Back to Details

docker-containerization

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Docker Containerization Skill

Docker容器化技能

Overview

概述

Generate production-ready Docker configurations for modern web applications, particularly Next.js and Node.js projects. This skill provides Dockerfiles, docker-compose setups, bash scripts for container management, and comprehensive deployment guides for various orchestration platforms.
为现代Web应用(尤其是Next.js和Node.js项目)生成可用于生产环境的Docker配置。本技能提供Dockerfile、docker-compose部署配置、用于容器管理的bash脚本,以及针对各类编排平台的全面部署指南。

Core Capabilities

核心能力

1. Dockerfile Generation

1. Dockerfile生成

Create optimized Dockerfiles for different environments:
Production (
assets/Dockerfile.production
):
  • Multi-stage build reducing image size by 85%
  • Alpine Linux base (~180MB final image)
  • Non-root user execution for security
  • Health checks and resource limits
Development (
assets/Dockerfile.development
):
  • Hot reload support
  • All dev dependencies included
  • Volume mounts for live code updates
Nginx Static (
assets/Dockerfile.nginx
):
  • Static export optimization
  • Nginx reverse proxy included
  • Smallest possible footprint
针对不同环境创建优化后的Dockerfile:
生产环境
assets/Dockerfile.production
):
  • 多阶段构建,镜像体积减少85%
  • 基于Alpine Linux(最终镜像约180MB)
  • 以非root用户运行,提升安全性
  • 包含健康检查和资源限制
开发环境
assets/Dockerfile.development
):
  • 支持热重载
  • 包含所有开发依赖
  • 卷挂载实现代码实时更新
Nginx静态部署
assets/Dockerfile.nginx
):
  • 静态导出优化
  • 内置Nginx反向代理
  • 最小化镜像体积

2. Docker Compose Configuration

2. Docker Compose配置

Multi-container orchestration with 
assets/docker-compose.yml
:
  • Development and production services
  • Network and volume management
  • Health checks and logging
  • Restart policies
通过
assets/docker-compose.yml
实现多容器编排:
  • 开发和生产环境服务配置
  • 网络与卷管理
  • 健康检查与日志记录
  • 重启策略

3. Bash Scripts for Container Management

3. 容器管理Bash脚本

docker-build.sh - Build images with comprehensive options:
bash
./docker-build.sh -e prod -t v1.0.0
./docker-build.sh -n my-app --no-cache --platform linux/amd64
docker-run.sh - Run containers with full configuration:
bash
./docker-run.sh -i my-app -t v1.0.0 -d
./docker-run.sh -p 8080:3000 --env-file .env.production
docker-push.sh - Push to registries (Docker Hub, ECR, GCR, ACR):
bash
./docker-push.sh -n my-app -t v1.0.0 --repo username/my-app
./docker-push.sh -r gcr.io/project --repo my-app --also-tag stable
docker-cleanup.sh - Free disk space:
bash
./docker-cleanup.sh --all --dry-run  # Preview cleanup
./docker-cleanup.sh --containers --images  # Clean specific resources
docker-build.sh - 提供丰富选项的镜像构建脚本:
bash
./docker-build.sh -e prod -t v1.0.0
./docker-build.sh -n my-app --no-cache --platform linux/amd64
docker-run.sh - 全配置化的容器运行脚本:
bash
./docker-run.sh -i my-app -t v1.0.0 -d
./docker-run.sh -p 8080:3000 --env-file .env.production
docker-push.sh - 推送镜像至镜像仓库(Docker Hub、ECR、GCR、ACR):
bash
./docker-push.sh -n my-app -t v1.0.0 --repo username/my-app
./docker-push.sh -r gcr.io/project --repo my-app --also-tag stable
docker-cleanup.sh - 释放磁盘空间:
bash
./docker-cleanup.sh --all --dry-run  # 预览清理内容
./docker-cleanup.sh --containers --images  # 清理指定资源

4. Configuration Files

4. 配置文件

  • .dockerignore
    : Excludes unnecessary files (node_modules, .git, logs)
  • nginx.conf
    : Production-ready Nginx configuration with compression, caching, security headers
  • .dockerignore
    :排除不必要的文件(node_modules、.git、日志等)
  • nginx.conf
    :可用于生产环境的Nginx配置,包含压缩、缓存、安全头设置

5. Reference Documentation

5. 参考文档

docker-best-practices.md covers:
  • Multi-stage builds explained
  • Image optimization techniques (50-85% size reduction)
  • Security best practices (non-root users, vulnerability scanning)
  • Performance optimization
  • Health checks and logging
  • Troubleshooting guide
container-orchestration.md covers deployment to:
  • Docker Compose (local development)
  • Kubernetes (enterprise scale with auto-scaling)
  • Amazon ECS (AWS-native orchestration)
  • Google Cloud Run (serverless containers)
  • Azure Container Instances
  • Digital Ocean App Platform
Includes configuration examples, commands, auto-scaling setup, and monitoring.
docker-best-practices.md 涵盖:
  • 多阶段构建详解
  • 镜像优化技巧(体积减少50-85%)
  • 安全最佳实践(非root用户、漏洞扫描)
  • 性能优化
  • 健康检查与日志记录
  • 故障排除指南
container-orchestration.md 涵盖部署至以下平台的内容:
  • Docker Compose(本地开发)
  • Kubernetes(企业级规模,支持自动扩缩容)
  • Amazon ECS(AWS原生编排)
  • Google Cloud Run(无服务器容器)
  • Azure容器实例
  • Digital Ocean应用平台
包含配置示例、命令、自动扩缩容设置和监控方案。

Workflow Decision Tree

工作流决策树

1. What environment?

1. 选择环境?

  • Development
    Dockerfile.development
    (hot reload, all dependencies)
  • Production
    Dockerfile.production
    (minimal, secure, optimized)
  • Static Export
    Dockerfile.nginx
    (smallest footprint)
  • 开发环境 → 使用
    Dockerfile.development
    (热重载、包含所有依赖)
  • 生产环境 → 使用
    Dockerfile.production
    (轻量、安全、优化)
  • 静态导出 → 使用
    Dockerfile.nginx
    (最小镜像体积)

2. Single or Multi-container?

2. 单容器还是多容器?

  • Single → Generate Dockerfile only
  • Multi → Generate 
    docker-compose.yml
    (app + database, microservices)
  • 单容器 → 仅生成Dockerfile
  • 多容器 → 生成
    docker-compose.yml
    (应用+数据库、微服务)

3. Which registry?

3. 选择哪个镜像仓库?

  • Docker Hub
    docker.io/username/image
  • AWS ECR
    123456789012.dkr.ecr.region.amazonaws.com/image
  • Google GCR
    gcr.io/project-id/image
  • Azure ACR
    registry.azurecr.io/image
  • Docker Hub
    docker.io/username/image
  • AWS ECR
    123456789012.dkr.ecr.region.amazonaws.com/image
  • Google GCR
    gcr.io/project-id/image
  • Azure ACR
    registry.azurecr.io/image

4. Deployment platform?

4. 选择哪个部署平台?

  • Kubernetes → See 
    references/container-orchestration.md
    K8s section
  • ECS → See ECS task definition examples
  • Cloud Run → See deployment commands
  • Docker Compose → Use provided compose file
  • Kubernetes → 查看
    references/container-orchestration.md
    中的K8s章节
  • ECS → 查看ECS任务定义示例
  • Cloud Run → 查看部署命令
  • Docker Compose → 使用提供的compose文件

5. Optimizations needed?

5. 需要哪些优化?

  • Image size → Multi-stage builds, Alpine base
  • Build speed → Layer caching, BuildKit
  • Security → Non-root user, vulnerability scanning
  • Performance → Resource limits, health checks
  • 镜像体积 → 多阶段构建、Alpine基础镜像
  • 构建速度 → 层缓存、BuildKit
  • 安全性 → 非root用户、漏洞扫描
  • 性能 → 资源限制、健康检查

Usage Examples

使用示例

Example 1: Containerize Next.js App for Production

示例1:将Next.js应用容器化用于生产环境

User: "Containerize my Next.js app for production"
Steps:
  1. Copy 
    assets/Dockerfile.production
    to project root as 
    Dockerfile
  2. Copy 
    assets/.dockerignore
    to project root
  3. Build: 
    ./docker-build.sh -e prod -n my-app -t v1.0.0
  4. Test: 
    ./docker-run.sh -i my-app -t v1.0.0 -p 3000:3000 -d
  5. Push: 
    ./docker-push.sh -n my-app -t v1.0.0 --repo username/my-app
用户需求:"将我的Next.js应用容器化用于生产环境"
步骤
  1. assets/Dockerfile.production
    复制到项目根目录并命名为
    Dockerfile
  2. assets/.dockerignore
    复制到项目根目录
  3. 构建镜像:
    ./docker-build.sh -e prod -n my-app -t v1.0.0
  4. 测试运行:
    ./docker-run.sh -i my-app -t v1.0.0 -p 3000:3000 -d
  5. 推送镜像:
    ./docker-push.sh -n my-app -t v1.0.0 --repo username/my-app

Example 2: Development with Docker Compose

示例2:使用Docker Compose搭建本地开发环境

User: "Set up Docker Compose for local development"
Steps:
  1. Copy 
    assets/Dockerfile.development
    and 
    assets/docker-compose.yml
    to project
  2. Customize services in docker-compose.yml
  3. Start: 
    docker-compose up -d
  4. Logs: 
    docker-compose logs -f app-dev
用户需求:"为本地开发设置Docker Compose"
步骤
  1. assets/Dockerfile.development
    assets/docker-compose.yml
    复制到项目中
  2. 自定义docker-compose.yml中的服务配置
  3. 启动服务:
    docker-compose up -d
  4. 查看日志:
    docker-compose logs -f app-dev

Example 3: Deploy to Kubernetes

示例3:部署到Kubernetes

User: "Deploy my containerized app to Kubernetes"
Steps:
  1. Build and push image to registry
  2. Review 
    references/container-orchestration.md
    Kubernetes section
  3. Create K8s manifests (deployment, service, ingress)
  4. Apply: 
    kubectl apply -f deployment.yaml
  5. Verify: 
    kubectl get pods && kubectl logs -f deployment/app
用户需求:"将我的容器化应用部署到Kubernetes"
步骤
  1. 构建并推送镜像至镜像仓库
  2. 查看
    references/container-orchestration.md
    中的Kubernetes章节
  3. 创建K8s清单文件(deployment、service、ingress)
  4. 应用配置:
    kubectl apply -f deployment.yaml
  5. 验证部署:
    kubectl get pods && kubectl logs -f deployment/app

Example 4: Deploy to AWS ECS

示例4:部署到AWS ECS

User: "Deploy to AWS ECS Fargate"
Steps:
  1. Build and push to ECR
  2. Review 
    references/container-orchestration.md
    ECS section
  3. Create task definition JSON
  4. Register: 
    aws ecs register-task-definition --cli-input-json file://task-def.json
  5. Create service: 
    aws ecs create-service --cluster my-cluster --service-name app --desired-count 3
用户需求:"部署到AWS ECS Fargate"
步骤
  1. 构建并推送镜像至ECR
  2. 查看
    references/container-orchestration.md
    中的ECS章节
  3. 创建任务定义JSON文件
  4. 注册任务定义:
    aws ecs register-task-definition --cli-input-json file://task-def.json
  5. 创建服务:
    aws ecs create-service --cluster my-cluster --service-name app --desired-count 3

Best Practices

最佳实践

Security

安全性

✅ Use multi-stage builds for production ✅ Run as non-root user ✅ Use specific image tags (not 
latest
) ✅ Scan for vulnerabilities ✅ Never hardcode secrets ✅ Implement health checks
✅ 生产环境使用多阶段构建 ✅ 以非root用户运行容器 ✅ 使用特定镜像标签(而非
latest
) ✅ 扫描镜像漏洞 ✅ 绝不硬编码密钥 ✅ 实现健康检查

Performance

性能

✅ Optimize layer caching order ✅ Use Alpine images (~85% smaller) ✅ Enable BuildKit for parallel builds ✅ Set resource limits ✅ Use compression
✅ 优化层缓存顺序 ✅ 使用Alpine镜像(体积减少约85%) ✅ 启用BuildKit实现并行构建 ✅ 设置资源限制 ✅ 启用压缩

Maintainability

可维护性

✅ Add comments for complex steps ✅ Use build arguments for flexibility ✅ Keep Dockerfiles DRY ✅ Version control all configs ✅ Document environment variables
✅ 为复杂步骤添加注释 ✅ 使用构建参数提升灵活性 ✅ 保持Dockerfile简洁(DRY原则) ✅ 对所有配置文件进行版本控制 ✅ 记录环境变量

Troubleshooting

故障排除

Image too large (>500MB) → Use multi-stage builds, Alpine base, comprehensive .dockerignore
Build is slow → Optimize layer caching, use BuildKit, review dependencies
Container exits immediately → Check logs: 
docker logs container-name
→ Verify CMD/ENTRYPOINT, check port conflicts
Changes not reflecting → Rebuild without cache, check .dockerignore, verify volume mounts
镜像体积过大(>500MB) → 使用多阶段构建、Alpine基础镜像、完善的.dockerignore文件
构建速度慢 → 优化层缓存、使用BuildKit、检查依赖项
容器立即退出 → 查看日志:
docker logs container-name
→ 验证CMD/ENTRYPOINT配置、检查端口冲突
代码变更未同步到容器 → 不使用缓存重新构建、检查.dockerignore文件、验证卷挂载配置

Quick Reference

快速参考

bash
undefined
bash
undefined

Build

构建镜像

./docker-build.sh -e prod -t latest
./docker-build.sh -e prod -t latest

Run

运行容器

./docker-run.sh -i app -t latest -d
./docker-run.sh -i app -t latest -d

Logs

查看日志

docker logs -f app
docker logs -f app

Execute

进入容器执行命令

docker exec -it app sh
docker exec -it app sh

Cleanup

清理资源

./docker-cleanup.sh --all --dry-run # Preview ./docker-cleanup.sh --all # Execute
undefined
./docker-cleanup.sh --all --dry-run # 预览清理内容 ./docker-cleanup.sh --all # 执行清理
undefined

Integration with CI/CD

与CI/CD集成

GitHub Actions

GitHub Actions

yaml
- run: |
    chmod +x docker-build.sh docker-push.sh
    ./docker-build.sh -e prod -t ${{ github.sha }}
    ./docker-push.sh -n app -t ${{ github.sha }} --repo username/app
yaml
- run: |
    chmod +x docker-build.sh docker-push.sh
    ./docker-build.sh -e prod -t ${{ github.sha }}
    ./docker-push.sh -n app -t ${{ github.sha }} --repo username/app

GitLab CI

GitLab CI

yaml
build:
  script:
    - chmod +x docker-build.sh
    - ./docker-build.sh -e prod -t $CI_COMMIT_SHA
yaml
build:
  script:
    - chmod +x docker-build.sh
    - ./docker-build.sh -e prod -t $CI_COMMIT_SHA

Resources

资源

Scripts (
scripts/
)

脚本(
scripts/

Production-ready bash scripts with comprehensive features:
  • docker-build.sh
    - Build images (400+ lines, colorized output)
  • docker-run.sh
    - Run containers (400+ lines, auto conflict resolution)
  • docker-push.sh
    - Push to registries (multi-registry support)
  • docker-cleanup.sh
    - Clean resources (dry-run mode, selective cleanup)
可用于生产环境的bash脚本,功能全面:
  • docker-build.sh
    - 镜像构建脚本(400+行,带彩色输出)
  • docker-run.sh
    - 容器运行脚本(400+行,自动解决冲突)
  • docker-push.sh
    - 镜像推送脚本(支持多仓库)
  • docker-cleanup.sh
    - 资源清理脚本(支持预览模式、选择性清理)

References (
references/
)

参考文档(
references/

Detailed documentation loaded as needed:
  • docker-best-practices.md
    - Comprehensive Docker best practices (~500 lines)
  • container-orchestration.md
    - Deployment guides for 6+ platforms (~600 lines)
按需加载的详细文档:
  • docker-best-practices.md
    - 全面的Docker最佳实践(约500行)
  • container-orchestration.md
    - 6+平台的部署指南(约600行)

Assets (
assets/
)

资源文件(
assets/

Ready-to-use templates:
  • Dockerfile.production
    - Multi-stage production Dockerfile
  • Dockerfile.development
    - Development Dockerfile
  • Dockerfile.nginx
    - Static export with Nginx
  • docker-compose.yml
    - Multi-container orchestration
  • .dockerignore
    - Optimized exclusion rules
  • nginx.conf
    - Production Nginx configuration
可直接使用的模板:
  • Dockerfile.production
    - 多阶段生产环境Dockerfile
  • Dockerfile.development
    - 开发环境Dockerfile
  • Dockerfile.nginx
    - 带Nginx的静态导出Dockerfile
  • docker-compose.yml
    - 多容器编排配置
  • .dockerignore
    - 优化后的文件排除规则
  • nginx.conf
    - 生产环境Nginx配置