Docker Container Commit 基于容器进行 Docker Image 制作
1、Docker Image 制作方式
Docker Image 的制作方法有以下两种:
- 使用 Docker Container Commit ,基于容器制作
- 使用 Docker Build 和 Dockerfile 制作
本文先介绍 使用 Docker Container Commit ,基于容器制作 。
2、Docker Container Commit 命令介绍
2.1 Command Help & Usage
[root@Tang ~]# docker container commit --help
Usage: docker container commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]
Create a new image from a container's changes
Options:
-a, --author string Author (e.g., "John Hannibal Smith <[email protected]>")
-c, --change list Apply Dockerfile instruction to the created image
-m, --message string Commit message
-p, --pause Pause container during commit (default true)
2.2 Options
# -a ## 作者(例如,“neo <neo@neo.com>”)
# -c ## 修改 Dockerfile 指令应用于创建的镜像
# -m ## 提交消息
# -p ## 在提交期间暂停容器(默认为true)
3、示例:基于运行中的镜像创建一个 Docker Image
3.1 运行一个新容器,镜像使用 busybox
### 创建个目录,并新创建一个 HTML 文件 ###
[root@Tang ~]# docker container run --name mybusyboxone -it busybox:latest
/ # mkdir -p /data/html
/ # ls
bin data dev etc home proc root sys tmp usr var
/ # ls /data/
html
/ # vi /data/html/index.html
/ # cat /data/html/index.html
<h1>I am Tang, This is mybusybox httpd server!</h1>
3.2 在别的宿主机终端,或者把此容器进行和终端剥离(ctrl+p , ctrl+q),基于此运行容易创建新的镜像
[root@Tang ~]# w
11:10:09 up 16 days, 21:51, 3 users, load average: 0.04, 0.03, 0.05
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 172.16.141.198 Wed13 20:41 1.52s 0.04s sh
root pts/1 172.16.141.198 Wed13 2:01 0.68s 0.32s docker container run --name mybusyboxone -it busybox:latest
root pts/2 172.16.141.198 11:10 1.00s 0.03s 0.02s w # 此时运行的终端
[root@Tang ~]# docker container ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6d49137ac83f busybox:latest "sh" 10 minutes ago Up 10 minutes mybusyboxone
[root@Tang ~]# docker container commit -p mybusyboxone busyboxnewdir:v1
sha256:8f6e7890958b6b58b33620685e8dabebec8d65c0a644dea730b16e186038a380
[root@Tang ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
busyboxnewdir v1 8f6e7890958b 17 seconds ago 1.22MB
nginx latest 231d40e811cd 5 days ago 126MB
centos 7 5e35e350aded 2 weeks ago 203MB
busybox latest 020584afccce 4 weeks ago 1.22MB
3.2.1 注意事项:如果未指定新镜像的名字,可以通过 IMAGE ID 重新打 TAG,如下
[root@Tang ~]# docker container commit -p mybusyboxone
sha256:7bc5297b34ed9e9b601f836bac33df5b025627b79661cf3690e98f8b0d5530b9
### 查看 Docker Image 的 IMAGE ID ###
[root@Tang ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> 7bc5297b34ed 3 seconds ago 1.22MB
busyboxnewdir v1 8f6e7890958b 4 minutes ago 1.22MB
nginx latest 231d40e811cd 5 days ago 126MB
centos 7 5e35e350aded 2 weeks ago 203MB
busybox latest 020584afccce 4 weeks ago 1.22MB
### 对此镜像打 TAG ,便于后续引用###
[root@Tang ~]# docker image tag 7bc5297b34ed busyboxnewdir:v2
[root@Tang ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
busyboxnewdir v2 7bc5297b34ed 2 minutes ago 1.22MB
busyboxnewdir v1 8f6e7890958b 7 minutes ago 1.22MB
nginx latest 231d40e811cd 5 days ago 126MB
centos 7 5e35e350aded 2 weeks ago 203MB
busybox latest 020584afccce 4 weeks ago 1.22MB
3.3 利用新创建的镜像生成新的容器,看之前创建的目录是否存在
[root@Tang ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
busyboxnewdir v2 7bc5297b34ed 2 minutes ago 1.22MB
busyboxnewdir v1 8f6e7890958b 7 minutes ago 1.22MB
nginx latest 231d40e811cd 5 days ago 126MB
centos 7 5e35e350aded 2 weeks ago 203MB
busybox latest 020584afccce 4 weeks ago 1.22MB
### 可以看出我们在之前容器中创建的目录和文件是存在的 ###
[root@Tang ~]# docker container run --name mybusyboxtwo -it busyboxnewdir:v1
/ # cat /data/html/index.html
<h1>I am Tang, This is mybusybox httpd server!</h1>
4、示例:基于运行中的镜像创建一个 Docker Image ,并使用 -c 选项,为其执行命令运行
4.1 busybox 镜像中关于 /bin/httpd 的帮助命令
/ # /bin/httpd --help
BusyBox v1.31.1 (2019-10-28 18:40:01 UTC) multi-call binary.
Usage: httpd [-ifv[v]] [-c CONFFILE] [-p [IP:]PORT] [-u USER[:GRP]] [-r REALM] [-h HOME]
or httpd -d/-e/-m STRING
Listen for incoming HTTP requests
-i Inetd mode
-f Don't daemonize
-v[v] Verbose
-p [IP:]PORT Bind to IP:PORT (default *:80)
-u USER[:GRP] Set uid/gid after binding to port
-r REALM Authentication Realm for Basic Authentication
-h HOME Home directory (default .)
-c FILE Configuration file (default {/etc,HOME}/httpd.conf)
-m STRING MD5 crypt STRING
-e STRING HTML encode STRING
-d STRING URL decode STRING
4.2 基于容器 mybusyboxone 创建新的镜像,并为其运行 /bin/httpd
### 宿主机现有信息 ###
[root@Tang ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
busyboxnewdir v2 7bc5297b34ed 8 minutes ago 1.22MB
busyboxnewdir v1 8f6e7890958b 13 minutes ago 1.22MB
nginx latest 231d40e811cd 5 days ago 126MB
centos 7 5e35e350aded 2 weeks ago 203MB
busybox latest 020584afccce 4 weeks ago 1.22MB
[root@Tang ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6d49137ac83f busybox:latest "sh" 25 minutes ago Up 25 minutes mybusyboxone
[root@Tang ~]# docker container ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4a70908d3bbb busyboxnewdir:v1 "sh" About a minute ago Exited (0) 16 seconds ago mybusyboxtwo
6d49137ac83f busybox:latest "sh" 25 minutes ago Up 25 minutes mybusyboxone
### 进行新镜像创建,其中 -f 为 不运行为守护进程,在前台运行 ;-h 为 指定httpd运行的主目录 ###
[root@Tang ~]# docker commit -a "Tang <[email protected]>" -c 'CMD ["/bin/httpd","-f","-h","/data/html"]' -p mybusyboxone busyboxhttpd:latest
sha256:91417fc42ce4909782cee8b44b55b98940500e799cdd80611c54ce7af4f4affa
[root@Tang ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
busyboxhttpd latest 91417fc42ce4 6 seconds ago 1.22MB
busyboxnewdir v2 7bc5297b34ed 15 minutes ago 1.22MB
busyboxnewdir v1 8f6e7890958b 20 minutes ago 1.22MB
nginx latest 231d40e811cd 5 days ago 126MB
centos 7 5e35e350aded 2 weeks ago 203MB
busybox latest 020584afccce 4 weeks ago 1.22MB
4.3 基于新镜像,运行新的容器
### 基于镜像 busyboxhttpd:latest 运行新的容器, -d 为 运行于后台, -p 为 暴露容器内部端口 ###
[root@Tang ~]# docker container run --name mybusyboxhttpdone -p 8000:80 -d busyboxhttpd:latest
88b406bb4e9c3985847eaf2b32c39a988c4edab68b46842c42e2f9db4137e9fb
### 可以看出容器 mybusyboxhttpdone 运行进程号为 1 的进程为 /bin/httpd ###
[root@Tang ~]# docker container ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
88b406bb4e9c busyboxhttpd:latest "/bin/httpd -f -h /d…" 12 seconds ago Up 9 seconds 0.0.0.0:8000->80/tcp mybusyboxhttpdone
6d49137ac83f busybox:latest "sh" 42 minutes ago Up 42 minutes mybusyboxone
[root@Tang ~]# docker container exec mybusyboxhttpdone ps
PID USER TIME COMMAND
1 root 0:00 /bin/httpd -f -h /data/html
6 root 0:00 ps
### 宿主机的 iptables nat 表项查看,能够看出容器 80 端口暴露成功 ###
[root@Tang ~]# iptables -t nat -nvL
Chain PREROUTING (policy ACCEPT 269 packets, 19174 bytes)
pkts bytes target prot opt in out source destination
453 40693 DOCKER all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT 78 packets, 7491 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 1 packets, 60 bytes)
pkts bytes target prot opt in out source destination
0 0 DOCKER all -- * * 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT 2 packets, 120 bytes)
pkts bytes target prot opt in out source destination
218 13733 MASQUERADE all -- * !docker0 172.17.0.0/16 0.0.0.0/0
371 24868 MASQUERADE all -- * enp1s0 0.0.0.0/0 0.0.0.0/0
0 0 MASQUERADE all -- * tang 0.0.0.0/0 0.0.0.0/0
0 0 MASQUERADE tcp -- * * 172.17.0.3 172.17.0.3 tcp dpt:80
Chain DOCKER (2 references)
pkts bytes target prot opt in out source destination
5 420 RETURN all -- docker0 * 0.0.0.0/0 0.0.0.0/0
1 60 DNAT tcp -- !docker0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8000 to:172.17.0.3:80
4.4 进行容器 web 访问验证
### 查看此容器的 IP 地址 ###
[root@Tang ~]# docker container inspect mybusyboxhttpdone | grep "IPAddress"
"SecondaryIPAddresses": null,
"IPAddress": "172.17.0.3",
"IPAddress": "172.17.0.3",
### 宿主机上能够成功访问容器内的 web 服务 ###
[root@Tang ~]# ipinfo
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
--
enp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.16.141.252 netmask 255.255.255.0 broadcast 172.16.141.255
[root@Tang ~]# curl http://172.17.0.3
<h1>I am Tang, This is mybusybox httpd server!</h1>
### 别的主机进行此宿主机的 web 服务访问 ###
[root@Tang-1 ~]# ipinfo
enp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.16.141.209 netmask 255.255.255.0 broadcast 172.16.141.255
[root@Tang-1 ~]# curl http://172.16.141.252:8000
<h1>I am Tang, This is mybusybox httpd server!</h1>