Detailed explanation of docker entrypoint file

When writing a Dockerfile, include an entrypoint configuration, which is used to do some initialization configuration or some custom configuration before the container starts. Usually it is a script, and then the relevant predefined items are configured in the script. This document will discuss in detail the writing skills of entrypoint files.

The following takes the entrypoint file docker-entrypoint.sh in the MySQL official image as an example. The file address is:

docker-entrypoint.sh

set -e

Every script you write should start with set -e, which tells bash to exit if any statement evaluates to anything other than true. This helps prevent errors from snowballing into a fatal error that should have been handled earlier. For increased readability, use set -o errexit, which does the same thing as set -e.

set -o pipefail

The design purpose is the same as above, that is, you want to exit immediately after the execution error, and do not execute further. The scope of -o pipefail is the pipeline, that is, in the Linux script, if the previous command fails to execute, it should exit immediately.

shopt -s nullglob

When using wildcards in Linux, such as * ?, if no file is matched, it will not report "No such file or directory" but will remove the parameters after the command and execute it.

if [ "${1:0:1}" = '-' ]; then...

This is if command starts with an option, prepend mysqld prepend mysqld

The judgment statement is ${1:0:1} which means judging $1 (the first parameter of calling the script), offset 0 (no offset), and taking a character (taking the length of the string)

If the first character of the parameter following the script is a hyphen, then all subsequent strings are considered to be mysqld startup parameters.

The above operation is similar to Python's string slicing

set --mysqld "$@"

After determining that the first parameter starts with -, the set -- mysqld "$@" command is executed. The set -- syntax is used. The set -- will store all the strings separated by spaces in the $1, $2, and $3 variables in order, where the new $@ is the entire content after the set --

For example: bash docker-entrypoint.sh -f xxx.conf

In this case, the value of $@ in set -- mysqld "$@" -f xxx.conf

After executing the command set --mysqld "$@":

• $1=mysqld
• $2=-f
• $3=xxx.conf
• $@=mysqld -f xxx.conf

You can see that when the docker-entrypoint.sh script is executed with the -x parameter added, the value of $@ changes. On the basis of the original $@ value, the mysqld command is pre-added in front.

exec "$@"

In almost every last line of the docker-entrypoint.sh script, the exec "$@" command is executed.

The significance of this command is that you have anticipated the call scenarios that should be expected for your image. When the person who actually uses the image executes an executable command that you did not expect, it will go to the last line of the script to execute the user's new executable command.

Situation Assessment

The last line of the script is directly mentioned above. In the previous script, you need to fully consider the situations in which your own script may be called. Let's take the official MySQL dockerfile as an example. It determines the following situations:

• Starting with -, it is considered as a parameter
• The name starts with mysqld and the user ID is 0 (root user)
• The case where mysqld is at the beginning
• After determining all the calling forms of your application, you should add the exec "$@" command at the end

${mysql[@]}

Arrays in the Shell, directly executing ${mysql[@]} will execute this array as an executable program

mysql=(mysql --protocol=socket -uroot -hlocalhost --socket="${SOCKET}" )
echo ${mysql[1]}
-- output: mysql
echo ${mysql[2]}
--output: --protocol=socket
echo ${mysql[3]}
--output: -uroot
echo ${mysql[4]}
--output: -hlocalhost
echo ${mysql[@]}
--output:mysql --protocol=socket -uroot -hlocalhost --socket=

exec gosu mysql "$BASH_SOURCE" "$@"

The gosu command here is a lightweight "replacement" for the sudo command in Linux

gosu is a tool developed in golang language, which is used to replace the sudo command in shell. The su and sudo commands have some defects, mainly causing uncertain TTY and problems with signal forwarding. If you just want to run a program with a specific user, using su or sudo is too heavy, so gosu came into being.

gosu directly borrows the principle of libcontainer to start applications in containers and uses /etc/passwd to process applications. gosu first finds the specified user or user group, and then switches to that user or user group. Next, it uses exec to start the application. So far, gosu has completed its work and will not participate in the subsequent declaration cycle of the application. This method avoids the problem of gosu handling TTY and forwarding semaphores, and directly hands these two tasks to the application to complete

The above is the full content of this article. I hope it will be helpful for everyone’s study. I also hope that everyone will support 123WORDPRESS.COM.