Docker
https://docs.docker.com 文档
https://hub.docker.com 仓库
docker基本组成
镜像(image)
docker镜像是哟个模板,可以通过这个模板来创建容器服务
容器(container)
docker利用容器技术,独立运行一个或一个组应用,通过镜像来创建
启动、停止、删除
docker是个简易linux系统
仓库(repository)
仓库是放镜像的地方、
仓库分为公有仓库和私有仓库,docker hub 默认是国外的仓库
安装
环境查看
[root@localhost /]# cat /etc/redhat-release
CentOS Linux release 8.5.2111
[root@localhost /]# cat /etc/os-release
NAME="CentOS Linux"
VERSION="8"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="8"
PLATFORM_ID="platform:el8"
PRETTY_NAME="CentOS Linux 8"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:8"
HOME_URL="https://centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"
CENTOS_MANTISBT_PROJECT="CentOS-8"
CENTOS_MANTISBT_PROJECT_VERSION="8"
[root@localhost /]#
帮助文档
#1、卸载旧版本
yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
#2、需要安装的包
sudo yum install -y yum-utils
#3、设置镜像仓库
sudo yum-config-manager \
--add-repo \
https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo #阿里云推荐 \
https://download.docker.com/linux/centos/docker-ce.repo #默认是国外的
#4、安装docker相关 docker-ce 社区 ee 企业版
yum install docker-ce docker-ce-cli containerd.io
#5、启动daocker
systemctl start docker
#6、使用docker version 检测安装
[root@localhost /]# docker version
Client: Docker Engine - Community
Version: 20.10.14
API version: 1.41
Go version: go1.16.15
Git commit: a224086
Built: Thu Mar 24 01:47:44 2022
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.14
API version: 1.41 (minimum version 1.12)
Go version: go1.16.15
Git commit: 87a90dc
Built: Thu Mar 24 01:46:10 2022
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.5.11
GitCommit: 3df54a852345ae127d1fa3092b95168e4a88e2f8
runc:
Version: 1.0.3
GitCommit: v1.0.3-0-gf46b6ba
docker-init:
Version: 0.19.0
GitCommit: de40ad0
[root@localhost /]#
#7、运行 hello world
sudo docker run hello-world
#8、查看下载hello world 的image
[root@localhost /]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker/getting-started latest bd9a9f733898 7 weeks ago 28.8MB
hello-world latest feb5d9fea6a5 6 months ago 13.3kB
#9、卸载
卸载依赖
yum remove docker-ce docker-ce-cli containerd.io
删除资源
rm -rf /var/lib/docker #默认工作路径
rm -rf /var/lib/containerd
阿里云镜像加速
(3条消息) docker配置阿里云镜像加速器_奕奕星空的博客-优快云博客_云加速器
#报错 可以重启系统
底层原理
docker是怎么工作的?
Docker 是C/S结构系统,docker 的守护进程运行在主机上。通过Socket从客户端的访问,Server端接收到Docker-Client的指令,就回去执行这个命令。
Docker为什么比VM块?
1、Docker有着比虚拟机更少的抽象层。
2、docker 利用的是宿主机的内核。vm需要的guest os。
Docker常用命令
https://docs.docker.com/engine/reference/commandlin #文档
帮助命令
docker version #显示版本信息
docker info #显示docker的系统信息。包括镜像和容器数量
docker 命令 --help #帮助命令
镜像命令
docker images 查询本地镜像
docker images [OPTIONS] [REPOSITORY[:TAG]] #查看所有本地主机上的镜像
[root@localhost /]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world latest feb5d9fea6a5 6 months ago 13.3kB
#解释
REPOSITORY 镜像的仓库源
TAG 镜像的标签
MAGE ID 镜像的ID
CREATED 镜像的创建时间
SIZE 镜像的大小
#可选项
Options:
-a, --all #列出所有镜像
-q, --quiet #只显示ID
docker search 搜索镜像
docker search [OPTIONS] TERM #搜索镜像
#可选项,通过搜索来过滤
--filter=STARS=3000
docker pull 下载镜像
docker pull 镜像名[:tag] #下载镜像
[root@localhost docker]# docker pull centos
Using default tag: latest # 默认使用最新的
latest: Pulling from library/centos
[root@localhost docker]# docker pull mysql:5.7
5.7: Pulling from library/mysql # 下载源
72a69066d2fe: Pull complete #分层下载
93619dbc5b36: Pull complete
99da31dd6142: Pull complete
626033c43d70: Pull complete
37d5d7efb64e: Pull complete
ac563158d721: Pull complete
d2ba16033dad: Pull complete
0ceb82207cd7: Pull complete
37f2405cae96: Pull complete
e2482e017e53: Pull complete
70deed891d42: Pull complete
Digest: sha256:f2ad209efe9c67104167fc609cca6973c8422939491c9345270175a300419f94 #签名
Status: Downloaded newer image for mysql:5.7
docker.io/library/mysql:5.7 #真实地址
#等价命令
docker pull mysql:5.7
docker pull docker.io/library/mysql:5.7
Options:
-a, --all-tags Download all tagged images in the repository
--disable-content-trust Skip image verification (default true)
--platform string Set platform if server is multi-platform capable
-q, --quiet Suppress verbose output
[root@localhost /]#
docker rmi 删除镜像
docker rmi [OPTIONS] IMAGE_ID IMAGE_ID ……
-f, --force Force removal of the image
--no-prune Do not delete untagged parents
[root@localhost ~]# docker rmi -f feb5d9fea6a5 # 删除指定镜像
[root@localhost ~]#docker rmi -f $(docker images -qa) #删除全部镜像
容器命令
说明:有镜像才可以创建容器
docker pull centos
新建容器并启动
docker run [可选参数] image_id
#参数说明
--name="Name" 容器名字 nginx1、nginx2
-d 后台运行方式
-it 使用交互方式运行,进入容器查看内容
-p 指定容器的端口 -p 8080:8080
-o ip:主机端口:容器端口
-p 主机端口:容器端口(常用)
-p 容器端口
容器端口
-p 随机端口
#测试 启动并进入容器
[root@localhost docker]# docker run -it centos /bin/bash
[root@84ead1d9d6e0 /]# ls #基础版本 很多命令不完善
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin
[root@84ead1d9d6e0 /]#exit #退出
列出运行的容器
[root@localhost /]# docker ps # 列出当前运行的容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost /]# docker ps -a # 列出历史运行的容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
84ead1d9d6e0 centos "/bin/bash" 2 minutes ago Exited (0) About a minute ago heuristic_rubin
[root@localhost /]# docker ps -n=1 #列出最近创建的容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
84ead1d9d6e0 centos "/bin/bash" 9 minutes ago Exited (0) 7 minutes ago heuristic_rubin
[root@localhost /]# docker ps -aq #只显示镜像ID
84ead1d9d6e0
退出容器
exit #直接退出停止容器
Ctrl + P + Q #容器不停止退出
删除容器
docker rm 容器ID #删除指定容器
docker rm -f $(docker ps -aq) #删除所有容器
docker ps -aq | xargs docker rm
启动和停止
docker start 容器ID
docker restart 容器ID
docker stop 容器ID
docker kill 容器ID #强制停止容器
常用的其他命令
后台启动命令
#命令 docker run -d images
[root@localhost /]# docker run -d centos
#问题docker ps ,发现 centos 停止了
#常见的坑:docker 容器使用后台云心,就必须有一个前台进程,docker 发现没有前台应用就会自动停止
#nginx 容器启动后 发现自己没有提供服务 就会立刻停止
查看日志
docker logs -t -f --tail 容器ID
#脚本
[root@localhost /]docker run -d centos /bin/bash -c "while true;do ping baidu.com;done"
[root@localhost /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
39b952d20d33 centos "/bin/bash -c 'while…" 12 minutes ago Up 12 minutes lucid_sanderson
#-tf 显示日志
--tail 显示条数
[root@localhost /]docker logs -tf --tail 10 39b952d20d33
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-8QI357pU-1653914580696)(C:\Users\82127\AppData\Roaming\Typora\typora-user-images\1649158257089.png)]
查看容器的进程信息
#docker top 容器ID
[root@localhost /]# docker top 39b952d20d33
UID PID PPID C STIME TTY TIME CMD
root 38940 38920 0 02:21 ? 00:00:00 /bin/bash -c while true;do
root 38967 38940 0 02:21 ? 00:00:00 ping baidu.com
查看镜像的源数据
#命令
docker inspect 容器ID
[root@localhost ~]# docker inspect --help
Usage: docker inspect [OPTIONS] NAME|ID [NAME|ID...]
Return low-level information on Docker objects
Options:
-f, --format string Format the output using the given Go template
-s, --size Display total file sizes if the type is container
--type string Return JSON for specified type
[root@localhost ~]# docker inspect 39b952d20d33
[
{
"Id": "39b952d20d33c9671a6fcad9748c1ee93c0b01cd6ac7b578baff1ecc76fda278",
"Created": "2022-04-05T18:21:04.893070851Z",
"Path": "/bin/bash",
"Args": [
"-c",
"while true;do ping baidu.com;done"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 38940,
"ExitCode": 0,
"Error": "",
"StartedAt": "2022-04-05T18:21:05.429467757Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:5d0da3dc976460b72c77d94c8a1ad043720b0416bfc16c52c45d4847e53fadb6",
"ResolvConfPath": "/var/lib/docker/containers/39b952d20d33c9671a6fcad9748c1ee93c0b01cd6ac7b578baff1ecc76fda278/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/39b952d20d33c9671a6fcad9748c1ee93c0b01cd6ac7b578baff1ecc76fda278/hostname",
"HostsPath": "/var/lib/docker/containers/39b952d20d33c9671a6fcad9748c1ee93c0b01cd6ac7b578baff1ecc76fda278/hosts",
"LogPath": "/var/lib/docker/containers/39b952d20d33c9671a6fcad9748c1ee93c0b01cd6ac7b578baff1ecc76fda278/39b952d20d33c9671a6fcad9748c1ee93c0b01cd6ac7b578baff1ecc76fda278-json.log",
"Name": "/lucid_sanderson",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "host",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/40a0f78a2b1de997b3f2af1897968b372fe6594c8236c33e091b8c5537c5c64b-init/diff:/var/lib/docker/overlay2/1fb6cbbaf813f00194bdb7ae04422e7aa31753a3ebe91d9f5f88fa54a04c2e16/diff",
"MergedDir": "/var/lib/docker/overlay2/40a0f78a2b1de997b3f2af1897968b372fe6594c8236c33e091b8c5537c5c64b/merged",
"UpperDir": "/var/lib/docker/overlay2/40a0f78a2b1de997b3f2af1897968b372fe6594c8236c33e091b8c5537c5c64b/diff",
"WorkDir": "/var/lib/docker/overlay2/40a0f78a2b1de997b3f2af1897968b372fe6594c8236c33e091b8c5537c5c64b/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "39b952d20d33",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"/bin/bash",
"-c",
"while true;do ping baidu.com;done"
],
"Image": "centos",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"org.label-schema.build-date": "20210915",
"org.label-schema.license": "GPLv2",
"org.label-schema.name": "CentOS Base Image",
"org.label-schema.schema-version": "1.0",
"org.label-schema.vendor": "CentOS"
}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "f0f4e4d7c22cad51c1f6bbcc455a42ece6d208551c61587ac00c553d3e58a339",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/f0f4e4d7c22c",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "0b799b7071838712d21071d6245983e02709a8d727f6577979ec0f230893b361",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "19eebba27026f51f10a5240fdcdc81de5f96d51abcf6035b543b3ce574d2c8c9",
"EndpointID": "0b799b7071838712d21071d6245983e02709a8d727f6577979ec0f230893b361",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}
]
进入当前运行的容器
#进入后台的运行的容器
#命令
docker exec -it 39b952d20d33 bashShell
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
39b952d20d33 centos "/bin/bash -c 'while…" About an hour ago Up About an hour [root@localhost ~]# docker exec -it 39b952d20d33 /bin/bash
#docker attach 容器ID
#测试
[root@localhost ~]# docker attach 39b952d20d33
From 39b952d20d33 (172.17.0.2) icmp_seq=3680 Destination Host Unreachable
#docker exec # 进入容器后开启一个终端
#docker attach #进入容器当前运行的终端
从容器拷贝文件到宿主机
docker cp 容器id:容器路径
#在容器内新建文件
[root@0372e62cc26f /]# touch dockercp.txt
[root@0372e62cc26f /]# ls
bin dockercp.txt home lib64 media opt root sbin sys usr
dev etc lib lost+found mnt proc run srv tmp var
[root@0372e62cc26f /]# docker cp 0372e62cc26f /dockercp.txt /root
#将容器内的文件拷贝出来
[root@localhost ~]# docker cp 0372e62cc26f:/dockercp.txt /root
[root@localhost ~]# ls
anaconda-ks.cfg dockercp.txt ll test test1 testdir testdirln testln testln1
[root@localhost ~]#
小结
练习
安装nginx
在仓库搜索镜像
下载镜像
[root@localhost ~]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
a2abf6c4d29d: Pull complete
a9edb18cadd1: Pull complete
589b7251471a: Pull complete
186b1aaa4aa6: Pull complete
b4df32aa5a72: Pull complete
a0bcbecc962e: Pull complete
Digest: sha256:0d17b565c37bcbd895e9d92315a05c1c3c9a29f762b011a10c54a66cd53c9b31
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest
[root@localhost ~]#
运行镜像
docker run -d --name nginx01 -p 3344:80 nginx
e1207663d7cecb3090bd35debcad2d47a5d0a54c1f6a2d441700ba2bba4135ec
验证
[root@localhost ~]# curl localhost:3344
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
进入容器
[root@localhost ~]# docker exec -it e1207663d7ce /bin/bash
root@e1207663d7ce:/#
安装tomcat
#官方使用
docker run -it --rm tomcat:9.0
#用完即删除
#下载
docker pull tomcat
#启动运行
docker run -d -p 3355:8080 --name tomcat01 tomcat
#进入容器
[root@localhost ~]# docker exec -it tomcat01 /bin/bash
#linux 命令缺少 没有站点
#复制站点
root@139163325a5a:/usr/local/tomcat# cp -r webapps.dist/* webapps
安装ES+kibana
#ES暴露端口多、占用资源多、数据单独挂载、
docker run -d --name elasticsearch -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" elasticsearch:8.1.2
#启动之后 Linux 非常卡
docker stats
#启动之后迅速关闭
docker stop e927e55d379c
#验证
[root@localhost ~]# curl localhost:9200
{
"name" : "fHjbm--",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "kaCC5NXXTEKq87wd6TRJlQ",
"version" : {
"number" : "5.6.12",
"build_hash" : "cfe3d9f",
"build_date" : "2018-09-10T20:12:43.732Z",
"build_snapshot" : false,
"lucene_version" : "6.6.1"
},
"tagline" : "You Know, for Search"
}
[root@localhost ~]# docker stats
CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
e927e55d379c elasticsearch 0.11% 1.209GiB / 1.748GiB 69.17% 1.5kB / 729B 769MB / 49.2kB 39
#-e 配置使用的内存
docker run -d --name elasticsearch -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" -e ES_JAVA_OPTS="-Xms64m -Xmx512M" elasticsearch
CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
2bac80f883af elasticsearch02 0.23% 244.1MiB / 1.748GiB 13.63% 766B / 0B 144MB / 67.6kB 36
[root@localhost ~]# curl localhost:9200
{
"name" : "ZS50Q_Z",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "acXTAtDESFSxl2eA2ok1QA",
"version" : {
"number" : "5.6.12",
"build_hash" : "cfe3d9f",
"build_date" : "2018-09-10T20:12:43.732Z",
"build_snapshot" : false,
"lucene_version" : "6.6.1"
},
"tagline" : "You Know, for Search"
}
[root@localhost ~]#
ikbana如何连接docker
可视化
Install Portainer with Docker on Linux - Portainer Documentation 文档
#安装
docker run -d -p 8088:9000 --restart=always -v /var/run/docker.sock:/var/run/docker.sock --privileged=true portainer/portainer
http://192.168.0.16:8088/#/init/admin
Docker 镜像讲解
镜像是什么
是一种轻量级、可执行的独立软件包,用来打包软件运行环境和基于运行环境开发的软件,它包台运行某个软件所需的所有内容,包括代码、运行时、库、环变量和配置文件
所有的应用,直接打包docker镜像,就可以直接跑起来!
如何获得镜像
- 从远程仓库下载
- 朋友拷贝
- 自己制作一个镜像dockerfile
Docker镜像加载原理
UnionFS(联合文件系统〕
UnionFS(联合文件系统):Union文件系统(UnionFS)是一种分层、轻量级并且高性能的文件系统,它支持对文件系统的修改作为一次提交来一层层的叠加,同时可以将不同目录挂载到同一个拟文件系统下(unite several directories into a single virtual filesystem)。Union文件系统是Docker镜像的基础。镜像可以通过分层来讲行继承,基于基础镜像(没有父像),可以制作各种具体的应用镜像。
特性:一次同时加载多个文件系统,但从外面看起来,只能看到一文件系统,联合加载会巴各层文件系统叠加起来,这样最终的文件系统会包含所有底层的文件和目录
Docker镜像加载原理
docker的镜像实际上由一层一层的文件系统组成,这种层级的文件系统UnionFS。
bootfs(bootfilesystem)主要包含bootloader和kernel,bootloaderæ要是引导Linux刚启动时会加载bootfs文件系
统,在Docker镜像的最底层是bootfso这一层与我们典型的Linux/Unix系统是一样的,包含boot加载器和内核。当boot加载完成之后整个内核就都在内存中了,此时内存的使用权已由bootfs转交给内核,此时系统也会卸载bootfs。
rootfs(rootfilesystem),在bootfs之上。包含的就是典型Linux系统中的/dev,/proc,/bin,/etc等标准目录和文件。rootfs就是各种不同的操作系统发行版,比如Ubuntu,centos等等。
分层理解
[root@localhost ~]# docker pull redis
Using default tag: latest
latest: Pulling from library/redis
a2abf6c4d29d: Already exists
c7a4e4382001: Pull complete
4044b9ba67c9: Pull complete
c8388a79482f: Pull complete
413c8bb60be2: Pull complete
1abfd3011519: Pull complete
Digest: sha256:db485f2e245b5b3329fdc7eff4eb00f913e09d8feb9ca720788059fdc2ed8339
Status: Downloaded newer image for redis:latest
docker.io/library/redis:latest
[root@localhost ~]#
思考:为什么Docker镜像要采用这种分层的结构呢?
最大的好处,我觉得莫过于是资源共享了!比如有多个境像都从相同的Base源像构建而来,宿主机只需在磁盘上保留一份base像,同时内存中也只需要载一份b醑e像,这样就可以为所有的容器服务了,而目漳像的每一层都可以被共享。点看镜像分层的方式可以通过docker image inspect命令!
[root@localhost ~]# docker inspect redis:latest
[
{
"Id": "sha256:7614ae9453d1d87e740a2056257a6de7135c84037c367e1fffa92ae922784631",
"RepoTags": [
"redis:latest"
],
"RepoDigests": [
"redis@sha256:db485f2e245b5b3329fdc7eff4eb00f913e09d8feb9ca720788059fdc2ed8339"
],
"Parent": "",
"Comment": "",
"Created": "2021-12-21T12:42:49.755107412Z",
"Container": "13d25f53410417c5220c8dfe8bd49f06abdbcd69faa62a9b877de02464bb04a3",
"ContainerConfig": {
"Hostname": "13d25f534104",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"6379/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"GOSU_VERSION=1.12",
"REDIS_VERSION=6.2.6",
"REDIS_DOWNLOAD_URL=http://download.redis.io/releases/redis-6.2.6.tar.gz",
"REDIS_DOWNLOAD_SHA=5b2b8b7a50111ef395bf1c1d5be11e6e167ac018125055daa8b5c2317ae131ab"
],
"Cmd": [
"/bin/sh",
"-c",
"#(nop) ",
"CMD [\"redis-server\"]"
],
"Image": "sha256:e093f59d716c95cfce82c676f099b960cc700432ab531388fcedf79932fc81ec",
"Volumes": {
"/data": {}
},
"WorkingDir": "/data",
"Entrypoint": [
"docker-entrypoint.sh"
],
"OnBuild": null,
"Labels": {}
},
"DockerVersion": "20.10.7",
"Author": "",
"Config": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"6379/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"GOSU_VERSION=1.12",
"REDIS_VERSION=6.2.6",
"REDIS_DOWNLOAD_URL=http://download.redis.io/releases/redis-6.2.6.tar.gz",
"REDIS_DOWNLOAD_SHA=5b2b8b7a50111ef395bf1c1d5be11e6e167ac018125055daa8b5c2317ae131ab"
],
"Cmd": [
"redis-server"
],
"Image": "sha256:e093f59d716c95cfce82c676f099b960cc700432ab531388fcedf79932fc81ec",
"Volumes": {
"/data": {}
},
"WorkingDir": "/data",
"Entrypoint": [
"docker-entrypoint.sh"
],
"OnBuild": null,
"Labels": null
},
"Architecture": "amd64",
"Os": "linux",
"Size": 112691373,
"VirtualSize": 112691373,
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/b94e3e76fe43e5b189d59382a1ca370bec538d1a0dea10e3b031a4bf9c4c57c1/diff:/var/lib/docker/overlay2/351c8e053f1467ef695036aefc82871a6bf3a9dc0c97b480aab6fdd06750f6ed/diff:/var/lib/docker/overlay2/ffe7db0d850a2c19799407fa06000e48e3856775840c21d427fbbc1688b8a4e7/diff:/var/lib/docker/overlay2/1aaf52a048a5b7731782f464e980d83ec1caa9010fc5289e572edab5ea00365b/diff:/var/lib/docker/overlay2/3a015bf48294c76365caf543e0470eede7d47c151551af6714519d2b282bb976/diff",
"MergedDir": "/var/lib/docker/overlay2/8e7f70fc7b48c75a391cd5887f4dbd61584ca25f8184de36a6385f0b1d96f1a9/merged",
"UpperDir": "/var/lib/docker/overlay2/8e7f70fc7b48c75a391cd5887f4dbd61584ca25f8184de36a6385f0b1d96f1a9/diff",
"WorkDir": "/var/lib/docker/overlay2/8e7f70fc7b48c75a391cd5887f4dbd61584ca25f8184de36a6385f0b1d96f1a9/work"
},
"Name": "overlay2"
},
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:2edcec3590a4ec7f40cf0743c15d78fb39d8326bc029073b41ef9727da6c851f",
"sha256:9b24afeb7c2f21e50a686ead025823cd2c6e9730c013ca77ad5f115c079b57cb",
"sha256:4b8e2801e0f956a4220c32e2c8b0a590e6f9bd2420ec65453685246b82766ea1",
"sha256:529cdb636f61e95ab91a62a51526a84fd7314d6aab0d414040796150b4522372",
"sha256:9975392591f2777d6bf4d9919ad1b2c9afa12f9a9b4d260f45025ec3cc9b18ed",
"sha256:8e5669d8329116b8444b9bbb1663dda568ede12d3dbcce950199b582f6e94952"
]
},
"Metadata": {
"LastTagTime": "0001-01-01T00:00:00Z"
}
}
]
[root@localhost ~]#
特点
docker 镜像都是只读,当容器启动后,一个新的可写层被加载到镜像的顶部!
这一层就是我们通常说的容器层,容器层之下都叫镜像层。
如何提交一个自己的镜像?
Commit 镜像**
docker commit #提交容器成为一个副本
#命令和git原理类似
docker cimmit -m="提交描述信息" -a="作者" 容器ID 目标镜像名:[TAG]
练习
#启动一个默认的tomcat
#默认的webapps 没有文件
#拷贝文件
#将修改后的容器通过commit 提交为一个镜像
[root@localhost ~]# docker commit -a="lxf" -m="add web app" 5b07255721fa tomcat02:1.0
sha256:aff84909b34e9948fa6c0ef61871d0e200a1b465176b82151953ca78376086ff
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat02 1.0 aff84909b34e 11 seconds ago 684MB
nginx latest 605c77e624dd 3 months ago 141MB
tomcat 9.0 b8e65a4d736d 3 months ago 680MB
tomcat latest fb5657adc892 3 months ago 680MB
redis latest 7614ae9453d1 3 months ago 113MB
mysql 5.7 c20987f18b13 3 months ago 448MB
centos latest 5d0da3dc9764 6 months ago 231MB
portainer/portainer latest 580c0e4e98b0 12 months ago 79.1MB
elasticsearch latest 5acf0e8da90b 3 years ago 486MB
[root@localhost ~]#
docker commit -a="lxf" -m="add web app" 5b07255721fa tomcat02:1.0
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
