返回总目录页

docker镜像

 

hello-world 最小的镜像


从Docker Hub 下载这个镜像


[root@mcw1 /application]$ docker pull hello-world
Using default tag: latest
latest: Pulling from library/hello-world
2db29710123e: Pull complete
Digest: sha256:2498fce14358aa50ead0cc6c19990fc6ff866ce72aeb5546e1d59caac3d0d60f
Status: Downloaded newer image for hello-world:latest
docker.io/library/hello-world:latest

查看镜像信息


[root@mcw1 /application]$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
httpd latest dabbfbe0c57b 3 days ago 144MB
hello-world latest feb5d9fea6a5 3 months ago 13.3kB

运行hello-world容器,很快容器就退出了

[root@mcw1 /application]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c8b617d91943 httpd "httpd-foreground" 25 hours ago Up 24 minutes 0.0.0.0:80->80/tcp, :::80->80/tcp sweet_curran
[root@mcw1 /application]$ docker run hello-world

Hello from Docker!
This message shows that your installation appears to be working correctly.
......
[root@mcw1 /application]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c8b617d91943 httpd "httpd-foreground" 25 hours ago Up 25 minutes 0.0.0.0:80->80/tcp, :::80->80/tcp sweet_curran
[root@mcw1 /application]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
81f8c132267c hello-world "/hello" About a minute ago Exited (0) About a minute ago hungry_keldysh

hello-world的Dockerfile

FROM SCRATCH
COPY hello /
CMD ["/hello"]

 

 

base镜像

下载镜像


[root@mcw1 /application]$ docker pull centos
Using default tag: latest
latest: Pulling from library/centos
a1d0c7532777: Pulling fs layer
latest: Pulling from library/centos
a1d0c7532777: Pull complete
Digest: sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd6c473f432b177
Status: Downloaded newer image for centos:latest
docker.io/library/centos:latest

centos镜像的Dockerfile


FROM scratch
ADD centos-7-docker.tar.xz /
CMD ["/bin/bash"]

运行centos镜像

[root@mcw1 /application]$ docker run -it centos
[root@87b44864a676 /]# cat /etc/redhat-release
CentOS Linux release 8.4.2105
[root@87b44864a676 /]# uname -r
3.10.0-693.el7.x86_64
[root@87b44864a676 /]# exit
[root@mcw1 /application]$ cat /etc/redhat-release
CentOS Linux release 7.4.1708 (Core)
[root@mcw1 /application]$ uname -r
3.10.0-693.el7.x86_64

 

docker commit手动创建镜像


步骤为:
1、运行容器。
2、修改容器。
3、将容器保存为新的镜像

运行容器以及修改容器


[root@mcw1 ~]$ docker ps #查看当前运行的容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@mcw1 ~]$ docker images #查看当前的docker镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
httpd latest dabbfbe0c57b 4 days ago 144MB
hello-world latest feb5d9fea6a5 3 months ago 13.3kB
centos latest 5d0da3dc9764 3 months ago 231MB
[root@mcw1 ~]$ docker run -it centos #使用centos镜像运行一个容器
[root@b6500e7b8da8 /]# vim #查看是否有vim命令
bash: vim: command not found
[root@b6500e7b8da8 /]# yum install -y vim #安装指定包,比如vim,
Failed to set locale, defaulting to C.UTF-8
CentOS Linux 8 - AppStream 2.0 MB/s | 8.4 MB 00:04
CentOS Linux 8 - BaseOS 1.9 MB/s | 3.6 MB 00:01
CentOS Linux 8 - Extras 14 kB/s | 10 kB 00:00
Dependencies resolved.
==========================================================================================
Package Architecture Version Repository Size
============================================================================================
Installing:
vim-enhanced x86_64 2:8.0.1763-16.el8 appstream 1.4 M
[root@b6500e7b8da8 /]# which vim
/usr/bin/vim

创建新的镜像以及验证使用

重新打开一个xshell会话。
[root@mcw1 ~]$ docker ps #查看运行的容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b6500e7b8da8 centos "/bin/bash" 2 minutes ago Up 2 minutes funny_mcclintock
[root@mcw1 ~]$ docker commit funny_mcclintock centos-with-vim #将刚刚安装过vim的容器,提交为新的镜像
sha256:6c15aaf80fdfa05d898c4fedd21b046b9086d557ae681c3a241964eaaa559ce6
[root@mcw1 ~]$ docker images #查看刚刚提交的新的镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
centos-with-vim latest 6c15aaf80fdf 11 seconds ago 296MB
httpd latest dabbfbe0c57b 4 days ago 144MB
hello-world latest feb5d9fea6a5 3 months ago 13.3kB
centos latest 5d0da3dc9764 3 months ago 231MB
[root@mcw1 ~]$ docker run -it centos-with-vim #用新创建的镜像运行一个容器
[root@ff39a256c796 /]# which vim #验证容器是否是修改过的能用的容器。这里可以看到,使用新镜像创建容器,这是拥有了vim命令的容器了
/usr/bin/vim
[root@ff39a256c796 /]#


这里在容器里ctrl + d 会退出容器,容器也会退出运行

[root@b6500e7b8da8 /]# exit
[root@mcw1 ~]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ff39a256c796 centos-with-vim "/bin/bash" 11 minutes ago Up 11 minutes strange_hoover
[root@mcw1 ~]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

b6500e7b8da8 centos "/bin/bash" 15 minutes ago Exited (0) 32 seconds ago funny_mcclintock

 

Dockerfile

第一个Dockerflile

[root@mcw1 ~/mcwdocker]$ pwd #查看当前目录
/root/mcwdocker
[root@mcw1 ~/mcwdocker]$ ls #查看当前目录下文件,有dockerfile文件
Dockerfile
[root@mcw1 ~/mcwdocker]$ cat Dockerfile #查看Dockerfile文件内容,根据现有的centos镜像,yum安装一个vim
FROM centos
RUN yum install -y vim
[root@mcw1 ~/mcwdocker]$ docker images|grep centos #查看当前有的镜像
centos-with-vim latest 6c15aaf80fdf 29 minutes ago 296MB
centos latest 5d0da3dc9764 3 months ago 231MB
[root@mcw1 ~/mcwdocker]$ docker build -t centos-with-vim-dockerfile
"docker build" requires exactly 1 argument.
See 'docker build --help'.

Usage: docker build [OPTIONS] PATH | URL | -

Build an image from a Dockerfile
[root@mcw1 ~/mcwdocker]$
[root@mcw1 ~/mcwdocker]$ docker build -t centos-with-vim-dockerfile . #构建镜像,根据Dockerfile 创建一个镜像,记得有个点
Sending build context to Docker daemon 2.048kB #-t指定镜像名称
Step 1/2 : FROM centos
---> 5d0da3dc9764
Step 2/2 : RUN yum install -y vim
---> Running in 1890e7768b94
CentOS Linux 8 - AppStream 2.1 MB/s | 8.4 MB 00:03
CentOS Linux 8 - BaseOS 1.6 MB/s | 3.6 MB 00:02
CentOS Linux 8 - Extras 14 kB/s | 10 kB 00:00
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
vim-enhanced x86_64 2:8.0.1763-16.el8 appstream 1.4 M
Installing dependencies:
gpm-libs x86_64 1.20.7-17.el8 appstream 39 k
vim-common x86_64 2:8.0.1763-16.el8 appstream 6.3 M
vim-filesystem noarch 2:8.0.1763-16.el8 appstream 49 k
which x86_64 2.21-16.el8 baseos 49 k

Transaction Summary
================================================================================
Install 5 Packages

Total download size: 7.8 M
Installed size: 30 M
Downloading Packages:
(1/5): gpm-libs-1.20.7-17.el8.x86_64.rpm 290 kB/s | 39 kB 00:00
(2/5): vim-filesystem-8.0.1763-16.el8.noarch.rp 982 kB/s | 49 kB 00:00
(3/5): vim-enhanced-8.0.1763-16.el8.x86_64.rpm 1.6 MB/s | 1.4 MB 00:00
(4/5): which-2.21-16.el8.x86_64.rpm 56 kB/s | 49 kB 00:00
(5/5): vim-common-8.0.1763-16.el8.x86_64.rpm 1.4 MB/s | 6.3 MB 00:04
--------------------------------------------------------------------------------
Total 1.4 MB/s | 7.8 MB 00:05
warning: /var/cache/dnf/appstream-02e86d1c976ab532/packages/gpm-libs-1.20.7-17.el8.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 8483c65d: NOKEY
CentOS Linux 8 - AppStream 13 kB/s | 1.6 kB 00:00
Importing GPG key 0x8483C65D:
Userid : "CentOS (CentOS Official Signing Key) <security@centos.org>"
Fingerprint: 99DB 70FA E1D7 CE22 7FB6 4882 05B5 55B3 8483 C65D
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : which-2.21-16.el8.x86_64 1/5
Installing : vim-filesystem-2:8.0.1763-16.el8.noarch 2/5
Installing : vim-common-2:8.0.1763-16.el8.x86_64 3/5
Installing : gpm-libs-1.20.7-17.el8.x86_64 4/5
Running scriptlet: gpm-libs-1.20.7-17.el8.x86_64 4/5
Installing : vim-enhanced-2:8.0.1763-16.el8.x86_64 5/5
Running scriptlet: vim-enhanced-2:8.0.1763-16.el8.x86_64 5/5
Running scriptlet: vim-common-2:8.0.1763-16.el8.x86_64 5/5
Verifying : gpm-libs-1.20.7-17.el8.x86_64 1/5
Verifying : vim-common-2:8.0.1763-16.el8.x86_64 2/5
Verifying : vim-enhanced-2:8.0.1763-16.el8.x86_64 3/5
Verifying : vim-filesystem-2:8.0.1763-16.el8.noarch 4/5
Verifying : which-2.21-16.el8.x86_64 5/5

Installed:
gpm-libs-1.20.7-17.el8.x86_64 vim-common-2:8.0.1763-16.el8.x86_64
vim-enhanced-2:8.0.1763-16.el8.x86_64 vim-filesystem-2:8.0.1763-16.el8.noarch
which-2.21-16.el8.x86_64

Complete!
Removing intermediate container 1890e7768b94
---> f55fe59234eb
Successfully built f55fe59234eb
Successfully tagged centos-with-vim-dockerfile:latest
[root@mcw1 ~/mcwdocker]$ docker images |grep centos #查看使用Dockerfile新生成的镜像 centos-with-vim-dockerfile
centos-with-vim-dockerfile latest f55fe59234eb 50 seconds ago 296MB
centos-with-vim latest 6c15aaf80fdf 32 minutes ago 296MB
centos latest 5d0da3dc9764 3 months ago 231MB

docker history 查看镜像分层。

docker history 会显示构建历史
[root@mcw1 ~/mcwdocker]$ docker images |grep centos
centos-with-vim-dockerfile latest f55fe59234eb 50 seconds ago 296MB
centos-with-vim latest 6c15aaf80fdf 32 minutes ago 296MB
centos latest 5d0da3dc9764 3 months ago 231MB
[root@mcw1 ~/mcwdocker]$
[root@mcw1 ~/mcwdocker]$
[root@mcw1 ~/mcwdocker]$ docker history centos
IMAGE CREATED CREATED BY SIZE COMMENT
5d0da3dc9764 3 months ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B
<missing> 3 months ago /bin/sh -c #(nop) LABEL org.label-schema.sc… 0B
<missing> 3 months ago /bin/sh -c #(nop) ADD file:805cb5e15fb6e0bb0… 231MB
[root@mcw1 ~/mcwdocker]$ docker history centos-with-vim-dockerfile
IMAGE CREATED CREATED BY SIZE COMMENT
f55fe59234eb 7 minutes ago /bin/sh -c yum install -y vim 64.7MB
5d0da3dc9764 3 months ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B
<missing> 3 months ago /bin/sh -c #(nop) LABEL org.label-schema.sc… 0B
<missing> 3 months ago /bin/sh -c #(nop) ADD file:805cb5e15fb6e0bb0… 231MB


镜像的缓存特性

当只是在最下面增加步骤时,前面的步骤使用缓存
[root@mcw1 ~/mcwdocker]$ ls #创建testfile文件
Dockerfile testfile
[root@mcw1 ~/mcwdocker]$ cat Dockerfile #查看Dockerfile文件内容,增加一个将本地文件复制到镜像容器的根目录下
FROM centos
RUN yum install -y vim
COPY testfile /
[root@mcw1 ~/mcwdocker]$ docker build -t centos-with-vim-dockerfile2 .
Sending build context to Docker daemon 2.56kB
Step 1/3 : FROM centos
---> 5d0da3dc9764
Step 2/3 : RUN yum install -y vim
---> Using cache #这里显示使用了缓存
---> f55fe59234eb
Step 3/3 : COPY testfile /
---> 733b63b20d4b
Successfully built 733b63b20d4b
Successfully tagged centos-with-vim-dockerfile2:latest

当修改命令顺序后或者某处增添命令,缓存失效
[root@mcw1 ~/mcwdocker]$ ls
Dockerfile testfile
[root@mcw1 ~/mcwdocker]$ cat Dockerfile
FROM centos
COPY testfile /
RUN yum install -y vim
[root@mcw1 ~/mcwdocker]$ docker build -t centos-with-vim-dockerfile3 .
Sending build context to Docker daemon 2.56kB
Step 1/3 : FROM centos
---> 5d0da3dc9764
Step 2/3 : COPY testfile /
---> 33d94ca8015d
Step 3/3 : RUN yum install -y vim
---> Running in d2abfdc93eb2
CentOS Linux 8 - AppStream 1.9 MB/s | 8.4 MB 00:04
CentOS Linux 8 - BaseOS 952 kB/s | 3.6 MB 00:03
CentOS Linux 8 - Extras 12 kB/s | 10 kB 00:00
.........
which-2.21-16.el8.x86_64

Complete!
Removing intermediate container d2abfdc93eb2
---> 4de1df762009
Successfully built 4de1df762009
Successfully tagged centos-with-vim-dockerfile3:latest

调试Dockerfile

[root@mcw1 ~/mcwdocker]$ ls
Dockerfile testfile
[root@mcw1 ~/mcwdocker]$ cat Dockerfile
FROM busybox
RUN touch tmpfile
RUN /bin/bash -c echo "continue to build..."
COPY testfile /
[root@mcw1 ~/mcwdocker]$ docker build -t image-debug .
Sending build context to Docker daemon 2.56kB
Step 1/4 : FROM busybox
---> ffe9d497c324
Step 2/4 : RUN touch tmpfile
---> Using cache
---> 4f3ea932edf3
Step 3/4 : RUN /bin/bash -c echo "continue to build..." #构建出问题
---> Running in 59720c834f83
/bin/sh: /bin/bash: not found
The command '/bin/sh -c /bin/bash -c echo "continue to build..."' returned a non-zero code: 127
[root@mcw1 ~/mcwdocker]$ docker run -it 59720c834f83 #使用出问题的前一个镜像运行容器,貌似感觉没啥用
Unable to find image '59720c834f83:latest' locally
docker: Error response from daemon: pull access denied for 59720c834f83, repository does not exist or may require 'docker login': denied: requested access to the resource is denied.
See 'docker run --help'.

 

Dockerfile常用指令

COPY

复制指令,从上下文目录中复制文件或者目录到容器里指定路径。

格式:

COPY [--chown=<user>:<group>] <源路径1>...  <目标路径>
COPY [--chown=<user>:<group>] ["<源路径1>",...  "<目标路径>"]

[--chown=<user>:<group>]:可选参数,用户改变复制到容器内文件的拥有者和属组。

<源路径>:源文件或者源目录,这里可以是通配符表达式,其通配符规则要满足 Go 的 filepath.Match 规则。例如:

COPY hom* /mydir/
COPY hom?.txt /mydir/

<目标路径>:容器内的指定路径,该路径不用事先建好,路径不存在的话,会自动创建。

ADD

ADD 指令和 COPY 的使用格类似(同样需求下,官方推荐使用 COPY)。功能也类似,不同之处如下:

  • ADD 的优点:在执行 <源文件> 为 tar 压缩文件的话,压缩格式为 gzip, bzip2 以及 xz 的情况下,会自动复制并解压到 <目标路径>。
  • ADD 的缺点:在不解压的前提下,无法复制 tar 压缩文件。会令镜像构建缓存失效,从而可能会令镜像构建变得比较缓慢。具体是否使用,可以根据是否需要自动解压来决定。

CMD

类似于 RUN 指令,用于运行程序,但二者运行的时间点不同:

  • CMD 在docker run 时运行。
  • RUN 是在 docker build。

作用:为启动的容器指定默认要运行的程序,程序运行结束,容器也就结束。CMD 指令指定的程序可被 docker run 命令行参数中指定要运行的程序所覆盖。

注意:如果 Dockerfile 中如果存在多个 CMD 指令,仅最后一个生效。

格式:

CMD <shell 命令> 
CMD ["<可执行文件或命令>","<param1>","<param2>",...] 
CMD ["<param1>","<param2>",...]  # 该写法是为 ENTRYPOINT 指令指定的程序提供默认参数

推荐使用第二种格式,执行过程比较明确。第一种格式实际上在运行的过程中也会自动转换成第二种格式运行,并且默认可执行文件是 sh。

ENTRYPOINT

类似于 CMD 指令,但其不会被 docker run 的命令行参数指定的指令所覆盖,而且这些命令行参数会被当作参数送给 ENTRYPOINT 指令指定的程序。

但是, 如果运行 docker run 时使用了 --entrypoint 选项,将覆盖 CMD 指令指定的程序。

优点:在执行 docker run 的时候可以指定 ENTRYPOINT 运行所需的参数。

注意:如果 Dockerfile 中如果存在多个 ENTRYPOINT 指令,仅最后一个生效。

格式:

ENTRYPOINT ["<executeable>","<param1>","<param2>",...]

可以搭配 CMD 命令使用:一般是变参才会使用 CMD ,这里的 CMD 等于是在给 ENTRYPOINT 传参,以下示例会提到。

示例:

假设已通过 Dockerfile 构建了 nginx:test 镜像:

FROM nginx

ENTRYPOINT ["nginx", "-c"] # 定参
CMD ["/etc/nginx/nginx.conf"] # 变参 

1、不传参运行

$ docker run  nginx:test

容器内会默认运行以下命令,启动主进程。

nginx -c /etc/nginx/nginx.conf

2、传参运行

$ docker run  nginx:test -c /etc/nginx/new.conf

容器内会默认运行以下命令,启动主进程(/etc/nginx/new.conf:假设容器内已有此文件)

nginx -c /etc/nginx/new.conf

ENV

设置环境变量,定义了环境变量,那么在后续的指令中,就可以使用这个环境变量。

格式:

ENV <key> <value>
ENV <key1>=<value1> <key2>=<value2>...

以下示例设置 NODE_VERSION = 7.2.0 , 在后续的指令中可以通过 $NODE_VERSION 引用:

ENV NODE_VERSION 7.2.0

RUN curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-x64.tar.xz" \
  && curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc"

ARG

构建参数,与 ENV 作用一致。不过作用域不一样。ARG 设置的环境变量仅对 Dockerfile 内有效,也就是说只有 docker build 的过程中有效,构建好的镜像内不存在此环境变量。

构建命令 docker build 中可以用 --build-arg <参数名>=<值> 来覆盖。

格式:

ARG <参数名>[=<默认值>]

VOLUME

定义匿名数据卷。在启动容器时忘记挂载数据卷,会自动挂载到匿名卷。

作用:

  • 避免重要的数据,因容器重启而丢失,这是非常致命的。
  • 避免容器不断变大。

格式:

VOLUME ["<路径1>", "<路径2>"...]
VOLUME <路径>

在启动容器 docker run 的时候,我们可以通过 -v 参数修改挂载点。

EXPOSE

仅仅只是声明端口。

作用:

  • 帮助镜像使用者理解这个镜像服务的守护端口,以方便配置映射。
  • 在运行时使用随机端口映射时,也就是 docker run -P 时,会自动随机映射 EXPOSE 的端口。

格式:

EXPOSE <端口1> [<端口2>...]

WORKDIR

指定工作目录。用 WORKDIR 指定的工作目录,会在构建镜像的每一层中都存在。(WORKDIR 指定的工作目录,必须是提前创建好的)。

docker build 构建镜像过程中的,每一个 RUN 命令都是新建的一层。只有通过 WORKDIR 创建的目录才会一直存在。

格式:

WORKDIR <工作目录路径>

USER

用于指定执行后续命令的用户和用户组,这边只是切换后续命令执行的用户(用户和用户组必须提前已经存在)。

格式:

USER <用户名>[:<用户组>]

HEALTHCHECK

用于指定某个程序或者指令来监控 docker 容器服务的运行状态。

格式:

HEALTHCHECK [选项] CMD <命令>:设置检查容器健康状况的命令
HEALTHCHECK NONE:如果基础镜像有健康检查指令,使用这行可以屏蔽掉其健康检查指令

HEALTHCHECK [选项] CMD <命令> : 这边 CMD 后面跟随的命令使用,可以参考 CMD 的用法。

ONBUILD

用于延迟构建命令的执行。简单的说,就是 Dockerfile 里用 ONBUILD 指定的命令,在本次构建镜像的过程中不会执行(假设镜像为 test-build)。当有新的 Dockerfile 使用了之前构建的镜像 FROM test-build ,这时执行新镜像的 Dockerfile 构建时候,会执行 test-build 的 Dockerfile 里的 ONBUILD 指定的命令。

格式:

ONBUILD <其它指令>

LABEL

LABEL 指令用来给镜像添加一些元数据(metadata),以键值对的形式,语法格式如下:

LABEL <key>=<value> <key>=<value> <key>=<value> ...

比如我们可以添加镜像的作者:

LABEL org.opencontainers.image.authors="runoob"

 

Dockerfile 指令使用案例

ENV

[root@mcw1 ~/mcwdocker]$ ls
Dockerfile  testfile
[root@mcw1 ~/mcwdocker]$ vim Dockerfile
[root@mcw1 ~/mcwdocker]$ cat Dockerfile  #编辑Docker,添加单个或者多个环境变量
FROM busybox
ENV name mcw
ENV gender="" age=18
RUN echo $name $gender $age 
[root@mcw1 ~/mcwdocker]$ ls
Dockerfile  testfile
[root@mcw1 ~/mcwdocker]$ docker build -t envtest .  #构建镜像
Sending build context to Docker daemon   2.56kB
Step 1/4 : FROM busybox
 ---> ffe9d497c324
Step 2/4 : ENV name mcw
 ---> Running in ee98d50d8d14
Removing intermediate container ee98d50d8d14
 ---> 8b96753450ae
Step 3/4 : ENV gender="" age=18
 ---> Running in 67ee913938cc
Removing intermediate container 67ee913938cc
 ---> 1698539ce258
Step 4/4 : RUN echo $name $gender $age >>mcw.txt
 ---> Running in 80bc302ae9b7
Removing intermediate container 80bc302ae9b7
 ---> ce18c132dd5e
Successfully built ce18c132dd5e
Successfully tagged envtest:latest
[root@mcw1 ~/mcwdocker]$ docker images |grep env  #查看构建的镜像
envtest                       latest    ce18c132dd5e   24 seconds ago      1.24MB
[root@mcw1 ~/mcwdocker]$ docker run -it envtest #以新的镜像运行一个容器
/ # ls
bin      dev      etc      home     mcw.txt  proc     root     sys      tmp      usr      var
/ # cat mcw.txt  #由结果说明,Dockerflie支持使用>>符号的,ENV生成的环境变量,成功使用
mcw 男 18
/ # echo $name
mcw
/ # env   #查看容器的env环境,可以看到Dockerfile的ENV指令,会将生成的环境变量加到这个镜像运行的容器的环境变量中
HOSTNAME=d866c96acaf7
SHLVL=1
HOME=/root
gender=男
TERM=xterm
age=18
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
name=mcw
PWD=/
/ # 

 Dockerfile的注释可以使用#

 一个多一点指令的使用案例

 

[root@mcw1 ~/mcwdocker]$ touch tmpfile2
[root@mcw1 ~/mcwdocker]$ mkdir mcw
[root@mcw1 ~/mcwdocker]$ echo mcwtest>>mcw/mcw.txt
[root@mcw1 ~/mcwdocker]$ tar zcf mcw.tar.gz mcw
[root@mcw1 ~/mcwdocker]$ rm -rf mcw
[root@mcw1 ~/mcwdocker]$ ls    #查看当前目录下文件
Dockerfile  mcw.tar.gz  tmpfile2
[root@mcw1 ~/mcwdocker]$ cat Dockerfile  #查看dockerfile文件内容
#mcw dockerfile
FROM busybox
MAINTAINER mcw@qq.com
WORKDIR /testdir
RUN touch tmpfile1
COPY ["tmpfile2","."]
ADD ["mcw.tar.gz","."]
ENV WELCOME "you are in my container,welcome!"
[root@mcw1 ~/mcwdocker]$ docker build -t mcw-image .  #构建镜像
Sending build context to Docker daemon  3.584kB
Step 1/7 : FROM busybox
 ---> ffe9d497c324
Step 2/7 : MAINTAINER mcw@qq.com
 ---> Running in e8af6783fe76
Removing intermediate container e8af6783fe76
 ---> 1166a705dd11
Step 3/7 : WORKDIR /testdir
 ---> Running in 5bfa3a925661
Removing intermediate container 5bfa3a925661
 ---> 615ea33bdf69
Step 4/7 : RUN touch tmpfile1
 ---> Running in 3066f40cfc14
Removing intermediate container 3066f40cfc14
 ---> 6236dce4241c
Step 5/7 : COPY ["tmpfile2","."]
 ---> 67cafd96e333
Step 6/7 : ADD ["mcw.tar.gz","."]
 ---> 2434e12514ce
Step 7/7 : ENV WELCOME "you are in my container,welcome!"
 ---> Running in e382cfd0ed1f
Removing intermediate container e382cfd0ed1f
 ---> de3523944329
Successfully built de3523944329
Successfully tagged mcw-image:latest
[root@mcw1 ~/mcwdocker]$ docker run -it mcw-image  #用镜像运行容器
/testdir # ls   #运行容器,直接进入工作目录,.可以表示容器当前工作目录;
mcw       tmpfile1  tmpfile2  #tar包传进来就会解压;创建tmpfile1,复制tmpfile2到工作目录下
/testdir # ls mcw/
mcw.txt
/testdir # cat mcw/mcw.txt 
mcwtest
/testdir # echo $WELCOME  #查看设置的环境变量
you are in my container,welcome!
/testdir # cd /
/ # ls
bin      dev      etc      home     proc     root     sys      testdir  tmp      usr      var

 

 docker 只查看某个镜像的信息

[root@mcw1 ~/mcwdocker]$ docker images mcw-image
REPOSITORY   TAG       IMAGE ID       CREATED         SIZE
mcw-image    latest    de3523944329   9 minutes ago   1.24MB
[root@mcw1 ~/mcwdocker]$ docker images mcw-image
REPOSITORY   TAG       IMAGE ID       CREATED         SIZE
mcw-image    latest    de3523944329   9 minutes ago   1.24MB

RUN vs CMD vs ENTRYPOINT

 Shell和Exec格式

 @shell格式:

[root@mcw1 ~/mcwdocker]$ cat Dockerfile  #yum安装不加-y构建镜像会报错
#mcw dockerfile
FROM centos
RUN yum install vim
CMD echo "Hello,world"
ENTRYPOINT  echo "Hello,world"
[root@mcw1 ~/mcwdocker]$ docker build -t mcw8-image
.......
Installed size: 30 M
Is this ok [y/N]: Operation aborted.
The command '/bin/sh -c yum install vim' returned a non-zero code: 1
[root@mcw1 ~/mcwdocker]$ vim Dockerfile  #修改yum添加-y参数
[root@mcw1 ~/mcwdocker]$ docker build -t mcw8-image .
[root@mcw1 ~/mcwdocker]$ docker run mcw8-image #运行只执行了一次打印
Hello,world


[root@mcw1 ~/mcwdocker]$ ls
Dockerfile
[root@mcw1 ~/mcwdocker]$ cat Dockerfile  #查看Dockerfile
#mcw dockerfile
FROM busybox
ENV name machangwei
ENTRYPOINT echo "Hello,$name"
[root@mcw1 ~/mcwdocker]$ docker build -t mcw2-image . #构建镜像
Sending build context to Docker daemon  2.048kB
Step 1/3 : FROM busybox
 ---> ffe9d497c324
Step 2/3 : ENV name machangwei
 ---> Running in b640736ede3d
Removing intermediate container b640736ede3d
 ---> dde86c0e2c64
Step 3/3 : ENTRYPOINT echo "Hello,$name"
 ---> Running in 86931dee18ce
Removing intermediate container 86931dee18ce
 ---> 1e23a121acab
Successfully built 1e23a121acab
Successfully tagged mcw2-image:latest
[root@mcw1 ~/mcwdocker]$ docker run mcw2-image  #运行容器,docker run [image],直接输出命令打印结果
Hello,machangwei   #shell底层会调用 /bin/sh -c [command]。命令中的$name变量会被解析出来
[root@mcw1 ~/mcwdocker]$ docker ps
CONTAINER ID   IMAGE             COMMAND       CREATED       STATUS       PORTS     NAMES
ff39a256c796   centos-with-vim   "/bin/bash"   3 hours ago   Up 3 hours             strange_hoover

@Exec格式:

[root@mcw1 ~/mcwdocker]$ ls
Dockerfile
[root@mcw1 ~/mcwdocker]$ cat Dockerfile  #yum安装不加-y参数构建镜像会报错
#mcw dockerfile
FROM centos
RUN ["yum","install","vim"]
CMD ["/bin/echo","Hello,world"]
ENTRYPOINT ["/bin/echo","Hello,world"]
[root@mcw1 ~/mcwdocker]$ docker build -t mcw8-image .
Sending build context to Docker daemon  2.048kB
Step 1/4 : FROM centos
 ---> 5d0da3dc9764
Step 2/4 : RUN ["yum","install","vim"]
 ---> Running in 0a267d2f94c1
CentOS Linux 8 - AppStream                      610 kB/s | 8.4 MB     00:14    
CentOS Linux 8 - BaseOS                         1.4 MB/s | 3.6 MB     00:02    
CentOS Linux 8 - Extras                          13 kB/s |  10 kB     00:00    
Dependencies resolved.
================================================================================
 Package             Arch        Version                   Repository      Size
================================================================================
Installing:
 vim-enhanced        x86_64      2:8.0.1763-16.el8         appstream      1.4 M
Installing dependencies:
 gpm-libs            x86_64      1.20.7-17.el8             appstream       39 k
 vim-common          x86_64      2:8.0.1763-16.el8         appstream      6.3 M
 vim-filesystem      noarch      2:8.0.1763-16.el8         appstream       49 k
 which               x86_64      2.21-16.el8               baseos          49 k

Transaction Summary
================================================================================
Install  5 Packages

Total download size: 7.8 M
Installed size: 30 M
Is this ok [y/N]: Operation aborted.
The command 'yum install vim' returned a non-zero code: 1
[root@mcw1 ~/mcwdocker]$ 
[root@mcw1 ~/mcwdocker]$ 
[root@mcw1 ~/mcwdocker]$ 
[root@mcw1 ~/mcwdocker]$ vim Dockerfile 
[root@mcw1 ~/mcwdocker]$ cat Dockerfile  #yum安装加上-y才可以
#mcw dockerfile
FROM centos
RUN ["yum","install","-y","vim"]
CMD ["/bin/echo","Hello,world"]
ENTRYPOINT ["/bin/echo","Hello,world"]
[root@mcw1 ~/mcwdocker]$ docker build -t mcw8-image .
Sending build context to Docker daemon  2.048kB
Step 1/4 : FROM centos
 ---> 5d0da3dc9764
Step 2/4 : RUN ["yum","install","-y","vim"]
 ---> Running in 1f79f11e3026
CentOS Linux 8 - AppStream                      1.2 MB/s | 8.4 MB     00:07    
.............
  which-2.21-16.el8.x86_64             

Complete!
Removing intermediate container 1f79f11e3026
 ---> c72a86c6d57a
Step 3/4 : CMD ["/bin/echo","Hello,world"]
 ---> Running in 1d06e235a516
Removing intermediate container 1d06e235a516
 ---> 6c898a2eeade
Step 4/4 : ENTRYPOINT ["/bin/echo","Hello,world"]
 ---> Running in cb9a0aa86e1a
Removing intermediate container cb9a0aa86e1a
 ---> ee61b361ed31
Successfully built ee61b361ed31
Successfully tagged mcw8-image:latest
[root@mcw1 ~/mcwdocker]$ 

@Execl格式运行CMD, ENTRYPOINT加/bin/sh -c和不加的区别,即解析环境变量和不解析的区别

[root@mcw1 ~/mcwdocker]$ ls
Dockerfile
[root@mcw1 ~/mcwdocker]$ cat Dockerfile   #查看dockerfile内容
#mcw dockerfile
FROM busybox
ENV name machangwei
ENTRYPOINT ["/bin/echo","Hello,$name"]
[root@mcw1 ~/mcwdocker]$ docker build -t mcw6-image .   #构建镜像
Sending build context to Docker daemon  2.048kB
Step 1/3 : FROM busybox
 ---> ffe9d497c324
Step 2/3 : ENV name machangwei
 ---> Using cache
 ---> dde86c0e2c64
Step 3/3 : ENTRYPOINT ["/bin/echo","Hello,$name"]
 ---> Running in d370609979f3
Removing intermediate container d370609979f3
 ---> 214d5dae2740
Successfully built 214d5dae2740
Successfully tagged mcw6-image:latest
[root@mcw1 ~/mcwdocker]$ docker run mcw6-image  #运行容器,查看打印结果。Exec格式直接/bin/echo 不可以解析出变量
Hello,$name
[root@mcw1 ~/mcwdocker]$ 


[root@mcw1 ~/mcwdocker]$ vim Dockerfile 
[root@mcw1 ~/mcwdocker]$ ls
Dockerfile
[root@mcw1 ~/mcwdocker]$ cat Dockerfile  #查看修改的Dockerfile内容,添加了/bin/sh -c 后面直接跟命令和变量信息
#mcw dockerfile
FROM busybox
ENV name machangwei
ENTRYPOINT ["/bin/sh","-c","echo Hello,$name"]
[root@mcw1 ~/mcwdocker]$ docker build -t  mcw7-image . #构建镜像
Sending build context to Docker daemon  2.048kB
Step 1/3 : FROM busybox
 ---> ffe9d497c324
Step 2/3 : ENV name machangwei
 ---> Using cache
 ---> dde86c0e2c64
Step 3/3 : ENTRYPOINT ["/bin/sh","-c","echo Hello,$name"]
 ---> Running in 425820f8956a
Removing intermediate container 425820f8956a
 ---> cd32915a0558
Successfully built cd32915a0558
Successfully tagged mcw7-image:latest
[root@mcw1 ~/mcwdocker]$ docker run mcw7-image  #运行容器只看输出,可以看到变量$name 已经被解析
Hello,machangwei
[root@mcw1 ~/mcwdocker]$ 

RUN 

shell格式:RUN yum install -y vim
Exec格式: RUN ["yum","install","-y","vim"]

CMD

shell格式: CMD echo "machangwei"
Exec格式:  CMD ["/bin/echo","machangwei"]
第三种格式,先不研究了 :CMD ["参数","参数2"]

@1、使用两个CMD命令

[root@mcw1 ~/mcwdocker]$ ls
Dockerfile
[root@mcw1 ~/mcwdocker]$ cat Dockerfile #1、使用两个CMD命令
#mcw dockerfile
FROM centos
CMD echo "machangwei1"
CMD echo "machangwei2"
[root@mcw1 ~/mcwdocker]$ docker build -t  mcw16-image . 
Sending build context to Docker daemon  2.048kB
.......
Successfully built 6041e3be9fbd
Successfully tagged mcw16-image:latest
[root@mcw1 ~/mcwdocker]$ docker run mcw16-image #1、使用两个CMD命令,只运行最后一个
machangwei2

@2、运行容器时加上命令

[root@mcw1 ~/mcwdocker]$ ls
Dockerfile
[root@mcw1 ~/mcwdocker]$ cat Dockerfile 
#mcw dockerfile
FROM centos
CMD echo "machangwei1"
CMD echo "machangwei2"
[root@mcw1 ~/mcwdocker]$ docker build -t mcw17-image .
........
[root@mcw1 ~/mcwdocker]$ docker run mcw17-image  #
machangwei2
[root@mcw1 ~/mcwdocker]$ docker run mcw17-image /bin/bash
[root@mcw1 ~/mcwdocker]$ 
[root@mcw1 ~/mcwdocker]$ docker run -it mcw17-image #-it运行容器时不加命令,只是打印最后一个CMD结果
machangwei2
[root@mcw1 ~/mcwdocker]$ docker run -it mcw17-image /bin/bash  #-it 运行容器时加上命令,并不打印,CMD被忽略掉,
[root@3af6a0c763df /]# 

ENTRYPOINT 

@shell格式:

ENTRYPOINT echo "machangwei3"

@@1、ENTRYPOINT放最后

[root@mcw1 ~/mcwdocker]$ ls
Dockerfile
[root@mcw1 ~/mcwdocker]$ cat Dockerfile  #在最后添加ENTRYPOINT
#mcw dockerfile
FROM centos
CMD echo "machangwei1"
CMD echo "machangwei2"
ENTRYPOINT echo "machangwei3"
[root@mcw1 ~/mcwdocker]$ docker build -t mcw18-image . 
.........
[root@mcw1 ~/mcwdocker]$ docker run mcw18-image  #运行容器不加命令参数,只运行打印了最后一个,不进入容器
machangwei3
[root@mcw1 ~/mcwdocker]$ docker run  -it mcw18-image /bin/bash  #运行容器加命令参数,还是运行打印ENTRYPOINT,不进入容器
machangwei3

@@2、ENTRYPOINT放中间,由两个案例可知,当同时有CMD时,默认运行ENTRYPOINT 的

[root@mcw1 ~/mcwdocker]$ ls
Dockerfile
[root@mcw1 ~/mcwdocker]$ cat Dockerfile  #修改ENTRYPOINT 的顺序
#mcw dockerfile
FROM centos
CMD echo "machangwei1"
ENTRYPOINT echo "machangwei3"
CMD echo "machangwei2"
[root@mcw1 ~/mcwdocker]$ docker build -t mcw19-image .
.........
[root@mcw1 ~/mcwdocker]$ docker run mcw19-image
machangwei3
[root@mcw1 ~/mcwdocker]$ docker run  mcw19-image /bin/bash
machangwei3
[root@mcw1 ~/mcwdocker]$ docker run  mcw19-image ls /
machangwei3
[root@mcw1 ~/mcwdocker]$ docker run -it mcw19-image 
machangwei3
[root@mcw1 ~/mcwdocker]$ docker run -it mcw19-image ls /
machangwei3
[root@mcw1 ~/mcwdocker]$ docker run -it mcw19-image /bin/bash
machangwei3
[root@mcw1 ~/mcwdocker]$ 

@Exec格式

ENTRYPOINT ["/bin/echo", "Hello"]
[root@mcw1 ~/mcwdocker]$ ls
Dockerfile
[root@mcw1 ~/mcwdocker]$ cat Dockerfile 
#mcw dockerfile
FROM centos
ENTRYPOINT ["/bin/echo", "Hello"]
CMD ["world"]
[root@mcw1 ~/mcwdocker]$ docker build -t mcw20-image .
.......
[root@mcw1 ~/mcwdocker]$ docker run mcw20-image
Hello world
[root@mcw1 ~/mcwdocker]$ docker run mcw20-image machangwei
Hello machangwei
[root@mcw1 ~/mcwdocker]$ docker run -it mcw20-image
Hello world
[root@mcw1 ~/mcwdocker]$ docker run -it mcw20-image machangwei #ENTRYPOINT的不可以修改,CMD的可以修改
Hello machangwei
[root@mcw1 ~/mcwdocker]$ docker run -it mcw20-image /bin/bash #这样CMD可以当做ENTRYPOINT命令执行的默认参数,运行容器
Hello /bin/bash                                               #时可以添加内容进行覆盖掉默认的

 

 docker删除镜像失败Error response from daemon: conflict: unable to delete 345d2c86b9c7 (must be forced) - image is being used by stopped container 830fe2ea4187

[root@mcw1 ~/mcwdocker]$ docker images mcw20-image  #查看镜像
REPOSITORY    TAG       IMAGE ID       CREATED          SIZE
mcw20-image   latest    345d2c86b9c7   19 minutes ago   231MB
[root@mcw1 ~/mcwdocker]$ docker rmi 345d2c86b9c7  #删除失败,在被使用
Error response from daemon: conflict: unable to delete 345d2c86b9c7 (must be forced) - image is being used by stopped container 830fe2ea4187
[root@mcw1 ~/mcwdocker]$ docker ps -a|grep mcw20-image  #查看使用镜像的容器
0d6f336ac24b   mcw20-image       "/bin/echo Hello /bi…"    18 minutes ago      Exited (0) 18 minutes ago                                          gallant_sammet
faba508a8588   mcw20-image       "/bin/echo Hello mac…"    18 minutes ago      Exited (0) 18 minutes ago                                          vigorous_proskuriakova
007452b1fcd1   mcw20-image       "/bin/echo Hello wor…"    18 minutes ago      Exited (0) 18 minutes ago                                          xenodochial_swirles
830fe2ea4187   mcw20-image       "/bin/echo Hello mac…"    18 minutes ago      Exited (0) 18 minutes ago                                          elastic_johnson
dc0312f335b0   mcw20-image       "/bin/echo Hello wor…"    19 minutes ago      Exited (0) 19 minutes ago                                          upbeat_chebyshev
[root@mcw1 ~/mcwdocker]$ docker rm 0d6f336ac24b faba 0074 830fe dc0312f335b0  #删除容器
0d6f336ac24b
faba
0074
830fe
dc0312f335b0
[root@mcw1 ~/mcwdocker]$ docker ps -a|grep mcw20-image
[root@mcw1 ~/mcwdocker]$ docker images mcw20-image
REPOSITORY    TAG       IMAGE ID       CREATED          SIZE
mcw20-image   latest    345d2c86b9c7   21 minutes ago   231MB
[root@mcw1 ~/mcwdocker]$ docker rmi 345d2c86b9c7  #删除镜像
Untagged: mcw20-image:latest
Deleted: sha256:345d2c86b9c767b3ef4e38612db8fe5657a4b8733eb9e8d36753f393caf9ef9f
Deleted: sha256:88a9b70ba3aea318257066bc40452717423204176ce133e79e73ef3a7b06b792
[root@mcw1 ~/mcwdocker]$ docker images mcw20-image
REPOSITORY   TAG       IMAGE ID   CREATED   SIZE
[root@mcw1 ~/mcwdocker]$

 

分发镜像

为镜像命名

docker tag 原镜像名称:tag 新镜像名称:新tag
比如:httpd:v1.9.2
一般都都打成如下三个标签
httpd:v1
httpd:v1.9
httpd:latest
如果版本有更新,更新这三个标签指向新的版本
如果有大版本更新,设置三个大版本的标签
比如:httpd:2.0.0
一般都都打成如下三个标签
httpd:2
httpd:2.0
httpd:latest

注意。不要被latest误解。它只是个标签,如果没有更新,它就不是最新版本,标签更新指向最新版本,它才是最新版本

@1、当我们docker build构建镜像时,就已经为镜像起了名字了

[root@mcw1 ~/mcwdocker]$ ls
Dockerfile
[root@mcw1 ~/mcwdocker]$ cat Dockerfile 
#mcw dockerfile
FROM centos
ENTRYPOINT ["/bin/echo", "Hello"]
CMD ["world"]
[root@mcw1 ~/mcwdocker]$ docker build -t centos-hello . #-t指定镜像名称,
[root@mcw1 ~/mcwdocker]$ docker images centos-hello     #如果没有指定tag,默认为latest,tag可以是任意字符串
REPOSITORY     TAG       IMAGE ID       CREATED          SIZE
centos-hello   latest    10eeae62a791   18 seconds ago   231MB

@2、当我们httpd:1.9.1时,给它打三个标签

 

[root@mcw1 ~/mcwdocker]$ docker images  #查看当前镜像
REPOSITORY    TAG       IMAGE ID       CREATED        SIZE
httpd         latest    dabbfbe0c57b   5 days ago     144MB
busybox       latest    ffe9d497c324   2 weeks ago    1.24MB
hello-world   latest    feb5d9fea6a5   3 months ago   13.3kB
centos        latest    5d0da3dc9764   3 months ago   231MB
[root@mcw1 ~/mcwdocker]$ docker tag httpd:latest mcw-httpd:1  #将镜像起个tag
[root@mcw1 ~/mcwdocker]$ docker images mcw-httpd
REPOSITORY   TAG       IMAGE ID       CREATED      SIZE
mcw-httpd    1         dabbfbe0c57b   5 days ago   144MB
[root@mcw1 ~/mcwdocker]$ docker tag httpd:latest mcw-httpd:1.9  ##将镜像起个tag
[root@mcw1 ~/mcwdocker]$ docker tag httpd:latest mcw-httpd:1.9.1  ##将镜像起个tag
[root@mcw1 ~/mcwdocker]$ docker tag httpd:latest mcw-httpd:xiaoma #将镜像起个tag
[root@mcw1 ~/mcwdocker]$ 
[root@mcw1 ~/mcwdocker]$ docker images mcw*  #
REPOSITORY   TAG       IMAGE ID       CREATED      SIZE
mcw-httpd    1         dabbfbe0c57b   5 days ago   144MB
mcw-httpd    1.9       dabbfbe0c57b   5 days ago   144MB
mcw-httpd    1.9.1     dabbfbe0c57b   5 days ago   144MB
mcw-httpd    xiaoma    dabbfbe0c57b   5 days ago   144MB
[root@mcw1 ~/mcwdocker]$ 
[root@mcw1 ~/mcwdocker]$ docker images *httpd*  #模糊匹配查询相关的镜像
REPOSITORY   TAG       IMAGE ID       CREATED      SIZE
httpd        latest    dabbfbe0c57b   5 days ago   144MB
mcw-httpd    1         dabbfbe0c57b   5 days ago   144MB
mcw-httpd    1.9       dabbfbe0c57b   5 days ago   144MB
mcw-httpd    1.9.1     dabbfbe0c57b   5 days ago   144MB
mcw-httpd    xiaoma    dabbfbe0c57b   5 days ago   144MB

@3、当我们的httpd升级为httpd:1.9.2时,重新打标签

[root@mcw1 ~/mcwdocker]$ docker tag httpd:latest  httpd:v1.9.2
[root@mcw1 ~/mcwdocker]$ docker images httpd:v1.9.2 
REPOSITORY   TAG       IMAGE ID       CREATED      SIZE
httpd        v1.9.2    dabbfbe0c57b   5 days ago   144MB
[root@mcw1 ~/mcwdocker]$ docker tag httpd:latest  httpd:v1.9.2
[root@mcw1 ~/mcwdocker]$ docker images httpd:v1.9.2 
REPOSITORY   TAG       IMAGE ID       CREATED      SIZE
httpd        v1.9.2    dabbfbe0c57b   5 days ago   144MB
[root@mcw1 ~/mcwdocker]$ 
[root@mcw1 ~/mcwdocker]$ docker tag httpd:v1.9.2 mcw-httpd:1 #重新打标签
[root@mcw1 ~/mcwdocker]$ docker tag httpd:v1.9.2 mcw-httpd:1.9 #重新打标签
[root@mcw1 ~/mcwdocker]$ docker tag httpd:v1.9.2 mcw-httpd:xiaoma #重新打标签
[root@mcw1 ~/mcwdocker]$ docker images *httpd*  由镜像id可以看出,这里是同一个镜像。镜像id都是一致的
REPOSITORY   TAG       IMAGE ID       CREATED      SIZE
httpd        latest    dabbfbe0c57b   5 days ago   144MB
httpd        v1.9.2    dabbfbe0c57b   5 days ago   144MB
mcw-httpd    1         dabbfbe0c57b   5 days ago   144MB
mcw-httpd    1.9       dabbfbe0c57b   5 days ago   144MB
mcw-httpd    1.9.1     dabbfbe0c57b   5 days ago   144MB
mcw-httpd    xiaoma    dabbfbe0c57b   5 days ago   144MB

@4、当我们升级为httpd:2.0.0时,需要给三个重新打标签

[root@mcw1 ~/mcwdocker]$ docker tag httpd:latest  httpd:2.0.0 #生成一个假设的大版本的镜像
[root@mcw1 ~/mcwdocker]$ docker images httpd:2.0.0
REPOSITORY   TAG       IMAGE ID       CREATED      SIZE
httpd        2.0.0     dabbfbe0c57b   5 days ago   144MB
[root@mcw1 ~/mcwdocker]$ 
[root@mcw1 ~/mcwdocker]$ docker tag httpd:2.0.0  mcw-httpd:2 #打标签成需要的三个
[root@mcw1 ~/mcwdocker]$ docker tag httpd:2.0.0  mcw-httpd:2.0
[root@mcw1 ~/mcwdocker]$ docker tag httpd:2.0.0  mcw-httpd:xiaoma2
[root@mcw1 ~/mcwdocker]$ docker images *httpd*
REPOSITORY   TAG       IMAGE ID       CREATED      SIZE
httpd        2.0.0     dabbfbe0c57b   5 days ago   144MB
httpd        latest    dabbfbe0c57b   5 days ago   144MB
httpd        v1.9.2    dabbfbe0c57b   5 days ago   144MB
mcw-httpd    1         dabbfbe0c57b   5 days ago   144MB
mcw-httpd    1.9       dabbfbe0c57b   5 days ago   144MB
mcw-httpd    1.9.1     dabbfbe0c57b   5 days ago   144MB
mcw-httpd    2         dabbfbe0c57b   5 days ago   144MB
mcw-httpd    2.0       dabbfbe0c57b   5 days ago   144MB
mcw-httpd    xiaoma    dabbfbe0c57b   5 days ago   144MB
mcw-httpd    xiaoma2   dabbfbe0c57b   5 days ago   144MB

@5、tag删除

[root@mcw1 ~/mcwdocker]$ docker images  xiaom* 
REPOSITORY   TAG       IMAGE ID   CREATED   SIZE
[root@mcw1 ~/mcwdocker]$ docker images  mcw-httpd:xiao*
REPOSITORY   TAG       IMAGE ID       CREATED      SIZE
mcw-httpd    xiaoma    dabbfbe0c57b   5 days ago   144MB
mcw-httpd    xiaoma2   dabbfbe0c57b   5 days ago   144MB
[root@mcw1 ~/mcwdocker]$ docker rmi dabb  #因为镜像id有重复的,不能用镜像id删除
Error response from daemon: conflict: unable to delete dabbfbe0c57b (must be forced) - image is referenced in multiple repositories
[root@mcw1 ~/mcwdocker]$ docker rmi mcw-httpd  #也不能单用名字删除
'Error: No such image: mcw-httpd
[root@mcw1 ~/mcwdocker]$ docker rmi mcw-httpd:xiaoma  #使用镜像名称加版本进行删除,这是唯一的,
Untagged: mcw-httpd:xiaoma                            #因为如果再次生成同样镜像名称加tag的,那么会覆盖掉原来的,指向新的镜像
[root@mcw1 ~/mcwdocker]$ docker images mcw-httpd:xiao*
REPOSITORY   TAG       IMAGE ID       CREATED      SIZE
mcw-httpd    xiaoma2   dabbfbe0c57b   5 days ago   144MB


[root@mcw1 ~/mcwdocker]$ docker rmi httpd:2.0.0 
Untagged: httpd:2.0.0
[root@mcw1 ~/mcwdocker]$ docker rmi httpd:2
Error: No such image: httpd:2
[root@mcw1 ~/mcwdocker]$ 
[root@mcw1 ~/mcwdocker]$ docker rmi mcw-httpd:2 mcw-httpd:2.0  mcw-httpd:xiaoma2 httpd:v1.9.2 mcw-httpd:1*
Untagged: mcw-httpd:2
Untagged: mcw-httpd:2.0
Untagged: mcw-httpd:xiaoma2
Untagged: httpd:v1.9.2
Error response from daemon: invalid reference format
[root@mcw1 ~/mcwdocker]$ docker images mcw-httpd*  #查看镜像支持通配符
REPOSITORY   TAG       IMAGE ID       CREATED      SIZE
mcw-httpd    1         dabbfbe0c57b   5 days ago   144MB
mcw-httpd    1.9       dabbfbe0c57b   5 days ago   144MB
mcw-httpd    1.9.1     dabbfbe0c57b   5 days ago   144MB
[root@mcw1 ~/mcwdocker]$ docker rmi mcw-httpd:1*  #删除镜像不支持通配符
Error response from daemon: invalid reference format
[root@mcw1 ~/mcwdocker]$ docker rmi mcw-httpd:1 mcw-httpd:1.9 mcw-httpd:1.9.1 #删除镜像可以空格符隔开多个镜像,一起删除
Untagged: mcw-httpd:1
Untagged: mcw-httpd:1.9
Untagged: mcw-httpd:1.9.1

 

使用公共镜像Registry

注册docker hub

https://hub.docker.com/

类似docker hub的地址:https://quay.io/

 

 

 

 

 

 账号名称/私有仓库名称(mcw)

 上传镜像到公共镜像仓库

[root@mcw1 ~/mcwdocker]$ docker login -u machangwei8 #登录docker hub 
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded
[root@mcw1 ~/mcwdocker]$ docker images httpd*  #查看本地镜像
REPOSITORY   TAG       IMAGE ID       CREATED      SIZE
httpd        latest    dabbfbe0c57b   5 days ago   144MB
[root@mcw1 ~/mcwdocker]$ docker tag httpd:latest machangwei8/mcw-httpd:v2.0.0 #将本地镜像打个标签
[root@mcw1 ~/mcwdocker]$ docker images  machangwei8/mcw-httpd:v2.0.0  #查看新打了标签的镜像
REPOSITORY              TAG       IMAGE ID       CREATED      SIZE
machangwei8/mcw-httpd   v2.0.0    dabbfbe0c57b   5 days ago   144MB
[root@mcw1 ~/mcwdocker]$ docker push machangwei8/mcw-httpd:v2.0.0  #将新镜像push到docker hub上
The push refers to repository [docker.io/machangwei8/mcw-httpd]   #因为是登录了docker hub了,
deefaa620a71: Mounted from library/httpd                          #直接docker push 镜像,会直接上传到docker hub上  
9cff3206f9a6: Mounted from library/httpd 
15e4bf5d0804: Mounted from library/httpd 
1da636a1aa95: Mounted from library/httpd 
2edcec3590a4: Mounted from library/httpd 
v2.0.0: digest: sha256:57c1e4ff150e2782a25c8cebb80b574f81f06b74944caf972f27e21b76074194 size: 1365

查看docker hub网站上,已经存在这个镜像

 

 

 

在其它主机上下载这个镜像 

进入其它主机mcw2,不登录docker hub ,直接拉取镜像,可以成功拉取。镜像拉取需要指定账号   即 账号/镜像:版本

[root@mcw2 ~]# docker images
REPOSITORY   TAG       IMAGE ID   CREATED   SIZE
[root@mcw2 ~]# docker pull machangwei8/mcw-httpd:v2.0.0  #下载镜像,指定账号下镜像名称和版本,无需登录docker hub ,上传是需要登录docker hub的
v2.0.0: Pulling from machangwei8/mcw-httpd 
a2abf6c4d29d: Pull complete 
dcc4698797c8: Pull complete 
41c22baa66ec: Pull complete 
67283bbdd4a0: Pull complete 
d982c879c57e: Pull complete 
Digest: sha256:57c1e4ff150e2782a25c8cebb80b574f81f06b74944caf972f27e21b76074194
Status: Downloaded newer image for machangwei8/mcw-httpd:v2.0.0
docker.io/machangwei8/mcw-httpd:v2.0.0
[root@mcw2 ~]# docker images #查看已拉取镜像成功
REPOSITORY              TAG       IMAGE ID       CREATED      SIZE
machangwei8/mcw-httpd   v2.0.0    dabbfbe0c57b   5 days ago   144MB

 搭建本地Registry

运行仓库报错

[root@mcw1 ~/mcwdocker]$ docker run -d -p 5000:5000 -v /mcwregistry:/var/lib/registry registry:2
Unable to find image 'registry:2' locally
2: Pulling from library/registry
79e9f2f55bf5: Pull complete 
0d96da54f60b: Pull complete 
5b27040df4a2: Pull complete 
e2ead8259a04: Pull complete 
3790aef225b9: Pull complete 
Digest: sha256:169211e20e2f2d5d115674681eb79d21a217b296b43374b8e39f97fcf866b375
Status: Downloaded newer image for registry:2
WARNING: IPv4 forwarding is disabled. Networking will not work.
459dfd312b6f4799c6749b41376e16650ac2b3d83afaeee84dd678535bc120c3
docker: Error response from daemon: driver failed programming external connectivity on endpoint infallible_feistel (4c023d36c013470121f10e37adeab8133c0597c1c5cc933d8d24a646acaf39b7):  (iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 5000 -j DNAT --to-destination 172.17.0.2:5000 ! -i docker0: iptables: No chain/target/match by that name.
 (exit status 1)).

参考:https://blog.csdn.net/u013948858/article/details/83115388
如果再启动docker service的时候网关是关闭的,那么docker管理网络的时候就不会操作网管的配置(chain docker),然后网关重新启动了,导致docker network无法对新container进行网络配置,也就是没有网管的操作权限,做重启处理

重启docker,然后重新运行容器

[root@mcw1 ~/mcwdocker]$ systemctl daemon-reload 
[root@mcw1 ~/mcwdocker]$ systemctl restart docker.service 

[root@mcw1 ~/mcwdocker]$ docker run -d -p 5000:5000 -v /mcwregistry:/var/lib/registry registry:2
5f32a681a40e44455a9016cb7bc8a365aaaee83470c75988399d93fe7db93a81 重新运行
[root@mcw1 ~/mcwdocker]$ docker ps
CONTAINER ID   IMAGE        COMMAND                  CREATED          STATUS          PORTS                                       NAMES
5f32a681a40e   registry:2   "/entrypoint.sh /etc…"   33 seconds ago   Up 13 seconds   0.0.0.0:5000->5000/tcp, :::5000->5000/tcp   vigorous_golick
[root@mcw1 ~/mcwdocker]$ 

给镜像打标签,并推送到本地仓库失败,以及拉取失败

[root@mcw1 ~/mcwdocker]$ docker images *http*
REPOSITORY   TAG       IMAGE ID       CREATED      SIZE
httpd        latest    dabbfbe0c57b   5 days ago   144MB
mcw-httpd    v1.0      dabbfbe0c57b   5 days ago   144MB
[root@mcw1 ~/mcwdocker]$ docker tag httpd:latest  10.0.0.131:5000/machangwei/mcw-httpd01:v1
[root@mcw1 ~/mcwdocker]$ docker push 10.0.0.131:5000/machangwei/mcw-httpd01:v1
The push refers to repository [10.0.0.131:5000/machangwei/mcw-httpd01]
Get "https://10.0.0.131:5000/v2/": http: server gave HTTP response to HTTPS client

[root@mcw2 ~]# docker pull  10.0.0.131:5000/machangwei/mcw-httpd01:v1
Error response from daemon: Get "https://10.0.0.131:5000/v2/": http: server gave HTTP response to HTTPS client

上面的上传和下载都不行
vim /usr/lib/systemd/system/docker.service
执行命令后面添加这个然后重启docker服务就行了。--insecure-registry 10.0.0.131:5000

然后成功推送到本地仓库

[root@mcw1 ~/mcwdocker]$ systemctl daemon-reload 
[root@mcw1 ~/mcwdocker]$ systemctl restart docker.s
Failed to restart docker.s.service: Unit not found.
[root@mcw1 ~/mcwdocker]$ systemctl restart docker.service 
[root@mcw1 ~/mcwdocker]$ systemctl status docker.service 
● docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
   .......
   CGroup: /system.slice/docker.service
           └─17525 /usr/bin/dockerd -H fd:// -H tcp://0.0.0.0 --containerd=/run/containerd/containerd.sock --insecure-registry 10.0.0.131:5000
[root@mcw1 ~/mcwdocker]$ docker push 10.0.0.131:5000/machangwei/mcw-httpd01:v1  #在mcw1上上传成功
The push refers to repository [10.0.0.131:5000/machangwei/mcw-httpd01]
deefaa620a71: Pushed 
9cff3206f9a6: Pushed 
15e4bf5d0804: Pushed 
1da636a1aa95: Pushed 
2edcec3590a4: Pushed 
v1: digest: sha256:57c1e4ff150e2782a25c8cebb80b574f81f06b74944caf972f27e21b76074194 size: 1365
在mwc2上无法拉取镜像
[root@mcw2 ~]# docker pull  10.0.0.131:5000/machangwei/mcw-httpd01:v1 #在mwc2上无法拉取镜像
Error response from daemon: Get "https://10.0.0.131:5000/v2/": http: server gave HTTP response to HTTPS client

需要在客户端添加配置insecure-registries并重启docker,注意配置要放在第一行,之前放在第二行一直不行

[root@mcw2 ~]# cat /etc/docker/daemon.json 
{ "insecure-registries":["10.0.0.131:5000"] }
{"registry-mirrors":["https://hub-mirror.c.163.com/"]}
[root@mcw2 ~]# systemctl daemon-reload 
[root@mcw2 ~]# systemctl restart docker.service 

mcw2上成功拉取mcw1的仓库里的本地镜像

[root@mcw2 ~]# docker pull  10.0.0.131:5000/machangwei/mcw-httpd01:v1  #mcw2上成功拉取mcw1的仓库里的本地镜像
v1: Pulling from machangwei/mcw-httpd01
Digest: sha256:57c1e4ff150e2782a25c8cebb80b574f81f06b74944caf972f27e21b76074194
Status: Downloaded newer image for 10.0.0.131:5000/machangwei/mcw-httpd01:v1
10.0.0.131:5000/machangwei/mcw-httpd01:v1
[root@mcw2 ~]# docker images
REPOSITORY                               TAG       IMAGE ID       CREATED      SIZE
10.0.0.131:5000/machangwei/mcw-httpd01   v1        dabbfbe0c57b   5 days ago   144MB
machangwei8/mcw-httpd                    v2.0.0    dabbfbe0c57b   5 days ago   144MB

 浏览器上访问,啥也没有,仓库好像没有前端的,回头再研究一下

 

补充查看本地仓库镜像

curl https://<registry domain>/v2/_catalog

[root@mcw1 ~]$ curl http://10.0.0.131:5000/v2/_catalog
{"repositories":[]}
[root@mcw1 ~]$ 

 

 

参考:https://www.runoob.com/docker/docker-dockerfile.html

参考书籍:每天5分钟玩转docker容器技术

查看远程镜像:https://www.jianshu.com/p/2cb01f03bc99

posted @ 2021-12-26 23:16  马昌伟  阅读(526)  评论(0编辑  收藏  举报
博主链接地址:https://www.cnblogs.com/machangwei-8/