Node 的package.json)。
和
- 通过注册表(例如 Docker Hub)创建和共享 Docker 图像?
在第一种情况下,用户需要克隆存储库以获取规格,运行 docker build 以创建映像。
_
在开始使用 Docker 或处理个人项目时,存储和共享“Docker 代码”(缺少更好的术语)的一般最佳做法是什么?
在哪种情况下更愿意通过注册表共享构建的映像?
TL;DR
正在本地推送 image to a public repository would enable others to pull the built image and run it. Providing access to the source code and Dockerfile would enable others to build 图像。它们并不相互排斥。
例如,我将 public 图像发布到 Docker Hub for running self-hosted GitHub Actions Runners in Kubernetes. The releases are done using GitHub Actions from the public GitHub repository. I plan on supporting released versions (tagged builds from a git tag) (i.e. if someone installs a released version and reports an issue) but at the same time everything is available for people to hack at it if they want too (+1 for opensource) without limits on what you're allowed to do (MIT License) - say you wanted to add some apt packages to the runner image, just do eeet then build and use your own image (... and if it makes sense for other users then maybe consider creating a pull request 进行更改)。
你绝对可以拥有一个私人存储库并发布 public 图片,但要注意,如果你想隐藏你的 codez 那么你应该期望像我这样的人 inspect your image if I get my hands on it so I'd suggest building compiled binaries (i.e. go program built FROM scratch) .
您当然也可以托管私人存储库并将图像发布到 private docker registry then control access to your images (i.e. distribute a docker-compose.yml configured with your private images and require that customer docker login 到 pull 图像)。