文章目录
- 一、使用docker commit 命令创建镜像
- 1、通过docker run命令启动容器
- 2、修改docker镜像内容
- 3、docker commit提交修改的镜像
- 4、docker run新的镜像
- 5、验证修改的配置已被正确应用在新的镜像
- 二、使用 Dockerfile 创建镜像
- 1、准备 Dockerfile:
- 2、构建镜像:
- 3、运行容器:
- 三、docker commit 和使用 Dockerfile 创建 Docker 镜像对比
- 四、总结
当我们从
docker 镜像仓库中下载的镜像不能满足我们的需求时,可以通过以下两种方式对镜像进行更改,制作符合业务需求的镜像。
一、使用docker commit 命令创建镜像
以下通过在配置文件中将nginx进程的最大连接数由1024修改为1000为例进行演示。
1、通过docker run命令启动容器
拉取一个nginx镜像并启动容器。
[root@ansible ~]# docker run -it -d --name nginx -p 8088:80 registry.openanolis.cn/openanolis/nginx:1.14.1-8.6
52375591c148cc769c1227075a60091608ce2e960c04b4df8a9ad2cc939a8da2
[root@ansible ~]#
[root@ansible ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
registry.openanolis.cn/openanolis/mysql 8.0.30-8.6 f74177ebc092 2 years ago 814MB
registry.openanolis.cn/openanolis/nginx 1.14.1-8.6 cdd9bdf89346 2 years ago 521MB
registry.openanolis.cn/openanolis/httpd 2.4.37-8.6 04222782d698 2 years ago 463MB
[root@ansible ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
52375591c148 registry.openanolis.cn/openanolis/nginx:1.14.1-8.6 "docker-entrypoint.s…" 18 seconds ago Up 17 seconds 0.0.0.0:8088->80/tcp nginx
2、修改docker镜像内容
进入容器将nginx进程的最大连接数由worker_connections 1024;修改为worker_connections 1000;
[root@ansible ~]# docker exec -it 52375591c148 /bin/bash
[root@52375591c148 /]# vim /etc/nginx/nginx.conf
[root@52375591c148 /]# cat /etc/nginx/nginx.conf
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1000;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
# Settings for a TLS enabled server.
#
# server {
# listen 443 ssl http2 default_server;
# listen [::]:443 ssl http2 default_server;
# server_name _;
# root /usr/share/nginx/html;
#
# ssl_certificate "/etc/pki/nginx/server.crt";
# ssl_certificate_key "/etc/pki/nginx/private/server.key";
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 10m;
# ssl_ciphers PROFILE=SYSTEM;
# ssl_prefer_server_ciphers on;
#
# # Load configuration files for the default server block.
# include /etc/nginx/default.d/*.conf;
#
# location / {
# }
#
# error_page 404 /404.html;
# location = /40x.html {
# }
#
# error_page 500 502 503 504 /50x.html;
# location = /50x.html {
# }
# }
}
[root@52375591c148 /]# exit
exit
[root@ansible ~]#
3、docker commit提交修改的镜像
docker commit 的语法格式为:
docker commit [选项] <容器ID或容器名> [<仓库名>[:<标签>]]
示例:将上述修改后的容器保存为镜像
[root@ansible ~]# docker commit -m="set worker_connections 1000" -a="北极星" 52375591c148 crpi-lzszgrfv271ncu45.cn-chengdu.personal.cr.aliyuncs.com/rb87/nginx:v1
sha256:aae09f726618f2f2724d063cf4d8034ba537e12489dacb00a31db52f1e793557
#上述执行成功后可以查看到刚打包成功的新镜像
[root@ansible ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
crpi-lzszgrfv271ncu45.cn-chengdu.personal.cr.aliyuncs.com/rb87/nginx v1 aae09f726618 6 seconds ago 521MB
registry.openanolis.cn/openanolis/mysql 8.0.30-8.6 f74177ebc092 2 years ago 814MB
registry.openanolis.cn/openanolis/nginx 1.14.1-8.6 cdd9bdf89346 2 years ago 521MB
registry.openanolis.cn/openanolis/httpd 2.4.37-8.6 04222782d698 2 years ago 463MB
[root@ansible ~]#
各个参数说明:
• -m: 提交的描述信息
• -a: 指定镜像作者
• 52375591c148:容器 ID
• crpi-lzszgrfv271ncu45.cn-chengdu.personal.cr.aliyuncs.com/rb87/nginx:v1 指定要创建的目标镜像名,常见命名规范为:仓库名称/镜像名称:标签
4、docker run新的镜像
通过打包的新镜像重新启动一个容器nginxv1
[root@ansible ~]# docker run -it -d -p8080:80 --name nginxv1 crpi-lzszgrfv271ncu45.cn-chengdu.personal.cr.aliyuncs.com/rb87/nginx:v1
892552859d37a1f93d39c94ed5162e44b908bce592e68c124ec2f4c80ccaa0bb
[root@ansible ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
892552859d37 crpi-lzszgrfv271ncu45.cn-chengdu.personal.cr.aliyuncs.com/rb87/nginx:v1 "docker-entrypoint.s…" 3 seconds ago Up 3 seconds 0.0.0.0:8080->80/tcp nginxv1
52375591c148 registry.openanolis.cn/openanolis/nginx:1.14.1-8.6 "docker-entrypoint.s…" 3 hours ago Up 3 hours 0.0.0.0:8088->80/tcp nginx
[root@ansible ~]#
5、验证修改的配置已被正确应用在新的镜像
检查确认通过新镜像启动的nginxv1容器配置文件已应用调整后的参数worker_connections 1000;
[root@ansible ~]# docker exec -it 892552859d37 /bin/bash
[root@892552859d37 /]# more /etc/nginx/nginx.conf
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1000;
}
二、使用 Dockerfile 创建镜像
1、准备 Dockerfile:
在一个空白目录中,建立一个文本文件,并命名为 Dockerfile(注意没有扩展名)
[root@ansible ~]# mkdir mynginx
[root@ansible ~]# cd mynginx
[root@ansible mynginx]# touch Dockerfile
编写Dockerfile文件内容
# Dockerfile 示例
# 使用阿里云龙蜥操作系统提供的Nginx基础镜像
FROM registry.openanolis.cn/openanolis/nginx:1.14.1-8.6
# 设置维护者信息(可选)
LABEL maintainer="your.email@example.com"
# 设置环境变量
ENV APP_DIR=/usr/share/nginx/html
# 安装额外的软件包
RUN yum install -y wget vim net-tools
# 替换默认首页内容
RUN echo '<html><body><h1>Hello, Enhanced Docker!</h1></body></html>' > ${APP_DIR}/index.html
# 添加自定义的Nginx配置文件
COPY nginx.conf /etc/nginx/nginx.conf
# 暴露80端口
EXPOSE 80
# 定义容器启动时执行的命令
CMD ["nginx", "-g", "daemon off;"]
2、构建镜像:
在包含 Dockerfile 的目录,通过运行docker build命令来构建 Docker 镜像,并且可以查看构建镜像的整个过程:
[root@ansible mynginx]# docker build -t mynginx:latest .
Sending build context to Docker daemon 6.144kB
Step 1/8 : FROM registry.openanolis.cn/openanolis/nginx:1.14.1-8.6
1.14.1-8.6: Pulling from openanolis/nginx
719018114380: Already exists
f578b0a89bc8: Pull complete
aeae93121098: Pull complete
00b464068565: Pull complete
Digest: sha256:55dcb729c46f2028126f2a57417712c4d77a947ecb409e445bf0c2e59d100640
Status: Downloaded newer image for registry.openanolis.cn/openanolis/nginx:1.14.1-8.6
---> cdd9bdf89346
Step 2/8 : LABEL maintainer="your.email@example.com"
---> Running in 89bb323a22f5
Removing intermediate container 89bb323a22f5
---> 273fb49ede20
Step 3/8 : ENV APP_DIR=/usr/share/nginx/html
---> Running in f13f69b8aa61
Removing intermediate container f13f69b8aa61
---> 3c766328214c
Step 4/8 : RUN yum install -y wget vim net-tools
---> Running in ecb39363dda0
AnolisOS-8 - AppStream 7.2 MB/s | 9.2 MB 00:01
AnolisOS-8 - BaseOS 6.9 MB/s | 4.3 MB 00:00
AnolisOS-8 - Extras 8.3 kB/s | 2.3 kB 00:00
AnolisOS-8 - PowerTools 1.6 MB/s | 1.4 MB 00:00
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
net-tools x86_64 2.0-0.52.20160912git.an8 BaseOS 321 k
vim-enhanced x86_64 2:8.0.1763-19.0.1.an8_6.4 AppStream 1.4 M
wget x86_64 1.19.5-12.0.1.an8 AppStream 705 k
Installing dependencies:
gpm-libs x86_64 1.20.7-17.an8 AppStream 38 k
libmetalink x86_64 0.1.3-7.0.1.an8 BaseOS 30 k
vim-common x86_64 2:8.0.1763-19.0.1.an8_6.4 AppStream 6.3 M
vim-filesystem noarch 2:8.0.1763-19.0.1.an8_6.4 AppStream 50 k
which x86_64 2.21-20.0.1.an8 BaseOS 44 k
Transaction Summary
================================================================================
Install 8 Packages
Total download size: 8.9 M
Installed size: 34 M
Downloading Packages:
(1/8): gpm-libs-1.20.7-17.an8.x86_64.rpm 156 kB/s | 38 kB 00:00
(2/8): vim-filesystem-8.0.1763-19.0.1.an8_6.4.n 347 kB/s | 50 kB 00:00
(3/8): wget-1.19.5-12.0.1.an8.x86_64.rpm 2.4 MB/s | 705 kB 00:00
(4/8): vim-enhanced-8.0.1763-19.0.1.an8_6.4.x86 1.8 MB/s | 1.4 MB 00:00
(5/8): libmetalink-0.1.3-7.0.1.an8.x86_64.rpm 254 kB/s | 30 kB 00:00
(6/8): which-2.21-20.0.1.an8.x86_64.rpm 378 kB/s | 44 kB 00:00
(7/8): net-tools-2.0-0.52.20160912git.an8.x86_6 1.5 MB/s | 321 kB 00:00
(8/8): vim-common-8.0.1763-19.0.1.an8_6.4.x86_6 5.7 MB/s | 6.3 MB 00:01
--------------------------------------------------------------------------------
Total 7.9 MB/s | 8.9 MB 00:01
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : which-2.21-20.0.1.an8.x86_64 1/8
Installing : libmetalink-0.1.3-7.0.1.an8.x86_64 2/8
Installing : vim-filesystem-2:8.0.1763-19.0.1.an8_6.4.noarch 3/8
Installing : vim-common-2:8.0.1763-19.0.1.an8_6.4.x86_64 4/8
Installing : gpm-libs-1.20.7-17.an8.x86_64 5/8
Running scriptlet: gpm-libs-1.20.7-17.an8.x86_64 5/8
Installing : vim-enhanced-2:8.0.1763-19.0.1.an8_6.4.x86_64 6/8
Installing : wget-1.19.5-12.0.1.an8.x86_64 7/8
Running scriptlet: wget-1.19.5-12.0.1.an8.x86_64 7/8
Installing : net-tools-2.0-0.52.20160912git.an8.x86_64 8/8
Running scriptlet: net-tools-2.0-0.52.20160912git.an8.x86_64 8/8
Running scriptlet: vim-common-2:8.0.1763-19.0.1.an8_6.4.x86_64 8/8
Verifying : gpm-libs-1.20.7-17.an8.x86_64 1/8
Verifying : vim-common-2:8.0.1763-19.0.1.an8_6.4.x86_64 2/8
Verifying : vim-enhanced-2:8.0.1763-19.0.1.an8_6.4.x86_64 3/8
Verifying : vim-filesystem-2:8.0.1763-19.0.1.an8_6.4.noarch 4/8
Verifying : wget-1.19.5-12.0.1.an8.x86_64 5/8
Verifying : libmetalink-0.1.3-7.0.1.an8.x86_64 6/8
Verifying : net-tools-2.0-0.52.20160912git.an8.x86_64 7/8
Verifying : which-2.21-20.0.1.an8.x86_64 8/8
Installed:
gpm-libs-1.20.7-17.an8.x86_64
libmetalink-0.1.3-7.0.1.an8.x86_64
net-tools-2.0-0.52.20160912git.an8.x86_64
vim-common-2:8.0.1763-19.0.1.an8_6.4.x86_64
vim-enhanced-2:8.0.1763-19.0.1.an8_6.4.x86_64
vim-filesystem-2:8.0.1763-19.0.1.an8_6.4.noarch
wget-1.19.5-12.0.1.an8.x86_64
which-2.21-20.0.1.an8.x86_64
Complete!
Removing intermediate container ecb39363dda0
---> 89ee9ee7c7d4
Step 5/8 : RUN echo '<html><body><h1>Hello, Enhanced Docker!</h1></body></html>' > ${APP_DIR}/index.html
---> Running in a790e89b1ec2
Removing intermediate container a790e89b1ec2
---> 92bc8aacf3e9
Step 6/8 : COPY nginx.conf /etc/nginx/nginx.conf
---> 5ed903bfcb23
Step 7/8 : EXPOSE 80
---> Running in 803ac3700903
Removing intermediate container 803ac3700903
---> 740497b2d600
Step 8/8 : CMD ["nginx", "-g", "daemon off;"]
---> Running in cdafa06f319a
Removing intermediate container cdafa06f319a
---> 4ac5057b2b8a
Successfully built 4ac5057b2b8a
Successfully tagged mynginx:latest
[root@ansible mynginx]#
• -t 参数用于给新镜像指定一个标签(格式为 name:tag)
• 后面的点 . 表示 Dockerfile 所在的当前目录,也可以通过-f参数指定Dockerfile的绝对路径
3、运行容器:
构建完成后,使用 docker run 命令来运行基于该镜像的容器:
[root@ansible mynginx]# docker run -d -it --name mynginx -p8080:80 mynginx
这个命令会以后台模式启动容器,并将主机的 8080端口映射到容器内的 80 端口。现在,你应该能够通过访问 http://主机IP:8080 来查看运行中的 nginx服务器。
三、docker commit 和使用 Dockerfile 创建 Docker 镜像对比
| 特性/方面 | docker commit | 使用 Dockerfile |
|---|---|---|
| 创建速度 | 快速简便,适合快速实验和测试 | 初始设置可能需要更多时间来编写和完善 Dockerfile |
| 透明度 | 缺乏透明度,难以了解镜像是如何构建的 | 高透明度,所有步骤都被记录在 Dockerfile 中 |
| 可重复性 | 不利于重现,相同的修改在不同环境中可能无法一致地重建 | 可以在任何地方一致地重建镜像 |
| 版本控制 | 不利于版本控制,因为没有明确的构建步骤 | 易于纳入版本控制系统(如 Git),便于追踪变更历史 |
| 维护难度 | 随着项目发展,管理多个由 commit 创建的镜像变得复杂且容易出错 | 更新镜像只需修改 Dockerfile 并重新构建,易于维护 |
| 安全性 | 可能包含不必要的文件或配置,增加潜在的安全风险 | 更精确地控制哪些内容被包含在镜像中,减少安全风险 |
| 团队协作 | 其他人很难理解镜像是如何构建出来的,不利于团队协作 | 团队成员可以清晰地了解镜像的构成及其依赖关系,便于理解和贡献 |
| 自动化集成 | 难以与 CI/CD 工具无缝集成 | 支持自动化工具,可以轻松集成到 CI/CD 流程中 |
| 适用场景 | 适用于快速原型设计、临时任务或简单的更改 | 适用于长期解决方案、生产环境以及需要高度可靠性和一致性的场景 |
| 学习曲线 | 学习成本低,适合初学者 | 需要一定的学习成本来掌握 Dockerfile 的编写规范和最佳实践 |
四、总结
在生产环境中,强烈推荐使用 Dockerfile 来创建和管理 Docker 镜像,因为它能够提供更高的可靠性、透明度和可维护性
扫一扫
398
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
