文章目录
docker 镜像的制作
多数情况下,我们做镜像是基于别人已存在的某个基础镜像来实现的,我们把它称为 base image。比如一个纯净版的最小化的 centos、ubuntu 或 debian。
那么这个最小化的 centos 镜像从何而来呢?其实这个基础镜像一般是由 Docker Hub的相关维护人员,也就是 Docker 官方手动制作的。这个基础镜像的制作对于 Docker 官方的专业人员来说是非常容易的,但对于终端用户来说就不是那么容易制作的了。
Docker Hub
Docker Hub is a cloud-based registry service which allows you to link to code repositories, build your images and test them, stores manually pushed images, and links to Docker Cloud so you can deploy images to your hosts.
It provides a centralized resource for container image discovery, distribution and change management, user and team collaboration, and workflow automation throughout the development pipeline.
Docker Hub provides the following major features:
- Image Repositories
- Find and pull images from community and official libraries, and manage, push to, and pull from private images libraries to which you have access.
- Automated Builds
- Automatically create new images when you make changes to a source code repository.
- Webhooks
- A feature of Automated Builds, Webhooks let you trigger actions after a successful push to a repository.
- Organizations
- Create work groups to manage access to image repositories.
- GitHub and Bitbucket Integration
- Add the Hub and your Docker Images to your current workflows.
docker 镜像的获取
To get Docker images from a remote registry(such as your own Docker registry)and add them to your local system, use the docker pull command:
# docker pull <registry>[:<port>]/[<namespace>/]<name>:<tag>
[root@localhost ~]# docker pull clearlinux/httpd:2
2: Pulling from clearlinux/httpd
fb25caaab0ba: Pull complete
6e09a9ef9159: Pull complete
4e8650cad768: Pull complete
ffdf5f90450c: Pull complete
01c97766557c: Pull complete
c7faa8f7ac5f: Pull complete
Digest: sha256:d9c99c30dd549109d27400c4a57c200cf0f8ce45dc4020931072161172f01772
Status: Downloaded newer image for clearlinux/httpd:2
docker.io/clearlinux/httpd:2
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
clearlinux/httpd 2 5b744a21cf88 2 days ago 122MB
httpd latest dabbfbe0c57b 7 months ago 144MB
The is a host that provides the docker-distribution service on TCP (default:5000)
Together, and identify a particular image controlled by at the registry
- Some registries also support raw ;for those, is optional
- When it is included, however, the additional level of hierarchy that provides is usefull to distinguish between images with the same
The additional level of hierarchy of
Namespace | Examples(/) |
---|---|
organization | redhat/kubernetes, google/kubernetes |
login(username) | Alice/application, bob/application |
role | devel/database, test/database, prod/database |
镜像的推送
[root@localhost ~]# docker pull busybox
Using default tag: latest
latest: Pulling from library/busybox
5cc84ad355aa: Pull complete
Digest: sha256:5acba83a746c7608ed544dc1533b87c737a0b0fb730301639a0179f9344b1678
Status: Downloaded newer image for busybox:latest
docker.io/library/busybox:latest
[root@localhost ~]# docker tag busybox:latest starskysmile/busybox:v1
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
clearlinux/httpd 2 5b744a21cf88 2 days ago 122MB
busybox latest beae173ccac6 7 months ago 1.24MB
starskysmile/busybox v1 beae173ccac6 7 months ago 1.24MB
httpd latest dabbfbe0c57b 7 months ago 144MB
[root@localhost ~]# docker login
Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one.
Username: starskysmile
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@localhost ~]# docker push starskysmile/busybox:v1
The push refers to repository [docker.io/starskysmile/busybox]
01fd6df81c8e: Mounted from library/busybox
v1: digest: sha256:62ffc2ed7554e4c6d360bce40bbcf196573dd27c4ce080641a2c59867e732dee size: 527
镜像的删除
docker 后接:
- 参数
- 对象
- 命令
docker rmi
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
clearlinux/httpd 2 5b744a21cf88 3 days ago 122MB
busybox latest beae173ccac6 7 months ago 1.24MB
starskysmile/busybox v1 beae173ccac6 7 months ago 1.24MB
httpd latest dabbfbe0c57b 7 months ago 144MB
[root@localhost ~]# docker rmi starskysmile/busybox:v1
Untagged: starskysmile/busybox:v1
Untagged: starskysmile/busybox@sha256:62ffc2ed7554e4c6d360bce40bbcf196573dd27c4ce080641a2c59867e732dee
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
clearlinux/httpd 2 5b744a21cf88 3 days ago 122MB
busybox latest beae173ccac6 7 months ago 1.24MB
httpd latest dabbfbe0c57b 7 months ago 144MB
docker image rm
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
clearlinux/httpd 2 5b744a21cf88 3 days ago 122MB
busybox latest beae173ccac6 7 months ago 1.24MB
httpd latest dabbfbe0c57b 7 months ago 144MB
[root@localhost ~]# docker image rm clearlinux/httpd:2
Untagged: clearlinux/httpd:2
Untagged: clearlinux/httpd@sha256:d9c99c30dd549109d27400c4a57c200cf0f8ce45dc4020931072161172f01772
Deleted: sha256:5b744a21cf88ec54c09d85ef07fd5a5a50d77afb161727fda7d3900e46b2cd22
Deleted: sha256:b4085a4debca190215316e10125f9091528ad26cf21fb6e7501699af3c361f2c
Deleted: sha256:25fe972503d8782fc149537765224ae9dc74ed3e44700d380065aaf00c515405
Deleted: sha256:44aa16d19cedaa5662fc41b4d78e190008bb8dfe67a30481ec33da061473085a
Deleted: sha256:8bb09523c600d656fef42b87ab68aadb742be06b5049c79f0af1228872999498
Deleted: sha256:66372b7123d78eb57500a1b592411fecbfde9e1e84c75df451ea549d90532040
Deleted: sha256:8cc29680d8a057042bff9a1ab5f8287f1e1df42c31ce5f5951e2e725fa758333
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest beae173ccac6 7 months ago 1.24MB
httpd latest dabbfbe0c57b 7 months ago 144MB
镜像的生成
镜像的生成途径:
- Dockerfile
- 基于容器制作
- Docker Hub automated builds
基于容器制作镜像
docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]
Options | Default | Description |
---|---|---|
—author, -a | Author (e.g., “John Hannibal Smith hannibal@a-team.com”) | |
-c, --change list | Apply Dockerfile instruction to the created image | |
-m, --message string | Commit message | |
-p, --pause | true | Pause container during commit |
注意:在创建镜像时,我们不能关闭容器,必须使其处于运行状态,所以我们必须要另起一个终端,然后执行。
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest beae173ccac6 7 months ago 1.24MB
httpd latest dabbfbe0c57b 7 months ago 144MB
[root@localhost ~]# docker run -d -it --name r1 busybox
89971e760247c3512d077ec14fb8ad9099a355c1a72a279905e4ae8ab05c6850
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
89971e760247 busybox "sh" 4 seconds ago Up 3 seconds r1
[root@localhost ~]# docker exec -it r1 /bin/sh
/ # ls
bin dev etc home proc root sys tmp usr var
/ # mkdir /data
/ # ls
bin data dev etc home proc root sys tmp usr var
/ # cd /data/
/data # ls
/data # echo "nihao" > a.txt
/data # cat a.txt
nihao
/data # exit
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
89971e760247 busybox "sh" About a minute ago Up About a minute r1
[root@localhost ~]# docker commit r1 busybox:r1
sha256:6fe0540989a31bb6c7c9d729cbc2bcb4fc0df56b2d5c95b4f3964607cc2b8bfd
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox r1 6fe0540989a3 9 seconds ago 1.24MB
busybox latest beae173ccac6 7 months ago 1.24MB
httpd latest dabbfbe0c57b 7 months ago 144MB
镜像改名:docker tag IMAGE ID 修改后的名字:TAG
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox r1 6fe0540989a3 9 seconds ago 1.24MB
busybox latest beae173ccac6 7 months ago 1.24MB
httpd latest dabbfbe0c57b 7 months ago 144MB
[root@localhost ~]# docker tag 6fe0540989a3 bsb:v1
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
bsb v1 6fe0540989a3 15 minutes ago 1.24MB
busybox r1 6fe0540989a3 15 minutes ago 1.24MB
busybox latest beae173ccac6 7 months ago 1.24MB
httpd latest dabbfbe0c57b 7 months ago 144MB
使用 docker inspect 命令查看容器启动的默认进程是什么
镜像的导入与导出
假如有 2 台主机,我们在主机 1 上做了一个镜像,主机 2 想用这个镜像怎么办呢?
我们可以在主机 1 上 push 镜像到镜像仓库中,然后在主机 2 上 pull 把镜像拉下来使用,这种方式就显得比较麻烦,假如我只是测试用的,在一台主机上做好镜像后在另一台主机上跑一下就行了,没必要推到仓库上然后又把它拉到本地来。
此时我们可以在已有镜像的基础上把镜像打包成一个压缩文件,然后拷贝到另一台主机上将其导入,这就是镜像的导入和导出功能。
docker 中我们使用docker save
进行导出,使用docker load
进行导入。
在已生成镜像的主机上执行docker save
导出镜像
[root@localhost ~]# docker save -o busybox busybox:latest
[root@localhost ~]# ls
anaconda-ks.cfg busybox
[root@localhost ~]# file busybox
busybox: POSIX tar archive
[root@localhost ~]# docker save -o busybox.tar.xz busybox:latest
[root@localhost ~]# ls
anaconda-ks.cfg busybox busybox.tar.xz
[root@localhost ~]# file busybox.tar.xz
busybox.tar.xz: POSIX tar archive
在另一台没有镜像的主机上执行docker load
导入镜像
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest beae173ccac6 7 months ago 1.24MB
httpd latest dabbfbe0c57b 7 months ago 144MB
centos latest 5d0da3dc9764 10 months ago 231MB
[root@localhost ~]# docker rmi busybox:latest
Untagged: busybox:latest
Untagged: busybox@sha256:5acba83a746c7608ed544dc1533b87c737a0b0fb730301639a0179f9344b1678
Deleted: sha256:beae173ccac6ad749f76713cf4440fe3d21d1043fe616dfbe30775815d1d0f6a
Deleted: sha256:01fd6df81c8ec7dd24bbbd72342671f41813f992999a3471b9d9cbc44ad88374
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
httpd latest dabbfbe0c57b 7 months ago 144MB
centos latest 5d0da3dc9764 10 months ago 231MB
[root@localhost ~]# docker load -i busybox
01fd6df81c8e: Loading layer 1.459MB/1.459MB
Loaded image: busybox:latest
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest beae173ccac6 7 months ago 1.24MB
httpd latest dabbfbe0c57b 7 months ago 144MB
centos latest 5d0da3dc9764 10 months ago 231MB
基于 CentOS 镜像的 httpd 源码安装
- 安装 CentOS
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest beae173ccac6 7 months ago 1.24MB
httpd latest dabbfbe0c57b 7 months ago 144MB
[root@localhost ~]# docker pull centos
Using default tag: latest
latest: Pulling from library/centos
a1d0c7532777: Pull complete
Digest: sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd6c473f432b177
Status: Downloaded newer image for centos:latest
docker.io/library/centos:latest
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest beae173ccac6 7 months ago 1.24MB
httpd latest dabbfbe0c57b 7 months ago 144MB
centos latest 5d0da3dc9764 10 months ago 231MB
- 运行容器
[root@localhost ~]# docker run -d -it --name c1 centos
51a85bd910d1b7767b355172956d02447ff4d17730ce41bd67c0bfd7c18533c2
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
51a85bd910d1 centos "/bin/bash" 35 seconds ago Up 34 seconds c1
- 进入容器
[root@localhost ~]# docker exec -it c1 /bin/bash
[root@51a85bd910d1 /]#
- 文件导入至容器中
[root@localhost ~]# ls
anaconda-ks.cfg apr-util-1.6.1.tar.bz2
apr-1.6.5.tar.bz2 httpd-2.4.54.tar.bz2
[root@localhost ~]# mkdir abc
[root@localhost ~]# mv apr-* abc/
[root@localhost ~]# mv httpd-2.4.54.tar.bz2 abc/
[root@localhost ~]# docker cp abc/ c1:/usr/src/
[root@51a85bd910d1 /]# ls /usr/src/abc/
apr-1.6.5.tar.bz2 apr-util-1.6.1.tar.bz2 httpd-2.4.54.tar.bz2
- 在容器中配置网络源,并下载软件
[root@51a85bd910d1 /]# cd /etc/yum.repos.d/
[root@51a85bd910d1 yum.repos.d]# ls
CentOS-Linux-AppStream.repo CentOS-Linux-FastTrack.repo
CentOS-Linux-BaseOS.repo CentOS-Linux-HighAvailability.repo
CentOS-Linux-ContinuousRelease.repo CentOS-Linux-Media.repo
CentOS-Linux-Debuginfo.repo CentOS-Linux-Plus.repo
CentOS-Linux-Devel.repo CentOS-Linux-PowerTools.repo
CentOS-Linux-Extras.repo CentOS-Linux-Sources.repo
[root@51a85bd910d1 yum.repos.d]# rm -rf *
[root@51a85bd910d1 yum.repos.d]# ls
[root@51a85bd910d1 yum.repos.d]# curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 100 2495 100 2495 0 0 14590 0 --:--:-- --:--:-- --:--:-- 14590
[root@51a85bd910d1 yum.repos.d]# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
[root@51a85bd910d1 yum.repos.d]# ls
CentOS-Base.repo
[root@51a85bd910d1 yum.repos.d]# cd
[root@51a85bd910d1 ~]# dnf -y install bzip2 expat-devel libtool libxml2-devel make gcc openssl-devel pcre-devel
- 解压、编译安装
[root@51a85bd910d1 ~]# cd /usr/src/abc/
[root@51a85bd910d1 abc]# tar xf apr-1.6.5.tar.bz2
[root@51a85bd910d1 abc]# tar xf apr-util-1.6.1.tar.bz2
[root@51a85bd910d1 abc]# tar xf httpd-2.4.54.tar.bz2
[root@51a85bd910d1 abc]# ls
apr-1.6.5 apr-util-1.6.1 httpd-2.4.54
apr-1.6.5.tar.bz2 apr-util-1.6.1.tar.bz2 httpd-2.4.54.tar.bz2
[root@51a85bd910d1 abc]# useradd -r -M -s /sbin/nologin apache
[root@51a85bd910d1 abc]# id apache
uid=998(apache) gid=996(apache) groups=996(apache)
[root@51a85bd910d1 apr-1.6.5]# vi configure
......
# $RM "$cfgfile"
......
[root@51a85bd910d1 apr-1.6.5]# ./configure --prefix=/usr/local/apr
[root@51a85bd910d1 apr-1.6.5]# make && make install
[root@51a85bd910d1 apr-1.6.5]# cd ..
[root@51a85bd910d1 abc]# cd apr-util-1.6.1
[root@51a85bd910d1 apr-util-1.6.1]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
[root@51a85bd910d1 apr-util-1.6.1]# make && make install
[root@51a85bd910d1 apr-util-1.6.1]# cd ..
[root@51a85bd910d1 abc]# cd httpd-2.4.54
[root@51a85bd910d1 httpd-2.4.54]# ./configure --prefix=/usr/local/apache \
> --enable-so \
> --enable-ssl \
> --enable-cgi \
> --enable-rewrite \
> --with-zlib \
> --with-pcre \
> --with-apr=/usr/local/apr \
> --with-apr-util=/usr/local/apr-util/ \
> --enable-modules=most \
> --enable-mpms-shared=all \
> --with-mpm=prefork
[root@51a85bd910d1 httpd-2.4.54]# make && make install
[root@51a85bd910d1 httpd-2.4.54]# ls /usr/local/
apache apr-util etc include lib64 sbin src
apr bin games lib libexec share
方法 ①:脚本
[root@51a85bd910d1 httpd-2.4.54]# cd /
[root@51a85bd910d1 /]# vi http.sh
#! /bin/bash
/usr/local/apache/bin/httpd
sleep 5d
[root@51a85bd910d1 /]# chmod +x http.sh
[root@localhost ~]# docker commit -a 'skye <1@2.com>' -c 'CMD ["/http.sh"]' -p c1 centos-httpd:v1
sha256:3b5b771c3f290361c51f9dc1c83eaa73f3a4bdf167c55a7141b40fc6440c3c2f
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos-httpd v1 3b5b771c3f29 8 seconds ago 678MB
busybox latest beae173ccac6 7 months ago 1.24MB
httpd latest dabbfbe0c57b 7 months ago 144MB
centos latest 5d0da3dc9764 10 months ago 231MB
[root@localhost ~]# docker run -d -it --name web1 centos-httpd:v1
887c1554779de53536328c7f62fa88d7d531f4fbfeb12074be88e3d4be43267b
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
887c1554779d centos-httpd:v1 "/http.sh" 2 minutes ago Up 2 minutes web1
51a85bd910d1 centos "/bin/bash" About an hour ago Up About an hour c1
[root@localhost ~]# docker inspect web1
......
"Cmd": [
"/http.sh"
],
......
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
......
[root@localhost ~]# curl 172.17.0.2
<html><body><h1>It works!</h1></body></html>
方法 ②:直接提交
[root@localhost ~]# docker commit -a 'skye <1@2.com>' -c 'CMD ["/usr/local/apache/bin/httpd","-D","FOREGROUND"]' -p c1 centos-httpd:v2
sha256:40d9de9e74c7faa1118ef32fb96f82ad5809617f0318a158e046f1bc4839a43a
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos-httpd v2 40d9de9e74c7 28 seconds ago 678MB
centos-httpd v1 3b5b771c3f29 9 minutes ago 678MB
busybox latest beae173ccac6 7 months ago 1.24MB
httpd latest dabbfbe0c57b 7 months ago 144MB
centos latest 5d0da3dc9764 10 months ago 231MB
[root@localhost ~]# docker run -d -it --name web2 centos-httpd:v2
9bfe5ccf6a2decfb797964c2a8e639e92b784266e8ad42bd012c04ea64794a60
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9bfe5ccf6a2d centos-httpd:v2 "/usr/local/apache/b…" 10 seconds ago Up 9 seconds web2
887c1554779d centos-httpd:v1 "/http.sh" 9 minutes ago Up 9 minutes web1
51a85bd910d1 centos "/bin/bash" About an hour ago Up About an hour c1
[root@localhost ~]# docker inspect web2
......
"Cmd": [
"/http.sh"
],
......
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.4",
......
[root@localhost ~]# curl 172.17.0.4
<html><body><h1>It works!</h1></body></html>
端口映射
docker run -d -it --name web3 -p 80:80 centos-httpd:v3
docker exec -it web3 /bin/bash
cd /usr/local/apache/htdocs/
echo "hello world" > index.html