| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859 |
- # ============================================================
- # Data Nexus - Dockerfile
- # 基于 Python 3.11 slim 镜像,构建轻量级生产容器
- # ============================================================
- # ---------- 阶段 1:构建依赖 ----------
- FROM python:3.11-slim AS builder
- WORKDIR /tmp
- # 仅拷贝依赖文件,利用 Docker 缓存层
- COPY requirements.txt .
- # 安装依赖到独立目录,方便后续 COPY --from
- RUN pip install --no-cache-dir --prefix=/install -r requirements.txt
- # ---------- 阶段 2:最终运行镜像 ----------
- FROM python:3.11-slim
- # 设置元数据
- LABEL maintainer="Data Nexus Team"
- LABEL description="Data Nexus - 轻量级数据中台服务"
- # 设置环境变量
- ENV PYTHONDONTWRITEBYTECODE=1 \
- PYTHONUNBUFFERED=1 \
- TZ=Asia/Shanghai
- # 设置时区(基础镜像已自带 tzdata,无需 apt-get install)
- RUN ln -sf /usr/share/zoneinfo/${TZ} /etc/localtime && \
- echo "${TZ}" > /etc/timezone
- # 创建非 root 用户
- RUN groupadd -r appuser && useradd -r -g appuser -d /app -s /sbin/nologin appuser
- # 从 builder 阶段复制已安装的 Python 依赖
- COPY --from=builder /install /usr/local
- # 设置工作目录
- WORKDIR /app
- # 拷贝应用代码
- COPY app/ ./app/
- # 创建 storage 目录并设置权限
- RUN mkdir -p /data/storage && chown -R appuser:appuser /app /data/storage
- # 切换到非 root 用户
- USER appuser
- # 暴露端口
- EXPOSE 8000
- # 健康检查(使用 Python 内置模块,无需安装 curl)
- HEALTHCHECK --interval=30s --timeout=10s --start-period=15s --retries=3 \
- CMD python -c "import urllib.request; urllib.request.urlopen('http://localhost:8000/api/health')" || exit 1
- # 启动命令:运行 app/main.py
- CMD ["python", "-m", "app.main"]
|
