diff --git a/02_basic_concept/2.3_repository.md b/02_basic_concept/2.3_repository.md index de2480c..362c2e4 100644 --- a/02_basic_concept/2.3_repository.md +++ b/02_basic_concept/2.3_repository.md @@ -81,7 +81,7 @@ jwilder/nginx-proxy:latest ## 其他 Registry ghcr.io/username/myapp:v1.0 -gcr.io/google-containers/pause:3.6 +gcr.io/google-containers/pause:3.10 ``` > 💡 **笔者提示**:如果不指定 Registry 地址,默认使用 Docker Hub。如果不指定标签,默认使用 `latest`。 diff --git a/07_dockerfile/7.7_arg.md b/07_dockerfile/7.7_arg.md index e0222bb..2633451 100644 --- a/07_dockerfile/7.7_arg.md +++ b/07_dockerfile/7.7_arg.md @@ -227,7 +227,7 @@ FROM ${BASE_IMAGE} ## 可以构建不同基础镜像的版本 -## docker build --build-arg BASE_IMAGE=python:3.11-alpine . +## docker build --build-arg BASE_IMAGE=python:3.14-alpine . ... ``` diff --git a/18_security/18.5_other_feature.md b/18_security/18.5_other_feature.md index 8106a60..649c128 100644 --- a/18_security/18.5_other_feature.md +++ b/18_security/18.5_other_feature.md @@ -64,12 +64,12 @@ $ docker run --rm -it \ ```bash ## 如果使用本地命令行扫描容器镜像 -$ trivy image alpine:3.10 +$ trivy image alpine:3.20 2024-03-01T10:05:07.124Z INFO Number of language-specific files: 1 2024-03-01T10:05:07.124Z INFO Detecting vulnerabilities... -alpine:3.10 (alpine 3.10.3) +alpine:3.20 (alpine 3.10.3) =========================== Total: 2 (UNKNOWN: 0, LOW: 0, MEDIUM: 1, HIGH: 1, CRITICAL: 0) diff --git a/18_security/18.6_image_security.md b/18_security/18.6_image_security.md index 3e2605f..35ab7cf 100644 --- a/18_security/18.6_image_security.md +++ b/18_security/18.6_image_security.md @@ -301,7 +301,7 @@ RUN apt-get update && apt-get install -y curl=7.68.0-1ubuntu1 在 Dockerfile 中集成安全扫描: ```dockerfile -FROM golang:1.20-alpine AS builder +FROM golang:1.26-alpine AS builder WORKDIR /app COPY . . diff --git a/19_observability/19.3_performance_optimization.md b/19_observability/19.3_performance_optimization.md index d8ae2be..cff1906 100644 --- a/19_observability/19.3_performance_optimization.md +++ b/19_observability/19.3_performance_optimization.md @@ -305,7 +305,7 @@ journalctl -u docker -n 100 | grep -i "oom" ```python # Dockerfile -FROM python:3.11-slim +FROM python:3.14-slim WORKDIR /app COPY requirements.txt . RUN pip install -r requirements.txt memory_profiler tracemalloc @@ -424,7 +424,7 @@ chmod +x hadolint ```dockerfile # Stage 1: 构建阶段 -FROM golang:1.20-alpine AS builder +FROM golang:1.26-alpine AS builder WORKDIR /build @@ -453,13 +453,13 @@ COPY --from=builder /build/app /app EXPOSE 8080 ENTRYPOINT ["/app"] -# 最终镜像大小通常 < 15MB(相比 golang:1.20-alpine 的 ~1GB) +# 最终镜像大小通常 < 15MB(相比 golang:1.26-alpine 的 ~1GB) ``` **Node.js 应用的多阶段构建:** ```dockerfile # Stage 1: 依赖安装 -FROM node:18-alpine AS dependencies +FROM node:24-alpine AS dependencies WORKDIR /app COPY package*.json ./ @@ -467,7 +467,7 @@ RUN npm ci --only=production && \ npm cache clean --force # Stage 2: 构建阶段 -FROM node:18-alpine AS builder +FROM node:24-alpine AS builder WORKDIR /app COPY package*.json ./ @@ -477,7 +477,7 @@ COPY . . RUN npm run build # Stage 3: 运行阶段 -FROM node:18-alpine +FROM node:24-alpine WORKDIR /app @@ -504,7 +504,7 @@ CMD ["node", "dist/index.js"] ```dockerfile # Stage 1: 构建阶段 -FROM python:3.11-slim AS builder +FROM python:3.14-slim AS builder WORKDIR /build @@ -516,7 +516,7 @@ COPY requirements.txt . RUN pip install --user --no-cache-dir -r requirements.txt # Stage 2: 运行阶段 -FROM python:3.11-slim +FROM python:3.14-slim WORKDIR /app @@ -550,7 +550,7 @@ CMD ["python", "app.py"] □ 使用 BuildKit 缓存优化加速构建 # 优化示例: -FROM ubuntu:22.04 +FROM ubuntu:24.04 # ❌ 不推荐 RUN apt-get update diff --git a/21_case_devops/21.1_devops_workflow.md b/21_case_devops/21.1_devops_workflow.md index e167044..ca75087 100644 --- a/21_case_devops/21.1_devops_workflow.md +++ b/21_case_devops/21.1_devops_workflow.md @@ -23,7 +23,7 @@ ```dockerfile ## Build stage -FROM golang:1.23 AS builder +FROM golang:1.26 AS builder WORKDIR /app COPY . . RUN go build -o main . @@ -48,7 +48,7 @@ stages: unit_test: stage: test - image: golang:1.23 + image: golang:1.26 script: - go test ./... diff --git a/21_case_devops/21.6_vsCode.md b/21_case_devops/21.6_vsCode.md index 7e266a3..67ea6a3 100644 --- a/21_case_devops/21.6_vsCode.md +++ b/21_case_devops/21.6_vsCode.md @@ -17,7 +17,7 @@ VS Code 的 [Dev Containers](https://code.visualstudio.com/docs/devcontainers/co ```json { "name": "docker-practice-dev", - "image": "golang:1.22", + "image": "golang:1.26", "workspaceFolder": "/work", "workspaceMount": "source=${localWorkspaceFolder},target=/work,type=bind", "customizations": { diff --git a/21_case_devops/21.7_practical_examples.md b/21_case_devops/21.7_practical_examples.md index 825b85b..dca17d8 100644 --- a/21_case_devops/21.7_practical_examples.md +++ b/21_case_devops/21.7_practical_examples.md @@ -48,7 +48,7 @@ func main() { ```dockerfile # Stage 1: 构建阶段 -FROM golang:1.20-alpine AS builder +FROM golang:1.26-alpine AS builder WORKDIR /build @@ -106,7 +106,7 @@ docker exec go-demo ls -la / # 只包含 /app 和系统必要文件 -# 镜像大小通常 < 10MB(相比 golang:1.20-alpine 的 ~1GB) +# 镜像大小通常 < 10MB(相比 golang:1.26-alpine 的 ~1GB) docker history go-app:latest ``` **go.mod 和 go.sum 示例:** @@ -114,7 +114,7 @@ docker history go-app:latest ```text module github.com/example/go-app -go 1.20 +go 1.26 require ( // 如果需要依赖 @@ -154,7 +154,7 @@ func main() { **优化的 Dockerfile:** ```dockerfile -FROM golang:1.20-alpine AS builder +FROM golang:1.26-alpine AS builder WORKDIR /src @@ -746,7 +746,7 @@ Dev Containers 让整个开发环境容器化,提升团队一致性。 ```json { "name": "Python Dev Environment", - "image": "mcr.microsoft.com/devcontainers/python:3.11", + "image": "mcr.microsoft.com/devcontainers/python:3.14", "features": { "ghcr.io/devcontainers/features/docker-in-docker:2": {}, @@ -802,7 +802,7 @@ Dev Containers 让整个开发环境容器化,提升团队一致性。 **.devcontainer/Dockerfile:** ```dockerfile -FROM mcr.microsoft.com/devcontainers/python:3.11 +FROM mcr.microsoft.com/devcontainers/python:3.14 # 安装额外工具 RUN apt-get update && apt-get install -y \ diff --git a/appendix/learning_roadmap.md b/appendix/learning_roadmap.md index 135c03d..025e304 100644 --- a/appendix/learning_roadmap.md +++ b/appendix/learning_roadmap.md @@ -574,7 +574,7 @@ A(要点): A(要点): ```text 1. 选择合适的基础镜像: - scratch < alpine:3.17 < python:3.11-slim < python:3.11 + scratch < alpine:3.17 < python:3.14-slim < python:3.14 2. 多阶段构建: - 构建阶段只保留编译工具 diff --git a/docker_practice.pdf b/docker_practice.pdf new file mode 100644 index 0000000..c88d117 Binary files /dev/null and b/docker_practice.pdf differ