Where are Docker images stored? (杂译)
来源:互联网 发布:只有bluetooth网络连接 编辑:程序博客网 时间:2024/06/07 17:15
2015-02-07 wcdj
原文:Where are Docker images stored?
Written by Troy Howard
译者:delphiwcdj (gerryyang)
如果你已经了解了Dockert的基本用法,包括如何写一个Dockerfile来生成自己的镜像,那么下来你一定开始关心另一个问题,我的Docker镜像是在哪里存储的?在了解这个之前,我们先看几个重要的概念。
Image vs Dockerfile
Docker通过加载镜像来执行你在制作镜像时内置的功能,而镜像又是通过事先编写好的Dockerfile然后使用docker build命令来编译创建的。当你使用docker push命令想发布一个镜像时,我们的源码不会一起提交,而只会提交我们制作的镜像。Registry vs Index
Index是一个公开的web接口,管理着使用者的账户,权限,镜像查询,镜像标签等等内容。而registry存储和提供实际的镜像资源,并通过Index来管理授权。例如,当使用docker search命令时,会查询Index上的镜像资源,而不是某一个registry上的。打个比方,Index相当于一个总管家,registry相当于一个房间,而镜像相当于房间里的一个物品,总管家可以管理着多个房间以及那个物品归属哪个房间,用户想查询和获取某个物品时,只需要询问总管家即可,而由总管家来负责从哪个房间获取用户想要的物品,所有这些细节都对用户透明。
Repository
Docker中的Repository概念与Github比较类似。下面有个问题需要我们关心:(1) repository与registry的关系?
(2) repository与image的关系?
(3) repository与index username的关系?
答案:实际上,repository是以上这些元素的一个集合,而并非其中某一个。通过docker images命令可以进行验证。
$ docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEubuntu 12.04 8dbd9e392a96 8 months ago 131.3 MB (virtual 131.3 MB)ubuntu latest 8dbd9e392a96 8 months ago 131.3 MB (virtual 131.3 MB)ubuntu precise 8dbd9e392a96 8 months ago 131.3 MB (virtual 131.3 MB)ubuntu 12.10 b750fe79269d 8 months ago 24.65 kB (virtual 179.7 MB)ubuntu quantal b750fe79269d 8 months ago 24.65 kB (virtual 179.7 MB)输出的本地镜像的列表,仿佛更像一个repository的列表。实际上每个镜像都对应一个GUID。
当使用docker build或者docker commit命令时,我们需要为要创建的镜像指定一个名字,格式为:username/image_name:tag(实际上,可以使用任何我们喜欢的名字)。然而,当需要提交镜像执行docker push命令时,Index将会查找我们要提交的image_name,并核实是否有匹配的repository,如果有则进一步核实我们是否具备提交权限,权限校验通过后才会允许我们这次要push的新镜像提交成功。因此,
a registry holds a collection of named repositories, which themselves are a collection of images tracked by GUIDs.
即,一个注册服务器可以存放多个仓库,每个仓库中通常又存储着某一类镜像,每个镜像都对应全局的一个GUID。
于此同时,我们还可以对相同的image_name标注不同的tag,虽然这些镜像有可能是同一个。
Local Storage on the Docker Host
使用docker images命令可以显示本地镜像的一个列表,那么问题来了,这些本地镜像是如何存放的?第一个地方:/var/lib/docker/,下面是译者本机的输出信息,可以发现输出的格式和内容和docker images是一样的:
root@gerryyang:~# cat /var/lib/docker/repositories-aufs | python -mjson.tool{ "Repositories": { "dl.dockerpool.com:5000/ubuntu": { "14.04": "5506de2b643be1e6febbf3b8a240760c6843244c41e12aa2f60ccbb7153d17f5", "latest": "5506de2b643be1e6febbf3b8a240760c6843244c41e12aa2f60ccbb7153d17f5" }, "dockerpool_ubuntu_gerry": { "v14.04": "5506de2b643be1e6febbf3b8a240760c6843244c41e12aa2f60ccbb7153d17f5" }, "gcc": { "latest": "28d1ad755d5ee4d3251dcfba8930d645debeddcd2740e02a60c1806e536a41c7" }, "gcc_latest_gerry": { "demo": "ada7ef168150440190db57776e307430c61c46840b4b11975d29a7ba4f4f98d0" }, "mysql": { "5": "310c359af360b506e44a73a1141bf133de7be5ec00ba8d14f215591d5e5370b2", "5.5": "3f631c0ca341baa6253f6548fcf97b221b32645caf8f08e8dfedab922b63973c", "5.5.40": "8866e0a8765030c6916fbe232b3ea9e88e0dc26eb924cbf6cb512303d91451bd", "5.5.41": "3f631c0ca341baa6253f6548fcf97b221b32645caf8f08e8dfedab922b63973c", "5.6": "310c359af360b506e44a73a1141bf133de7be5ec00ba8d14f215591d5e5370b2", "5.6.17": "36e732ca26106f3e286b9f9500ef17803430d3b5a044d25c64b66988fd198d59", "5.6.20": "722147135e89b2082ec729ce12266614ee573ae910c0ea8f85ffb3b3b568a587", "5.6.21": "dc376b561957c5a1b70603f246cde89696042f8b8d1ff7dc768eb1303b316e13", "5.6.22": "310c359af360b506e44a73a1141bf133de7be5ec00ba8d14f215591d5e5370b2", "5.7": "8419f2b0e48698e3127020de477fbc770c29f468537fd6545274585ada16e042", "5.7.5": "8419f2b0e48698e3127020de477fbc770c29f468537fd6545274585ada16e042", "5.7.5-m15": "8419f2b0e48698e3127020de477fbc770c29f468537fd6545274585ada16e042", "latest": "310c359af360b506e44a73a1141bf133de7be5ec00ba8d14f215591d5e5370b2" }, "php": { "latest": "022910f2a8262a5c0ee4b81de1ac769a575bde99abadb2bc6dff60fb34006b03" }, "registry": { "latest": "7b4ee0b17c992e16dd1f21dad898cbf4ca92e7fdef8fd0c5468a6fc88e1cbaa1" }, "tutum/lamp": { "latest": "b84edafb1623c81ae7a230bfee1b6bace0bf8397c0a69f0dafb153e8809c1fb2" }, "tutum_lamp_golang_gerry": { "1.0": "6b660dc40f2bc56eefdc867429742019240054eac681b8d94cb6f3452f2fd9f5" }, "ubuntu": { "14.04": "8eaa4ff06b53ff7730c4d7a7e21b4426a4b46dee064ca2d5d90d757dc7ea040a", "14.04.1": "8eaa4ff06b53ff7730c4d7a7e21b4426a4b46dee064ca2d5d90d757dc7ea040a", "14.10": "bf49414948acef83f1cb8b8d3148f5e8dbc388ccea03a4ae23f1dbeb3dd61b11", "15.04": "b12dbb6f7084464e54a0b642367fe76f6530f635385b35496b7fd5e251159b13", "latest": "8eaa4ff06b53ff7730c4d7a7e21b4426a4b46dee064ca2d5d90d757dc7ea040a", "trusty": "8eaa4ff06b53ff7730c4d7a7e21b4426a4b46dee064ca2d5d90d757dc7ea040a", "utopic": "bf49414948acef83f1cb8b8d3148f5e8dbc388ccea03a4ae23f1dbeb3dd61b11", "vivid": "b12dbb6f7084464e54a0b642367fe76f6530f635385b35496b7fd5e251159b13" }, "ubuntu_sshd_dockerfile_gerry": { "14.04": "7c46169e819247e40b7412dcc875b39f6dabf67966f172c30015d89869785bad" }, "ubuntu_sshd_gcc_apache_gerry": { "14.04": "9265b0c6d3146503a3e38796ccbe7da5cd72f55c310a6b3e44867c9785a622d7" }, "ubuntu_sshd_gcc_apache_php_gerry": { "14.04": "d84f2513f7778fa4fb27639d3cdeea422c8330ba37ec3f33e35560bc45a6222e" }, "ubuntu_sshd_gcc_gerry": { "14.04": "f0e3262ed6617896b306852c923e4c0e1d359b58b29a02ef849c4b8978c73c65" }, "ubuntu_sshd_gcc_golang_gerry": { "14.04": "16a3c68c1f44b3bd260df713df942e92323b42db39ba625357acd0f87c5c1775" }, "ubuntu_sshd_gcc_mysql_gerry": { "14.04": "3628ab96ba35d72512f7ac3e1baa8b16171deba00ee3409aa0e1ba68cff404e2" }, "ubuntu_sshd_gcc_nginx_gerry": { "14.04": "30ee28dd0d953864b4c2a5cfdf6056c2af8fe4417053c21de6512943c06bbbea" }, "vcarl/cakephp": { "latest": "f58d081026b1963adb95726b61c94e61efe12f28626c8eb95640833b008aaf28" }, "wordpress": { "latest": "62751144a0a07ec7fa9ac08f2b74061694b12489ea9b06ccc6c25e3ec1c8b24b" } }}root@gerryyang:~# docker imagesREPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZEgcc_latest_gerry demo ada7ef168150 10 days ago 1.201 GBubuntu_sshd_gcc_apache_php_gerry 14.04 d84f2513f777 10 days ago 407.3 MBubuntu_sshd_gcc_mysql_gerry 14.04 3628ab96ba35 10 days ago 617.1 MBtutum_lamp_golang_gerry 1.0 6b660dc40f2b 11 days ago 661.4 MBubuntu_sshd_gcc_golang_gerry 14.04 16a3c68c1f44 11 days ago 499.7 MBwordpress latest 62751144a0a0 11 days ago 473.2 MBphp latest 022910f2a826 11 days ago 390 MBubuntu_sshd_gcc_nginx_gerry 14.04 30ee28dd0d95 11 days ago 352.7 MBubuntu_sshd_gcc_apache_gerry 14.04 9265b0c6d314 12 days ago 351.2 MBgcc latest 28d1ad755d5e 2 weeks ago 1.201 GBubuntu_sshd_dockerfile_gerry 14.04 7c46169e8192 2 weeks ago 230.3 MBubuntu_sshd_gcc_gerry 14.04 f0e3262ed661 2 weeks ago 334.3 MBmysql 5.7 8419f2b0e486 4 weeks ago 322.8 MBmysql 5.7.5 8419f2b0e486 4 weeks ago 322.8 MBmysql 5.7.5-m15 8419f2b0e486 4 weeks ago 322.8 MBmysql 5 310c359af360 4 weeks ago 282.6 MBmysql 5.6 310c359af360 4 weeks ago 282.6 MBmysql 5.6.22 310c359af360 4 weeks ago 282.6 MBmysql latest 310c359af360 4 weeks ago 282.6 MBmysql 5.5 3f631c0ca341 4 weeks ago 214.5 MBmysql 5.5.41 3f631c0ca341 4 weeks ago 214.5 MBregistry latest 7b4ee0b17c99 4 weeks ago 414.2 MBubuntu vivid b12dbb6f7084 5 weeks ago 117.2 MBubuntu 15.04 b12dbb6f7084 5 weeks ago 117.2 MBubuntu utopic bf49414948ac 5 weeks ago 194.4 MBubuntu 14.10 bf49414948ac 5 weeks ago 194.4 MBubuntu trusty 8eaa4ff06b53 5 weeks ago 188.3 MBubuntu 14.04 8eaa4ff06b53 5 weeks ago 188.3 MBubuntu 14.04.1 8eaa4ff06b53 5 weeks ago 188.3 MBubuntu latest 8eaa4ff06b53 5 weeks ago 188.3 MBmysql 5.6.21 dc376b561957 12 weeks ago 235.9 MBmysql 5.5.40 8866e0a87650 12 weeks ago 215.2 MBvcarl/cakephp latest f58d081026b1 3 months ago 476.9 MBtutum/lamp latest b84edafb1623 3 months ago 436.7 MBdl.dockerpool.com:5000/ubuntu 14.04 5506de2b643b 3 months ago 199.3 MBdl.dockerpool.com:5000/ubuntu latest 5506de2b643b 3 months ago 199.3 MBdockerpool_ubuntu_gerry v14.04 5506de2b643b 3 months ago 199.3 MBmysql 5.6.20 722147135e89 4 months ago 235.6 MBmysql 5.6.17 36e732ca2610 7 months ago 458.7 MB那么第二个问题来了,这里到底存放的是什么?
以译者,ubuntu_sshd_gcc_gerry:14.04镜像为例:
total 52drwx------ 2 root root 4096 Jan 18 19:57 .drwx------ 311 root root 36864 Jan 28 19:47 ..-rw------- 1 root root 1428 Jan 18 19:57 json-rw------- 1 root root 8 Jan 18 19:57 layersize每个子目录的含义如下:
json
- holds metadata about the imagelayersize
- just a number, indicating the size of the layerlayer/
- sub-directory that holds the rootfs for the container image(译者环境,并未存在此目录)
root@gerryyang:~# cat /var/lib/docker/graph/f0e3262ed6617896b306852c923e4c0e1d359b58b29a02ef849c4b8978c73c65/json | python -mjson.tool{ "Size": 83548377, "architecture": "amd64", "checksum": "tarsum.dev+sha256:bf493f9113f3fb79c26de28346628eff3c62b19b64ee3242582e2abb343aab30", "config": { "AttachStderr": false, "AttachStdin": false, "AttachStdout": false, "Cmd": [ "/run.sh" ], "CpuShares": 0, "Cpuset": "", "Domainname": "", "Entrypoint": null, "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ], "ExposedPorts": { "22/tcp": {} }, "Hostname": "", "Image": "", "MacAddress": "", "Memory": 0, "MemorySwap": 0, "NetworkDisabled": false, "OnBuild": null, "OpenStdin": false, "PortSpecs": null, "StdinOnce": false, "Tty": false, "User": "", "Volumes": null, "WorkingDir": "" }, "container": "e50b72dfaae7afcd2afc31eb33ff39b8450937d8058b276c7e4e23c9854a06b2", "container_config": { "AttachStderr": false, "AttachStdin": false, "AttachStdout": false, "Cmd": [ "/run.sh" ], "CpuShares": 0, "Cpuset": "", "Domainname": "", "Entrypoint": null, "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ], "ExposedPorts": { "22/tcp": {} }, "Hostname": "e50b72dfaae7", "Image": "ubuntu_sshd_gerryv2:14.04", "MacAddress": "", "Memory": 0, "MemorySwap": 0, "NetworkDisabled": false, "OnBuild": null, "OpenStdin": false, "PortSpecs": null, "StdinOnce": false, "Tty": false, "User": "", "Volumes": null, "WorkingDir": "" }, "created": "2015-01-18T11:56:58.108518707Z", "docker_version": "1.4.1", "id": "f0e3262ed6617896b306852c923e4c0e1d359b58b29a02ef849c4b8978c73c65", "os": "linux", "parent": "a45787b0222f955d68d9db34fb18033144b8a78015d9e306a1613894da0fd86e"}root@gerryyang:~# cat /var/lib/docker/graph/f0e3262ed6617896b306852c923e4c0e1d359b58b29a02ef849c4b8978c73c65/layersize 83548377
DIY Dockerfiles
OK, 让我们手动创建一个Dockerfile吧。
FROM ubuntu
这句命令的含义就是,把ubuntu镜像作为我们的基础层镜像。没错,就这么简单,到此为止Dockerfile编写完毕。
第二步,使用命令编译此Dockerfile:
docker build -t gerry_image_from_ubuntu .
这句命令的含义是,docker通过我们指定的目录(.),即当前目录,查找Dockerfile,然后编译它。并且我们指定了编译后的repository名字是gerry_image_from_ubuntu。
root@gerryyang:~/Docker/DIY_Dockerfile# lsbuild.sh Dockerfileroot@gerryyang:~/Docker/DIY_Dockerfile# cat build.sh #!/bin/bashdocker build -t gerry_image_from_ubuntu .root@gerryyang:~/Docker/DIY_Dockerfile# sh build.sh Sending build context to Docker daemon 3.072 kBSending build context to Docker daemon Step 0 : FROM ubuntu ---> 8eaa4ff06b53Successfully built 8eaa4ff06b53root@gerryyang:~/Docker/DIY_Dockerfile# docker images | grep gerry_image*gerry_image_from_ubuntu latest 8eaa4ff06b53 5 weeks ago 188.3 MBroot@gerryyang:~/Docker/DIY_Dockerfile# cat /var/lib/docker/repositories-aufs | python -mjson.tool | grep gerry_image* -3 "gcc_latest_gerry": { "demo": "ada7ef168150440190db57776e307430c61c46840b4b11975d29a7ba4f4f98d0" }, "gerry_image_from_ubuntu": { "latest": "8eaa4ff06b53ff7730c4d7a7e21b4426a4b46dee064ca2d5d90d757dc7ea040a" }, "mysql": {<pre name="code" class="plain">root@gerryyang:~/Docker/DIY_Dockerfile#使用docker images可以看到,Docker非常聪明,我们新生成的gerry_image_from_ubuntu镜像ID和ubuntu镜像ID是一样的,因为没有任何改变的操作。
gerry_image_from_ubuntu latest 8eaa4ff06b53 5 weeks ago 188.3 MBubuntu 14.04 8eaa4ff06b53 5 weeks ago 188.3 MB
OK,通过RUN指令添加一个改变的操作:
root@gerryyang:~/Docker/DIY_Dockerfile# lsbuild.sh Dockerfileroot@gerryyang:~/Docker/DIY_Dockerfile# cat Dockerfile FROM ubuntuRUN touch hello.txtroot@gerryyang:~/Docker/DIY_Dockerfile# ./build.sh Sending build context to Docker daemon 3.072 kBSending build context to Docker daemon Step 0 : FROM ubuntu ---> 8eaa4ff06b53Step 1 : RUN touch hello.txt ---> Running in 6246fbfc6249 ---> 2fefd58a4a83Removing intermediate container 6246fbfc6249Successfully built 2fefd58a4a83
然后再对比下,镜像ID是否有变化。可以看到,新生成的gerry_image_from_ubuntu镜像的ID已经和ubuntu镜像的ID不同。Yes, Our tiny change had a big impact!
gerry_image_from_ubuntu latest 2fefd58a4a83 2 minutes ago 188.3 MBubuntu 14.04 8eaa4ff06b53 5 weeks ago 188.3 MBroot@gerryyang:~/Docker/DIY_Dockerfile# ls -la /var/lib/docker/graph/2fefd58a4a8385981742202e41e234df18c0547ba6cb80074b9f2fbef57d32bc/total 52drwx------ 2 root root 4096 Feb 7 20:48 .drwx------ 312 root root 36864 Feb 7 20:48 ..-rw------- 1 root root 1539 Feb 7 20:48 json-rw------- 1 root root 1 Feb 7 20:48 layersizeroot@gerryyang:~/Docker/DIY_Dockerfile# cat /var/lib/docker/graph/2fefd58a4a8385981742202e41e234df18c0547ba6cb80074b9f2fbef57d32bc/json | python -mjson.tool{ "Size": 0, "architecture": "amd64", "checksum": "tarsum.dev+sha256:72d843b4be6cf2c6a5322a90405d9ca32b1112a8f93130d0e9e008def27f39e3", "config": { "AttachStderr": false, "AttachStdin": false, "AttachStdout": false, "Cmd": [ "/bin/bash" ], "CpuShares": 0, "Cpuset": "", "Domainname": "", "Entrypoint": null, "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ], "ExposedPorts": null, "Hostname": "8c41fcbc2d07", "Image": "8eaa4ff06b53ff7730c4d7a7e21b4426a4b46dee064ca2d5d90d757dc7ea040a", "MacAddress": "", "Memory": 0, "MemorySwap": 0, "NetworkDisabled": false, "OnBuild": [], "OpenStdin": false, "PortSpecs": null, "StdinOnce": false, "Tty": false, "User": "", "Volumes": null, "WorkingDir": "" }, "container": "6246fbfc6249aea9d27631bcdd94e3047b0192425b685d2bfa43a27a7740cccd", "container_config": { "AttachStderr": false, "AttachStdin": false, "AttachStdout": false, "Cmd": [ "/bin/sh", "-c", "touch hello.txt" ], "CpuShares": 0, "Cpuset": "", "Domainname": "", "Entrypoint": null, "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ], "ExposedPorts": null, "Hostname": "8c41fcbc2d07", "Image": "8eaa4ff06b53ff7730c4d7a7e21b4426a4b46dee064ca2d5d90d757dc7ea040a", "MacAddress": "", "Memory": 0, "MemorySwap": 0, "NetworkDisabled": false, "OnBuild": [], "OpenStdin": false, "PortSpecs": null, "StdinOnce": false, "Tty": false, "User": "", "Volumes": null, "WorkingDir": "" }, "created": "2015-02-07T12:48:10.905653013Z", "docker_version": "1.4.1", "id": "2fefd58a4a8385981742202e41e234df18c0547ba6cb80074b9f2fbef57d32bc", "os": "linux", "parent": "8eaa4ff06b53ff7730c4d7a7e21b4426a4b46dee064ca2d5d90d757dc7ea040a"}
Run it!
现在可以运行我们新创建的镜像了。先通过bash交互的方式来运行我们的镜像:root@gerryyang:~/Docker/DIY_Dockerfile# lsbuild.sh debug.sh Dockerfileroot@gerryyang:~/Docker/DIY_Dockerfile# cat debug.sh #!/bin/bashdocker run -it gerry_image_from_ubuntu /bin/bashroot@gerryyang:~/Docker/DIY_Dockerfile# ./debug.sh root@544fb9b56a23:/# uname -aLinux 544fb9b56a23 3.13.0-37-generic #64-Ubuntu SMP Mon Sep 22 21:28:38 UTC 2014 x86_64 x86_64 x86_64 GNU/Linuxroot@544fb9b56a23:/# cat /etc/issueUbuntu 14.04.1 LTS \n \lroot@544fb9b56a23:/# lsbin boot dev etc hello.txt home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var进入镜像后可以看到,在Dockerfile文件中指定创建的hello.txt文件。
Publish it!
到目前为止,我们已经把本地要做的工作完成了,现在可以发布新的镜像给外部了。要发布到Docker Index,需要事先创建好账户,然后通过docker push命令提交新的镜像。root@gerryyang:~/Docker/DIY_Dockerfile# docker push gerry/gerry_image_from_ubuntuThe push refers to a repository [gerry/gerry_image_from_ubuntu] (len: 1)Sending image listPlease login prior to push:Username: gerryyangPassword: Email: diggwcdj@gmail.comLogin SucceededThe push refers to a repository [gerry/gerry_image_from_ubuntu] (len: 1)Sending image listFATA[0032] Error: Status 403 trying to push repository gerry/gerry_image_from_ubuntu: "Access Denied: Not allowed to create Repo at given location"
Oops. Docker Index won't let us publish without our username in the repository name.
注意:Docker Index不允许提交没有用户名的镜像,因此正确地提交方式是,在编译镜像时指定Docker Index的用户名,比如,gerryyang:
docker build -t gerryyang/gerry_image_from_ubuntu .
root@gerryyang:~/Docker/DIY_Dockerfile# docker push gerryyang/gerry_image_from_ubuntuThe push refers to a repository [gerryyang/gerry_image_from_ubuntu] (len: 1)Sending image listPushing repository gerryyang/gerry_image_from_ubuntu (1 tags)511136ea3c5a: Image already pushed, skipping 3b363fd9d7da: Image already pushed, skipping 607c5d1cca71: Image already pushed, skipping f62feddc05dc: Image already pushed, skipping 8eaa4ff06b53: Image already pushed, skipping 2fefd58a4a83: Image successfully pushed Pushing tag for rev [2fefd58a4a83] on {https://cdn-registry-1.docker.io/v1/repositories/gerryyang/gerry_image_from_ubuntu/tags/latest}root@gerryyang:~/Docker/DIY_Dockerfile# docker search gerryyangNAME DESCRIPTION STARS OFFICIAL AUTOMATEDgerryyang/ping 0 root@gerryyang:~/Docker/DIY_Dockerfile# docker search gerry_image_from_ubuntuNAME DESCRIPTION STARS OFFICIAL AUTOMATEDroot@gerryyang:~/Docker/DIY_Dockerfile# docker search gerryyang/gerry_image_from_ubuntuNAME DESCRIPTION STARS OFFICIAL AUTOMATED
译者注:向Docker Index提交镜像成功后,使用docker search并没有查询到,可能还没有被缓存,因此查询不到。
Also, to be honest, this is not a very interesting image to share publicly, and we don't want to look like n00bs, so let's delete it as well.
如果要删除一个本地镜像,可以使用命令:docker rmi image_name:tag,但是,如何删除外部Docker Index上的镜像呢?
Deleting a Published Repository
很不幸,要从index/registry删除我们提交的镜像,必须在web页面操作,而不能通过command-line的方式。镜像删除不可怕,因为我们还有Dockerfile!
Important Security Lesson
此部分摘录原文。It's really important to consider the security implications of what we just saw though.
Even if a Docker image is deleted from the Docker Index it may still be out there on someones machine. There's no way to change that.
Also, as we saw when looking at the files we have locally, it's not quite an "opaque binary" image. All the information from the Dockerfile was in theJSON file for the image, and the artifacts of those commands are in the layer, as accessible as a filesystem. If you accidentally published a password or key, or some other critical secret, there's no getting it back, and people can find as easily as they can find anything else in a published open source code base.
Be very careful about what you're publishing. If you do accidentally publish a secret, take it down right away and update credentials on whatever systems it might have compromised.
Conclusion
同上,原汁原味。Docker can be a bit confusing with its terminology, but once you wrap your head around the basic workflow described here, it should be very easy to be in-control of what you're building, knowing exactly when and how you share that with the world.
More:
[1] where-are-docker-images-stored-on-the-host-machine
[2] how-to-delete-dockers-images
[3] how-to-change-the-docker-image-installation-directory
[4] DOCKER_OPTS in /etc/default/docker ignored
- Where are Docker images stored? (杂译)
- Where are my gravitybox audio recordings stored?
- Where is JSESSIONID stored? (JavaEE)
- Docker-删除untagged docker images
- Working with Docker Images
- docker命令之images
- Docker Images and Registry
- docker images 导入导出
- Building Good Docker Images
- Docker 无法删除images
- docker删除images
- Where are you going?
- where are you
- PeopleTools Tables (Where the MetaData is Stored)
- Creating Forms that are stored in DLLs
- Creating Forms that are stored in DLLs
- 如何删除docker images/containers
- 与Docker Images一起工作
- Oracle静态监听注册详解
- Activity生命周期管理(Managing the Activity Lifecycle)
- 如何解决Android SDK下载过慢甚至无法下载的问题
- SDUT 1478 琳琳选夫婿
- input子系统 KeyPad-Touch上报数据格式与机制
- Where are Docker images stored? (杂译)
- git教程:reset,revert
- Beautiful Year
- <cocos2dx 随记一> 在windows上设置分辨率上的一些坑
- HDU 1013Digital Roots 吃完饭,水个题。
- 数据结构实验:连通分量个数
- Activity Intent FLAG 详解
- Hadoop的HDFS文件存储实现机制
- hadoop中的Configuration对象是什么有什么用?