使用 Jib 为 Java 应用构建镜像
  • 09 December, 2019

使用 Jib 为 Java 应用构建镜像

pic from jib github

Jib是Google Container Tools中的一个工具。

Jib builds optimized Docker and OCI images for your Java applications without a Docker daemon - and without deep mastery of Docker best-practices. It is available as plugins for Maven and Gradle and as a Java library.

Jib无需Docker守护程序即可为Java应用程序构建优化的Docker和OCI映像-无需深入了解Docker最佳实践. 它可以作为Maven和Gradle的插件以及Java库使用.

与Docker构建流程比较

Docker镜像构建流程:

pic from Google Cloud Platform Blog

Jib构建流程:

(pic from Google Cloud Platform Blog)

快速开始

构建镜像, 并推送到对应的镜像仓库, 比如Docker Hub等, 或者自建仓库.

mvn compile com.google.cloud.tools:jib-maven-plugin:1.8.0:build -Dimage=<MY IMAGE>

假如要构建到Docker守护进程的话:

mvn compile com.google.cloud.tools:jib-maven-plugin:1.8.0:dockerBuild

插件

设置

pom.xml中使用jib-maven-plugin插件.

<project>
  ...
  <build>
    <plugins>
      ...
      <plugin>
        <groupId>com.google.cloud.tools</groupId>
        <artifactId>jib-maven-plugin</artifactId>
        <version>1.8.0</version>
        <configuration>
          <to>
            <image>myimage</image>
          </to>
        </configuration>
      </plugin>
      ...
    </plugins>
  </build>
  ...
</project>

插件配置 

<plugin>
    <groupId>com.google.cloud.tools</groupId>
    <artifactId>jib-maven-plugin</artifactId>
    <version>${jib.maven-plugin-version}</version>
    <configuration>
        <container>
            <jvmFlags>
                <jvmFlag>-Xmx1024m</jvmFlag>
                <jvmFlag>-Xms512m</jvmFlag>
                <jvmFlag>-XX:NewRatio=1</jvmFlag>
                <jvmFlag>-XX:+UseConcMarkSweepGC</jvmFlag>
                <jvmFlag>-XX:CMSInitiatingOccupancyFraction=75</jvmFlag>
                <jvmFlag>-XX:+UseCMSInitiatingOccupancyOnly</jvmFlag>
                <jvmFlag>-XX:ReservedCodeCacheSize=128M</jvmFlag>
                <jvmFlag>-XX:ParallelGCThreads=2</jvmFlag>
                <jvmFlag>-XX:+ExplicitGCInvokesConcurrent</jvmFlag>
                <jvmFlag>-Duser.timezone=Asia/Shanghai</jvmFlag>
                <jvmFlag>-Djava.security.egd=file:/dev/./urandom</jvmFlag>
            </jvmFlags>
            <labels>
                <Author>Addo.Zhang</Author>
            </labels>
            <user>apps</user>
            <appRoot>/home/apps/local</appRoot>
            <workingDirectory>/home/apps/local</workingDirectory>
            <creationTime>USE_CURRENT_TIMESTAMP</creationTime>
        </container>
        <from>
            <image>PRIVATE_REGISTRY/REPOSITORY/GLOBAL_BASE:1.0.0</image>
            <auth>
                <username>USERNAME</username>
                <password>PASSWORD</password>
            </auth>
        </from>
        <to>
            <image>PRIVATE_REGISTRY/REPOSITORY/${project.artifactId}</image>
            <auth>
                <username>USERNAME</username>
                <password>PASSWORD</password>
            </auth>
        </to>
        <allowInsecureRegistries>true</allowInsecureRegistries>
    </configuration>
</plugin>

注意: 如果你的私库是insecure的, 需要指定allowInsecureRegistries为true. 同时命令行构建的时候添加-DsendCredentialsOverHttp=true

更多的配置参见官方文档

(转载本站文章请注明作者和出处乱世浮生,请勿用于任何商业用途)

comments powered by Disqus

目录

推荐阅读