官网文档: docker buildx
GitHub 地址: moby/buildkit
参考文档: Building Multi-Architecture Docker Images With Buildx
Docker Buildx 是一个 CLI 插件,它扩展了 docker 命令,完全支持 Moby BuildKit 构建器工具包提供的功能。它提供与 docker build 相同的用户体验,具有许多新功能,例如创建作用域构建器实例和同时针对多个节点进行构建。
注意: 如果是 CentOS 系统,建议升级内核到 4.19.x 版本,否则安装 qemu-user-static 时会出问题,如下
1 | # docker run --rm --privileged multiarch/qemu-user-static --reset --persistent yes |
开启 buildx 功能
默认情况下,buildx 已经在安装包里面了,在 ~/.docker/config.json
增加 “experimental”: “enabled” 配置,即可永久开启 buildx 命令。
也可以设置环境变量 export DOCKER_CLI_EXPERIMENTAL=enabled
临时开启 buildx 功能。
注意: 是家目录的 client 端的配置,不是
/etc
下的配置
可以执行以下命令查看是否开启 buildx 功能
1
2
3
4
5
6
7
8# docker version
Client: Docker Engine - Community
...
Experimental: true
Server: Docker Engine - Community
...可以输入以下命令查看帮助命令
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26# docker buildx
Usage: docker buildx [OPTIONS] COMMAND
Extended build capabilities with BuildKit
Options:
--builder string Override the configured builder instance
Management Commands:
imagetools Commands to work on images in registry
Commands:
bake Build from a file
build Start a build
create Create a new builder instance
du Disk usage
inspect Inspect current builder instance
ls List builder instances
prune Remove build cache
rm Remove a builder instance
stop Stop builder instance
use Set the current builder instance
version Show buildx version information
Run 'docker buildx COMMAND --help' for more information on a command.
构建多架构镜像
准备 Dockerfile 文件
准备一个 Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41FROM ubuntu:20.04
LABEL maintainer=2350686113@qq.com
# 配置环境变量,不然构建镜像时会卡在时区选择界面
ENV DEBIAN_FRONTEND=noninteractive
# Fiscobcos 版本
ENV FISCBCOS_VERSION="v2.9.0"
# 配置代理,加速从 GitHub 上下载文件
ENV http_proxy=http://10.1.10.51:8888
ENV https_proxy=http://10.1.10.51:8888
# 安装基础运行环境依赖
RUN sed -i s@/archive.ubuntu.com/@/mirrors.aliyun.com/@g /etc/apt/sources.list; \
sed -i s@/security.ubuntu.com/@/mirrors.aliyun.com/@g /etc/apt/sources.list; \
apt-get -q update; \
apt-get install -qy --no-install-recommends ca-certificates curl tzdata libssl-dev zlib1g-dev; \
ln -fs /usr/share/zoneinfo/Asia/Shanghai /etc/localtime; \
echo "Asia/Shanghai" > /etc/timezone; \
rm -rf /var/lib/apt/lists/*
# 下载 Fiscobcos 二进制文件
RUN arch="$(uname -m)"; \
if [ "$arch" == "aarch64" ]; then \
curl -fL -o /usr/local/src/fisco-bcos.tar.gz "https://github.com/FISCO-BCOS/FISCO-BCOS/releases/download/${FISCBCOS_VERSION}/fisco-bcos-aarch64.tar.gz" && \
/usr/bin/tar xvf /usr/local/src/fisco-bcos.tar.gz -C /usr/local/bin/; \
elif [ "$arch" == "x86_64" ]; then \
curl -fL -o /usr/local/src/fisco-bcos.tar.gz "https://github.com/FISCO-BCOS/FISCO-BCOS/releases/download/${FISCBCOS_VERSION}/fisco-bcos.tar.gz" && \
/usr/bin/tar xvf /usr/local/src/fisco-bcos.tar.gz -C /usr/local/bin/; \
else \
echo "error: unsupported architecture: '$arch'"; \
fi
EXPOSE 20200 30300 8545
ENTRYPOINT ["/usr/local/bin/fisco-bcos"]
CMD ["--version"]
推送镜像到 Docker Hub
查看当前所有的 builder
1
2
3
4# docker buildx ls
NAME/NODE DRIVER/ENDPOINT STATUS PLATFORMS
default * docker
default default running linux/amd64, linux/386创建一个新的 builder
1
docker buildx create --use --name mybuilder
安装 emulators
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40# docker run --privileged --rm tonistiigi/binfmt --install all
installing: s390x cannot register "/usr/bin/qemu-s390x" to /proc/sys/fs/binfmt_misc/register: write /proc/sys/fs/binfmt_misc/register: invalid argument
installing: ppc64le cannot register "/usr/bin/qemu-ppc64le" to /proc/sys/fs/binfmt_misc/register: write /proc/sys/fs/binfmt_misc/register: invalid argument
installing: riscv64 cannot register "/usr/bin/qemu-riscv64" to /proc/sys/fs/binfmt_misc/register: write /proc/sys/fs/binfmt_misc/register: invalid argument
installing: mips64le cannot register "/usr/bin/qemu-mips64el" to /proc/sys/fs/binfmt_misc/register: write /proc/sys/fs/binfmt_misc/register: invalid argument
installing: mips64 cannot register "/usr/bin/qemu-mips64" to /proc/sys/fs/binfmt_misc/register: write /proc/sys/fs/binfmt_misc/register: invalid argument
installing: arm64 cannot register "/usr/bin/qemu-aarch64" to /proc/sys/fs/binfmt_misc/register: write /proc/sys/fs/binfmt_misc/register: invalid argument
installing: arm cannot register "/usr/bin/qemu-arm" to /proc/sys/fs/binfmt_misc/register: write /proc/sys/fs/binfmt_misc/register: invalid argument
{
"supported": [
"linux/amd64",
"linux/386"
],
"emulators": null
}
```
4. 启动 builder
```bash
# docker buildx inspect --bootstrap
[+] Building 17.8s (1/1) FINISHED
=> [internal] booting buildkit 17.8s
=> => pulling image moby/buildkit:buildx-stable-1 15.8s
=> => creating container buildx_buildkit_mybuilder0 2.1s
Name: mybuilder
Driver: docker-container
Nodes:
Name: mybuilder0
Endpoint: unix:///var/run/docker.sock
Status: running
Platforms: linux/amd64, linux/arm64, linux/riscv64, linux/ppc64le, linux/s390x, linux/386, linux/mips64le, linux/mips64, linux/arm/v7, linux/arm/v6
# docker buildx ls
NAME/NODE DRIVER/ENDPOINT STATUS PLATFORMS
mybuilder * docker-container
mybuilder0 unix:///var/run/docker.sock running linux/amd64, linux/arm64, linux/riscv64, linux/ppc64le, linux/s390x, linux/386, linux/mips64le, linux/mips64, linux/arm/v7, linux/arm/v6
default docker
default default running linux/amd64, linux/386构建多架构镜像,并推送到 Docker Hub
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30# docker buildx build --platform linux/amd64,linux/arm64,linux/arm/v7 -t 59izt/multiarch:latest --push .
[+] Building 9.8s (13/13) FINISHED
=> [internal] load build definition from Dockerfile 0.1s
=> => transferring dockerfile: 60B 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [linux/arm/v7 internal] load metadata for docker.io/library/python:3.7-alpine 1.1s
=> [linux/amd64 internal] load metadata for docker.io/library/python:3.7-alpine 1.1s
=> [linux/arm64 internal] load metadata for docker.io/library/python:3.7-alpine 0.9s
=> [linux/arm64 1/1] FROM docker.io/library/python:3.7-alpine@sha256:758afaffeca55f84200cc2344373c2569768c0b07f3e79bdfd13a9c64adfc02f 0.1s
=> => resolve docker.io/library/python:3.7-alpine@sha256:758afaffeca55f84200cc2344373c2569768c0b07f3e79bdfd13a9c64adfc02f 0.0s
=> [linux/amd64 1/1] FROM docker.io/library/python:3.7-alpine@sha256:758afaffeca55f84200cc2344373c2569768c0b07f3e79bdfd13a9c64adfc02f 0.1s
=> => resolve docker.io/library/python:3.7-alpine@sha256:758afaffeca55f84200cc2344373c2569768c0b07f3e79bdfd13a9c64adfc02f 0.0s
=> [linux/arm/v7 1/1] FROM docker.io/library/python:3.7-alpine@sha256:758afaffeca55f84200cc2344373c2569768c0b07f3e79bdfd13a9c64adfc02f 0.1s
=> => resolve docker.io/library/python:3.7-alpine@sha256:758afaffeca55f84200cc2344373c2569768c0b07f3e79bdfd13a9c64adfc02f 0.0s
=> exporting to image 7.8s
=> => exporting layers 0.0s
=> => exporting manifest sha256:0033c5fef83e9b9ac1345213481e767f9f8c42775ca6d4889a75511c8f747757 0.0s
=> => exporting config sha256:095df7dcabb002c0d1548defadb2ced55c68008bb26d100911cd2e2559cf39d3 0.0s
=> => exporting manifest sha256:e3aa3b11c7e1cf6df0b68fcda63de205282c186d5e428f2af01906d4c4721f5b 0.0s
=> => exporting config sha256:1d36e352dbdacc4aea6acc01d1cd71eeb72dda07a999055c43fcf95b5474359a 0.0s
=> => exporting manifest sha256:d2082a262b623b81bce2de936e522dae5b23cf7ce85a1201f3c1df3ceb8e113e 0.0s
=> => exporting config sha256:d3bd291208c19ee3c919c87e9fabe4636f797d43108bfba48c7de59bfca07385 0.0s
=> => exporting manifest list sha256:3bf35a456439e30933797952fc70242617e32a50ca6e3c9493fe5520058325f3 0.0s
=> => pushing layers 5.1s
=> => pushing manifest for docker.io/59izt/multiarch:latest@sha256:3bf35a456439e30933797952fc70242617e32a50ca6e3c9493fe5520058325f3 2.7s
=> [auth] 59izt/multiarch:pull,push token for registry-1.docker.io 0.0s
=> [auth] 59izt/multiarch:pull,push token for registry-1.docker.io 0.0s
=> [auth] 59izt/multiarch:pull,push library/python:pull token for registry-1.docker.io 0.0s
=> [auth] 59izt/multiarch:pull,push token for registry-1.docker.io注意: 推送到 Docker Hub 时需要先在 Docker Hub 上创建相应的 repository
推送镜像到私有 register Hub
注意: 私有的 Harbor 仓库只有 2.0 版本才支持多架构版本同时存放
由于私有仓库使用的是 http 协议,所以需要创建 buildkit 配置文件,使 buildkit 支持 http 协议,否则会默认使用 https 协议
1
2
3
4# cat /etc/buildkit/buildkitd.toml
[registry."10.1.40.69"]
http = true
insecure = true使用 buildkitd.toml 配置文件创建一个 builder 实例
1
docker buildx create --use --name mybuilder --config /etc/buildkit/buildkitd.toml
启动实例
1
docker buildx inspect --bootstrap
查看实例
1
2
3
4
5
6# docker buildx ls
NAME/NODE DRIVER/ENDPOINT STATUS PLATFORMS
mybuilder * docker-container
mybuilder0 unix:///var/run/docker.sock running linux/amd64, linux/arm64, linux/riscv64, linux/ppc64le, linux/s390x, linux/386, linux/mips64le, linux/mips64, linux/arm/v7, linux/arm/v6
default docker
default default running linux/amd64, linux/386构建镜像并推送镜像到私有仓库
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31# docker buildx build --platform linux/amd64,linux/arm64,linux/arm/v7 -t 10.1.40.69/publics/multiarch:latest --push .
[+] Building 9.0s (13/14)
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 60B 0.0s
=> [internal] load .dockerignore 0.1s
=> => transferring context: 2B 0.0s
=> [linux/arm/v7 internal] load metadata for docker.io/library/python:3.7-alpine 7.3s
=> [linux/arm64 internal] load metadata for docker.io/library/python:3.7-alpine 7.4s
=> [linux/amd64 internal] load metadata for docker.io/library/python:3.7-alpine 6.4s
=> [auth] library/python:pull token for registry-1.docker.io 0.0s
=> [auth] library/python:pull token for registry-1.docker.io 0.0s
=> [auth] library/python:pull token for registry-1.docker.io 0.0s
=> [linux/arm64 1/1] FROM docker.io/library/python:3.7-alpine@sha256:758afaffeca55f84200cc2344373c2569768c0b07f3e79bdfd13a9c64adfc02f 0.2s
=> => resolve docker.io/library/python:3.7-alpine@sha256:758afaffeca55f84200cc2344373c2569768c0b07f3e79bdfd13a9c64adfc02f 0.0s
=> [linux/amd64 1/1] FROM docker.io/library/python:3.7-alpine@sha256:758afaffeca55f84200cc2344373c2569768c0b07f3e79bdfd13a9c64adfc02f 0.6s
=> => resolve docker.io/library/python:3.7-alpine@sha256:758afaffeca55f84200cc2344373c2569768c0b07f3e79bdfd13a9c64adfc02f 0.0s
=> [linux/arm/v7 1/1] FROM docker.io/library/python:3.7-alpine@sha256:758afaffeca55f84200cc2344373c2569768c0b07f3e79bdfd13a9c64adfc02f 0.2s
=> => resolve docker.io/library/python:3.7-alpine@sha256:758afaffeca55f84200cc2344373c2569768c0b07f3e79bdfd13a9c64adfc02f 0.0s
=> exporting to image 0.4s
=> => exporting layers 0.0s
=> => exporting manifest sha256:0033c5fef83e9b9ac1345213481e767f9f8c42775ca6d4889a75511c8f747757 0.0s
=> => exporting config sha256:095df7dcabb002c0d1548defadb2ced55c68008bb26d100911cd2e2559cf39d3 0.0s
=> => exporting manifest sha256:e3aa3b11c7e1cf6df0b68fcda63de205282c186d5e428f2af01906d4c4721f5b 0.0s
=> => exporting config sha256:1d36e352dbdacc4aea6acc01d1cd71eeb72dda07a999055c43fcf95b5474359a 0.0s
=> => exporting manifest sha256:d2082a262b623b81bce2de936e522dae5b23cf7ce85a1201f3c1df3ceb8e113e 0.0s
=> => exporting config sha256:d3bd291208c19ee3c919c87e9fabe4636f797d43108bfba48c7de59bfca07385 0.0s
=> => exporting manifest list sha256:3bf35a456439e30933797952fc70242617e32a50ca6e3c9493fe5520058325f3 0.0s
=> => pushing layers 0.2s
=> => pushing manifest for 10.1.40.69/publics/multiarch:latest@sha256:3bf35a456439e30933797952fc70242617e32a50ca6e3c9493fe5520058325f3 0.1s
=> [auth] publics/multiarch:pull,push token for 10.1.40.69 0.0s
=> [auth] publics/multiarch:pull,push token for 10.1.40.69