镜像管理
镜像,即创建容器的模版,含有启动容器所需要的文件系统及所需要的内容,因此镜像主要用于方便和快速的创建并启动容器
镜像含里面是一层层的文件系统,叫做 Union FS(联合文件系统),联合文件系统,可以将几层目录挂载到一起(就像千层饼,洋葱头,俄罗斯套娃一样),形成一个虚拟文件系统,虚拟文件系统的目录结构就像普通 linux 的目录结构一样,镜像通过这些文件再加上宿主机的内核共同提供了一个 linux 的虚拟环境,每一层文件系统叫做一层 layer,联合文件系统可以对每一层文件系统设置三种权限,只读(readonly)、读写(readwrite)和写出(whiteout-able),但是镜像中每一层文件系统都是只读的,构建镜像的时候,从一个最基本的操作系统开始,每个构建提交的操作都相当于做一层的修改,增加了一层文件系统,一层层往上叠加,上层的修改会覆盖底层该位置的可见性,这也很容易理解,就像上层把底层遮住了一样,当使用镜像的时候,我们只会看到一个完全的整体,不知道里面有几层也不需要知道里面有几层,结构如下:
一个典型的 Linux文件系统由bootfs和rootfs两部分组成,bootfs(boot file system) 主要包含bootloader和kernel,bootloader主要用于引导加载 kernel,当 kernel 被加载到内存中后bootfs会被umount 掉,rootfs (root file system) 包含的就是典型 Linux 系统中的/dev,/proc,/bin,/etc 等标准目录和文件,下图就是镜像中最基础的两层结构,不同的 linux 发行版(如 ubuntu 和 CentOS ) 在 rootfs 这一层会有所区别。
一般的镜像通常都比较小,官方提供的Ubuntu镜像只有60MB多点,而CentOS基础镜像也只有200MB左右,一些其他版本的镜像甚至只有几MB,比如:busybox 才1.22MB,alpine镜像也只有5M左右。镜像直接调用宿主机的内核,镜像中只提供rootfs,也就是只需要包括最基本的命令、工具和程序库就可以了。
下图就是有两个不同的镜像在一个宿主机内核上实现不同的rootfs。
容器、镜像父镜像:
docker 命令是最常使用的docker 客户端命令,其后面可以加不同的参数以实现响应的功能,常用的命令如下:
[root@ubuntu1804 ~]#docker --help
Usage: docker [OPTIONS] COMMAND
A self-sufficient runtime for containers
Options:
--config string Location of client config files (default "/root/.docker")
-c, --context string Name of the context to use to connect to the daemon (overrides DOCKER_HOST env var and default
context set with "docker context use")
-D, --debug Enable debug mode
-H, --host list Daemon socket(s) to connect to
-l, --log-level string Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info")
--tls Use TLS; implied by --tlsverify
--tlscacert string Trust certs signed only by this CA (default "/root/.docker/ca.pem")
--tlscert string Path to TLS certificate file (default "/root/.docker/cert.pem")
--tlskey string Path to TLS key file (default "/root/.docker/key.pem")
--tlsverify Use TLS and verify the remote
-v, --version Print version information and quit
Management Commands:
builder Manage builds
config Manage Docker configs
container Manage containers
context Manage contexts
engine Manage the docker engine
image Manage images
network Manage networks
node Manage Swarm nodes
plugin Manage plugins
secret Manage Docker secrets
service Manage services
stack Manage Docker stacks
swarm Manage Swarm
system Manage Docker
trust Manage trust on Docker images
volume Manage volumes
Commands:
attach Attach local standard input, output, and error streams to a running container
build Build an image from a Dockerfile
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes to files or directories on a container's filesystem
events Get real time events from the server
exec Run a command in a running container
export Export a container's filesystem as a tar archive
history Show the history of an image
images List images
import Import the contents from a tarball to create a filesystem image
info Display system-wide information
inspect Return low-level information on Docker objects
kill Kill one or more running containers
load Load an image from a tar archive or STDIN
login Log in to a Docker registry
logout Log out from a Docker registry
logs Fetch the logs of a container
pause Pause all processes within one or more containers
port List port mappings or a specific mapping for the container
ps List containers
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rename Rename a container
restart Restart one or more containers
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container
save Save one or more images to a tar archive (streamed to STDOUT by default)
search Search the Docker Hub for images
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop one or more running containers
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
top Display the running processes of a container
unpause Unpause all processes within one or more containers
update Update configuration of one or more containers
version Show the Docker version information
wait Block until one or more containers stop, then print their exit codes
Run 'docker COMMAND --help' for more information on a command.
范例:查看镜像的分层结构
[root@ubuntu1804 ~]#docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
8ec398bc0356: Pull complete
a53c868fbde7: Pull complete
79daf9dd140d: Pull complete
Digest: sha256:70821e443be75ea38bdf52a974fd2271babd5875b2b1964f05025981c75a6717
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest
[root@ubuntu1804 ~]#docker save nginx -o nginx.tar.gz
[root@ubuntu1804 ~]#docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 5ad3bd0e67a9 3 days ago 127MB
alpine 3.11.3 e7d92cdc71fe 7 days ago 5.59MB
centos centos8.1.1911 470671670cac 7 days ago 237MB
busybox latest 6d5fcfe5ff17 4 weeks ago 1.22MB
hello-world latest fce289e99eb9 12 months ago 1.84kB
[root@ubuntu1804 ~]#ll -h nginx.tar.gz
-rw------- 1 root root 125M Jan 25 20:44 nginx.tar.gz
[root@ubuntu1804 ~]#tar xvf nginx.tar.gz -C /data
09d204271b2674da08db25af2990d9dbc2dfb64bffd97368e36fbf11fa133234/
09d204271b2674da08db25af2990d9dbc2dfb64bffd97368e36fbf11fa133234/VERSION
09d204271b2674da08db25af2990d9dbc2dfb64bffd97368e36fbf11fa133234/json
09d204271b2674da08db25af2990d9dbc2dfb64bffd97368e36fbf11fa133234/layer.tar
5ad3bd0e67a9c542210a21a3c72f56ef6387cf9b7f4c2506d2398d55a2593ed0.json
bc0c1f0bf5d3d116df7db18438f547181e0695612a45744f7964713c1126cebc/
bc0c1f0bf5d3d116df7db18438f547181e0695612a45744f7964713c1126cebc/VERSION
bc0c1f0bf5d3d116df7db18438f547181e0695612a45744f7964713c1126cebc/json
bc0c1f0bf5d3d116df7db18438f547181e0695612a45744f7964713c1126cebc/layer.tar
c485148312456ba8bca62ab3ff47d4c43944edf5a2618340816c2db26902668b/
c485148312456ba8bca62ab3ff47d4c43944edf5a2618340816c2db26902668b/VERSION
c485148312456ba8bca62ab3ff47d4c43944edf5a2618340816c2db26902668b/json
c485148312456ba8bca62ab3ff47d4c43944edf5a2618340816c2db26902668b/layer.tar
manifest.json
repositories
[root@ubuntu1804 ~]#ll /data
total 36
drwxr-xr-x 5 root root 4096 Jan 25 20:45 ./
drwxr-xr-x 24 root root 4096 Dec 12 2018 ../
drwxr-xr-x 2 root root 4096 Jan 22 12:26 09d204271b2674da08db25af2990d9dbc2dfb64bffd97368e36fbf11fa133234/
-rw-r--r-- 1 root root 6669 Jan 22 12:26 5ad3bd0e67a9c542210a21a3c72f56ef6387cf9b7f4c2506d2398d55a2593ed0.json
drwxr-xr-x 2 root root 4096 Jan 22 12:26 bc0c1f0bf5d3d116df7db18438f547181e0695612a45744f7964713c1126cebc/
drwxr-xr-x 2 root root 4096 Jan 22 12:26 c485148312456ba8bca62ab3ff47d4c43944edf5a2618340816c2db26902668b/
-rw-r--r-- 1 root root 355 Jan 1 1970 manifest.json
-rw-r--r-- 1 root root 88 Jan 1 1970 repositories
[root@ubuntu1804 ~]#cat /data/manifest.json
[{"Config":"5ad3bd0e67a9c542210a21a3c72f56ef6387cf9b7f4c2506d2398d55a2593ed0.json","RepoTags":["nginx:latest"],"Layers":["bc0c1f0bf5d3d116df7db18438f547181e0695612a45744f7964713c1126cebc/layer.tar","c485148312456ba8bca62ab3ff47d4c43944edf5a2618340816c2db26902668b/layer.tar","09d204271b2674da08db25af2990d9dbc2dfb64bffd97368e36fbf11fa133234/layer.tar"]}]
[root@ubuntu1804 ~]#cd /data/bc0c1f0bf5d3d116df7db18438f547181e0695612a45744f7964713c1126cebc/
[root@ubuntu1804 bc0c1f0bf5d3d116df7db18438f547181e0695612a45744f7964713c1126cebc]#ls
json layer.tar VERSION
[root@ubuntu1804 bc0c1f0bf5d3d116df7db18438f547181e0695612a45744f7964713c1126cebc]#tar xf layer.tar
[root@ubuntu1804 bc0c1f0bf5d3d116df7db18438f547181e0695612a45744f7964713c1126cebc]#ls
bin boot dev etc home json layer.tar lib lib64 media mnt opt proc root run sbin srv sys tmp usr var VERSION
[root@ubuntu1804 ~]#cat /data/bc0c1f0bf5d3d116df7db18438f547181e0695612a45744f7964713c1126cebc/etc/issue
Debian GNU/Linux 10 \n \l
[root@ubuntu1804 ~]#docker image history centos:centos7.7.1908
IMAGE CREATED CREATED BY SIZE COMMENT
08d05d1d5859 2 months ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B
<missing> 2 months ago /bin/sh -c #(nop) LABEL org.label-schema.sc… 0B
<missing> 2 months ago /bin/sh -c #(nop) ADD file:3e2a127b44ed01afc… 204MB
搜索镜像
搜索镜像
可以官方网站进行镜像的搜索 http://hub.docker.com
在官方的docker 仓库中搜索指定名称的docker镜像,也会有很多三方镜像。
可以执行docker search命令进行搜索
格式如下:
Usage: docker search [OPTIONS] TERM
说明:
OFFICIAL:官方
AUTOMATED:使用第三方docker服务来帮助编译镜像,可以在互联网上面直接拉取到镜像,减少了繁琐的编译过程
范例:
[root@ubuntu1804 ~]#docker search centos
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
centos The official build of CentOS. 5786 [OK]
ansible/centos7-ansible Ansible on Centos7 126 [OK]
jdeathe/centos-ssh OpenSSH / Supervisor / EPEL/IUS/SCL Repos - … 114 [OK]
consol/centos-xfce-vnc Centos container with "headless" VNC session… 108 [OK]
centos/mysql-57-centos7 MySQL 5.7 SQL database server 67
imagine10255/centos6-lnmp-php56 centos6-lnmp-php56 57 [OK]
tutum/centos Simple CentOS docker image with SSH access 44
centos/postgresql-96-centos7 PostgreSQL is an advanced Object-Relational … 40
centos/httpd-24-centos7 Platform for running Apache httpd 2.4 or bui… 29
kinogmt/centos-ssh CentOS with SSH 29 [OK]
pivotaldata/centos-gpdb-dev CentOS image for GPDB development. Tag names… 10
drecom/centos-ruby centos ruby 6 [OK]
centos/tools Docker image that has systems administration… 5 [OK]
mamohr/centos-java Oracle Java 8 Docker image based on Centos 7 3 [OK]
darksheer/centos Base Centos Image -- Updated hourly 3 [OK]
pivotaldata/centos Base centos, freshened up a little with a Do… 3
pivotaldata/centos-mingw Using the mingw toolchain to cross-compile t… 2
miko2u/centos6 CentOS6 日本??境 2 [OK]
pivotaldata/centos-gcc-toolchain CentOS with a toolchain, but unaffiliated wi… 2
indigo/centos-maven Vanilla CentOS 7 with Oracle Java Developmen… 1 [OK]
mcnaughton/centos-base centos base image 1 [OK]
blacklabelops/centos CentOS Base Image! Built and Updates Daily! 1 [OK]
pivotaldata/centos6.8-dev CentosOS 6.8 image for GPDB development 0
pivotaldata/centos7-dev CentosOS 7 image for GPDB development 0
smartentry/centos centos with smartentry 0 [OK]
[root@ubuntu1804 ~]#
范例:选择性的查找镜像
[root@ubuntu1804 ~]#docker search -s 30 centos
Flag --stars has been deprecated, use --filter=stars=3 instead
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
centos The official build of CentOS. 5836 [OK]
ansible/centos7-ansible Ansible on Centos7 128 [OK]
jdeathe/centos-ssh OpenSSH / Supervisor / EPEL/IUS/SCL Repos - … 114 [OK]
consol/centos-xfce-vnc Centos container with "headless" VNC session… 109 [OK]
centos/mysql-57-centos7 MySQL 5.7 SQL database server 69
imagine10255/centos6-lnmp-php56 centos6-lnmp-php56 58 [OK]
tutum/centos Simple CentOS docker image with SSH access 45
centos/postgresql-96-centos7 PostgreSQL is an advanced Object-Relational … 40
#新语法
[root@ubuntu1804 ~]#docker search --filter=stars=30 centos
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
centos The official build of CentOS. 5831 [OK]
ansible/centos7-ansible Ansible on Centos7 128 [OK]
jdeathe/centos-ssh OpenSSH / Supervisor / EPEL/IUS/SCL Repos - … 114 [OK]
consol/centos-xfce-vnc Centos container with "headless" VNC session… 109 [OK]
centos/mysql-57-centos7 MySQL 5.7 SQL database server 69
imagine10255/centos6-lnmp-php56 centos6-lnmp-php56 58 [OK]
tutum/centos Simple CentOS docker image with SSH access 45
centos/postgresql-96-centos7 PostgreSQL is an advanced Object-Relational … 40
本文链接:https://www.yunweipai.com/34777.html
网友评论comments