[docker series] docker learning IV. principles related to mirroring

Posted by cli_man on Fri, 12 Nov 2021 19:43:10 +0100

[docker series] docker learning IV. principles related to image

What is mirroring?

Mirroring is a lightweight, executable, stand-alone software package.

Image is used to package the running environment of software and software developed based on the running environment. It contains all the contents required to run some software, such as code, runtime library, environment variables and configuration files

All applications can be directly packaged with docker images, deployed and run with one click

What are the ways to get the image?

  • Copy other docker images directly
  • Make an image DockerFile by yourself
  • Download from a remote repository, such as dockerhub

Loading principle of Docker image

UnionFS

UnionFS is a federated file system. Remember the layered download when we installed redis in docker learning 2

This is the federated file system

UnionFS federated file system is a layered, lightweight and high-performance file system

It supports the modification of the file system as a layer by layer superposition submitted at a time, and different directories can be mounted under a virtual file system at the same time

The UnionFS federated file system is the basis of Docker image, which can also be inherited through layering. Based on the basic image, we can make various application images

characteristic:

The federated file system loads multiple file systems at the same time. The federated loading will stack the file systems of each layer, and the final file system will contain all the underlying files and directories

What is the image loading principle of Docker?

Pictures from the Internet

The Docker image is composed of a layer by layer file system, which is called a federated file system. Generally, the lower layers are shared

Generally, system startup is a loading process. This process is bootloader boot loading kernel. Bootfs file system will be loaded when linux operating system is just started, and bootfs is the bottom layer of our Docker image

bootfs

boot file system is a file system, mainly including bootloader and kernel

After the boot is loaded, the whole kernel is running in memory. At this time, the right to use memory has been handed over from bootfs to the kernel. At this time, the system will unload bootfs

rootfs

Let's talk about rootfs, root file system, root file system, which is based on bootfs, including / dev, / proc, / bin, / etc and other directories and files in the linux operating system

For example, we know that rootfs includes centos, ubuntu and so on

Layering principle

Let's download a redis to see the effect

Docker is downloaded according to levels. Previously downloaded levels will not be downloaded again. We can view the details of redis through docker inspect

# docker inspect redis:latest
...
"RootFS": {
            "Type": "layers",
            "Layers": [
                "sha256:814bff7343242acfd20a2c841e041dd57c50f0cf844d4abd2329f78b992197f4",
                "sha256:dd1ebb1f5319785e34838c7332a71e5255bda9ccf61d2a0bf3bff3d2c3f4cdb4",
                "sha256:11f99184504048b93dc2bdabf1999d6bc7d9d9ded54d15a5f09e36d8c571c32d",
                "sha256:e461360755916af80821289b1cbc503692cf63e4e93f09b35784d9f7a819f7f2",
                "sha256:45f6df6342536d948b07e9df6ad231bf17a73e5861a84fc3c9ee8a59f73d0f9f",
                "sha256:262de04acb7e0165281132c876c0636c358963aa3e0b99e7fbeb8aba08c06935"
            ]
        },
...

From the above results, we can see that the level of redis is the same as that when we pull the image

So why does Docker adopt layered download?

Mainly to share resources

For example, our multiple images are built from the basic image, so the host only needs to keep one basic image on the machine, and only one basic image needs to be loaded in memory to serve all required containers, and each layer of the image can be shared

We can understand it this way:

All Docker images come from the basic image. When we add or modify the image content, we will create a new image layer above the current image layer, such as a security patch in windows

As shown in the legend above:

We place file1 and file2 on the first layer of the image, file3 and file4 on the second layer of the image, and file3.1 on the third layer of the image (file3.1 is a new version of file3)

Then, when we package the image, we will merge an image with four files, here are four layer s

When we download the final merged image, we will download the above four layer s at a time

Features of Docker image:

Docker images are read-only by default. When the container is started, a new writable layer is loaded on the top of the image

The layer mentioned above is our container layer. Below the container layer is the mirror layer, as shown in the figure below

How to submit our image

Docker submission principle and command are similar to Git

docker commit

Submit the current container as a new version

We usually use it this way

docker commit -m="Description information" -a="author" container ID Target image name:[TAG]

for instance:

Let's modify the nginx image and use it as our own image

Start nginx and set the port mapping to - p 8888:80

docker run -d -p 8888:80 nginx

Enter nginx interactively

# docker ps
CONTAINER ID   IMAGE     COMMAND                  CREATED         STATUS         PORTS                  NAMES
30841a3a26cb   nginx     "/docker-entrypoint...."   4 seconds ago   Up 2 seconds   0.0.0.0:8888->80/tcp   strange_hugle

# docker exec -it 30841a3a26cb /bin/bash

Enter the HTML directory of nginx, replace the index.html file, and then reload the configuration

#cd /usr/share/nginx/html
#ls
50x.html  index.html
#mv index.html index.html.bak
#mv 50x.html index.html
#/usr/sbin/nginx -s reload

At this time, we visit port 8888 of a server to check the effect (we replace the normal index.html page with an error page)

As shown in the figure above, the replacement was successful

Let's commit

docker commit -a="xiaomotong" -m="modify index.html" 30841a3a26cb nginx01:1.0

~# docker ps
CONTAINER ID   IMAGE     COMMAND                  CREATED          STATUS          PORTS                  NAMES
30841a3a26cb   nginx     "/docker-entrypoint...."   10 minutes ago   Up 10 minutes   0.0.0.0:8888->80/tcp   strange_hugle
root@iZuf66y3tuzn4wp3h02t7pZ:~# docker commit -a="xiaomotong" -m="modify index.html" 30841a3a26cb nginx01:1.0
sha256:1d072fa616573ba67a103925c6114e40171eb1d14ca573f146a28b8c51e5fdff
root@iZuf66y3tuzn4wp3h02t7pZ:~# docker images
REPOSITORY            TAG       IMAGE ID       CREATED         SIZE
nginx01               1.0       1d072fa61657   3 seconds ago   133MB
ubuntu                latest    1318b700e415   7 days ago      72.8MB
redis                 latest    aa4d65e670d6   11 days ago     105MB
nginx                 latest    08b152afcfae   12 days ago     133MB
portainer/portainer   latest    580c0e4e98b0   4 months ago    79.1MB

If we want to save the current state of our container, we can commit through commit to obtain a desired image, which is a bit like taking a snapshot using a virtual machine

reference material:

docker docs

Welcome to like, follow and collect

My friends, your support and encouragement are the driving force for me to insist on sharing and improve quality

Well, that's all for this time

Technology is open, and our mentality should be open. Embrace change, live in the sun and strive to move forward.

I'm Nezha, the Little Devil boy. Welcome to praise and pay attention to the collection. See you next time~

Topics: Go