Docker: interesting features of basic images
When you specify in the Dockerfile:
In the process of
or see the original Dockerfile on github . Each layer corresponds to a separate line in the Dockerfile:
')
Next comes the interesting.
Let's stop here for a minute. First , the policy-rc.d script is added , which disables the automatic start of services. Details can be found in this article .
That is why you observe in the build process:
This, in my opinion, is crooked: it would be easier to replace the
The next step is configuring the package installer: disabling fsync to speed up (in case of problems you can always re-create the container from scratch), clearing the cache of deb files (it only takes up extra space in the layered file system), disabling installation of translations and activating index compression (not sure why it is necessary).
Finally, the last layer sets / bin / bash as the default command.
I thought that everyone who uses standard images would find it useful to know exactly what he is dealing with. That's all for now.
then the officially-supported base image of Ubuntu is on your car (today it is 14.04 LTS). I wondered how this image differs from the “real” pure system.FROM ubuntu
In the process of
pull you can see that it consists of 5 layers :To understand the contents of each layer, you can run the command:docker pull ubuntu ubuntu: latest: The image you are pulling has been verified 511136ea3c5a: Pull complete 3b363fd9d7da: Downloading 8.641 MB / 197.2 MB 3m18s 607c5d1cca71: Download complete f62feddc05dc: Download complete 8eaa4ff06b53: Download complete
docker history --no-trunc ubuntu > history.txt or see the original Dockerfile on github . Each layer corresponds to a separate line in the Dockerfile:
')
511136ea3c5a is the starting point, an empty image called scratch (line FROM scratch ).3b363fd9d7da - “infusion” of the official Ubuntu image from the ubuntu-trusty-core-cloudimg-amd64-root.tar.gz fileNext comes the interesting.
607c5d1cca71 - a long chain of commands (it is recommended to combine teams in such a way as not to create a large number of layers, since this is fraught with problems ).Let's stop here for a minute. First , the policy-rc.d script is added , which disables the automatic start of services. Details can be found in this article .
That is why you observe in the build process:
The next group of lines replaces theinvoke-rc.d: policy-rc.d denied execution of stop. invoke-rc.d: policy-rc.d denied execution of start.
/sbin/initctl . The purpose of this change is to silence the warning when trying to execute the service command:In upstart containers, of course, is not running (and in case of need, several services are recommended by Supervisor ).Failed to connect to socket / com / ubuntu / upstart: Connection refused
This, in my opinion, is crooked: it would be easier to replace the
initctl link to /bin/true , but the meaning does not change. dpkg-divert indicates that the initctl should not be overwritten during subsequent installations of the update.The next step is configuring the package installer: disabling fsync to speed up (in case of problems you can always re-create the container from scratch), clearing the cache of deb files (it only takes up extra space in the layered file system), disabling installation of translations and activating index compression (not sure why it is necessary).
f62feddc05dc - for unknown reasons (probably only to insert a comment) , another command was removed from the previous thread. This line activates the universe package source, although it doesn’t do apt-get update , so before installing any universe package you will have to do the update yourself.Finally, the last layer sets / bin / bash as the default command.
I thought that everyone who uses standard images would find it useful to know exactly what he is dealing with. That's all for now.
Source: https://habr.com/ru/post/247903/
All Articles