docker: 构建镜像

对于docker用户来说，自己创建镜像较复杂，因为几乎所有的数据库，中间件，软件都有现成的。我们只需要下载并做些配置就可以了。
但是如果我们找不到现成的镜像或者在镜像中加入特定的功能的话就需要我们自己手动构造镜像了

Docker提供了两种镜像的方法：

1 docker commit命令

2 Dockerfile命令

首先来看下docker commit命令的使用方法：

第一步：安装一个ubuntu的容器。使用run命令的时候如果找不到这个容器会自动下载

root@zhf-linux:/var/lib/docker# docker run -it ubuntu

Unable to find image 'ubuntu:latest' locally

latest: Pulling from library/ubuntu

aef6d0613937: Pull complete

83de9eba49f1: Pull complete

9087439057e1: Pull complete

45d36c0ac9f9: Pull complete

e991b5792ff6: Pull complete

Digest: sha256:ec0e4e8bf2c1178e025099eed57c566959bb408c6b478c284c1683bc4298b683

Status: Downloaded newer image for ubuntu:latest

第二步：进入容器。 ecb05acfdb66是容器ID

root@zhf-linux:/home/zhf# docker run -it ubuntu

root@ecb05acfdb66:/#

第三步：安装vim. 可以看到VIM并没有安装

root@ecb05acfdb66:/# vim

bash: vim: command not found

安装vim的时候提示找不到vim

root@ecb05acfdb66:/# apt-get install -y vim

Reading package lists... Done

Building dependency tree

Reading state information... Done

E: Unable to locate package vim

这是由于软件源没有更新的原因，执行下apt-get update 得到最新的软件包 再次执行apt-get install vim就可以成功的安装了

安装完成后docker ps可以看到当前正在运行的容器

root@zhf-linux:/home/zhf# docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

ecb05acfdb66 ubuntu "/bin/bash" 34 minutes ago Up 34 minutes sleepy_brahmagupta

sleepy_brahmagupta是Docker为容器随即分配的名字

第四步：重新开启一个终端保存新镜像：新镜像名为ubuntu-with-vi

root@zhf-linux:/home/zhf# docker commit sleepy_brahmagupta ubuntu-with-vi

sha256:a8ad90906fcc274df1b9072c690e1c6b8561aeb8d986e0f9caa649ca954ffcd8

从size来看镜像因为安装了软件而变大了。

root@zhf-linux:/home/zhf# docker images

REPOSITORY TAG IMAGE ID CREATED SIZE

ubuntu-with-vi latest a8ad90906fcc 54 seconds ago 205 MB

ubuntu latest fb14c85f88d3 5 days ago 109 MB

httpd latest 7659d5a9a057 8 weeks ago 189 MB

hello-world latest abd130ec0722 4 months ago 665 kB

第五步：进入新镜像执行vim命令：

root@zhf-linux:/home/zhf# docker run -it ubuntu-with-vi

root@189eac7e1d60:/# which vim

/usr/bin/vim

这就是docker commit创建新镜像的方法。这种方法效率低而且可重复性很弱。比如要在其他操作系统镜像中加入vi还要重复前面所有的步骤。下面就来看下采用dockerfile的方法

第一步：首先创建Dockerfile，内容如下。 命令必须大写

FROM ubuntu

RUN apt-get update && apt-get install -y vim

第二步：执行命令root@zhf-linux:/home/zhf/docker# docker build -t ubuntu-with-vi-dockerfile .

Dockerfile 中的 ADD、COPY 等命令可以将 build context 中的文件添加到镜像。此例中，build context 为当前目录/home/zhf/docker，该目录下的所有文件和子目录都会被发送给 Docker daemon。

第三步：完成创建

root@zhf-linux:/home/zhf/docker# docker build -t ubuntu-with-vi-dockerfile .

Sending build context to Docker daemon 2.048 kB

Step 1/2 : FROM ubuntu

---> fb14c85f88d3

Step 2/2 : RUN apt-get update && apt-get install -y vim

---> Running in d46f693665cd

Get:1 http://security.ubuntu.com/ubuntu xenial-security InRelease [102 kB]

Get:2 http://archive.ubuntu.com/ubuntu xenial InRelease [247 kB]

Get:3 http://security.ubuntu.com/ubuntu xenial-security/universe Sources [56.7 kB]

Get:4 http://security.ubuntu.com/ubuntu xenial-security/main i386 Packages [473 kB]

Get:5 http://archive.ubuntu.com/ubuntu xenial-updates InRelease [102 kB]

Get:6 http://archive.ubuntu.com/ubuntu xenial-backports InRelease [102 kB]

Get:7 http://archive.ubuntu.com/ubuntu xenial/universe Sources [9802 kB]

Get:8 http://security.ubuntu.com/ubuntu xenial-security/restricted i386 Packages [13.0 kB]

Get:9 http://security.ubuntu.com/ubuntu xenial-security/universe i386 Packages [198 kB]

Get:10 http://security.ubuntu.com/ubuntu xenial-security/multiverse i386 Packages [3674 B]

Get:11 http://archive.ubuntu.com/ubuntu xenial/main i386 Packages [1552 kB]

Get:12 http://archive.ubuntu.com/ubuntu xenial/restricted i386 Packages [14.5 kB]

Get:13 http://archive.ubuntu.com/ubuntu xenial/universe i386 Packages [9804 kB]

Get:14 http://archive.ubuntu.com/ubuntu xenial/multiverse i386 Packages [172 kB]

Get:15 http://archive.ubuntu.com/ubuntu xenial-updates/universe Sources [233 kB]

Get:16 http://archive.ubuntu.com/ubuntu xenial-updates/main i386 Packages [827 kB]

Get:17 http://archive.ubuntu.com/ubuntu xenial-updates/restricted i386 Packages [13.7 kB]

Get:18 http://archive.ubuntu.com/ubuntu xenial-updates/universe i386 Packages [680 kB]

Get:19 http://archive.ubuntu.com/ubuntu xenial-updates/multiverse i386 Packages [17.3 kB]

Get:20 http://archive.ubuntu.com/ubuntu xenial-backports/main i386 Packages [5166 B]

Get:21 http://archive.ubuntu.com/ubuntu xenial-backports/universe i386 Packages [7149 B]

Fetched 24.4 MB in 4min 36s (88.4 kB/s)

Reading package lists… (中间过程省略)

.

.

.

.

.

Processing triggers for libc-bin (2.23-0ubuntu9) ...

---> 4ab7bb9b7cb4

Removing intermediate container d46f693665cd

Successfully built 4ab7bb9b7cb4

从上面可以看到步骤大致为几步：

1 执行FROM，将ubuntu作为镜像。ID=fb14c85f88d3

2 执行RUN安装VIM

3 启动 ID=d46f693665cd的临时容器，在容器中通过apt-get安装vim

4 安装成功后，将容器保存为镜像。ID=4ab7bb9b7cb4并且删除了ID=d46f693665cd的临时容器

通过docker images查看

root@zhf-linux:/home/zhf/docker# docker images

REPOSITORY TAG IMAGE ID CREATED SIZE

ubuntu-with-vi-dockerfile latest 4ab7bb9b7cb4 6 minutes ago 205 MB

ubuntu-with-vi latest a8ad90906fcc 23 minutes ago 205 MB

ubuntu latest fb14c85f88d3 5 days ago 109 MB

httpd latest 7659d5a9a057 8 weeks ago 189 MB

hello-world latest abd130ec0722 4 months ago 665 kB

root@3514d5772446:/# which vim

/usr/bin/vim

也可以通过docker history来查看Dockerfile的执行过程

root@zhf-linux:/home/zhf# docker history ubuntu-with-vi-dockerfile

IMAGE CREATED CREATED BY SIZE COMMENT

4ab7bb9b7cb4 2 days ago /bin/sh -c apt-get update && apt-get insta... 96 MB

fb14c85f88d3 8 days ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0 B

<missing> 8 days ago /bin/sh -c mkdir -p /run/systemd && echo '... 7 B

<missing> 8 days ago /bin/sh -c sed -i 's/^#\s*\(deb.*universe\... 2.76 kB

<missing> 8 days ago /bin/sh -c rm -rf /var/lib/apt/lists/* 0 B

<missing> 8 days ago /bin/sh -c set -xe && echo '#!/bin/sh' >... 745 B

<missing> 8 days ago /bin/sh -c #(nop) ADD file:db6281c0035641a... 109 MB

和ubuntu的来比较一下，ubuntu-with-vi-dockerfile 与 ubuntu 镜像相比，确实只是多了顶部的一层 35ca89798937，由 apt-get 命令创建，大小为 97.07MB。docker history 也向我们展示了镜像的分层结构，每一层由上至下排列。

root@zhf-linux:/home/zhf# docker history ubuntu

IMAGE CREATED CREATED BY SIZE COMMENT

fb14c85f88d3 8 days ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0 B

<missing> 8 days ago /bin/sh -c mkdir -p /run/systemd && echo '... 7 B

<missing> 8 days ago /bin/sh -c sed -i 's/^#\s*\(deb.*universe\... 2.76 kB

<missing> 8 days ago /bin/sh -c rm -rf /var/lib/apt/lists/* 0 B

<missing> 8 days ago /bin/sh -c set -xe && echo '#!/bin/sh' >... 745 B

<missing> 8 days ago /bin/sh -c #(nop) ADD file:db6281c0035641a... 109 MB

下面继续看下docker的缓存，Dockerfile的内容如下：

FROM ubuntu

RUN apt-get update && apt-get install -y vim

COPY Dockerfile /

执行结果：

root@zhf-linux:/home/zhf/docker# docker build -t ubuntu-with-v-dockerfile_2 .

Sending build context to Docker daemon 2.048 kB

Step 1/3 : FROM ubuntu

---> fb14c85f88d3

Step 2/3 : RUN apt-get update && apt-get install -y vim

---> Using cache

---> 4ab7bb9b7cb4

Step 3/3 : COPY Dockerfile /

---> 03943952ca8b

Removing intermediate container a9f1c9e81ea6

Successfully built 03943952ca8b

1 首先确保执行docker build命令的路径下的Dockerfile存在，也就是这个例子中的/home/zhf/docker存在Dockerfile

2 在第二步的RUN命令中镜像ID=4ab7bb9b7cb4和之前ubuntu-with-vi-dockerfile中的是一样的

 

由于之前使用过相同的RUN指令，这次直接使用缓存中的镜像4ab7bb9b7cb4

3 启动临时容器，复制testfile,提交新的镜像层03943952ca8b并且删除临时容器

我们再做一个实验，如果将Dockerfile中的执行顺序改变一下看下运行结果是什么

我们将COPY命令和RUN命令调换一下顺序

FROM ubuntu

COPY Dockerfile /

RUN apt-get update && apt-get install -y vim

执行结果：可以看到在复制文件的时候运行的是一个新的镜像层。

Sending build context to Docker daemon 2.048 kB

Step 1/3 : FROM ubuntu

---> fb14c85f88d3

Step 2/3 : COPY Dockerfile /

---> 30ee5666cc73

Removing intermediate container fcc01972c127

Step 3/3 : RUN apt-get update && apt-get install -y vim

---> Running in 1be3495fdfb1

Get:1 http://security.ubuntu.com/ubuntu xenial-security InRelease [102 kB]

Get:2 http://archive.ubuntu.com/ubuntu xenial InRelease [247 kB]

Get:3 http://security.ubuntu.com/ubuntu xenial-security/universe Sources [56.7 kB]

Get:4 http://archive.ubuntu.com/ubuntu xenial-updates InRelease [102 kB]

Get:5 http://archive.ubuntu.com/ubuntu xenial-backports InRelease [102 kB]

Get:6 http://security.ubuntu.com/ubuntu xenial-security/main i386 Packages [474 kB]

Get:7 http://archive.ubuntu.com/ubuntu xenial/universe Sources [9802 kB]

Get:8 http://security.ubuntu.com/ubuntu xenial-security/restricted i386 Packages [13.0 kB]

Get:9 http://security.ubuntu.com/ubuntu xenial-security/universe i386 Packages [198 kB]

Get:10 http://security.ubuntu.com/ubuntu xenial-security/multiverse i386 Packages [3674 B]

Fetched 24.4 MB in 5min 55s (68.8 kB/s)

Reading package lists...

Reading package lists...

Building dependency tree...

Reading state information...

The following additional packages will be installed:

file libexpat1 libgpm2 libmagic1 libmpdec2 libpython3.5 libpython3.5-minimal

libpython3.5-stdlib libsqlite3-0 libssl1.0.0 mime-support vim-common

vim-runtime

Suggested packages:

gpm ctags vim-doc vim-scripts vim-gnome-py2 | vim-gtk-py2 | vim-gtk3-py2

| vim-athena-py2 | vim-nox-py2

The following NEW packages will be installed:

file libexpat1 libgpm2 libmagic1 libmpdec2 libpython3.5 libpython3.5-minimal

libpython3.5-stdlib libsqlite3-0 libssl1.0.0 mime-support vim vim-common

vim-runtime

0 upgraded, 14 newly installed, 0 to remove and 0 not upgraded.

Need to get 12.2 MB of archives.

After this operation, 58.2 MB of additional disk space will be used.

Get:1 http://archive.ubuntu.com/ubuntu xenial/main i386 libgpm2 i386 1.20.4-6.1 [16.0 kB]

Get:2 http://archive.ubuntu.com/ubuntu xenial/main i386 libmagic1 i386 1:5.25-2ubuntu1 [222 kB]

Get:3 http://archive.ubuntu.com/ubuntu xenial/main i386 file i386 1:5.25-2ubuntu1 [21.1 kB]

Get:4 http://archive.ubuntu.com/ubuntu xenial-updates/main i386 libexpat1 i386 2.1.0-7ubuntu0.16.04.3 [74.1 kB]

.

.

.

.

Processing triggers for libc-bin (2.23-0ubuntu9) ...

---> 3950939de1c3

Removing intermediate container 1be3495fdfb1

Successfully built 3950939de1c3

Dockerfile 中每一个指令都会创建一个镜像层，上层是依赖于下层的。无论什么时候，只要某一层发生变化，其上面所有层的缓存都会失效。 也就是说，如果我们改变 Dockerfile 指令的执行顺序，或者修改或添加指令，都会使缓存失效。