Docker mirrored
This chapter structure
- Docker layered mirror
- The basic method of creating Dockerfile
- Dockerfile create applications container
Docker layered mirror
Each instruction Dockerfile creates a new image layer
Mirror layer will be cached and reused
When the modified instruction Dockerfile, copied files changed, or mirror constructed specified variable is different, the corresponding mirrored cache will fail
After a layer of mirrored cache fails, it will fail the buffer layer mirror
Mirror layer is immutable, if a file is added in one layer, and then delete it in the next layer, the mirror will still contain the file
Docker create mirrored
Docker Mirror
- It is the standard format for application release
- Docker container may support a run
Create a method Docker mirror
- Based on the existing image creation
- Create a template-based local
- Based Dockerfile create
Based on the existing image creation
The program running inside the container packed operating environment and generate a new image
docker create -it centos /bin/bash
docker commit -m "new" -a "daoke" a19597abf62d daoke:centos
- -m: Information Description
- -a: Author Information
- -p: generating a stop during operation of the vessel
Create a template-based local
Generating a new operating system image by importing the template file
Use wget command to import a local mirroring
wget http://123.56.134.27/pub/package/LAMP-C7/nginx-1.12.0.tar.gz
cat nginx-1.12.0.tar.gz | docker import - docker:new
After successful import you can view information about local mirror
docker images | grep new
Based Dockerfile create
Dockerfile is a file consisting of a set of instructions
Dockerfile result of four parts
- Basic information affecting
- Maintainer information
- Mirror operation instruction
- When the container starts execution instruction
Use Dockerfile create a mirror and run in a container
instruction |
meaning |
FROM Mirror |
Specifies the new image is based on a mirror, must be the first instruction FROM instruction, each will need to create a mirror image FFROM instruction. |
MAINTAINER name |
Description of the new mirror maintainer information |
RUN command |
Executed on the basis of the mirror command, and submit to the new mirror |
The CMD [ "program to be run", "parameter 1" parameter 2 "] |
Commands or command scripts to run at startup container, Dockerfile only a CMD command, if you specify more than can only be executed last f |
EXPOSE port number |
When specify a new image is loaded into the Docker to open ports |
ENV environment variable variable values |
Set an environment variable value, will be used later in RUN |
ADD source file / directory target file / directory |
Copy the source file to the target file, the source file to be located in the same directory with the Dockerfile, or f URL |
COPY source file / directory target file / directory |
Copy the file / directory on the local host to the target location, source file / directory to the same directory in DGckerfile |
VOLUME [ "directory"] |
Create a mount point in the container |
USER username / UID |
When the user runs the specified container |
WORKDIR path |
For subsequent RUN, CMD, ENTRYPOINT specify the working directory |
ONBUILD command |
The command specifies the generated image as a basis to run mirroring |
HEALTHCHECK |
health examination |
Dockerfile create applications container
Dockerfile create mirror container apache
mkdir apache
cd apache/
vim Dockerfile
#基于的基础镜像
FROM centos
#维护镜像的用户信息
MAINTAINER The project <cloude-docker>
#镜像操作指令安装apache软件
RUN yum -y update //更新yum仓库
RUN yum -y install httpd
#开启80端口
EXPOSE 80
#复制网站首页文件
ADD index.html /var/www/html/index.html
#将执行脚本复制到镜像中
ADD run.sh /run.sh
RUN chmod 755 /run.sh
#启动容器时执行脚本
CMD ["/run.sh"]
[root@localhost opt]# vim run.sh
#!/bin/bash
rm -rf /run/httpd/*
exec /usr/sbin/apachectl -D FOREGROUND
echo "this is web" index.html
//生成镜像
docker build -t httpd:centos .
//新镜像运行容器
docker run -d -p 1216:80 httpd:centos
Dockerfile create mirror container ssh
mkdir sshd
cd sshd/
vim Dockerfile
#基于的基础镜像
FROM centos
#维护镜像的用户信息
MAINTAINER this is project <lzp-sshd>
#重新加载yum源
RUN yum -y update
#安装必要软件包
RUN yum -y install openssh* net-tools lsof telnet passwd
#为root用户设置密码
RUN echo '123456' | passwd --stdin root
#修改配置文件
RUN sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
#生成秘钥
RUN ssh-keygen -t rsa -f /etc/ssh/sshd_host_rsa_key
RUN sed -i '/^scssion\s\+required\s\+pam_loginuid.so/s/^/#/' /etc/pam.d/sshd
RUN mkdir -P /root/.ssh && chown root.root /root && chmod 700 /root/.ssh
#开启20端口
EXPOSE 22
#启动容器
CMD ["/usr/sbin/sshd","-D"]
//生成镜像
docker build -t sshd:new .
//启动容器并修改root密码
docker run -d -P sshd:new
ssh localhost -p 32770
Dockerfile create systemctl mirror image of the container vessel based sshd
mkdir systemctl
cd systemctl
vim Dockerfile
#基于的基础镜像
FROM sshd:new
ENV container docker
RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == \
systemd-tmpfile-setup.service ] || rm -f $i; done); \
rm -f /lib/systemd/system/multi-user.target.wants/*; \
rm -f /etc/systemd/system/*.wants/*; \
rm -f /lib/systemd/system/local-fs.target.wants/*; \
rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
rm -f /lib/systemd/system/basic.target.wants/*; \
rm -f /lib/systemd/system/anaconda.target.wants/*;
VOLUME [ "/sys/fs/cgroup" ]
CMD ["/usr/sbin/init"]
//生成镜像
docker build -t local/c7-systemd:latest .
//privileged container内的root拥有真正的root权限。否责,container内的root只是外部的一个普通用户权限
docker run --privileged -ti -v /sys/fs/cgroup:sys/fs/cgroup:ro local/c7-systemd:latest /sbin/init
//进入容器
docker exec -it 镜像IP bash