目录
5. Docker 镜像详解
5.1 镜像是什么?
镜像是一种轻量级、可执行的独立软件包,用来打包软件运行环境和基于运行环境开发的软件,它包合运行某个软件所需的所有内容,包括代码、运行时、库、环境变量和配置文件。
如何得到镜像:
- 远程下载
- 拷贝
- 自己制作一个进行 Dockerfile
5.2 Docker镜像加载原理
UnionFS ( 联合文件系统 )
UnionFS( 联合文件系统): Union文件系统(UnionFS)是一种分层、轻量级并且高性能的文件系统,它支持对文件系统的修改作为一次提交来一层层的叠加,同时可以将不同目录挂载到同一个虚拟文件系统下(unite several directories into a single virtual filesystem)。Union 文件系统是 Docker 镜像的基础。镜像可以通过分层来进行继承,基于基础镜像(没有父镜像 ),可以制作各种具体的应用镜像。
特性:一次同时加载多个文件系统,但从外面看起来,只能看到一个文件系统,联合加载会把各层文件系统叠加起来,这样最终的文件系统会包含所有底层的文件和目录
Docker镜像加载原理
docker的镜像实际上由一层一层的文件系统组成,这种层级的文件系统UnionFS.
bootfs(boot file system) 要bootloader和kernel, bootloader主要是引导加载kernel, Linux刚启动时会加bootfs文件系统,在Docker镜像的最底层是bootfs。这一层与我们典型的Linux/Unix系统是一样的,包含boot加载器和内核。当boot加载完成之后整个内核就都在内存中了,此时内存的使用权已由bootfs转交给内核,此时系统也会卸载bootfs.
rootfs (root file system),在bootfs之上。包合的就是典型 Linux 系统中的 /dev,/proc, /bin,/etc 等标准目录和文件。rootfs就是各种不同的操作系统发行版,比如 Ubuntu , Centos等等。
对于一个精简的OS,rootfs 可以很小只需要包含最基本的命令,工具和程序库就可以了,因为底层直接用Host的kernel,自己只需要提供rootfs就可以了。由此可见对于不同的linux发行版,bootfs基本是一致的,rootfs会有差别,因此不同的发行版可以公用bootfs.
5.3 分层原理
5.3.1 查看镜像的分层信息
shell[root@hecs-152658 ~]# docker inspect portainer/portainer:latest
json[
{
"Id": "sha256:5f11582196a42b895cdb9322f7a650f42a0c1ed062efc71864352f314228a187",
"RepoTags": [
"portainer/portainer:latest"
],
"RepoDigests": [
"portainer/portainer@sha256:47b064434edf437badf7337e516e07f64477485c8ecc663ddabbe824b20c672d"
],
"Parent": "",
"Comment": "buildkit.dockerfile.v0",
"Created": "2022-11-21T00:40:18.379773647Z",
"Container": "",
"ContainerConfig": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": null,
"Cmd": null,
"Image": "",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": null
},
"DockerVersion": "",
"Author": "",
"Config": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"8000/tcp": {},
"9000/tcp": {},
"9443/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": null,
"Image": "",
"Volumes": {
"/data": {}
},
"WorkingDir": "/",
"Entrypoint": [
"/portainer"
],
"OnBuild": null,
"Labels": {
"com.docker.desktop.extension.api.version": ">= 0.2.2",
"com.docker.desktop.extension.icon": "https://portainer-io-assets.sfo2.cdn.digitaloceanspaces.com/logos/portainer.png",
"com.docker.extension.additional-urls": "[{\"title\":\"Website\",\"url\":\"https://www.portainer.io?utm_campaign=DockerCon&utm_source=DockerDesktop\"},{\"title\":\"Documentation\",\"url\":\"https://docs.portainer.io\"},{\"title\":\"Support\",\"url\":\"https://join.slack.com/t/portainer/shared_invite/zt-txh3ljab-52QHTyjCqbe5RibC2lcjKA\"}]",
"com.docker.extension.detailed-description": "<p data-renderer-start-pos=\"226\">Portainer’s Docker Desktop extension gives you access to all of Portainer’s rich management functionality within your docker desktop experience.</p><h2 data-renderer-start-pos=\"374\">With Portainer you can:</h2><ul><li>See all your running containers</li><li>Easily view all of your container logs</li><li>Console into containers</li><li>Easily deploy your code into containers using a simple form</li><li>Turn your YAML into custom templates for easy reuse</li></ul><h2 data-renderer-start-pos=\"660\">About Portainer </h2><p data-renderer-start-pos=\"680\">Portainer is the worlds’ most popular universal container management platform with more than 650,000 active monthly users. Portainer can be used to manage Docker Standalone, Kubernetes, Docker Swarm and Nomad environments through a single common interface. It includes a simple GitOps automation engine and a Kube API. </p><p data-renderer-start-pos=\"1006\">Portainer Business Edition is our fully supported commercial grade product for business-wide use. It includes all the functionality that businesses need to manage containers at scale. Visit <a class=\"sc-jKJlTe dPfAtb\" href=\"http://portainer.io/\" title=\"http://Portainer.io\" data-renderer-mark=\"true\">Portainer.io</a> to learn more about Portainer Business and <a class=\"sc-jKJlTe dPfAtb\" href=\"http://portainer.io/take5?utm_campaign=DockerCon&utm_source=Docker%20Desktop\" title=\"http://portainer.io/take5?utm_campaign=DockerCon&utm_source=Docker%20Desktop\" data-renderer-mark=\"true\">get 5 free nodes.</a></p>",
"com.docker.extension.publisher-url": "https://www.portainer.io",
"com.docker.extension.screenshots": "[{\"alt\": \"screenshot one\", \"url\": \"https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-1.png\"},{\"alt\": \"screenshot two\", \"url\": \"https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-2.png\"},{\"alt\": \"screenshot three\", \"url\": \"https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-3.png\"},{\"alt\": \"screenshot four\", \"url\": \"https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-4.png\"},{\"alt\": \"screenshot five\", \"url\": \"https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-5.png\"},{\"alt\": \"screenshot six\", \"url\": \"https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-6.png\"},{\"alt\": \"screenshot seven\", \"url\": \"https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-7.png\"},{\"alt\": \"screenshot eight\", \"url\": \"https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-8.png\"},{\"alt\": \"screenshot nine\", \"url\": \"https://portainer-io-assets.sfo2.digitaloceanspaces.com/screenshots/docker-extension-9.png\"}]",
"org.opencontainers.image.description": "Docker container management made simple, with the world’s most popular GUI-based container management platform.",
"org.opencontainers.image.title": "Portainer",
"org.opencontainers.image.vendor": "Portainer.io"
}
},
"Architecture": "amd64",
"Os": "linux",
"Size": 286752740,
"VirtualSize": 286752740,
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/6cf17d67fb16a376c21be2c0bcd12d406255a72841b73e94fa5e0cb166d47873/diff:/var/lib/docker/overlay2/fd80ac75b56a3a2b564cd6f9fd45e6f333f58564dad374cfad1ffb77ed69d9d6/diff:/var/lib/docker/overlay2/1b15b93b8e73245e5cacde5706c716fc0010128947d3e91fcbdb154bc01eb9bb/diff",
"MergedDir": "/var/lib/docker/overlay2/e9bdc5615d2357004e01f513ae62feabd0d4668954df4569c8698f6dec5f362e/merged",
"UpperDir": "/var/lib/docker/overlay2/e9bdc5615d2357004e01f513ae62feabd0d4668954df4569c8698f6dec5f362e/diff",
"WorkDir": "/var/lib/docker/overlay2/e9bdc5615d2357004e01f513ae62feabd0d4668954df4569c8698f6dec5f362e/work"
},
"Name": "overlay2"
},
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:8c004456aeb58b75f792fa091b194c20d6ed4f0d95dd25b0150d71c5c9ab601b",
"sha256:4776464837fd1834e012242676d2138d5d4288d05b00ab29ca1a76d50fcdcbe4",
"sha256:4f6d7e40085b065276a24971150367ac1f678f494139ff39bf5f085082b509ea",
"sha256:f6177839027a8673b4e6c89de1b93497f2a4b9eb08084ce7f577a012760e68f8"
]
},
"Metadata": {
"LastTagTime": "0001-01-01T00:00:00Z"
}
}
]
这里面有一段分层信息
json"RootFS": {
"Type": "layers",
"Layers": [
"sha256:8c004456aeb58b75f792fa091b194c20d6ed4f0d95dd25b0150d71c5c9ab601b",
"sha256:4776464837fd1834e012242676d2138d5d4288d05b00ab29ca1a76d50fcdcbe4",
"sha256:4f6d7e40085b065276a24971150367ac1f678f494139ff39bf5f085082b509ea",
"sha256:f6177839027a8673b4e6c89de1b93497f2a4b9eb08084ce7f577a012760e68f8"
]
}
5.3.2 说明
特点:
Docker镜像都是只读的,当容器启动时,一个新的可写层就被加载到镜像的顶部。这一层就是我们通常说的容器层,容器之下的豆角镜像层。
5.4 commit镜像
docker commit -m="描述信息" -a="作者" 容器id 目标镜像名:[TAG]
shell# 启动默认 tomcat
[root@hecs-152658 ~]# docker run -d -p 8080:8080 tomcat
37f0821a22a89a6acab5a3a90064177cefea05902f77723ee875d1657b9461e5
[root@hecs-152658 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
37f0821a22a8 tomcat "catalina.sh run" 22 seconds ago Up 21 seconds 0.0.0.0:8080->8080/tcp, :::8080->8080/tcp upbeat_bose
# 进入容器中
[root@hecs-152658 ~]# docker exec -it 37f0821a22a8 /bin/bash
# 默认 webapps 没有文件
root@22461a05f369:/usr/local/tomcat# cd webapps
root@22461a05f369:/usr/local/tomcat/webapps# ls
# 复制 webapps.dist 文件
root@22461a05f369:/usr/local/tomcat/webapps# cp -r ../webapps.dist/* .
root@22461a05f369:/usr/local/tomcat/webapps# ls
ROOT docs examples host-manager manager
# 提交镜像
[root@hecs-152658 ~]# docker commit -a="yui" -m="add default webapps" 37f0821a22a8 myTomcat:1.0
invalid reference format: repository name must be lowercase
[root@hecs-152658 ~]# docker commit -a="yui" -m="add default webapps" 37f0821a22a8 my-tomcat:1.0
sha256:d228b5c8e7bde1f14e02b67ae6e2d8f4668d58ace90f4e5a9c33a5f74fe9e61b
# 查看镜像
[root@hecs-152658 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
my-tomcat 1.0 d228b5c8e7bd 23 seconds ago 672MB
tomcat latest bf4709e77b18 2 years ago 667MB
# 用自己的镜像创建并启动容器
[root@hecs-152658 ~]# docker run -d -p 8081:8080 my-tomcat:1.0
fe38a6e2a0e9fdbc8cc397dff51270d689c9f37a55c584b6b1e56ecaab8cee91
# 查看容器
[root@hecs-152658 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fe38a6e2a0e9 my-tomcat:1.0 "catalina.sh run" 11 seconds ago Up 10 seconds 0.0.0.0:8081->8080/tcp, :::8081->8080/tcp compassionate_hertz
37f0821a22a8 tomcat "catalina.sh run" 6 minutes ago Up 6 minutes 0.0.0.0:8080->8080/tcp, :::8080->8080/tcp upbeat_bose
# 查看 webapps
[root@hecs-152658 ~]# docker exec -it fe38a6e2a0e9 /bin/bash
root@fe38a6e2a0e9:/usr/local/tomcat# cd webapps
root@fe38a6e2a0e9:/usr/local/tomcat/webapps# ls
ROOT docs examples host-manager manager
本文作者:Yui_HTT
本文链接:
版权声明:本博客所有文章除特别声明外,均采用 BY-NC-SA 许可协议。转载请注明出处!
目录