1. Docker镜像

Docker 容器的运行是基于宿主机的内核,通过linux的namespaces来实现隔离,相对于虚拟机而言降低了硬件资源的性能损耗,且具备一定程度上的应用隔离效果。
另外,通过最小化的镜像方式运行docker 容器,相对于虚拟机而言大幅度降低非生产力进程的资源消耗。
最后使用打包好的镜像,统一了应用程序的运行环境,降低了开发和测试人员的负担,但是增加了运维工作的复杂度。
未命名图片.png
Docker 客户端启动一个容器时,通过TCP或者unix socket连接docker daemon。如果需要启动的容器镜像本地不存在,则从registry来拉取到本地,然后根据传递的CMD或者默认的CMD来启动容器。
Docker 镜像的命名方式: ${registry_name}/${repository_name}/${image_name}:${tag_name}。其中默认的registry_name为docker.io,repository_name默认值为library,默认tag_name为lastest。lastest为一个指针,可以指向任意一个版本,一般都是指向最新的版本。非官方镜像必须要带上${repository_name},非docker-hub镜像必须带上 ${registry_name}/${repository_name}。

2. Docker 镜像相关操作

image.png

  • 基于运行中的容器,手动制作镜像
    • 将运行中的容器暂停(docker commit 默认暂停容器),然后将当前的状态制作成镜像,注意需要指定repository,可以只要-a添加作者信息,-c修改其它字段信息,常修改CMD信息。
    • 导出(export)当前容器的文件系统信息,导出后的格式为.tar,.tar文件是一个中间状态的文件,需要使用import导入并且设置CMD等相关信息才是一个完整的镜像。
  • 自动化制作镜像 Dockerfile

Dockerfile 能解决两个问题:

  • 制作过程自动化:原理也是先运行容器,然后再基于运行的容器制作镜像,但是将制作过程使用dockerfile预先指定好
  • 可以引入变量:在制作镜像时手动传参,根据传递的参数制作不同的镜像;在创建容器时手动传参,根据传递的参数修改进程的配置
    • 镜像导出和导入

这并不是制作镜像,而是共享或传输镜像到其它服务器的一种方式,如果局域网中存在registory,这种方式意义不大。
如果局域网中没有registory,通过公网下载镜像会变得非常慢,因此将需要的镜像在一台机器上打包好,分发到各台服务器上会更加节约时间。

3. docker commit

3.1. 指令

  1. docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]
  2. docker container commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]
  3. ----
  4. -a,--author string  Author (e.g., "John Hannibal Smith <hannibal@a-team.com>")
  5. -c,change list      Apply Dockerfile instruction to the created image
  6. -m,--message string Commit message
  7. -p,--pause          Pause container during commit (default true)

3.2. 案例

3.2.1. 针对运行中的容器创建镜像

[root@centos-82 ~]# docker run —name img01 -it quay.io/quay/busybox

  1. / # echo 'busybox' > /tmp/a.txt

[root@centos-82 ~]# docker container commit -a “Heyingsheng 29492492@qq.com“ img01 ## 未指定仓库和标签的镜像
[root@centos-82 ~]# docker image ls

REPOSITORY             TAG                 IMAGE ID            CREATED             SIZE
<none>                 <none>              2fcb2d26d167        7 seconds ago       2.49MB
nginx                  latest              f09fe80eb0e7        3 weeks ago         109MB
quay.io/quay/busybox   latest              c8cb1f026eeb        5 years ago         2.49MB

[root@centos-82 ~]# docker container commit -a “Heyingsheng 29492492@qq.com“ img01 devops/busybox:1.0.1 ## 指定仓库和标签

REPOSITORY             TAG                 IMAGE ID            CREATED             SIZE
devops/busybox         1.0.1               a29845416384        3 seconds ago       2.49MB
<none>                 <none>              2fcb2d26d167        44 seconds ago      2.49MB
nginx                  latest              f09fe80eb0e7        3 weeks ago         109MB
quay.io/quay/busybox   latest              c8cb1f026eeb        5 years ago         2.49MB

[root@centos-82 ~]# docker run —name busybox01 -it devops/busybox:1.0.1 ## 运行并查看

/ # cat /tmp/a.txt
busybox

3.2.2. 创建镜像并修改CMD参数

[root@centos-82 ~]# docker image inspect busybox:latest | grep -n CMD

31:                "CMD [\"sh\"]"

[root@centos-82 ~]# docker container run —name busybox02 -it busybox

/ # mkdir -p /opt/webiste
/ # echo "<h1>Hello World</h1>" > /opt/webiste/index.html
/ # exit

[root@centos-82 ~]# docker container commit -a “Heyingsheng 33202492034@qq.com“ -c ‘CMD [“/bin/httpd”,”-f”,”-h”,”/opt/website”]’ busybox_01 devops/apache:1.0.1 ## Every element in list must delemeted by “,”.
[root@centos-82 ~]# docker container run —name web_1.0.1 -d devops/apache:1.0.1
[root@centos-82 ~]# docker container inspect web_1.0.1 | grep IPAddress

            "SecondaryIPAddresses": null,
            "IPAddress": "172.17.0.2",
                    "IPAddress": "172.17.0.2",

[root@centos-82 ~]# curl 172.17.0.2

<p>Hello World</p>

4. image save & load

4.1. 指令

docker [image] save [OPTIONS] IMAGE [IMAGE...]
Options:
    -o, --output string   Write to a file, instead of STDOUT
# ---
docker [image] load [OPTIONS]
Options:
    -i, --input string   Read from tar archive file, instead of STDIN
    -q, --quiet          Suppress the load output

4.2. 案例

4.2.1 image save

[root@centos-82 ~]# docker image ls

REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
devops/apache       1.0.1               d5fd027d1066        30 minutes ago      1.2MB
busybox             latest              d8233ab899d4        2 weeks ago         1.2MB
nginx               latest              f09fe80eb0e7        3 weeks ago         109MB

[root@centos-82 ~]# docker image save d5fd027d1066 d8233ab899d4 f09fe80eb0e7 -o deveops.tar.gz ## doesn’t gzip
[root@centos-82 ~]# docker save d5fd027d1066 d8233ab899d4 f09fe80eb0e7 -o deveops2.tar ## no tag and repository
[root@centos-82 ~]# ls -lh

-rw-------  1 root root 110M Mar  3 11:04 deveops2.tar
-rw-------  1 root root 110M Mar  3 11:04 deveops.tar.gz

[root@centos-82 ~]# file deveops2.tar deveops.tar.gz

deveops2.tar:   POSIX tar archive
deveops.tar.gz: POSIX tar archive

[root@centos-82 ~]# gunzip deveops.tar.gz

gzip: deveops.tar.gz: not in gzip format ## image save doesn't gzip images.

[root@centos-82 ~]# tar tf deveops2.tar

0d59d15c626f2cb0a2d5cdfa08bc3e255e7d151819fde4b1981c7e5ded237a77/
0d59d15c626f2cb0a2d5cdfa08bc3e255e7d151819fde4b1981c7e5ded237a77/VERSION
0d59d15c626f2cb0a2d5cdfa08bc3e255e7d151819fde4b1981c7e5ded237a77/json
0d59d15c626f2cb0a2d5cdfa08bc3e255e7d151819fde4b1981c7e5ded237a77/layer.tar
......
manifest.json

[root@centos-82 ~]# docker image save nginx:latest busybox:latest devops/apache:1.0.1 -o output.tar

4.2.2 image load 案例

[root@centos-81 ~]# docker image load -i /tmp/deveops2.tar

adab5d09ba79: Loading layer [==================================================>] 1.416 MB/1.416 MB
1b5d74440182: Loading layer [==================================================>]  5.12 kB/5.12 kB
0a07e81f5da3: Loading layer [==================================================>] 58.47 MB/58.47 MB
92c15149e23b: Loading layer [==================================================>] 54.44 MB/54.44 MB
6b5e2ed60418: Loading layer [==================================================>] 3.584 kB/3.584 kB
Loaded image ID: sha256:d5fd027d10667a28b75c3bbe10171eae51411a775849bab396fea45354327690
Loaded image ID: sha256:d8233ab899d419c58cf3634c0df54ff5d8acc28f8173f09c21df4a07229e1205
Loaded image ID: sha256:f09fe80eb0e75e97b04b9dfb065ac3fda37a8fac0161f42fca1e6fe4d0977c80

[root@centos-81 ~]# docker image ls -a ## 使用 image save 导出时需要加 repostory和tag

REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
<none>              <none>              d5fd027d1066        41 minutes ago      1.2 MB
<none>              <none>              d8233ab899d4        2 weeks ago         1.2 MB
<none>              <none>              f09fe80eb0e7        3 weeks ago         109 MB

[root@centos-81 ~]# docker image rm d8233ab899d4 f09fe80eb0e7 d5fd027d1066
[root@centos-81 ~]# docker image load -i /tmp/output.tar

adab5d09ba79: Loading layer [==================================================>] 1.416 MB/1.416 MB
Loaded image: busybox:latest
1b5d74440182: Loading layer [==================================================>]  5.12 kB/5.12 kB
Loaded image: devops/apache:1.0.1
0a07e81f5da3: Loading layer [==================================================>] 58.47 MB/58.47 MB
92c15149e23b: Loading layer [==================================================>] 54.44 MB/54.44 MB
6b5e2ed60418: Loading layer [==================================================>] 3.584 kB/3.584 kB
Loaded image: nginx:latest

[root@centos-81 ~]# docker image ls -a # good images

REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
devops/apache       1.0.1               d5fd027d1066        46 minutes ago      1.2 MB
busybox             latest              d8233ab899d4        2 weeks ago         1.2 MB
nginx               latest              f09fe80eb0e7        3 weeks ago         109 MB

5. container export & import

5.1. 指令

docker [container] export [OPTIONS] CONTAINER
Options:
    -o, --output string   Write to a file, instead of STDOUT
#---
docker [image] import [OPTIONS] file|URL|- [REPOSITORY[:TAG]]
Options:
    -c, --change list      Apply Dockerfile instruction to the created image (default [])
    -m, --message string   Set commit message for imported image

5.2. 案例

5.2.1. export

[root@centos-82 ~]# docker container run —name web01 -it busybox # Run a container and httpd service

/ # mkdir -p /opt/website
/ # echo "<p>Container export</p>" > /opt/website/index.html
/ # httpd -f -h /opt/website/

[root@centos-82 ~]# docker container export -o web.tar web01 # Export container to an image.

5.2.2. import

[root@centos-81 ~]# docker image import /tmp/web.tar ## No reporsitory and tags,bad image
[root@centos-81 ~]# docker image import /tmp/web.tar httpd:v0.1 ## Specify reporsitory and tag.Not running httpd when start container.
[root@centos-81 ~]# docker image import -c ‘CMD [“/bin/httpd”,”-f”,”-h”,”/opt/website”]’ /tmp/web.tar httpd:v0.2 ## Specify reporsitory,tag and CMD.
[root@centos-81 ~]# docker image ls

REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
httpd               v0.2                3f22152f75b7        9 seconds ago       1.2 MB
httpd               v0.1                562ec613ec3a        About an hour ago   1.2 MB
<none>              <none>              5010a1bb08b7        About an hour ago   1.2 MB
devops/apache       1.0.1               d5fd027d1066        2 hours ago         1.2 MB
busybox             latest              d8233ab899d4        2 weeks ago         1.2 MB
nginx               latest              f09fe80eb0e7        3 weeks ago         109 MB

5.3. export & import VS save & load

5.3.1. image save VS container export

  • Command docker save is copy old_image to file.tar.It keep old image_name,image_tag and keep all the layers

  • Command docker export is copy container to file.tar.It keep state of container and combine(合并) multiple(众多) layers into one layer

    5.3.2. image load VS image import

  • Command docker load is using for improt file.tar which is export by docker save

  • Command docker import is using for import file.tar which is export by docker export