欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

Docker镜像的三大构建方式

程序员文章站 2022-03-30 08:02:11
...

摘要
在构建容器化应用时,相当重要的步骤莫过于镜像制作,本文将介绍镜像制作方法以及镜像制作的建议。
采用docker commit生成的镜像实际上是容器内的文件系统进行修改在进行提交,而运行的容器实际上是在镜像的文件系统顶层添加了一层读写层,所都的修改都是基于这一层,当生成镜像时会将这一层数据保存,所以每次使用commit提交镜像时候都会比原来多一层,这样会使得镜像越来越大并且不易维护。同时,对于镜像使用者来说完全不透明,使用者不清楚该镜像怎么样构建的,是否安全等,这种方式及其不推荐。
而使用Dockerfile构建镜像,对于使用者来说完全透明,构建镜像的每一个步骤都在Dockerfile文件中描述的清清楚楚,同时当需要对镜像修改时候,只需修改Dockerfile文件中的指令,维护镜像只需要维护一个Dockerfile,这也是镜像构建的最佳方式。当然,要使用Dockerfile就必须明白Dockerfile的语法和各个指令,以下将作详细介绍。

一、Docker镜像的分层Docker镜像的三大构建方式
①Dockerfile中的每个指令都会创建一个新的镜像层
②镜像层将被缓存和复用
③当Dockerfile的指令修改了,复制的文件变化了,或者构建镜像时指定的变量不同了,对应的镜像层缓存就会失效
④某一层的镜像缓存失效之后,它之后的镜像层都会失效
⑤镜像层时不可变的,如果在某一层中添加一个文件,然后再下一层中删除它,则镜像中依然会包含该文件

二、Docker镜像的创建
2.1、Docker镜像
2.1.1、应用发布的标准格式

2.1.2、支撑一个Docker容器的运行

2.2、Docker镜像的创建方法
2.2.1、基于已有镜像创建

2.2.2、基于本地模板创建

2.2.3、基于Dockerfile创建

2.3、基于已有镜像创建
2.3.1、将容器里面运行的程序及运行环境打包生成新的镜像

 docker commit [选项] 容器ID/名称 仓库名称:[标签]
 -m:说明信息
 -a:作者信息
 -p:生成过程中停止容器的运行

2.3.2、操作步骤

[aaa@qq.com ~]# docker create -it httpd /bin/bash
42357089c94717f3ce7519381793a4542d23835e0831f1a0ca1818302a38a8da
[aaa@qq.com ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
42357089c947        httpd               "/bin/bash"         5 minutes ago       Created                                 magical_volhard
[aaa@qq.com ~]# docker commit -m "new" -a "xxy" 42357089c947 xxy:httpd
sha256:798b229a000ae11ea8cc4c1e1c9c6af42f8f63b305d0ac57021a680fdd144cfc
[aaa@qq.com ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED              SIZE
xxy                 httpd               798b229a000a        About a minute ago   138MB
httpd               123                 67aff63fc0f2        3 hours ago          134MB
httpd               latest              0a30f4c29d25        8 days ago           138MB
centos              7                   8652b9f0cb4c        12 days ago          204MB

2.4、基于本地模板创建

导入本地镜像debian-7.0-x86-minimal.tar.gz
[aaa@qq.com ~]# cat debian-7.0-x86-minimal.tar.gz | docker import - docker:xxy
sha256:c21bd2b8ca4aa9212b39c99a9133696ac18bde0c86224d1700e35849f07bd823
[aaa@qq.com ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
docker              xxy                 c21bd2b8ca4a        8 seconds ago       215MB

2.5、基于Dockerfile创建
2.5.1、Dockerfile是由一组指令组成的文件

2.5.2、Dockerfile结构四部分

①基础镜像信息
②维护者信息
③镜像操作指令
④容器启动时执行指令
2.5.3、Dockerfile每行支持一条指令,每条指令可携带多个参数,支持使用以“#”号开头的注释

2.5.4、Dockerfile操作指令Docker镜像的三大构建方式
2.5.5、Dockerfile创建

[aaa@qq.com ~]# mkdir http
[aaa@qq.com ~]# cd http/
[aaa@qq.com http]# vim Dockerfile
#基于centos:7的基础镜像
FROM centos:7
#维护镜像的用户信息
MAINTAINER this is project
#镜像操作指令安装apache软件
RUN yum -y update
RUN yum -y install httpd
#开启80端口
EXPOSE 80
#复制网址首页文件
ADD index.html /var/www/html/index.html
#将执行脚本复制到镜像中
ADD run.sh /run.sh
RUN chmod 755 /run.sh
#启动容器时执行脚本
CMD ["/run.sh"]

2.5.6、制作脚本

1 [aaa@qq.com http]# vim run.sh
2 #!/bin/bash
3 rm -rf /run/httpd/*
4 exec /usr/sbin/apachectl -D FOREGROUND

2.5.7、制作网页

1 [aaa@qq.com http]# echo '<h1>this is xxy</h1>' > index.html 
2 [aaa@qq.com http]# ll      #文件要放同一个目录
3 总用量 12
4 -rw-r--r--. 1 root root 402 1126 15:13 Dockerfile
5 -rw-r--r--. 1 root root  21 1126 15:16 index.html
6 -rw-r--r--. 1 root root  71 1126 15:15 run.sh

2.5.8、生成镜像

[aaa@qq.com http]# docker build -t httpd:centos .
Sending build context to Docker daemon  4.096kB
Step 1/9 : FROM centos:7
 ---> 8652b9f0cb4c
Step 2/9 : MAINTAINER this is project
 ---> Running in b8e91a6eb4a7
Removing intermediate container b8e91a6eb4a7
 ---> d4bb43995938
Step 3/9 : RUN yum -y update
 ---> Running in d37d3d583d44
Loaded plugins: fastestmirror, ovl
Determining fastest mirrors

2.5.9、新镜像运行容器

[aaa@qq.com http]# docker run -d -p 9999:80 httpd:centos 
44444960d59d3cde9b922cb188c9e8cac44a6119aa7ab8f677488b66085f5a27
[aaa@qq.com http]# docker ps -a 
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS                  NAMES
44444960d59d        httpd:centos        "/run.sh"           7 seconds ago       Up 6 seconds        0.0.0.0:9999->80/tcp   trusting_chaplygin
42357089c947        httpd               "/bin/bash"         31 minutes ago      Created                                    magical_volhard

2.5.10、测试Docker镜像的三大构建方式

三、私有仓库建立
3.1、拉取镜像及修改配置文件(端口号:5000)

[aaa@qq.com http]# docker pull registry
Using default tag: latest
latest: Pulling from library/registry
cbdbe7a5bc2a: Pull complete 
47112e65547d: Pull complete 
46bcb632e506: Pull complete 
c1cc712bcecd: Pull complete 
3db6272dcbfa: Pull complete 
Digest: sha256:8be26f81ffea54106bae012c6f349df70f4d5e7e2ec01b143c46e2c03b9e551d
Status: Downloaded newer image for registry:latest
docker.io/library/registry:latest

[aaa@qq.com http]# vim /etc/docker/daemon.json 
{
"insecure-registries": ["20.0.0.10:5000"],       #添加
"registry-mirrors": ["https://lyoy0ey2.mirror.aliyuncs.com"]
}
[aaa@qq.com http]# systemctl restart docker

3.2、创建镜像并查看

[aaa@qq.com http]# docker create -it registry /bin/bash
7a68394d08ff8ac75530ddefa6d963d40f4f146d098dae3baf5fc43146642e38
[aaa@qq.com http]# docker ps -a 
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                            PORTS               NAMES
7a68394d08ff        registry            "/entrypoint.sh /bin…"   8 seconds ago       Created                                               tender_jennings
44444960d59d        httpd:centos        "/run.sh"                5 minutes ago       Exited (137) About a minute ago                       trusting_chaplygin
42357089c947        httpd               "/bin/bash"              36 minutes ago      Created                                               magical_volhard
[aaa@qq.com http]# docker start 7a68394d08ff
7a68394d08ff

3.3、宿主机的/data/registry自动创建挂载容器中的/tmp/registry

[aaa@qq.com http]# docker run -d -p 5000:5000 -v /data/registry:/tmp/registry registry
7e3f512d231956e99378b8ebed8501a486c72faea50bacdc1c04423b92fec018
[aaa@qq.com http]# docker tag httpd:centos 20.0.0.10:5000/httpd

3.4、上传并获取

[aaa@qq.com http]# docker push 20.0.0.10:5000/httpd
The push refers to repository [20.0.0.10:5000/httpd]
3da5b071c4f2: Pushed 
057bd52e8a9d: Pushed 
9dcf928dee97: Pushed 
46aa04549d1d: Pushed 
a8cb29dd04d5: Pushed 
174f56854903: Pushed 
latest: digest: sha256:5be48bc3714a095f9d8ae7b5684de3c70d6e1bbb95fa227fcf2005117aae9a87 size: 1574
#获取私有仓库列表
[aaa@qq.com http]# curl -XGET http://20.0.0.10:5000/v2/_catalog
{"repositories":["httpd"]}  #显示上传成功
#删除centos镜像
[aaa@qq.com http]#  docker rmi 20.0.0.10:5000/httpd:latest 
Untagged: 20.0.0.10:5000/httpd:latest
Untagged: 20.0.0.10:5000/aaa@qq.com:5be48bc3714a095f9d8ae7b5684de3c70d6e1bbb95fa227fcf2005117aae9a87
[aaa@qq.com http]# docker pull 20.0.0.10:5000/httpd   #测试私有仓库下载
Using default tag: latest
latest: Pulling from httpd
2d473b07cdd5: Already exists 
c36cd56632d3: Pull complete 
3a8ec7461da9: Pull complete 
020effa52e30: Pull complete 
b717300357b6: Pull complete 
3e68d6e6a411: Pull complete 
Digest: sha256:5be48bc3714a095f9d8ae7b5684de3c70d6e1bbb95fa227fcf2005117aae9a87
Status: Downloaded newer image for 20.0.0.10:5000/httpd:latest
20.0.0.10:5000/httpd:latest

四、Docker数据卷管理
4.1、Docker数据卷
-v 会自动进行创建目录进行挂载(宿主机与容器之间挂载)

4.1.1、宿主机目录/var/www挂载容器中的/data1

[aaa@qq.com http]# docker run -v /var/www:/data1 --name web1 -it centos:7 /bin/bash
[aaa@qq.com7be52105aa0f /]# cd /data1/
[aaa@qq.com7be52105aa0f data1]# echo 'xxy!!!' > test.txt
[aaa@qq.com7be52105aa0f data1]# exit
exit

4.1.2、宿主机查看

[aaa@qq.com http]# cat /var/www/test.txt 
xxy!!!

4.2、数据卷容器
数据卷容器,新容器挂载数据卷容器web100(容器内部挂载)

[aaa@qq.com http]# docker run --name web100 -v /data2 -v /data3 -it centos:7 /bin/bash 
[aaa@qq.com00c4b2f49e9d /]# ls
anaconda-post.log  data2  dev  home  lib64  mnt  proc  run   srv  tmp  var
bin                data3  etc  lib   media  opt  root  sbin  sys  usr

#再开一个主机
[aaa@qq.com ~]# docker run -it --volumes-from web100 --name db1 centos:7 /bin/bash
[aaa@qq.com4edd7c39e0a8 /]# ls
anaconda-post.log  data2  dev  home  lib64  mnt  proc  run   srv  tmp  var
bin                data3  etc  lib   media  opt  root  sbin  sys  usr
[aaa@qq.com4edd7c39e0a8 /]# cd data2
[aaa@qq.com4edd7c39e0a8 data2]# touch xx 
[aaa@qq.com4edd7c39e0a8 data2]# ls
xx
[aaa@qq.com4edd7c39e0a8 data2]# cd /data3
[aaa@qq.com4edd7c39e0a8 data3]# touch yy
[aaa@qq.com4edd7c39e0a8 data3]# ls
yy
[aaa@qq.com00c4b2f49e9d /]# cd /data3
[aaa@qq.com00c4b2f49e9d data3]# ls
yy
[aaa@qq.com00c4b2f49e9d data3]# cd /data2
[aaa@qq.com00c4b2f49e9d data2]# ls
xx

4.3、端口映射

[aaa@qq.com http]# docker run -dit -P nginx
Unable to find image 'nginx:latest' locally
latest: Pulling from library/nginx
852e50cd189d: Already exists 
571d7e852307: Pull complete 
addb10abd9cb: Pull complete 
d20aa7ccdb77: Pull complete 
8b03f1e11359: Pull complete 
Digest: sha256:6b1daa9462046581ac15be20277a7c75476283f969cb3a61c8725ec38d3b01c3
Status: Downloaded newer image for nginx:latest
c4f1be4afb8132e7eec37705a77c45b642688e9bb0ad9e669463359d5b132de1

[aaa@qq.com http]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                        PORTS                    NAMES
c4f1be4afb81        nginx               "/docker-entrypoint.…"   30 seconds ago      Up 29 seconds                 0.0.0.0:32769->80/tcp    unruffled_maxwell

[aaa@qq.com http]# docker run -d -p 1111:80 httpd  #指定端口
3d5aaa7e383534bb76b26625aa830c4c7514e0cd484611636f4d41042d761f3c
[aaa@qq.com http]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED              STATUS                        PORTS                    NAMES
3d5aaa7e3835        httpd               "httpd-foreground"       5 seconds ago        Up 4 seconds                  0.0.0.0:1111->80/tcp     great_dewdney

4.4测试
Docker镜像的三大构建方式
Docker镜像的三大构建方式
4.4、容器互联

创建并运行容器取名web11,端口号自动映射
[aaa@qq.com httpd]# docker run -dit -P --name web11 centos:7 /bin/bash
5fa7635068c78b7c0fc331398ae5f4e393001c1f5c5f02072d11f3471f07e341

--name 指定容器名称

创建并运行容器取名web22
[aaa@qq.com httpd]# docker run -dit -P --name web22 --link web11:web11 centos:7 /bin/bash
b413c6cbf148cb7670084e8e31c24993e61f1cc83efb2eee4a1cd38ee1325ed7

--link 关联单向连接

进web22容器ping web11
[aaa@qq.com httpd]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                           PORTS                    NAMES
b413c6cbf148        centos:7            "/bin/bash"              3 minutes ago       Up 3 minutes                                              web22
5fa7635068c7        centos:7            "/bin/bash"              4 minutes ago       Up 4 minutes                                              web11

[aaa@qq.com httpd]# docker exec -it b413c6cbf148 /bin/bash

[aaa@qq.com /]# ping web11
PING web11 (172.17.0.5) 56(84) bytes of data.
64 bytes from web11 (172.17.0.5): icmp_seq=1 ttl=64 time=0.066 ms
64 bytes from web11 (172.17.0.5): icmp_seq=2 ttl=64 time=0.058 ms
64 bytes from web11 (172.17.0.5): icmp_seq=3 ttl=64 time=0.060 ms
--- web11 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.058/0.061/0.066/0.007 ms

安装net工具
[aaa@qq.com /]# yum -y install net-tools
[aaa@qq.com /]# ifconfig     #查询网址信息
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.0.6  netmask 255.255.0.0  broadcast 172.17.255.255     #第一个创建的容器地址是172.17.0.2,以此类推
        ether 02:42:ac:11:00:06  txqueuelen 0  (Ethernet)
        RX packets 7114  bytes 11320444 (10.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 3999  bytes 219299 (214.1 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
相关标签: docker 私有仓库