docker镜像
docker镜像含有启动容器所需要的文件系统和内容,因此,其用于创建并启动docker容器
docker镜像采用分层构建机制,最底层为bootfs,其之为rootfs
- bootfs:用于系统引导的文件系统,包括bootloader和kernel,容器启动完成后会被卸载以节省内存资源
- rootfs:位于rootfs上,表现为docker容器的根文件系统
传统模式中,系统启动时,内核挂载rootfs时会首先将其挂载为“只读”模式,完整性自检完成后将其重新挂载为只读模式
docker中,rootfs由内核挂在为“只读”模式,而后通过“联合挂载”技术额外挂载一个“可写”层
Docker Image Layer
位于下层的镜像称为父镜像(parent image),最底层的称之为基础镜像(Base Image)
最上层为“读写”层,其下层为“只读”层
想要联合挂载需要特定的文件系统Aufs
Aufs
advance multi-layered unification filesystem:高级多层统一文件系统
- 用于为linux文件系统实现“联合挂载”
- aufs是之前的UnionFS的重新实现,2006年由Junjiro Okajima开发
- Docker最初使用aufs作为容器文件系统层,它目前仍作为存储后端之一来支持
- aufs的竞争产品是overlayfs,后者后者自从3.18版本开始被合并到了linux内核
- docker的分层镜像,除了aufs,docker还支持btrfs,devicemapper和vfs等
在Ubuntu系统下,默认文件系统为aufs,而在CentOS7上,用的是devicemapper
Docker Registry
启动容器时,docker daemon会试图从本地获取相关镜像,本地镜像不存在时,将从Registry中下载该镜像保存至本地中
镜像相关操作
镜像的生成途径
- dockerfile
- 基于容器制作
- docker hub automated builds
基于容器制作镜像
Usage: docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]] Create a new image from a container's changes Options:
-a, --author string Author (e.g., "John Hannibal Smith <hannibal@a-team.com>")
-c, --change list Apply Dockerfile instruction to the created image
-m, --message string Commit message
-p, --pause Pause container during commit (default true)
制作镜像案例:
[root@localhost ~]# docker commit -p -a "liwang" -m "myimage" mybox
sha256:de701b01b33656a3c1e04bce397940fc7675dca4e08e60ca19425900a258274d [root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> de701b01b336 seconds ago .22MB
busybox latest 020584afccce weeks ago .22MB
修改标签案例:
[root@localhost ~]# docker tag de701b01b336 liwang/busybox:v1
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
liwang/busybox v1 de701b01b336 minutes ago .22MB
busybox latest 020584afccce weeks ago .22MB
删除镜像(如果一个镜像有2个标签,其实是删除标签)
[root@localhost ~]# docker image rm liwang/busybox:v1
Untagged: liwang/busybox:v1
Deleted: sha256:de701b01b33656a3c1e04bce397940fc7675dca4e08e60ca19425900a258274d
Deleted: sha256:ecb7306b32fefb8a2c964a217506696a7f41f7085fe317f7416db74a066f284e
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest 020584afccce weeks ago .22MB
修改镜像初始运行的命令
[root@localhost ~]# docker commit -a "liwang<liwang_dc@126.com>" -p -c 'CMD ["/bin/httpd","-f","-h","/data/html"]' mybox liwang/httpd:v1
sha256:02a490f7eb0d771125f9f8a29c9ae8973862c27f7ac2481c8c19f3aa73a55506 [root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ddb70a657548 liwang/busybox:v1 "sh" minutes ago Up minutes mybox
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ddb70a657548 liwang/busybox:v1 "sh" minutes ago Up minutes mybox
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
liwang/httpd v1 02a490f7eb0d About a minute ago .22MB
liwang/busybox v1 6592e65bbc7f minutes ago .22MB
nginx latest 231d40e811cd hours ago 126MB
busybox latest 020584afccce weeks ago .22MB
[root@localhost ~]# docker run --name myhttpd -itd liwang/httpd:v1
9bbc0271904b9f41150911f2a11117943a7cd44c8e531b76d3f699a970411210
[root@localhost ~]# curl 172.17.0.2
<h1>this is busybox page</h1>
docker hub
上传至docker hub,这里要注意的是本地镜像标签一定要和docker hub上自己的私有仓库名字一致
登录docker hub 创建自己的仓库
填写仓库名称和描述信息,并且选择是公有仓库还是私有仓库
然后把镜像上传至docker hub上
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
liwang/httpd v1 02a490f7eb0d minutes ago .22MB
lizhaoqwe/httpd v1 02a490f7eb0d minutes ago .22MB
liwang/busybox v1 6592e65bbc7f About an hour ago .22MB
nginx latest 231d40e811cd hours ago 126MB
busybox latest 020584afccce weeks ago .22MB
[root@localhost ~]# docker login -u lizhaoqwe
Password:
[root@localhost ~]# docker push lizhaoqwe/httpd:v1
The push refers to repository [docker.io/lizhaoqwe/httpd]
69bc3e032fd9: Pushed
68eb0185b393: Pushed
1da8e4c8d307: Pushed
v1: digest: sha256:593871c722b58b0d8a45978e159896737fa8b91de5cbaffecfdf4379c3598243 size:
上传完毕后查看docker hub
基于阿里云的镜像仓库
点击管理可以看到阿里云镜像仓库的用法
现在我们就把刚才基于busybox创建的httpd镜像上传至阿里云镜像仓库
[root@localhost ~]# docker push registry.cn-hangzhou.aliyuncs.com/liwang123/httpd
The push refers to repository [registry.cn-hangzhou.aliyuncs.com/liwang123/httpd]
69bc3e032fd9: Pushed
68eb0185b393: Pushed
1da8e4c8d307: Pushed
v1: digest: sha256:593871c722b58b0d8a45978e159896737fa8b91de5cbaffecfdf4379c3598243 size:
验证
镜像打包
镜像的导入导出
如果我们的镜像,别人也想用,但只想用一次就删除掉,那么我们要先打标签在上传,然后测试人员还要pull下来,其实也比较麻烦,那么这个时候我们可以考虑用镜像打包的方式,镜像打包可以把所需要的镜像打包在一起,然后可以用scp等命令拷贝过去,在导入就可以了
打包镜像
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
liwang/httpd v1 02a490f7eb0d hours ago .22MB
liwang123/httpd v1 02a490f7eb0d hours ago .22MB
lizhaoqwe/httpd v1 02a490f7eb0d hours ago .22MB
registry.cn-hangzhou.aliyuncs.com/liwang123/httpd v1 02a490f7eb0d hours ago .22MB
liwang/busybox v1 6592e65bbc7f hours ago .22MB
nginx latest 231d40e811cd hours ago 126MB
busybox latest 020584afccce weeks ago .22MB
[root@localhost ~]# docker save -o myimages.tar.gz registry.cn-hangzhou.aliyuncs.com/liwang123/httpd nginx busybox
[root@localhost ~]# ls -ltr
总用量
-rw-r--r-- root root 7月 Python-3.6..tgz
-rw-------. root root 5月 : anaconda-ks.cfg
drwxr-xr-x. root root 6月 : old
drwxr-xr-x. root root 6月 : inc1
drwxr-xr-x. root root 6月 : fullbackup
drwxr-xr-x root root 6月 : Python-3.6.
-rw-r--r-- root root 6月 : test.yaml
-rw-r--r-- root root 6月 : test.retry
-rw------- 1 root root 131637760 11月 23 22:44 myimages.tar.gz
在另一台机器上执行导入命令并验证
[root@localhost ~]# docker load -i myimages.tar.gz
1da8e4c8d307: Loading layer [==================================================>] .437MB/.437MB
68eb0185b393: Loading layer [==================================================>] .12kB/.12kB
69bc3e032fd9: Loading layer [==================================================>] .56kB/.56kB
Loaded image: registry.cn-hangzhou.aliyuncs.com/liwang123/httpd:v1
831c5620387f: Loading layer [==================================================>] .48MB/.48MB
5fb987d2e54d: Loading layer [==================================================>] .67MB/.67MB
4fc1aa8003a3: Loading layer [==================================================>] .584kB/.584kB
Loaded image: nginx:latest
Loaded image: busybox:latest
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
registry.cn-hangzhou.aliyuncs.com/liwang123/httpd v1 02a490f7eb0d hours ago .22MB
nginx latest 231d40e811cd hours ago 126MB
busybox latest 020584afccce weeks ago .22MB