1. Docker Mirroring Principle
Reflections:
- What is the essence of a Docker image?
A: It is a hierarchical file system. - Why is a centos image in Docker only 200MB when a centos OS iso file is several gigabytes?
A: Centos' iso image contains bootfs and rootfs, while docker's centos image multiplexes the operating system's bootfs with only rootfs and other image layers. - Why is a tomcat image in Docker 500MB while a tomcat installer is just over 70MB?
A: Because the image in docker is layered, tomcat although only 70MB, but he needs to rely on the parent image and the base image, so the entire externally exposed tomcat image size 500MB.
First of all, it is important to understand that among the components of the operating system, there is a very important part called theDocuments Management Subsystem
So the docker we use is based oncentosThe file management subsystem is based on linux, or Linux, so the file management subsystem for linux is used here as an illustration.
Linuxfile system is composed ofbootfsrespond in singingrootfsIt's in two parts.
- bootfs: contains bootloader and kernel
- rootfs: the root filesystem, which contains the standard directories and files such as /dev, /proc, /bin, /etc, etc. in a typical linux system.
- The bootfs are basically the same for different linux distributions, while the rootfs are different, e.g. ubuntu, centos etc.
After learning about bootfs and rootfs, we can know that theDocker images are made of special file system overlays
- How does it stack up?
- The lowest end is bootfs and uses the host's bootfs, meaning the image uses the host's kernel
- The second layer is the root filesystem rootfs, called the base image
- Then you can stack other image files on top of it.
- Unified File System technology is able to consolidate different layers into a single file system, providing a unified view of these layers, which hides the existence of multiple layers, and from the user's point of view, only one file system exists
- One mirror can be placed on top of another, the mirror at the bottom is called the parent mirror, and the mirror at the bottom, becomes the base mirror.
in order totomcatMirror image as an example:
So tomcat image why there is 500MB reason is that users only see the tomcat image, can not see the specific details, in the tomcat image behind also hides more than 200MB of JDK and rootfs base image
2. Docker image creation
1. Conversion of containers to mirrors
#Containers to mirrors
docker commit container id mirror name:version number
# Convert mirrors to zip files
docker save -o Zip file name Image name:version number
#Restore compressed files as images
docker load -i Zip file name
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
Note: After the original container is converted to a mirror, the directory mounting will be disabled
2. dockerfile
Concept:
- Dockerfile is a text file
- Contains a single instruction
- Each instruction builds a layer, which belongs to the base mirror, and eventually builds a new mirror
- For Developers: Provides a fully consistent development environment for the development team.
- For testers: you can take the image you built during development or build a new image from a Dockerfile file and start working!
- For Ops: Seamless migration of applications at deployment time
2.1 Common Dockerfile Commands
(1) FROM Specify the base image
FROM centos
- 1
(2) MAINTAINER Specify the maintainer information of the image, usually the mailbox.
MAINTAINER hitredrose@
- 1
(3) RUN Commands to be executed when building an image
RUN yum install -y wget
- 1
(4) ADD adds files, which will be automatically decompressed
ADD /usr/local/
- 1
(5) WORKDIR Setting the current working directory
WORKDIR /usr/local/python/
- 1
(6) VOLUME mount host directory
VOLUME ["/usr/local/python","/usr/local/java/"]
- 1
(7) EXPOSE exposes the ports, note that it only exposes the container ports, it does not map the container ports to the host ports. In other words, when using docker run, you still need to use -p for port mapping. In other words, EXPOSE is more useful for Dockerfile developers to provide hints for development ports.
EXPOSE 80
- 1
(8) CMD Specify the commands to be executed when the container is started, note that only the last command of CMD will take effect.
CMD /bin/bash
- 1
(9) ENTRYPOINT specifies the command to be run when the container is started, note that the ENTRYPOINT command can append commands, i.e., if there are more than one ENTRYPOINT command will be executed in full, this is the biggest difference between the ENTRYPOINT command and the CMD command.
ENTRYPOINT cd /opt
ENTRYPOINT /bin/bash
- 1
- 2
(10) ONBUILD When building an inherited Dockerfile, this is the time to run the ONBUILD directive
(11) COPY Similar to the ADD command, copies the file to the image.
(11) Setting environment variables when ENV is built
2.2 Dockerfile real-world testing
- Write the following Dockerfile file to create your own centos image
FROM centos
MAINTAINER redrose2100<hitredrose@>
ENV JAVA_HOME /usr/local/jdk_1.8/
WORKDIR /usr/local
RUN yum install -y vim
RUN yum install -y net-tools
EXPOSE 80
CMD echo $JAVA_HOME
CMD echo "---end---"
CMD /bin/bash
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- Compile the image
docker build -f Dockerfile -t mycentos:1.0 .
- 1
- Then run docker images to see the following:
[root@iZbp1flzt6x7pxmxfhmxeeZ opt]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mycentos 1.0 122504aa874c About a minute ago 337MB
redrose2100/centos 1.1 2184c3aadaab 30 hours ago 231MB
nginx latest f8f4ffc8092c 4 weeks ago 133MB
mysql 5.7 9f35042c6a98 4 weeks ago 448MB
centos latest 5d0da3dc9764 6 weeks ago 231MB
[root@iZbp1flzt6x7pxmxfhmxeeZ opt]#
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- test run
As follows, the current working directory has been switched to the /usr/local directory, the JAVA_HOME variable has a value, and the ifconfig command also supports the
[root@iZbp1flzt6x7pxmxfhmxeeZ opt]# docker run -it mycentos:1.0
[root@b868b5ba93e9 local]# pwd
/usr/local
[root@b868b5ba93e9 local]# echo $JAVA_HOME
/usr/local/jdk_1.8/
[root@b868b5ba93e9 local]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.3 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:03 txqueuelen 0 (Ethernet)
RX packets 8 bytes 656 (656.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@b868b5ba93e9 local]#
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
Reference:
Dockerfile Keywords Explained