构建SDK-C Docker镜像
在EC2上构建SDK-C Docker镜像,EC2的版本是Amazon Linux 2023。
sdk-c项目地址:https://github.com/awslabs/amazon-kinesis-video-streams-webrtc-sdk-c
1、镜像 amazonlinux:2023 中没有预装 tar,所以在 Dockerfile 的依赖安装部分中,加入 tar;
2、RUN 命令的 最后一步添加dnf clean all,用于清理 DNF 下载过程中生成的缓存文件,包括:
(1)下载的软件包缓存(通常在 /var/cache/dnf/)
(2)元数据(repository 的信息)
(3)临时文件
好处是,减小镜像体积、保持镜像干净整洁。
3、gstreamer1相关包的安装,有些包在 Amazon Linux 2023 的默认仓库中可能没有提供,或者它们已经被拆分、重命名或移除,需要先在主机上运行dnf search gstreamer1 | grep devel:
[ec2-user@ip-10-10-0-169 webrtc-docker]$ dnf search gstreamer1 | grep devel
Amazon Linux 2023 repository 69 MB/s | 36 MB 00:00
Amazon Linux 2023 Kernel Livepatch repository 172 kB/s | 16 kB 00:00
gstreamer1-devel.x86_64 : Libraries/include files for GStreamer streaming media framework
gstreamer1-plugins-bad-free-devel.x86_64 : Development files for the GStreamer media framework "bad" plug-ins
gstreamer1-plugins-base-devel.x86_64 : GStreamer Base Plugins Development files查找有哪些 gstreamer1 相关的 *-devel 包,然后把确定需要的包添加到 Dockerfile 中。
4、因为 Amazon Linux 2023 默认有 curl-minimal,所以在dnf install后面需要加上 --allowerasing,否则会报错:
11.39 - package curl-minimal-8.5.0-1.amzn2023.0.5.x86_64 from amazonlinux conflicts with curl provided by curl-8.5.0-1.amzn2023.0.5.x86_64 from amazonlinux
11.40 (try to add '--allowerasing' to command line to replace conflicting packages or '--skip-broken' to skip uninstallable packages)5、编译docker镜像:
docker build -t webrtc-sdk .| 部分 | 含义 |
|---|---|
docker build | 告诉 Docker 构建一个镜像 |
-t webrtc-sdk | 给构建出的镜像起一个名字(tag),叫 webrtc-sdk(可以自己定义名字) |
. | 表示 构建上下文目录,也就是当前目录,Docker 会在这里找 Dockerfile 和相关代码 |
6、拉取基础镜像:
[ec2-user@ip-10-10-0-169 webrtc-docker]$ docker build -t webrtc-sdk .
[+] Building 30.1s (2/2) FINISHED docker:default=> [internal] load build definition from Dockerfile 0.0s=> => transferring dockerfile: 1.56kB 0.0s=> ERROR [internal] load metadata for docker.io/library/amazonlinux:2023 30.0s
------> [internal] load metadata for docker.io/library/amazonlinux:2023:
------
Dockerfile:1
--------------------1 | >>> FROM amazonlinux:20232 | 3 | # 安装构建依赖
--------------------
ERROR: failed to solve: DeadlineExceeded: DeadlineExceeded: DeadlineExceeded: amazonlinux:2023: failed to do request: Head "https://registry-1.docker.io/v2/library/amazonlinux/manifests/2023": dial tcp [2a03:2880:f10d:183:face:b00c:0:25de]:443: i/o timeout在执行docker build -t webrtc-sdk时,Docker 会尝试从远程拉取 Dockerfile 中指定的基础镜像FROM amazonlinux:2023,这行的意思是:“以 amazonlinux:2023 为基础,构建我的新镜像。”这个报错是访问Docker Hub(registry-1.docker.io)超时,我单独试了一下,EC2访问这个地址不通:
[ec2-user@ip-10-10-0-169 ~]$ curl https://registry-1.docker.io
curl: (28) Failed to connect to registry-1.docker.io port 443 after 130744 ms: Couldn't connect to server这步采用的方法是本地构建,之后拷贝镜像到 EC2:
# 拉取基础镜像
docker pull amazonlinux:2023# 保存为 tar 文件
docker save amazonlinux:2023 -o amazonlinux.tar# 上传到目标 EC2
scp -i ~/Documents/cert/qa.pem ~/Downloads/amazonlinux.tar ec2-user@xx.83.xxx.74:/home/ec2-user/webrtc-docker # 在目标 EC2 上加载镜像
docker load -i amazonlinux.tar
在执行docker pull amazonlinux:2023的时候,并不是把基础镜像下载到了本地目录,它是把镜像下载到了 Docker 的本地镜像存储区中。这个镜像被保存在 Docker 引擎内部的专属目录下(通常是 /var/lib/docker,但这个路径不直接暴露给用户使用)。
可以通过docker images 确认是否下载成功:
testmanzhang@TestMandeMBP Downloads % docker pull amazonlinux:2023
2023: Pulling from library/amazonlinux
d680ca3f92ab: Pull complete
Digest: sha256:c3381e594bead0d6e859ae15b587854e3afc634e13a1ebdeef26a66ccdad46cd
Status: Downloaded newer image for amazonlinux:2023
docker.io/library/amazonlinux:2023
testmanzhang@TestMandeMBP Downloads % docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nosqlmap latest 052e964795e1 2 weeks ago 1.43GB
amazonlinux 2023 c3381e594bea 3 weeks ago 219MB
hello-world latest dd01f97f2521 4 months ago 20.4kB
python 2.7 cfa62318c459 5 years ago 1.32GB
testmanzhang@TestMandeMBP Downloads % 7、最后构建SDK-C镜像的Dockerfile如下:
FROM amazonlinux:2023# 安装构建依赖
RUN dnf update -y && \dnf install -y --allowerasing \git gcc gcc-c++ make perl-core pcre-devel zlib-devel \cmake openssl-devel curl pulseaudio-utils alsa-lib-devel \gstreamer1-devel \gstreamer1-plugins-base-devel \gstreamer1-plugins-bad-free-devel \tar && \dnf clean all# 拷贝 OpenSSL 源码包进来
COPY ./openssl-1.1.1t.tar.gz /tmp/# 编译并安装 OpenSSL 1.1.1t
RUN cd /tmp && \tar -xf openssl-1.1.1t.tar.gz && \cd openssl-1.1.1t && \./config --prefix=/usr/local/openssl-1.1.1t && \make -j4 && \make install# 设置 OpenSSL 环境变量
ENV OPENSSL_ROOT_DIR=/usr/local/openssl-1.1.1t
ENV LD_LIBRARY_PATH=/usr/local/openssl-1.1.1t/lib:$LD_LIBRARY_PATH
ENV PATH="/usr/local/openssl-1.1.1t/bin:$PATH"# 拷贝 SDK 源码
COPY ./kvs-webrtc-sdk /webrtc# 构建 SDK
WORKDIR /webrtc
RUN mkdir build && cd build && \cmake .. \-DOPENSSL_ROOT_DIR=/usr/local/openssl-1.1.1t \-DOPENSSL_INCLUDE_DIR=/usr/local/openssl-1.1.1t/include \-DOPENSSL_USE_STATIC_LIBS=FALSE && \make -j8构建结果如下:
[ec2-user@ip-10-10-0-169 webrtc-docker]$ docker build -t webrtc-sdk .
[+] Building 1236.2s (12/12) FINISHED docker:default=> [internal] load build definition from Dockerfile 0.0s=> => transferring dockerfile: 1.22kB 0.0s=> [internal] load metadata for docker.io/library/amazonlinux:2023 0.0s=> [internal] load .dockerignore 0.0s=> => transferring context: 2B 0.0s=> [internal] load build context 0.2s=> => transferring context: 524.66kB 0.2s=> CACHED [1/7] FROM docker.io/library/amazonlinux:2023 0.0s=> [2/7] RUN dnf update -y && dnf install -y --allowerasing git gcc gcc-c++ make perl-core pcre-devel zlib-devel cmake o 68.3s=> [3/7] COPY ./openssl-1.1.1t.tar.gz /tmp/ 0.1s => [4/7] RUN cd /tmp && tar -xf openssl-1.1.1t.tar.gz && cd openssl-1.1.1t && ./config --prefix=/usr/local/openssl-1.1. 160.4s => [5/7] COPY ./kvs-webrtc-sdk /webrtc 2.4s => [6/7] WORKDIR /webrtc 0.0s => [7/7] RUN mkdir build && cd build && cmake .. -DOPENSSL_ROOT_DIR=/usr/local/openssl-1.1.1t -DOPENSSL_INCLUDE_DIR 989.5s => exporting to image 15.4s => => exporting layers 15.4s => => writing image sha256:8a67003bb48ddcf157db3291c1d943de729ce8ac7fd0272b32b78a993facf22a 0.0s => => naming to docker.io/library/webrtc-sdk 0.0s
[ec2-user@ip-10-10-0-169 webrtc-docker]$