Docker Container Commit 基於容器進行 Docker Image 製作
1、Docker Image 製作方式
Docker Image 的製作方法有以下兩種:
- 使用 Docker Container Commit ,基於容器製作
- 使用 Docker Build 和 Dockerfile 製作
本文先介紹 使用 Docker Container Commit ,基於容器製作 。
2、Docker Container Commit 命令介紹
2.1 Command Help & Usage
[root@Tang ~]# docker container commit --help
Usage: docker container commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]
Create a new image from a container's changes
Options:
-a, --author string Author (e.g., "John Hannibal Smith <[email protected]>")
-c, --change list Apply Dockerfile instruction to the created image
-m, --message string Commit message
-p, --pause Pause container during commit (default true)
2.2 Options
# -a ## 作者(例如,“neo <neo@neo.com>”)
# -c ## 修改 Dockerfile 指令應用於創建的鏡像
# -m ## 提交消息
# -p ## 在提交期間暫停容器(默認爲true)
3、示例:基於運行中的鏡像創建一個 Docker Image
3.1 運行一個新容器,鏡像使用 busybox
### 創建個目錄,並新創建一個 HTML 文件 ###
[root@Tang ~]# docker container run --name mybusyboxone -it busybox:latest
/ # mkdir -p /data/html
/ # ls
bin data dev etc home proc root sys tmp usr var
/ # ls /data/
html
/ # vi /data/html/index.html
/ # cat /data/html/index.html
<h1>I am Tang, This is mybusybox httpd server!</h1>
3.2 在別的宿主機終端,或者把此容器進行和終端剝離(ctrl+p , ctrl+q),基於此運行容易創建新的鏡像
[root@Tang ~]# w
11:10:09 up 16 days, 21:51, 3 users, load average: 0.04, 0.03, 0.05
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 172.16.141.198 Wed13 20:41 1.52s 0.04s sh
root pts/1 172.16.141.198 Wed13 2:01 0.68s 0.32s docker container run --name mybusyboxone -it busybox:latest
root pts/2 172.16.141.198 11:10 1.00s 0.03s 0.02s w # 此時運行的終端
[root@Tang ~]# docker container ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6d49137ac83f busybox:latest "sh" 10 minutes ago Up 10 minutes mybusyboxone
[root@Tang ~]# docker container commit -p mybusyboxone busyboxnewdir:v1
sha256:8f6e7890958b6b58b33620685e8dabebec8d65c0a644dea730b16e186038a380
[root@Tang ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
busyboxnewdir v1 8f6e7890958b 17 seconds ago 1.22MB
nginx latest 231d40e811cd 5 days ago 126MB
centos 7 5e35e350aded 2 weeks ago 203MB
busybox latest 020584afccce 4 weeks ago 1.22MB
3.2.1 注意事項:如果未指定新鏡像的名字,可以通過 IMAGE ID 重新打 TAG,如下
[root@Tang ~]# docker container commit -p mybusyboxone
sha256:7bc5297b34ed9e9b601f836bac33df5b025627b79661cf3690e98f8b0d5530b9
### 查看 Docker Image 的 IMAGE ID ###
[root@Tang ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> 7bc5297b34ed 3 seconds ago 1.22MB
busyboxnewdir v1 8f6e7890958b 4 minutes ago 1.22MB
nginx latest 231d40e811cd 5 days ago 126MB
centos 7 5e35e350aded 2 weeks ago 203MB
busybox latest 020584afccce 4 weeks ago 1.22MB
### 對此鏡像打 TAG ,便於後續引用###
[root@Tang ~]# docker image tag 7bc5297b34ed busyboxnewdir:v2
[root@Tang ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
busyboxnewdir v2 7bc5297b34ed 2 minutes ago 1.22MB
busyboxnewdir v1 8f6e7890958b 7 minutes ago 1.22MB
nginx latest 231d40e811cd 5 days ago 126MB
centos 7 5e35e350aded 2 weeks ago 203MB
busybox latest 020584afccce 4 weeks ago 1.22MB
3.3 利用新創建的鏡像生成新的容器,看之前創建的目錄是否存在
[root@Tang ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
busyboxnewdir v2 7bc5297b34ed 2 minutes ago 1.22MB
busyboxnewdir v1 8f6e7890958b 7 minutes ago 1.22MB
nginx latest 231d40e811cd 5 days ago 126MB
centos 7 5e35e350aded 2 weeks ago 203MB
busybox latest 020584afccce 4 weeks ago 1.22MB
### 可以看出我們在之前容器中創建的目錄和文件是存在的 ###
[root@Tang ~]# docker container run --name mybusyboxtwo -it busyboxnewdir:v1
/ # cat /data/html/index.html
<h1>I am Tang, This is mybusybox httpd server!</h1>
4、示例:基於運行中的鏡像創建一個 Docker Image ,並使用 -c 選項,爲其執行命令運行
4.1 busybox 鏡像中關於 /bin/httpd 的幫助命令
/ # /bin/httpd --help
BusyBox v1.31.1 (2019-10-28 18:40:01 UTC) multi-call binary.
Usage: httpd [-ifv[v]] [-c CONFFILE] [-p [IP:]PORT] [-u USER[:GRP]] [-r REALM] [-h HOME]
or httpd -d/-e/-m STRING
Listen for incoming HTTP requests
-i Inetd mode
-f Don't daemonize
-v[v] Verbose
-p [IP:]PORT Bind to IP:PORT (default *:80)
-u USER[:GRP] Set uid/gid after binding to port
-r REALM Authentication Realm for Basic Authentication
-h HOME Home directory (default .)
-c FILE Configuration file (default {/etc,HOME}/httpd.conf)
-m STRING MD5 crypt STRING
-e STRING HTML encode STRING
-d STRING URL decode STRING
4.2 基於容器 mybusyboxone 創建新的鏡像,併爲其運行 /bin/httpd
### 宿主機現有信息 ###
[root@Tang ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
busyboxnewdir v2 7bc5297b34ed 8 minutes ago 1.22MB
busyboxnewdir v1 8f6e7890958b 13 minutes ago 1.22MB
nginx latest 231d40e811cd 5 days ago 126MB
centos 7 5e35e350aded 2 weeks ago 203MB
busybox latest 020584afccce 4 weeks ago 1.22MB
[root@Tang ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6d49137ac83f busybox:latest "sh" 25 minutes ago Up 25 minutes mybusyboxone
[root@Tang ~]# docker container ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4a70908d3bbb busyboxnewdir:v1 "sh" About a minute ago Exited (0) 16 seconds ago mybusyboxtwo
6d49137ac83f busybox:latest "sh" 25 minutes ago Up 25 minutes mybusyboxone
### 進行新鏡像創建,其中 -f 爲 不運行爲守護進程,在前臺運行 ;-h 爲 指定httpd運行的主目錄 ###
[root@Tang ~]# docker commit -a "Tang <[email protected]>" -c 'CMD ["/bin/httpd","-f","-h","/data/html"]' -p mybusyboxone busyboxhttpd:latest
sha256:91417fc42ce4909782cee8b44b55b98940500e799cdd80611c54ce7af4f4affa
[root@Tang ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
busyboxhttpd latest 91417fc42ce4 6 seconds ago 1.22MB
busyboxnewdir v2 7bc5297b34ed 15 minutes ago 1.22MB
busyboxnewdir v1 8f6e7890958b 20 minutes ago 1.22MB
nginx latest 231d40e811cd 5 days ago 126MB
centos 7 5e35e350aded 2 weeks ago 203MB
busybox latest 020584afccce 4 weeks ago 1.22MB
4.3 基於新鏡像,運行新的容器
### 基於鏡像 busyboxhttpd:latest 運行新的容器, -d 爲 運行於後臺, -p 爲 暴露容器內部端口 ###
[root@Tang ~]# docker container run --name mybusyboxhttpdone -p 8000:80 -d busyboxhttpd:latest
88b406bb4e9c3985847eaf2b32c39a988c4edab68b46842c42e2f9db4137e9fb
### 可以看出容器 mybusyboxhttpdone 運行進程號爲 1 的進程爲 /bin/httpd ###
[root@Tang ~]# docker container ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
88b406bb4e9c busyboxhttpd:latest "/bin/httpd -f -h /d…" 12 seconds ago Up 9 seconds 0.0.0.0:8000->80/tcp mybusyboxhttpdone
6d49137ac83f busybox:latest "sh" 42 minutes ago Up 42 minutes mybusyboxone
[root@Tang ~]# docker container exec mybusyboxhttpdone ps
PID USER TIME COMMAND
1 root 0:00 /bin/httpd -f -h /data/html
6 root 0:00 ps
### 宿主機的 iptables nat 表項查看,能夠看出容器 80 端口暴露成功 ###
[root@Tang ~]# iptables -t nat -nvL
Chain PREROUTING (policy ACCEPT 269 packets, 19174 bytes)
pkts bytes target prot opt in out source destination
453 40693 DOCKER all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT 78 packets, 7491 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 1 packets, 60 bytes)
pkts bytes target prot opt in out source destination
0 0 DOCKER all -- * * 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT 2 packets, 120 bytes)
pkts bytes target prot opt in out source destination
218 13733 MASQUERADE all -- * !docker0 172.17.0.0/16 0.0.0.0/0
371 24868 MASQUERADE all -- * enp1s0 0.0.0.0/0 0.0.0.0/0
0 0 MASQUERADE all -- * tang 0.0.0.0/0 0.0.0.0/0
0 0 MASQUERADE tcp -- * * 172.17.0.3 172.17.0.3 tcp dpt:80
Chain DOCKER (2 references)
pkts bytes target prot opt in out source destination
5 420 RETURN all -- docker0 * 0.0.0.0/0 0.0.0.0/0
1 60 DNAT tcp -- !docker0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8000 to:172.17.0.3:80
4.4 進行容器 web 訪問驗證
### 查看此容器的 IP 地址 ###
[root@Tang ~]# docker container inspect mybusyboxhttpdone | grep "IPAddress"
"SecondaryIPAddresses": null,
"IPAddress": "172.17.0.3",
"IPAddress": "172.17.0.3",
### 宿主機上能夠成功訪問容器內的 web 服務 ###
[root@Tang ~]# ipinfo
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
--
enp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.16.141.252 netmask 255.255.255.0 broadcast 172.16.141.255
[root@Tang ~]# curl http://172.17.0.3
<h1>I am Tang, This is mybusybox httpd server!</h1>
### 別的主機進行此宿主機的 web 服務訪問 ###
[root@Tang-1 ~]# ipinfo
enp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.16.141.209 netmask 255.255.255.0 broadcast 172.16.141.255
[root@Tang-1 ~]# curl http://172.16.141.252:8000
<h1>I am Tang, This is mybusybox httpd server!</h1>