Docker镜像构建原理解析(不装docker也能构建镜像)
在devops流程里面构建镜像是一个非常重要的过程,一般构建镜像是写dockerfile文件然后通过dockerclient来构建的image。
dockerclient会先检查本地有没有image,如果没有帮你从镜像仓库pull下来
然后解析你写的dockerfile构建新的image。
本文带你了解
- pull命令背后是怎么做的?
- build命令背后是怎么做的?
下篇文章带你解析:
如果我不用docker我如何构建一个镜像?
我们以微软的aspnet2.2为基础构建一个aspnetcore项目的镜像为例子
mcr.microsoft.com/dotnet/core/aspnet:2.2
根据基础镜像REGISTRY去获取mainfest信息
https://mcr.microsoft.com/v2/dotnet/core/aspnet/manifests/2.2 Accept: application/vnd.oci.image.manifest.v1+json,application/vnd.docker.distribution.manifest.v2+json,application/vnd.docker.distribution.manifest.v1+json
获取到的内容如下:
{
"schemaVersion":2,
"mediaType":"application/vnd.docker.distribution.manifest.v2+json",
"config":{
"mediaType":"application/vnd.docker.container.image.v1+json",
"size":4039,
"digest":"sha256:e7e3b238011ce0f2b9350153535fe273caa01f0e7188d0b91f965b3802ddc600"
},
"layers":[
{
"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip",
"size":22524609,
"digest":"sha256:804555ee037604c40de144f9f8da0d826d38db82f15d74cded32790fe279a8f6"
},
{
"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip",
"size":17692725,
"digest":"sha256:970251047358aea56ba6db6975b14ff12470b75de0c2477f4445240ddd727fd4"
},
{
"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip",
"size":2978257,
"digest":"sha256:f3d4c41a4fd13f35c0b46f19a4e27845f4695163cc7174d908ff84836bbc2f5a"
},
{
"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip",
"size":62145592,
"digest":"sha256:bd391c46585f9f8d84992bbaa9087189148c1601968eaaf097d5b3ed60840e5e"
}
]
}
mainfest文件里面都是摘要(digest)记录
- config信息摘要
- 每个layer的摘要(上面的例子有4个)
根据上面的config信息摘要获取config详情
GET:https://mcr.microsoft.com/v2/dotnet/core/aspnet/blobs/sha256:e7e3b238011ce0f2b9350153535fe273caa01f0e7188d0b91f965b3802ddc600
{
"architecture":"amd64",
"config":{
"Hostname":"",
"Domainname":"",
"User":"",
"AttachStdin":false,
"AttachStdout":false,
"AttachStderr":false,
"Tty":false,
"OpenStdin":false,
"StdinOnce":false,
"Env":[
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"ASPNETCORE_URLS=http://+:80",
"DOTNET_RUNNING_IN_CONTAINER=true",
"ASPNETCORE_VERSION=2.2.8"
],
"Cmd":[
"bash"
],
"ArgsEscaped":true,
"Image":"sha256:5ecfe4016ac8e911a94aa601a675f7204e9ccab00cbb08e7067c184ad40f34e9",
"Volumes":null,
"WorkingDir":"",
"Entrypoint":null,
"OnBuild":null,
"Labels":null
},
"container":"14196c2f9c327d41e26682d32c7c89c4e7c78aa32f8b7501a23192035a9f4844",
"container_config":{
"Hostname":"",
"Domainname":"",
"User":"",
"AttachStdin":false,
"AttachStdout":false,
"AttachStderr":false,
"Tty":false,
"OpenStdin":false,
"StdinOnce":false,
"Env":[
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"ASPNETCORE_URLS=http://+:80",
"DOTNET_RUNNING_IN_CONTAINER=true",
"ASPNETCORE_VERSION=2.2.8"
],
"Cmd":[
"/bin/sh",
"-c",
"curl-SL--outputaspnetcore.tar.gzhttps://dotnetcli.azureedge.net/dotnet/aspnetcore/Runtime/$ASPNETCORE_VERSION/aspnetcore-runtime-$ASPNETCORE_VERSION-linux-x64.tar.gz&&aspnetcore_sha512='954072376698be69acb7e277df2c243f931e10529def21dcbf9ce277609b30d462126bf8b8b3cab36476bec3d63a927b8e44e59e4d4cade23eef45956fba1ffd'&&echo\"$aspnetcore_sha512aspnetcore.tar.gz\"|sha512sum-c-&&mkdir-p/usr/share/dotnet&&tar-zxfaspnetcore.tar.gz-C/usr/share/dotnet&&rmaspnetcore.tar.gz&&ln-s/usr/share/dotnet/dotnet/usr/bin/dotnet"
],
"Image":"sha256:5ecfe4016ac8e911a94aa601a675f7204e9ccab00cbb08e7067c184ad40f34e9",
"Volumes":null,
"WorkingDir":"",
"Entrypoint":null,
"OnBuild":null,
"Labels":null
},
"created":"2019-12-28T08:12:05.676492579Z",
"docker_version":"3.0.8",
"history":[
{
"created":"2019-12-28T04:23:47.4966447Z",
"created_by":"/bin/sh-c#(nop)ADDfile:90a2c81769a336bed3f731f44a385f2a65b0916f517a0b77c06c224579bf9a9ain/"
},
{
"created":"2019-12-28T04:23:47.719507596Z",
"created_by":"/bin/sh-c#(nop)CMD[\"bash\"]",
"empty_layer":true
},
{
"created":"2019-12-28T08:11:05.607009582Z",
"created_by":"/bin/sh-capt-getupdate&&apt-getinstall-y--no-install-recommendsca-certificateslibc6libgcc1libgssapi-krb5-2libicu57liblttng-ust0libssl1.0.2libstdc++6zlib1g&&rm-rf/var/lib/apt/lists/*"
},
{
"created":"2019-12-28T08:11:07.64336022Z",
"created_by":"/bin/sh-c#(nop)ENVASPNETCORE_URLS=http://+:80DOTNET_RUNNING_IN_CONTAINER=true",
"empty_layer":true
},
{
"created":"2019-12-28T08:11:16.475068844Z",
"created_by":"/bin/sh-capt-getupdate&&apt-getinstall-y--no-install-recommendscurl&&rm-rf/var/lib/apt/lists/*"
},
{
"created":"2019-12-28T08:11:43.814078508Z",
"created_by":"/bin/sh-c#(nop)ENVASPNETCORE_VERSION=2.2.8",
"empty_layer":true
},
{
"created":"2019-12-28T08:12:05.676492579Z",
"created_by":"/bin/sh-ccurl-SL--outputaspnetcore.tar.gzhttps://dotnetcli.azureedge.net/dotnet/aspnetcore/Runtime/$ASPNETCORE_VERSION/aspnetcore-runtime-$ASPNETCORE_VERSION-linux-x64.tar.gz&&aspnetcore_sha512='954072376698be69acb7e277df2c243f931e10529def21dcbf9ce277609b30d462126bf8b8b3cab36476bec3d63a927b8e44e59e4d4cade23eef45956fba1ffd'&&echo\"$aspnetcore_sha512aspnetcore.tar.gz\"|sha512sum-c-&&mkdir-p/usr/share/dotnet&&tar-zxfaspnetcore.tar.gz-C/usr/share/dotnet&&rmaspnetcore.tar.gz&&ln-s/usr/share/dotnet/dotnet/usr/bin/dotnet"
}
],
"os":"linux",
"rootfs":{
"type":"layers",
"diff_ids":[
"sha256:814c70fdae62bc26c603bfae861f00fb1c77fc0b1ee8d565717846f4df24ae5d",
"sha256:0cf75cb98eb2e0a82631d4aff71b40ba79ff7f83e0361f696875e592a1a4cefc",
"sha256:15e45d99c92686fb1fd61a41431d8400d7a0e8381595d09d666b0809c4f5d993",
"sha256:579a8f1d6a123f98095c0b1a1395079f7504391fd2a8bc529dede305a2072a36"
]
}
}
根据diff_ids里面去下载对应layers
下载完后对比摘要一致,确保镜像文件合法性
路径规则:
https://mcr.microsoft.com/v2/dotnet/core/aspnet/blobs/sha256:XXXXXX
构建我们的镜像
在基础镜像的配置基础上加入我们的自定义配置
- Entrypoint
- Cmd
- Ports
- Environment
- ImageWorkingDirectory
- Volumes
- Labels
在基础镜像的所有的layers把我们要打包到镜像也做成一个layer
生成的镜像tar包解压出来
多了一个tar.gz文件,解压之后就是我们打包放进去的文件
- 原来基础镜像有4个layer加上我们的共5个
- config.json
- manifest.json
config.json对比与基础镜像
我们来复习下构建镜像的过程根据镜像名称拉取mainfest
- 根据mainfest拉取config
- 根据config拉取layers
- 下载各个layer
- 修改到基础镜像的配置(config.json和mainfest.json)
- 加入我们要加入的文件layer
知道原理后我们可以自己写一个工具来实现整个过程
我开源的docker镜像构建,让你不用装docker也能快速构建容器镜像
支持以下镜像仓库作为基础镜像构建
- dockerhub
- aliyun
- 腾讯云
到此这篇关于Docker镜像构建原理解析(不装docker也能构建镜像)的文章就介绍到这了,更多相关Docker镜像构建内容请搜索毛票票以前的文章或继续浏览下面的相关文章希望大家以后多多支持毛票票!