docker目前镜像的制作两种方法:
1,基于docker Commit制作镜像
2,基于dockerfile制作镜像,Dockerfile 为主流的制作方式
[root@docker ~]# docker images 查看本地
REPOSITORY TAG IMAGE ID CREATED SIZE
centos 7 eeb6ee3f44bd 16 months ago 204MB
[root@docker ~]# docker run -it centos:7 /bin/bash 进入容器
[root@ab18198ba0a3 /]# cd /home/
[root@ab18198ba0a3 home]# mkdir xdclass 创建一个目录
[root@ab18198ba0a3 home]# yum install net-tools -y 安装执行ifconfig查看ip
[root@2b86fd5ea318 home]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 3835 bytes 27628549 (26.3 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3315 bytes 182288 (178.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@2b86fd5ea318 home]#
[root@docker ~]# docker ps 查看运行
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7d4c97ddb0ba centos:7 "/bin/bash" 3 minutes ago Up 2 minutes busy_banzai
[root@docker ~]# docker restart 7d4c97ddb0ba 进行重启
7d4c97ddb0ba
[root@docker ~]#
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7d4c97ddb0ba centos:7 "/bin/bash" 6 minutes ago Up 3 minutes busy_banzai
[root@docker ~]#
[root@docker ~]#
[root@docker ~]# docker rm -f 7d4c97ddb0ba 删除docker
7d4c97ddb0ba
[root@docker ~]# docker ps 查看
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
#删除之后重新拉取一个新的则无
1,dockerCommit制作镜像
开启容器创建文档安装net-tools:
[root@docker ~]# docker run -itd centos:7
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
cc5a01178967 centos:7 "/bin/bash" 33 seconds ago Up 32 seconds vigorous_pike
[root@docker ~]# docker exec -it cc5a01178967 /bin/bash
[root@cc5a01178967 /]#
[root@cc5a01178967 /]#
[root@cc5a01178967 /]# cd /home/
[root@cc5a01178967 home]# mkdir xdclass
[root@cc5a01178967 home]# yum install net-tools -y
[root@cc5a01178967 home]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 2210 bytes 27541329 (26.2 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2024 bytes 112678 (110.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
进行构建Commint:
[root@docker ~]# docker commit -a 'lyx' -m 'mkdir /home/xdclass net-tools' cc5a01178967 mycentos:v1
sha256:64e6184ab6d4aeeb3c1c1ade6892cfdad76c630efbaec28d2ea800ad9788abfe
commit代表制作成镜像
-a属性表示制作人我写的lyx
-m属性表示这个文件大致内容我则用来保存的是安装net-tools
输入ID
mycentos命名和v1版本
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mycentos v1 64e6184ab6d4 3 minutes ago 403MB #这个则是咱们制作成功的
centos 7 eeb6ee3f44bd 16 months ago 204MB
[root@docker ~]#
[root@docker ~]# docker ps 查看运行
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
cc5a01178967 centos:7 "/bin/bash" 11 minutes ago Up 11 minutes vigorous_pike
[root@docker ~]# docker rm -f cc5a01178967 进行删除
cc5a01178967
[root@docker ~]# docker ps 查看运行无
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@docker ~]# docker images 查看制作成功的mycentos
REPOSITORY TAG IMAGE ID CREATED SIZE
mycentos v1 64e6184ab6d4 5 minutes ago 403MB
centos 7 eeb6ee3f44bd 16 months ago 204MB
[root@docker ~]# docker run -itd mycentos:v1 /bin/bash 进行启动容器
a893d4021f98b4c2294d313b5d5285ad109de173295f6106d5db0de624626f63
[root@docker ~]# docker ps 查看运行
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a893d4021f98 mycentos:v1 "/bin/bash" 6 seconds ago Up 6 seconds magical_gould
[root@docker ~]# docker exec -it a893d4021f98 /bin/bash 进入容器
[root@a893d4021f98 /]# cd /home/ 进入home目录
[root@a893d4021f98 home]# ls 查看之前创建的xdclass
xdclass
[root@a893d4021f98 home]# ifconfig 查看网卡是否运行成功
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 8 bytes 656 (656.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@a893d4021f98 home]#
实验:Docker commit构建带sshd服务自定义镜像
查看本地镜像:
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos 7 eeb6ee3f44bd 17 months ago 204MB
[root@docker ~]#
利用centos镜像建立容器,并进入该容器:
[root@docker ~]# docker run -dit --name my-centos1 centos:7
b2cb61f3b58d74c36d753aa907c4e6a1569edd1ade3944ba10b9e9761b8a9556
[root@docker ~]#
[root@docker ~]# docker exec -it my-centos1 /bin/bash
[root@b2cb61f3b58d /]#
net-tools,openssh-server:
[root@b2cb61f3b58d /]# yum -y install openssh-server net-tools
创建ssh所需的目录,并在根目录下创建sshd启动脚本:
[root@b2cb61f3b58d /]# mkdir -pv /var/run/sshd
mkdir: created directory '/var/run/sshd'
[root@b2cb61f3b58d /]#
[root@b2cb61f3b58d /]#
[root@b2cb61f3b58d /]# echo "/usr/sbin/sshd -D" > /auto_sshd.sh
[root@b2cb61f3b58d /]# cat /auto_sshd.sh
/usr/sbin/sshd -D
[root@b2cb61f3b58d /]# chmod +x /auto_sshd.sh
[root@b2cb61f3b58d /]#
修改容器内root的账户密码:
[root@b2cb61f3b58d /]# echo "root:lyx" | chpasswd
[root@b2cb61f3b58d /]# 设置密码为lyx
生成ssh主机密钥文件:
1,生成rsa_key
[root@b2cb61f3b58d /]# ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /etc/ssh/ssh_host_rsa_key.
Your public key has been saved in /etc/ssh/ssh_host_rsa_key.pub.
The key fingerprint is:
SHA256:Hsivc33BCDDF64qWk7K87gWe+BrBUOD75Dlb+WLPeTY root@b2cb61f3b58d
The key's randomart image is:
+---[RSA 2048]----+
|... o. |
|.. o . |
|.. o . |
|o . . .o |
|.o.. o.S. o |
| ++o. .o... o |
|o o=.* .o. . |
| +..Xo=.oE. . |
|.+B*..+Bo .. |
+----[SHA256]-----+
[root@b2cb61f3b58d /]#
2,生成ecdsa_key
[root@b2cb61f3b58d /]# ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key
Generating public/private ecdsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /etc/ssh/ssh_host_ecdsa_key.
Your public key has been saved in /etc/ssh/ssh_host_ecdsa_key.pub.
The key fingerprint is:
SHA256:0HFmAoFJNpWUJ1fcX7rBOE/ERiySHsN6xxfNAxnqs00 root@b2cb61f3b58d
The key's randomart image is:
+---[ECDSA 256]---+
| .+===o+=o *=o |
| .o.+.o*B +.*.+|
| .+.o * B +.|
| .. + = B |
| S. + E o |
| = o |
| . . |
| |
| |
+----[SHA256]-----+
[root@b2cb61f3b58d /]#
3,生成ed25519_key
[root@b2cb61f3b58d /]# ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key
Generating public/private ed25519 key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /etc/ssh/ssh_host_ed25519_key.
Your public key has been saved in /etc/ssh/ssh_host_ed25519_key.pub.
The key fingerprint is:
SHA256:u2MOmiR0BSfUmfGYGtyuRgsVGSFWx7SGB+i66zJj93E root@b2cb61f3b58d
The key's randomart image is:
+--[ED25519 256]--+
| o+XB=+ |
| ..o.X== |
| . = O . |
| .. B |
| .o + . S |
|.. + o . |
| .. =..E. |
|=. = oo.o. |
|==. +. oo. |
+----[SHA256]-----+
[root@b2cb61f3b58d /]#
退出容器,并生成新的Docker镜像:
[root@b2cb61f3b58d /]# exit
exit
[root@docker ~]# docker commit my-centos1 centos_sshd:7.0
sha256:6cfc9c28a7774889f6987cfca6d28a8b8153b3d4265bae40c4ecfe8333c09d00
[root@docker ~]#
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos_sshd 7.0 6cfc9c28a777 23 seconds ago 405MB
centos 7 eeb6ee3f44bd 17 months ago 204MB
[root@docker ~]#
启动新的容器,并查看容器是否构建:
[root@docker ~]# docker run -dit --name centos_7.0-1 centos_sshd:7.0
0ec5851688175a9a06a3596513cef8ee1f255455f2a5b7806971dedace852163
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0ec585168817 centos_sshd:7.0 "/bin/bash" 6 seconds ago Up 6 seconds centos_7.0-1
b2cb61f3b58d centos:7 "/bin/bash" 10 minutes ago Up 10 minutes my-centos1
[root@docker ~]#
进入容器,查看IP地址,并运行脚本:
[root@0ec585168817 /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.3 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:03 txqueuelen 0 (Ethernet)
RX packets 8 bytes 656 (656.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@0ec585168817 /]# ./auto_sshd.sh
测试ssh:
[root@docker ~]# ssh root@172.17.0.3
The authenticity of host '172.17.0.3 (172.17.0.3)' can't be established.
ECDSA key fingerprint is SHA256:0HFmAoFJNpWUJ1fcX7rBOE/ERiySHsN6xxfNAxnqs00.
ECDSA key fingerprint is MD5:21:ce:10:d6:f3:53:c4:16:1d:76:cd:05:4e:f9:22:54.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.17.0.3' (ECDSA) to the list of known hosts.
root@172.17.0.3's password: # 输入密码lyx
[root@0ec585168817 ~]# 登录成功
2,dockerfile构建镜像实战
dockerfile文档内容如下:
# this is a dockerfile
FROM centos:7
MAINTAINER LYX 123456@qq.com
RUN echo '正在构建镜像'
WORKDIR /home/xdclass
COPY 123.txt /home/xdclass
RUN yum install net-tools -y
文档详解:
# 注释
FROM 基于哪个镜像
MAINTAINER 注明含义
COPY 复制
ADD 复制文件到容器里面而copy只是单纯复制
而add如果复制一个压缩包进入容器并且解压
WORKDIR 指定一个路径作为工作目录如果路径不存在自定创建
ENV 环境变量
EXPOSE 暴露容器端口给宿主机
RUN 执行后面的命令
ENTRYPOINT 输出在容器启动之后 如写多条只执行最后一条
CMD 输出在容器启动之后 在末尾 可以被覆盖
如执行:docker run mycentos:v1
命令格式:shell命令格式:RUN yum install net-tools -y
exec命令格式:['RUN','yum','install','net-tools','-y']
进行构建dockerfile:
[root@docker ~]# docker images 查看原有镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
mycentos v1 64e6184ab6d4 28 minutes ago 403MB
centos 7 eeb6ee3f44bd 16 months ago 204MB
[root@docker ~]# vi dockerfile
# this is a dockerfile
FROM centos:7
MAINTAINER LYX 123456@qq.com
RUN echo '正在构建镜像'
WORKDIR /home/xdclass
COPY 123.txt /home/xdclass
RUN yum install net-tools -y
#wq 保存退出
[root@docker ~]# docker build -t mycentos:v2 . 那个点.代表当前路径
[root@docker ~]# docker images 进行查看
REPOSITORY TAG IMAGE ID CREATED SIZE
mycentos v2 380079b451ef 5 minutes ago 403MB #制作完成
mycentos v1 64e6184ab6d4 38 minutes ago 403MB
centos 7 eeb6ee3f44bd 16 months ago 204MB
[root@docker ~]# docker run -it mycentos:v2 /bin/bash 进入v2容器
[root@b3bced1b5262 xdclass]# ls 查看是否把123.txt文档拷贝进去
123.txt # 已经拷贝
[root@b3bced1b5262 xdclass]# ifconfig 查看net-tools是否执行成功
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 8 bytes 656 (656.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@b3bced1b5262 xdclass]# exit 退出
exit
[root@docker ~]#
实验:Dockerfile构建带sshd服务的自定义镜像
建立/user/sshd目录,并切换到该目录:
[root@docker ~]# mkdir -p /user/sshd
[root@docker ~]# cd /user/sshd
[root@docker sshd]#
编写Dockerfile文件,注意文件的首字母必须大写。
[root@docker sshd]# cat Dockerfile
FROM centos:7
MAINTAINER lyx lyx@qq.com
RUN yum -y install openssh-server openssh-clients net-tools
RUN echo 'root:lyx' | chpasswd
RUN /usr/sbin/sshd-keygen
EXPOSE 22
CMD /usr/sbin/sshd -D
[root@docker sshd]#
利用docker build命令构建自定义镜像,镜像名为sshd:v1.0。
[root@docker sshd]# docker build -t sshd:v1.0 .
启动容器:
[root@docker sshd]# docker run -dit --name test_sshd sshd:v1.0
3d0879e584d9b55f23db1f6e707e96a489341f8af4f96e5f6c72b57f3bbeaa01
[root@docker sshd]#
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3d0879e584d9 sshd:v1.0 "/bin/sh -c '/usr/sb…" 12 minutes ago Up 12 minutes 22/tcp test_sshd
[root@docker ~]#
从docker ps –a命令的显示现象可以看到
容器名为test_sshd的容器状态为UP状态,表示容器创建成功,并且正常运行。
进入test_sshd容器,查看IP地址:
[root@docker sshd]# docker exec -it test_sshd /bin/bash
[root@3d0879e584d9 /]#
[root@3d0879e584d9 /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 8 bytes 656 (656.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@3d0879e584d9 /]#容器的IP地址为172.17.0.3
进行测试:
[root@docker ~]# ssh 172.17.0.2
The authenticity of host '172.17.0.2 (172.17.0.2)' can't be established.
ECDSA key fingerprint is SHA256:iVVPtrCVsq6ae2un0QboTjQgKMvQ0eLrstgar3UI9Z0.
ECDSA key fingerprint is MD5:ae:a7:36:47:f7:dd:64:9a:b2:a6:01:3d:42:ce:54:55.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.17.0.2' (ECDSA) to the list of known hosts.
root@172.17.0.2's password: # 输出密码lyx
[root@3d0879e584d9 ~]# 登录成功
镜像分层结构解析
[root@docker ~]# docker rmi mycentos:v2 删除v2
Untagged: mycentos:v2
Deleted: sha256:380079b451ef871139544588e61e119d552bdc09ab75d4f67059de0939240be8
[root@docker ~]# docker images 查看本地镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
centos 7 eeb6ee3f44bd 16 months ago 204MB
[root@docker ~]# docker history mycentos:v1
IMAGE CREATED CREATED BY SIZE COMMENT
401a8637ecf7 2 minutes ago RUN /bin/sh -c yum install net-tools -y # bu… 199MB buildkit.dockerfile.v0
<missing> 3 minutes ago COPY 123.txt /home/xdclass # buildkit 4B buildkit.dockerfile.v0
<missing> 3 minutes ago WORKDIR /home/xdclass 0B buildkit.dockerfile.v0
<missing> 3 minutes ago RUN /bin/sh -c echo "正在构建镜像!!!" # buil… 0B buildkit.dockerfile.v0
<missing> 3 minutes ago MAINTAINER XD 123456@qq.com 0B buildkit.dockerfile.v0
<missing> 16 months ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B
<missing> 16 months ago /bin/sh -c #(nop) LABEL org.label-schema.sc… 0B
<missing> 16 months ago /bin/sh -c #(nop) ADD file:b3ebbe8bd304723d4… 204MB
[root@docker ~]#