1. Introduce the hierarchical structure of Docker image:
(1) docker mirror:
The Docker image is a read-only Docker container template, which contains the file system structure and its content needed to start the Docker container, so it is the basis for starting a Docker container. Docker image file content and some configuration files running Docker container constitute the static file system running environment of Docker container - rootfs. Understandably, the Docker image is the static perspective of the Docker container, which is the running state of the Docker image.
(2) The hierarchical structure of docker image:
2. Creation of Docker commit mirror:
Create containers, for example, ubuntu
(1) Import the image, create the container and run it
[root@server1 ~]# docker load -i ubuntu.tar ##Adding Mirrors
[root@server1 ~]# docker images ##View the pulled image
REPOSITORY TAG IMAGE ID CREATED SIZE
game2048 latest 19299002fdbe 2 years ago 55.5MB
ubuntu latest 07c86167cdc4 3 years ago 188MB
rhel7 latest 0a3eb3fde7fd 5 years ago
[root@server1 ~]# docker run -it --name vm2 ubuntu ##Create and Run Containers - it: Open Interactively
root@a4aca5fcecc3:/# ls
bin dev home lib64 mnt proc run srv tmp var
boot etc lib media opt root sbin sys usr
root@a4aca5fcecc3:/# uname -r
3.10.0-862.el7.x86_64 ##Consistent with the host kernel version
root@a4aca5fcecc3:/#
root@a4aca5fcecc3:/# touch file{1..10}
root@a4aca5fcecc3:/# ls
bin etc file2 file5 file8 lib mnt root srv usr
boot file1 file3 file6 file9 lib64 opt run sys var
dev file10 file4 file7 home media proc sbin tmp
root@a4aca5fcecc3:/# exit
exit
[root@server1 ~]# docker rm vm2 ##Delete the container, at which time the files created in the container are not saved
vm2
When you delete the container vm2 and re-create and run the container with the ubuntu image, the previously created file disappears because the last operation was written on the container layer, and the contents of the mirror layer are read-only. When the last container is released, the contents written in the container layer will disappear.
(2) Use docker commit to save the modified image as a new image
Modify the mirror first
[root@server1 ~]# docker run -it --name vm2 ubuntu
root@8e0d11ca1b95:/# ls
bin dev home lib64 mnt proc run srv tmp var
boot etc lib media opt root sbin sys usr
root@8e0d11ca1b95:/# touch file{1..10}
root@8e0d11ca1b95:/# ls
bin etc file2 file5 file8 lib mnt root srv usr
boot file1 file3 file6 file9 lib64 opt run sys var
dev file10 file4 file7 home media proc sbin tmp
root@8e0d11ca1b95:/# exit
exit
Save the modified image as a new image using docker commit
[root@server1 ~]# docker commit vm2 ubuntu:v ##Repack the container into a mirror sha256:593a662c6eedf8afc483f305ff9369ee9c8bddd8c71fca0718178d2895d1ea0d [root@server1 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE ubuntu v 593a662c6eed 14 seconds ago 188MB [root@server1 ~]# docker rm vm2 ##Delete the created container vm2 [root@server1 ~]# docker run -it --name vm2 ubuntu:v ##Run this container root@306c2ef91b50:/# ls ##The created file still exists bin etc file2 file5 file8 lib mnt root srv usr boot file1 file3 file6 file9 lib64 opt run sys var dev file10 file4 file7 home media proc sbin tmp root@306c2ef91b50:/# exit exit
Use containers to create images. A container is a writable container layer at the top of the mirror layer. Packaging the container image is to transform the writable container layer into a read-only mirror layer, and to use all the lower mirror layers as the mirror layer of the new image.
(3) View the history of the construction of the v mirror
[root@server1 ~]# docker history ubuntu:v IMAGE CREATED CREATED BY SIZE COMMENT 593a662c6eed 6 minutes ago /bin/bash 29B 07c86167cdc4 3 years ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B <missing> 3 years ago /bin/sh -c sed -i 's/^#\s*\(deb.*universe\)$... 1.9kB <missing> 3 years ago /bin/sh -c echo '#!/bin/sh' > /usr/sbin/poli... 195kB <missing> 3 years ago /bin/sh -c #(nop) ADD file:b9504126dc5590898... 188MB
3.Dockerfile implements image encapsulation
(1) Construction of Simple Mirror
mkdir docker
cd docker/
vim Dockerfile #Create a Docker file
FROM ubuntu
RUN touch file{1..10}
docker build -t ubuntu:v1 . #Building Mirrors
docker history ubuntu:v1 #View the hierarchical structure of the mirror
Note: When building a mirror, do not build directly in the root directory, because building a mirror pulls all the data in that directory.
(2) Common commands in Dockerfile
(1) FROM: Specify the base image, which will be downloaded from the remote repository if it does not exist locally
(2) MAINTAINER: Authors who set up mirrors, such as user mailboxes, etc.
(3) COPY: Copy files from build context to mirror, supporting two forms: COPY src dest and COPY ["src", "dest"]. SRC must specify files or directories in build context.
(4) ADD: Similar to COPY in usage, src can be an archive compressed file, which can be automatically decompressed to dest or downloaded to a mirror automatically.
(5) ENV: Setting environment variables that can be used by subsequent instructions
(6) EXPOSE: If the application services are running in the container, the service ports can be exposed.
(7) VOLUME: Declare the data volume, usually specifying the application's data hanging point
(8) WORKDIR: Set up the current working directory in the mirror for RUN, CMD, ENTRYPOINT, ADD and COPY instructions. If the directory does not exist, it will be created automatically.
(9) RUN: Running commands in containers and creating new mirroring layers, often used to install packages
(10) CMD and ENTRYPOINT: These two instructions are used to set the commands executed after the container starts, but CMD will be overwritten by the command line after docker run, while ENTRYPOINT will not be ignored and will be executed. The parameters after docker run can be passed to the ENTRYPOINT instruction as parameters. Only one ENTRYPOINT can be specified in the Dockerfile, and if many are specified, only the last one is valid.
(3) Dockerfile encapsulates httpd
vim /docker/Dockerfile FROM rhel7 COPY dvd.repo /etc/yum.repos.d/ RUN rpmdb --rebuilddb && yum install -y httpd EXPOSE 80 VOLUME ["/var/www/html"] CMD ["/usr/sbin/httpd", "-D", "FOREGROUND"]
Building Mirrors
docker build -t rhel7:apache . docker history rhel7:apache docker images
View the newly generated mirror hierarchy:
Operations performed on each layer of mirrors are clearly visible, and users can audit the mirrors.
Write default publishing files to test whether the image was successfully encapsulated
docker run -d --name vm1 rhel7:apache docker ps #Viewing processes, containers are a special kind of process docker inspect vm1 #View container details (mount information, ip, etc.) [root@server1 docker]# cd /var/lib/docker/volumes/ [root@server1 volumes]# vim index.html [root@server1 volumes]# cat index.html this is httpd image curl 172.17.0.2
Specify the mount point of volume: With the volume parameter, the system automatically attaches a physical memory to the host for us. This mount point is optional, and we can set the mount point position manually according to our own needs. prune only deletes unused resources such as volumes or mirrors, so we first need to delete containers that use volumes, and then delete volumes.
docker rm -f vm1 docker volume ls #View Volume docker volume prune #Delete all unused volumes
[root@server1 _data]# docker run -d --name vm1 -v /webdata:/var/www/html -p 80:80 rhel7:apache #Create the container and run, -v specifies the mount point manually. a23d9d6c763a4ca25ce9d7569d2bc6bc346f883b2094ecedb54b13b1606955dc [root@server1 _data]# cd /webdata/ [root@server1 webdata]# vim index.html [root@server1 webdata]# cat index.html good luck!! //Browser access: 172.25.33.1
Note: Before port mapping, ensure that port 80 is not occupied