docker镜像的首行从from alpine之类的镜像开始,但是最初的基础镜像是如何创建的,本文使用一个busybox创建一个基础镜像,相信在此过程中会对docker一些相关的概念有进一步的理解。
什么是基础镜像(base image)
简单来说,基础镜像就是没有from或者from scratch开头的dockerfile所构建出来的镜像。比如alpine,这个很小的linux镜像目前只有4m左右
1
2
3
|
[root@kong ~]# docker images |grep alpine docker.io/alpine latest 3fd9065eaf02 4 months ago 4.15 mb [root@kong ~]# |
它的dockerfile很简单,只有三行,这就是一个基础镜像,
1
2
3
|
from scratch add rootfs.tar.xz / cmd ["/bin/sh"] |
在接下来的文章中我们将会像alpine那样来创建一个自己的基础镜像。
busybox
概要说明
busybox被称为嵌入式linux的瑞士军刀,这句话是在busybox自己介绍自己的时候提出的(the swiss army knife of embedded linux)。busybox整合了很多小的unix下的通用功能到一个小的可执行文件之中,简单来说在unix或者linux下常用的那些功能在这里你都能找到,但是为了busybox的目标:嵌入式的linux,大小对于busybox来说是非常重要的优化要素和限制,这些功能有可能会有所阉割,但是对于一般需求来说已经足够。而alpine就是在busybox基础上增加了自己的包管理工具apk等功能创建了风靡一时的小巧镜像。busybox是用c语言开发的基于gpl的开源项目,目前的稳定版本为1.28.4
宿主机器
1
2
3
4
5
|
[root@kong ~]# uname -a linux kong 3.10.0-693.el7.x86_64 #1 smp tue aug 22 21:09:27 utc 2017 x86_64 x86_64 x86_64 gnu/linux [root@kong ~]# cat /etc/redhat-release centos linux release 7.4.1708 (core) [root@kong ~]# |
下载busybox
简单可以直接使用的二进制最新的版本为1.28.1
1
2
3
4
5
6
7
8
9
10
|
[root@kong ~]# wget https://busybox.net/downloads/binaries/1.28.1-defconfig-multiarch/busybox-x86_64 --2018-05-25 04:51:20-- https://busybox.net/downloads/binaries/1.28.1-defconfig-multiarch/busybox-x86_64 resolving busybox.net (busybox.net)... 140.211.167.122 connecting to busybox.net (busybox.net)|140.211.167.122|:443... connected. http request sent, awaiting response... 200 ok length: 1001112 (978k) saving to: 'busybox-x86_64' 100%[==============================================================================================>] 1,001,112 19.3kb/s in 30s 2018-05-25 04:51:57 (32.4 kb/s) - 'busybox-x86_64' saved [1001112/1001112] [root@kong ~]# |
设定busybox
1
2
3
4
5
|
[root@kong ~]# cp busybox-x86_64 /usr/local/bin/busybox [root@kong ~]# chmod +x /usr/local/bin/busybox [root@kong ~]# which busybox /usr/local/bin/busybox [root@kong ~]# |
版本确认
输入busybox可以看出版本以及熟悉的linux下的工具,仔细看一遍就会理解busybox号称自己是瑞士军刀一点都不夸张,反过来说,瑞士军刀如果敢号称linux里的busybox可能会引起非议。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
[root@kong ~]# busybox busybox v1.28.1 (2018-02-15 14:34:02 cet) multi-call binary. busybox is copyrighted by many authors between 1998-2015. licensed under gplv2. see source distribution for detailed copyright notices. usage: busybox [function [arguments]...] or: busybox --list[-full] or: busybox --install [-s] [dir] or: function [arguments]... busybox is a multi-call binary that combines many common unix utilities into a single executable. most people will create a link to busybox for each function they wish to use and busybox will act like whatever it was invoked as. currently defined functions: [, [[, acpid, add-shell, addgroup, adduser, adjtimex, arch, arp, arping, ash, awk, base64, basename, beep, blkdiscard, blkid, blockdev, bootchartd, brctl, bunzip2, bzcat, bzip2, cal, cat, chat, chattr, chgrp, chmod, chown, chpasswd, chpst, chroot, chrt, chvt, cksum, clear, cmp, comm, conspy, cp, cpio, crond, crontab, cryptpw, cttyhack, cut, date, dc, dd, deallocvt, delgroup, deluser, depmod, devmem, df, dhcprelay, diff, dirname, dmesg, dnsd, dnsdomainname, dos2unix, dpkg, dpkg-deb, du, dumpkmap, dumpleases, echo, ed, egrep, eject, env, envdir, envuidgid, ether-wake, expand, expr, factor, fakeidentd, fallocate, false, fatattr, fbset, fbsplash, fdflush, fdformat, fdisk, fgconsole, fgrep, find, findfs, flock, fold, free, freeramdisk, fsck, fsck.minix, fsfreeze, fstrim, fsync, ftpd, ftpget, ftpput, fuser, getopt, getty, grep, groups, gunzip, gzip, halt, hd, hdparm, head, hexdump, hexedit, hostid, hostname, httpd, hush, hwclock, i2cdetect, i2cdump, i2cget, i2cset, id, ifconfig, ifdown, ifenslave, ifplugd, ifup, inetd, init, insmod, install, ionice, iostat, ip, ipaddr, ipcalc, ipcrm, ipcs, iplink, ipneigh, iproute, iprule, iptunnel, kbd_mode, kill, killall, killall5, klogd, last, less, link, linux32, linux64, linuxrc, ln, loadfont, loadkmap, logger, login, logname, logread, losetup, lpd, lpq, lpr, ls, lsattr, lsmod, lsof, lspci, lsscsi, lsusb, lzcat, lzma, lzop, makedevs, makemime, man, md5sum, mdev, mesg, microcom, mkdir, mkdosfs, mke2fs, mkfifo, mkfs.ext2, mkfs.minix, mkfs.vfat, mknod, mkpasswd, mkswap, mktemp, modinfo, modprobe, more, mount, mountpoint, mpstat, mt, mv, nameif, nanddump, nandwrite, nbd-client, nc, netstat, nice, nl, nmeter, nohup, nproc, nsenter, nslookup, ntpd, nuke, od, openvt, partprobe, passwd, paste, patch, pgrep, pidof, ping, ping6, pipe_progress, pivot_root, pkill, pmap, popmaildir, poweroff, powertop, printenv, printf, ps, pscan, pstree, pwd, pwdx, raidautorun, rdate, rdev, readahead, readlink, readprofile, realpath, reboot, reformime, remove-shell, renice, reset, resize, resume, rev, rm, rmdir, rmmod, route, rpm, rpm2cpio, rtcwake, run-init, run-parts, runlevel, runsv, runsvdir, rx, script, scriptreplay, sed, sendmail, seq, setarch, setconsole, setfattr, setfont, setkeycodes, setlogcons, setpriv, setserial, setsid, setuidgid, sh, sha1sum, sha256sum, sha3sum, sha512sum, showkey, shred, shuf, slattach, sleep, smemcap, softlimit, sort, split, ssl_client, start-stop-daemon, stat, strings, stty, su, sulogin, sum, sv, svc, svlogd, swapoff, swapon, switch_root, sync, sysctl, syslogd, tac, tail, tar, taskset, tcpsvd, tee, telnet, telnetd, test, tftp, tftpd, time, timeout, top, touch, tr, traceroute, traceroute6, true, truncate, tty, ttysize, tunctl, ubiattach, ubidetach, ubimkvol, ubirename, ubirmvol, ubirsvol, ubiupdatevol, udhcpc, udhcpd, udpsvd, uevent, umount, uname, unexpand, uniq, unix2dos, unlink, unlzma, unshare, unxz, unzip, uptime, users, usleep, uudecode, uuencode, vconfig, vi, vlock, volname, w, wall, watch, watchdog, wc, wget, which, who, whoami, whois, xargs, xxd, xz, xzcat, yes, zcat, zcip [root@kong ~] |
创建rootfs
这张图在镜像基础介绍的时候已经被无数次看到了,rootfs是linux中重要的概念,而alpine中也有add rootfs.tar.xz这样一句,接下来我们将了解一下如何生成一个简单的rootfs
创建目录并进入
1
2
3
|
[root@kong ~]# mkdir rootfs [root@kong ~]# cd rootfs/ [root@kong rootfs]# |
创建rootfs
执行如下语句
1
2
3
4
5
|
for module in `busybox --list-modules` do mkdir -p `dirname "$module" ` ln -sf /bin/busybox "$module" done |
执行日志
1
2
3
4
5
6
|
[root@kong rootfs]# for module in `busybox --list-modules` > do > mkdir -p `dirname "$module"` > ln -sf /bin/busybox "$module" > done [root@kong rootfs]# |
结果确认
1
2
3
4
5
6
7
8
9
10
|
[root@kong rootfs]# ls bin linuxrc sbin usr [root@kong rootfs]# find . -type d . ./usr ./usr/bin ./usr/sbin ./sbin ./bin [root@kong rootfs]# |
将busybox拷贝至新创建的./bin目录下
这样,上述命令的链接对象就存在了
1
2
3
4
|
[root @kong rootfs]# cp /usr/local/bin/busybox bin/ [root @kong rootfs]# ls -l bin/busybox -rwxr-xr-x. 1 root root 1001112 may 25 05 : 27 bin/busybox [root @kong rootfs]# |
创建rootfs.tar
此处注意相对路径,而后续次相对路径会展开至/下,从而创建新的系统的rootfs,这也是从零搭建linux(linux from scratch)的重要操作之一。
1
2
3
|
[root @kong rootfs]# tar cpf rootfs.tar . tar: ./rootfs.tar: file is the archive; not dumped [root @kong rootfs]# |
简单说明:busybox –list-modules列出了busybox的所有模块,然后以此为基础,创建了一个小型的rootfs
[root@kong rootfs]# busybox –list-modules |wc -l
389
[root@kong rootfs]#
准备dockerfile
准备一个一行的dockerfile
1
2
3
4
|
[root@kong rootfs]# vi dockerfile [root@kong rootfs]# cat dockerfile from scratch [root@kong rootfs]# |
创建base镜像,由于没有发现具体的内容,所以未创建出具体镜像。另外,本文为了演示方便,直接在此处创建dockerfile,这并不是一个好主意,实际的时候请不要这样做,如果当前目录下有100g的文件,就会无比缓慢,而且也不规范,无关物品需要清场。
1
2
3
4
5
6
7
|
[root@kong rootfs]# docker build -t busyboxbase:latest . sending build context to docker daemon 2.415 mb step 1/1 : from scratch ---> no image was generated. is your dockerfile empty? [root@kong rootfs]# docker images |grep busyboxbase [root@kong rootfs]# |
from scracth
有from,这个scratch可以pull么,目前的版本已经将其作为一个保留名称
1
2
3
4
5
6
|
[root@kong rootfs]# docker search scratch |grep 'an explicitly empty' docker.io docker.io/scratch an explicitly empty image, especially for ... 407 [ok] [root@kong rootfs]# docker pull scratch using default tag: latest error response from daemon: 'scratch' is a reserved name [root@kong rootfs]# |
将此dockerfile添加一行没有实际作用的,看看scratch到底是什么
1
2
3
4
5
|
[root@kong rootfs]# vi dockerfile [root@kong rootfs]# cat dockerfile from scratch maintainer liumiao < liumiaocn @outlook.com> [root@kong rootfs]# |
进行构建,发现产生了一个0字节的镜像文件,也与scratch的原意相通
1
2
3
4
5
6
7
8
9
10
11
12
|
[root@kong rootfs]# docker build -t busyboxbase:latest . sending build context to docker daemon 2.415 mb step 1/2 : from scratch ---> step 2/2 : maintainer liumiao < liumiaocn @outlook.com> ---> running in b118fd7c73a7 ---> 2074dc76c09e removing intermediate container b118fd7c73a7 successfully built 2074dc76c09e [root@kong rootfs]# docker images |grep busyboxbase busyboxbase latest 2074dc76c09e 14 seconds ago 0 b [root@kong rootfs]# |
至此,我们理解了from scratch确实不会有额外的添加,接下来我们像alpine那样添加如下两句
1
2
|
add rootfs.tar / cmd ["/bin/sh"] |
我们的dockerfile也是几乎一样的三行
1
2
3
4
5
|
[root@kong rootfs]# cat dockerfile from scratch add rootfs.tar / cmd ["/bin/sh"] [root@kong rootfs]# |
这样就创建了一个1m的busybox为基础的镜像
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
[root@kong rootfs]# docker build -t busyboxbase:latest . sending build context to docker daemon 2.415 mb step 1/3 : from scratch ---> step 2/3 : add rootfs.tar / ---> 0fbb0c8c7579 removing intermediate container 8311e96f456c step 3/3 : cmd /bin/sh ---> running in efb85c4526bf ---> 02270c80a4e4 removing intermediate container efb85c4526bf successfully built 02270c80a4e4 [root@kong rootfs]# docker images |grep busyboxbase busyboxbase latest 02270c80a4e4 9 seconds ago 1.01 mb [root@kong rootfs]# |
运行并使用
使用docker run发现此镜像所启动的容器并无异常之处
1
2
3
4
5
6
|
[root@kong rootfs]# docker run --rm -it busyboxbase sh / # hostname b7f9e9646746 / # uname -a linux b7f9e9646746 3.10.0-693.el7.x86_64 #1 smp tue aug 22 21:09:27 utc 2017 x86_64 gnu/linux / # |
小结
这篇文章介绍了如何使用busybox结合from scratch机制创建docker的基础镜像以及相关原理。本文利用busybox 1.28.1版本创建了一个1.01m的可用的基础镜像,从瑞士军刀到瑞士指甲刀,你可以继续优化到若干k都是可行的,但是到了10m以下其实应该更多考虑的是后续的扩展性和功能性的因素了。但是从另外的角度考虑,集成进来了那么多功能的同时,也将这些功能的不安定因素也集成进来了。利用from scratch机制,创建小并且依赖性少的上下文环境是非常有用的。
参考文献
https://docs.docker.com/develop/develop-images/baseimages/
总结
以上就是这篇文章的全部内容了,希望本文的内容对大家的学习或者工作具有一定的参考学习价值,谢谢大家对服务器之家的支持。如果你想了解更多相关内容请查看下面相关链接
原文链接:https://blog.csdn.net/liumiaocn/article/details/80458663