问题描述
#See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging.
FROM mcr.microsoft.com/dotnet/core/sdk:3.1.102 AS build-env
workdir /app
copY . ./
RUN export DOTNET_SYstem_NET_HTTP_USESOCKETSHTTPHANDLER=0
# RUN dotnet restore
RUN dotnet publish -c Release -o out
# Build runtime image
FROM mcr.microsoft.com/dotnet/core/aspnet:3.1.2
workdir /app
copY --from=build-env /app/out .
ENTRYPOINT ["dotnet","AspNetCore.dll"]
在dotnet发布命令上运行docker build -f Dockerfile-dev .失败:
Step 5/9 : RUN dotnet publish -c Release -o out
---> Running in c20e3f3e8110
Microsoft (R) Build Engine version 16.4.0+e901037fe for .NET Core
copyright (C) Microsoft Corporation. All rights reserved.
/usr/share/dotnet/sdk/3.1.102/NuGet.targets(123,5): error : Unable to load the service index for source https://api.nuget.org/v3/index.json. [/app/AspNetCore.sln]
/usr/share/dotnet/sdk/3.1.102/NuGet.targets(123,5): error : The SSL connection Could not be established,see inner exception. [/app/AspNetCore.sln]
/usr/share/dotnet/sdk/3.1.102/NuGet.targets(123,5): error : The remote certificate is invalid according to the validation procedure. [/app/AspNetCore.sln]
The command '/bin/sh -c dotnet publish -c Release -o out' returned a non-zero code: 1
但是,当我从git bash终端直接运行dotnet publish -c Release -o out时,就成功完成了。可能是什么原因造成的-我需要在Dockerfile中添加任何其他命令来解决权限吗?
这是运行docker info的输出,如果它有助于揭示任何内容:
Client:
Debug Mode: false
Server:
Containers: 7
Running: 0
Paused: 0
Stopped: 7
Images: 35
Server Version: 19.03.12
Storage Driver: overlay2
backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 7ad184331fa3e55e52b890ea95e65ba581ae3429
runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 4.19.76-linuxkit
Operating System: Docker Desktop
OSType: linux
Architecture: x86_64
cpus: 2
Total Memory: 1.945GiB
Name: docker-desktop
ID: YSLA:6VCF:UOAI:D5AI:QWRE:XE55:IHAU:347O:VOOL:ISH6:WO3G:UEZH
Docker Root Dir: /var/lib/docker
Debug Mode: true
File Descriptors: 40
Goroutines: 52
System Time: 2020-08-12T01:31:50.272361169Z
EventsListeners: 3
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
Product License: Community Engine
解决方法
我不知道问题是什么,但是我可以帮助您解决问题。
这是我要经历的步骤。
- 从
Dockerfile开始,注释掉RUN dotnet publish...中的所有内容。 - 构建图像
docker run build -t temp . - 以交互模式
docker run -it temp /bin/bash运行容器。您现在位于容器中,可以实时测试命令。 - 在容器中运行
dotnet publish -c Release -o out。怎么了?正如其他人提到的,它可能与代理相关。尝试设置http_proxy和https_proxy环境变量,例如export http_proxy=http://example.role:1234。如果在设置代理环境变量后运行dotnet publish -c Release -o out,会发生什么情况? - 如果上述方法不起作用,则至少您处于命令失败的容器终端中,因此您可以尝试一下...
如果它是代理问题,则可以将以下内容添加到Dockerfile中:
ARG HTTP_PROXY
ENV http_proxy $HTTP_PROXY
ENV https_proxy $HTTP_PROXY
ENV no_proxy localhost,127.0.0.1
,然后在构建容器时通过--build-arg HTTP_PROXY=http://example.role:1234。
这可能与docker/for-win issue 4858有关,其中提到:
我使用了错误的证书。要使用的证书是证书颁发机构证书(根证书),但是我使用了颁发给系统的证书。
我从链中生成了根证书,并将其导入到容器中。解决方案:ca证书名为
ca-cert.crt。在Dockerfile中添加了以下几行。
COPY ca-cert.crt /usr/local/share/ca-certificates/ca-cert.crt
RUN chmod 644 /usr/local/share/ca-certificates/ca-cert.crt && update-ca-certificates
(类似于this answer)
您可以看到here examples使用了卷和机密,但在您的情况下可能不需要它们。