构建自己的docker镜像

目录

前奏

rambo@debian:~$ cat /etc/issue
Debian GNU/Linux 12 \n \l

安装podman

rambo@debian:~$ cd /etc/apt/
rambo@debian:/etc/apt$ sudo cp sources.list{,-bak}
rambo@debian:/etc/apt$ sudo vim sources.list
deb https://mirrors.aliyun.com/debian/ bookworm main non-free non-free-firmware contrib
deb-src https://mirrors.aliyun.com/debian/ bookworm main non-free non-free-firmware contrib
deb https://mirrors.aliyun.com/debian-security/ bookworm-security main
deb-src https://mirrors.aliyun.com/debian-security/ bookworm-security main
deb https://mirrors.aliyun.com/debian/ bookworm-updates main non-free non-free-firmware contrib
deb-src https://mirrors.aliyun.com/debian/ bookworm-updates main non-free non-free-firmware contrib
deb https://mirrors.aliyun.com/debian/ bookworm-backports main non-free non-free-firmware contrib
deb-src https://mirrors.aliyun.com/debian/ bookworm-backports main non-free non-free-firmware contrib
 
deb https://mirrors.ustc.edu.cn/debian/ bookworm main non-free non-free-firmware contrib
deb-src https://mirrors.ustc.edu.cn/debian/ bookworm main non-free non-free-firmware contrib
deb https://mirrors.ustc.edu.cn/debian-security/ bookworm-security main
deb-src https://mirrors.ustc.edu.cn/debian-security/ bookworm-security main
deb https://mirrors.ustc.edu.cn/debian/ bookworm-updates main non-free non-free-firmware contrib
deb-src https://mirrors.ustc.edu.cn/debian/ bookworm-updates main non-free non-free-firmware contrib
deb https://mirrors.ustc.edu.cn/debian/ bookworm-backports main non-free non-free-firmware contrib
deb-src https://mirrors.ustc.edu.cn/debian/ bookworm-backports main non-free non-free-firmware contrib


rambo@debian:~$ sudo apt -y update && sudo apt -y upgrade
rambo@debian:~$ sudo apt install -y podman
rambo@debian:~$ sudo vim /etc/containers/registries.conf
....
    ....
[[registry]]
prefix = "docker.io"
location = "docker.m.daocloud.io"

[[registry]] 
prefix = "docker.io"
insecure = false
blocked = false
location = "docker.io"
[[registry.mirror]]
location = "hub-mirror.c.163.com"
[[registry.mirror]]
location = "registry.docker-cn.com"



rambo@debian:~$ sudo vim .bashrc
rambo@debian:~$ echo 'alias docker=/usr/bin/podman' >> .bashrc
rambo@debian:~$ source .bashrc

rambo@debian:~$ docker version
Client:       Podman Engine
Version:      4.3.1
API Version:  4.3.1
Go Version:   go1.19.8
Built:        Wed Dec 31 19:00:00 1969
OS/Arch:      linux/amd64

基于当前OS创建自己的镜像

rambo@debian:~$ mkdir myimage
rambo@debian:~$ sudo cp -a /usr/lib  /usr/lib32/  /usr/lib64/  /usr/bin/  myimage

rambo@debian:~$ sudo  chroot  myimage  bash        # bash可换成ls命令
bash-5.2# pwd
/
bash-5.2# ls -al
total 92
drwxr-xr-x  6 1000 1000  4096 Oct  7 02:15 .
drwxr-xr-x  6 1000 1000  4096 Oct  7 02:15 ..
drwxr-xr-x  2    0    0 69632 Oct  7 01:25 bin
drwxr-xr-x 85    0    0  4096 Oct  6 09:08 lib
drwxr-xr-x  2    0    0  4096 Aug  3 10:37 lib32
drwxr-xr-x  2    0    0  4096 Oct  4 00:19 lib64
bash-5.2# exit

# 新建一个包含一些随机字符串的secret.txt文件
rambo@debian:~$ echo $(openssl rand -base64 32) > myimage/secret.txt   # 也可以是echo 123 > 1.txt
rambo@debian:~$ sudo tar -C myimage/ -c . -f myimage.tar

# docker import使用需要tar存档文件和映像名称的命令导入文件,而后会看到image的 sha256 哈希摘要
rambo@debian:~$ docker import myimage.tar  myimage:latest
rambo@debian:~$ docker images
REPOSITORY         TAG         IMAGE ID      CREATED        SIZE
localhost/myimage  latest      67d717156da0  2 minutes ago  3.5 GB



# 用新创建的镜像运行容器
rambo@debian:~$ docker run -itd --name test1 --rm --entrypoint /bin/bash  myimage:latest
注:-entrypoint在运行时覆盖默认的 ENTRYPOINT

# 比如不指定--entrypoint
rambo@debian:~$ docker run -itd --name test11111 --rm  myimage:latest
Error: no command or entrypoint provided, and no CMD or ENTRYPOINT from image

rambo@debian:~$ docker run -itd --name test11111 --rm --entrypoint /bin/ls  myimage:latest
rambo@debian:~$ docker ps -a
CONTAINER ID  IMAGE                     COMMAND     CREATED         STATUS             PORTS       NAMES
aac5f9316f75  localhost/myimage:latest              10 minutes ago  Up 10 minutes ago              test1

# 将命令换成top来试试
rambo@debian:~$ docker run -itd --name test222 --entrypoint /bin/top  myimage:latest
rambo@debian:~$ docker ps -a
CONTAINER ID  IMAGE                     COMMAND     CREATED         STATUS                     PORTS       NAMES
aac5f9316f75  localhost/myimage:latest              11 minutes ago  Up 11 minutes ago                      test1
642fa9a47e74  localhost/myimage:latest              48 seconds ago  Exited (0) 39 seconds ago              test11111
c84a645e92b0  localhost/myimage:latest              18 seconds ago  Up 10 seconds ago                      test222

rambo@debian:~$ docker exec -it test222  /bin/bash
bash-5.2# ps
    PID TTY          TIME CMD
      2 pts/1    00:00:00 bash
      3 pts/1    00:00:00 ps


rambo@debian:~$ docker exec -it aac5f  /bin/bash
bash-5.2# ls
bin  dev  etc  lib  lib32  lib64  proc  run  secret.txt  sys
bash-5.2# cat secret.txt 
YA+UeqdKtZv36ZvMnqDsGHC0wxEWD2bUVdnNW4NOCpU=

防走丢

QQ群1:905201396
QQ群2:756805267
QQ群3:912567610
posted @ 2023-10-07 11:51  Linux大魔王  阅读(42)  评论(0编辑  收藏  举报