DOCKER学习_010:Docker的文件系统以及制作镜像
一 文件系统简介
1.1 Linux文件系统
LInux空间组成分为内核空间和用户空间(使用rootfs)
linux文件系统由 bootes和 rootfs组成, bootes主要包含boot1 oader和 kernel, bootloader主要是引导加载 kernel,当 kernel被加载到内存之后 boots就被卸载掉了。 rootfs包含的就是典型1inux系统中的/dev,/proc,/bin,/etc等标准目录
对于docker,只是使用rootfs,因为bootfs是共享的
1.2 docker的base镜像
docker的Base镜像提供的是最小安装的linux发行版
1.3 镜像的分层结构
[root@docker-server3 ~]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
8ec398bc0356: Already exists
465560073b6f: Pull complete
f473f9fd0a8c: Pull complete #镜像的分层
Digest: sha256:b2d89d0a210398b4d1120b3e3a7672c16a4ba09c2c4a0395f18b9f7999b768f2
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest
最多不能超过128层,镜像只读,分层
容器就相当于在镜像上加了一个读写层,容器的销毁就是读写层的销毁
读写层的操作,主要基于两种方式:写时复制和用时分配。
dockers的存储驱动查看
[root@docker-server3 ~]# docker info
Client:
Debug Mode: false Server:
Containers:
Running:
Paused:
Stopped:
Images:
Server Version: 19.03.
Storage Driver: overlay2 #存储驱动
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: journald
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: b34a5c8af56e510852c35414db4c1f4fa6172339
runc version: 3e425f80a8c931f88e6d94a8c831b9d5aa481657
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.-957.27..el7.x86_64
Operating System: CentOS Linux (Core)
OSType: linux
Architecture: x86_64
CPUs:
Total Memory: .777GiB
Name: docker-server3
ID: YB6S:6D3D:477B:5UMR:IEX2:2PBD:D6BI:GDYI:22MD:GWSX:4TBX:2LLS
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/
Live Restore Enabled: false WARNING: API is accessible on http://0.0.0.0:2375 without encryption.
Access to the remote API is equivalent to root access on the host. Refer
to the 'Docker daemon attack surface' section in the documentation for
more information: https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface
二 commit制作Docker镜像
2.1 下载基础镜像
[root@docker-server3 ~]# docker pull centos:7
: Pulling from library/centos
ab5ef0e58194: Pull complete
Digest: sha256:4a701376d03f6b39b8c2a8f4a8e499441b0d567f9ab9d58e4991de4472fb813c
Status: Downloaded newer image for centos:
docker.io/library/centos:
[root@docker-server3 ~]# docker run -it centos:7 /bin/bash
[root@20b4b48c4055 /]#
[root@docker-server3 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
20b4b48c4055 centos: "/bin/bash" seconds ago Up seconds admiring_wilbur
[root@20b4b48c4055 /]# ps -ef|grep ssh
2.2 安装一个ssh服务
请参考https://www.cnblogs.com/zyxnhr/p/11809167.html
[root@20b4b48c4055 /]# ps -a
PID TTY TIME CMD
pts/ :: sshd
pts/ :: ps
2.3 修改root密码
[root@20b4b48c4055 /]# echo 123456|passwd --stdin root
2.4 从宿主机连接
[root@docker-server3 ~]# docker inspect 20b4b48c4055 |grep IP
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": ,
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": ,
"IPAddress": "192.168.0.2",
"IPPrefixLen": ,
"IPv6Gateway": "",
"IPAMConfig": null,
"IPAddress": "192.168.0.2",
"IPPrefixLen": ,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": ,
[root@docker-server3 ~]# ssh root@192.168.0.2
The authenticity of host '192.168.0.2 (192.168.0.2)' can't be established.
ECDSA key fingerprint is SHA256:e+hudnmpzwhC6r++fc+Nsps/8f9jOKCjjErm79GPvak.
ECDSA key fingerprint is MD5:dd:5f::e8:5f:ed:3f:6b:dd:3f:cb::ca:cc:5d:ff.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.2' (ECDSA) to the list of known hosts.
root@192.168.0.2's password:123456
[root@20b4b48c4055 ~]#
连接进入
[root@20b4b48c4055 ~]# ps -a
PID TTY TIME CMD
pts/ :: sshd
pts/ :: ps
[root@20b4b48c4055 ~]# exit
2.5 向容器拷贝文件
[root@docker-server3 ~]# docker cp /etc/sysconfig/network-scripts/ifcfg-ens33 20b4b48c4055:/tmp/
[root@20b4b48c4055 /]# cat /tmp/ifcfg-ens33
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="static"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens33"
UUID="be414379-7791-472c-9a0a-bf732fe9d484"
DEVICE="ens33"
ONBOOT="yes"
IPADDR=192.168.132.133
GATEWAY=192.168.132.2
2.6 安装vim
[root@20b4b48c4055 /]# yum -y install vim
2.7 创建镜像
[root@docker-server3 ~]# docker commit -m "install sshd and vim" 20b4b48c4055 openssh:v1.0
sha256:d98ba06569f3ed7c00e1371b71a0ab328bacd57f5717bb4066b425c7b12abc3a
[root@docker-server3 ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
openssh v1. d98ba06569f3 seconds ago 361MB
nginx latest f7bb5701a33c days ago 126MB
busybox latest 6d5fcfe5ff17 days ago .22MB
hub.darren.com/library/alpine 3.7 cc0abc535e36 days ago .59MB
centos 5e35e350aded weeks ago 203MB
三 镜像的测试使用修改
3.1 使用刚创建的镜像,起一个容器
[root@docker-server3 ~]# docker run -it -d openssh:v1.0
d865deaee6e83724a76a5eae88d8e356b5fe7416b5a8dbf9e1a9dd077ed7731a
[root@docker-server3 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d865deaee6e8 openssh:v1. "/bin/bash" seconds ago Up seconds sleepy_feistel
20b4b48c4055 centos: "/bin/bash" minutes ago Up minutes admiring_wil
[root@docker-server3 ~]# docker inspect d865deaee6e8|grep IP
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": ,
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": ,
"IPAddress": "192.168.0.3",
"IPPrefixLen": ,
"IPv6Gateway": "",
"IPAMConfig": null,
"IPAddress": "192.168.0.3",
"IPPrefixLen": ,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": ,
[root@docker-server3 ~]# docker exec -it d865deaee6e8 /bin/bash
[root@d865deaee6e8 /]# /usr/sbin/sshd -D
3.2 测试连接
[root@docker-server3 ~]# ssh root@192.168.0.3
The authenticity of host '192.168.0.3 (192.168.0.3)' can't be established.
ECDSA key fingerprint is SHA256:e+hudnmpzwhC6r++fc+Nsps/8f9jOKCjjErm79GPvak.
ECDSA key fingerprint is MD5:dd:5f::e8:5f:ed:3f:6b:dd:3f:cb::ca:cc:5d:ff.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.3' (ECDSA) to the list of known hosts.
root@192.168.0.3's password:123456
3.3 检验容器内容
[root@d865deaee6e8 ~]# cat /tmp/ifcfg-ens33
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="static"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens33"
UUID="be414379-7791-472c-9a0a-bf732fe9d484"
DEVICE="ens33"
ONBOOT="yes"
IPADDR=192.168.132.133
GATEWAY=192.168.132.2
[root@d865deaee6e8 ~]# rpm -qa|grep vim
vim-minimal-7.4.-.el7.x86_64
vim-common-7.4.-.el7.x86_64
vim-enhanced-7.4.-.el7.x86_64
vim-filesystem-7.4.-.el7.x86_64
[root@d865deaee6e8 ~]# rpm -qa|grep openssh
openssh-.4p1-.el7.x86_64
openssh-server-.4p1-.el7.x86_64
3.4 修改容器的默认前台进程
容器的默认主进程是PID问1的主进程,所以刚才的镜像在启动后,主进程是/bin/bash
[root@20b4b48c4055 /]# ps -ef
root : pts/ :: /bin/bash
root : pts/ :: /usr/sbin/sshd -D
root : pts/ :: ps -ef
需要再启动之前,使用/usr/sbin/sshd -D 替换/bin/bash
[root@docker-server3 ~]# docker run -it -d openssh:v1.0 /usr/sbin/sshd -D
[root@docker-server3 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
395c705716a5 openssh:v1. "/usr/sbin/sshd -D" seconds ago Up seconds laughing_edison
d865deaee6e8 openssh:v1. "/bin/bash" minutes ago Up minutes sleepy_feistel
20b4b48c4055 centos: "/bin/bash" minutes ago Up minutes admiring_w
[root@docker-server3 ~]# docker inspect 395c705716a5|grep IP
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": ,
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": ,
"IPAddress": "192.168.0.4",
"IPPrefixLen": ,
"IPv6Gateway": "",
"IPAMConfig": null,
"IPAddress": "192.168.0.4",
"IPPrefixLen": ,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": ,
[root@docker-server3 ~]# ssh root@192.168.0.4
The authenticity of host '192.168.0.4 (192.168.0.4)' can't be established.
ECDSA key fingerprint is SHA256:e+hudnmpzwhC6r++fc+Nsps/8f9jOKCjjErm79GPvak.
ECDSA key fingerprint is MD5:dd:5f::e8:5f:ed:3f:6b:dd:3f:cb::ca:cc:5d:ff.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.4' (ECDSA) to the list of known hosts.
root@192.168.0.4's password:
Last login: Tue Dec :: from gateway
[root@395c705716a5 ~]# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 17:41 pts/0 00:00:00 /usr/sbin/sshd -D
root : ? :: sshd: root@pts/
root : pts/ :: -bash
root : pts/ :: ps -ef
3.5 修改镜像
因为这个容器的PID为1的进程是/usr/sbin/sshd -D,在这个容器的基础上,制作一个新的镜像,让这个镜像的容器的默认前台进程为/usr/sbin/sshd -D
[root@docker-server3 ~]# docker commit -m "new default front process" 395c705716a5 openssh:v1.2
[root@docker-server3 ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
openssh v1. c399a750ed03 seconds ago 361MB
openssh v1. d98ba06569f3 minutes ago 361MB
nginx latest f7bb5701a33c days ago 126MB
busybox latest 6d5fcfe5ff17 days ago .22MB
hub.darren.com/library/alpine 3.7 cc0abc535e36 days ago .59MB
centos
3.7 测试检验
[root@docker-server3 ~]# docker run -d openssh:v1.2
08359e84c3a1f1cfe3742ba9a2348719ca9818e3d56c5817fbde70c31e27f714
[root@docker-server3 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
08359e84c3a1 openssh:v1. "/usr/sbin/sshd -D" seconds ago Up seconds intelligent_williams
395c705716a5 openssh:v1. "/usr/sbin/sshd -D" minutes ago Up minutes laughing_edison
d865deaee6e8 openssh:v1. "/bin/bash" minutes ago Up minutes sleepy_feistel
20b4b48c4055 centos: "/bin/bash" minutes ago Up minutes admiring_wilbur
[root@docker-server3 ~]# docker inspect 08359e84c3a1|grep IP
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": ,
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": ,
"IPAddress": "192.168.0.5",
"IPPrefixLen": ,
"IPv6Gateway": "",
"IPAMConfig": null,
"IPAddress": "192.168.0.5",
"IPPrefixLen": ,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": ,
[root@docker-server3 ~]# ssh root@192.168.0.5
The authenticity of host '192.168.0.5 (192.168.0.5)' can't be established.
ECDSA key fingerprint is SHA256:e+hudnmpzwhC6r++fc+Nsps/8f9jOKCjjErm79GPvak.
ECDSA key fingerprint is MD5:dd:5f::e8:5f:ed:3f:6b:dd:3f:cb::ca:cc:5d:ff.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.5' (ECDSA) to the list of known hosts.
root@192.168.0.5's password:
Last login: Tue Dec :: from gateway
[root@08359e84c3a1 ~]# ps -ef
UID PID PPID C STIME TTY TIME CMD
root : ? :: /usr/sbin/sshd -D
root : ? :: sshd: root@pts/
root : pts/ :: -bash
root : pts/ :: ps -ef
博主声明:本文的内容来源主要来自誉天教育晏威老师,由本人实验完成操作验证,需要的博友请联系誉天教育(http://www.yutianedu.com/),获得官方同意或者晏老师(https://www.cnblogs.com/breezey/)本人同意即可转载,谢谢!
DOCKER学习_010:Docker的文件系统以及制作镜像的更多相关文章
- Docker学习之Docker容器基本使用
Docker学习之Docker容器基本使用 新建容器并启动 命令格式:docker run --options repository:tag 后台运行 命令格式:-d 已存在的容器相关操作 启动:do ...
- Docker学习之Docker镜像基本使用
Docker学习之Docker镜像基本使用 获取镜像 命令格式:docker pull [选项] [Docker Registry 地址[:端口号]/]仓库名[:标签] 例如: docker pull ...
- Docker学习笔记 — Docker私有仓库搭建
Docker学习笔记 — Docker私有仓库搭建 目录(?)[-] 环境准备 搭建私有仓库 测试 管理仓库中的镜像 查询 删除 Registry V2 和Mavan的管理一样,Dockers ...
- Docker学习(六)Dockerfile构建自定义镜像
Docker学习(六)Dockerfile构建自定义镜像 前言 通过前面一篇文章可以知道怎么去使用一个镜像搭建服务,但是,如何构造自己的一个镜像呢,docker提供了dockerfile可以让我们自己 ...
- Docker 学习3 Docker镜像管理基础
一.docker 常用操作及原理 1.docker 常用操作 2.docker 机制 1.docker client端是通过http或者https与server端通信的.个 2.docker 镜像可以 ...
- Docker学习笔记 - Docker部署nginx网站
一.制作 nginx 镜像 1.下载配置文件 mkdir /opt/nginx_docker && cd /opt/nginx_docker mkdir nginx && ...
- Docker学习笔记 - Docker容器内部署redis
Docker学习笔记(2-4)Docker应用实验-redist server 和client的安装使用 一.获取redis容器(含客户端和服务端) 二.创建服务端容器 1.在终端A中运行redis- ...
- Docker学习笔记 - Docker的基本概念
一.cs架构 Docker客户端:本地或远程 Docker服务端:守护进程Docker Daemon 二.基本概念 Docker镜像:打包阶段,层叠的只读文件系统,引导->root(ubuntu ...
- Docker学习笔记 - Docker的守护进程
学习目标: 查看Docker守护进程的运行状态 启动.停止.重启Docker守护进程 Docker守护进程的启动选项 修改和查看Docker守护进程的启动选项 1.# 查看docker运行状态 方 ...
随机推荐
- 巨蟒python全栈开发-第11阶段 ansible3_3入门playbook剧本
1.playbook剧本 2.playbook传参 3.setup模块介绍 4.playbook的tags 5.playbook的handlers&&templates模块 6.条件和 ...
- Python基础:18类和实例之二
1:绑定和非绑定 当存在一个实例时,方法才被认为是绑定到那个实例了.没有实例时方法就是未绑定的.在很多情况下,调用的都是一个绑定的方法. 调用非绑定方法并不经常用到,其中一个主要的场景是:派生一个子类 ...
- LeetCode81 Search in Rotated Sorted Array II
题目: Follow up for "Search in Rotated Sorted Array":What if duplicates are allowed? Would t ...
- 在ORACLE存储过程中创建临时表
在ORACLE存储过程中创建临时表 存储过程里不能直接使用DDL语句,所以只能使用动态SQL语句来执行 --ON COMMIT DELETE ROWS 说明临时表是事务指定,每次提交后ORACLE将截 ...
- HDU 4417 Super Mario 主席树查询区间小于某个值的个数
#include<iostream> #include<string.h> #include<algorithm> #include<stdio.h> ...
- hdu 2892 area (圆与多边形交面积)
Problem - 2892 这道题的做法是以圆心为原点,对多边形进行三角剖分.题目描述中,多边形的可能是顺时针或者是逆时针给出,不过在我的做法里,是用有向面积来计算的,和常见的多边形面积的求法类似, ...
- tensorflow入门——3解决问题——4让我们开始吧
深度学习适合解决海量数据和复杂问题 在机器学习中,语音识别,图像识别,语意识别用的是不同的技术,从事相关工作的人合作几乎不可能. 深度学习改变了这一切. 80年代计算机很慢,数据集很小,因此深度学习没 ...
- 浮动,定位,flex布局
什么是文档流 英文原文是:Normal flow. In CSS 2.1, normal flow includes block formatting of block-level boxes, in ...
- torch.nn.LSTM()函数维度详解
123456789101112lstm=nn.LSTM(input_size, hidden_size, num_la ...
- H3C PPP会话建立过程