how to create owned centos base image on centos

一般情况下, 我们需要制作image的话, 总需要一个基本的image, 那么这个base image是哪里来的呢?

如果不自制的话, 那就得去docker HUB下载.

其实base image也可以自制, 参考docker提供的mkimage开头的脚本 : 

https://github.com/docker/docker/tree/master/contrib

例如mkimage-yum.sh是在centos中制作centos base image的脚本.

例如我在CentOS 6.x x64中可以制作centos 6 x64最新版的image.

脚本内容如下 : 

最后一步tar --numeric-owner -c -C "$target" . | docker import - $name:$version是使用docker import导入到本地镜像库.

[root@150 ~]# vi build.sh 

#!/usr/bin/env bash
#
# Create a base CentOS Docker image.
#
# This script is useful on systems with yum installed (e.g., building
# a CentOS image on CentOS).  See contrib/mkimage-rinse.sh for a way
# to build CentOS images on other systems.

usage() {
    cat <<EOOPTS
$(basename $0) [OPTIONS] <name>
OPTIONS:
  -y <yumconf>  The path to the yum config to install packages from. The
                default is /etc/yum.conf.
EOOPTS
    exit 1
}

# option defaults
yum_config=/etc/yum.conf
while getopts ":y:h" opt; do
    case $opt in
        y)
            yum_config=$OPTARG
            ;;
        h)
            usage
            ;;
        \?)
            echo "Invalid option: -$OPTARG"
            usage
            ;;
    esac
done
shift $((OPTIND - 1))
name=$1

if [[ -z $name ]]; then
    usage
fi

#--------------------

target=$(mktemp -d --tmpdir $(basename $0).XXXXXX)

set -x

mkdir -m 755 "$target"/dev
mknod -m 600 "$target"/dev/console c 5 1
mknod -m 600 "$target"/dev/initctl p
mknod -m 666 "$target"/dev/full c 1 7
mknod -m 666 "$target"/dev/null c 1 3
mknod -m 666 "$target"/dev/ptmx c 5 2
mknod -m 666 "$target"/dev/random c 1 8
mknod -m 666 "$target"/dev/tty c 5 0
mknod -m 666 "$target"/dev/tty0 c 4 0
mknod -m 666 "$target"/dev/urandom c 1 9
mknod -m 666 "$target"/dev/zero c 1 5

yum -c "$yum_config" --installroot="$target" --releasever=/ --setopt=tsflags=nodocs \
    --setopt=group_package_types=mandatory -y groupinstall Core
yum -c "$yum_config" --installroot="$target" -y clean all

cat > "$target"/etc/sysconfig/network <<EOF
NETWORKING=yes
HOSTNAME=localhost.localdomain
EOF

# effectively: febootstrap-minimize --keep-zoneinfo --keep-rpmdb
# --keep-services "$target".  Stolen from mkimage-rinse.sh
#  locales
rm -rf "$target"/usr/{{lib,share}/locale,{lib,lib64}/gconv,bin/localedef,sbin/build-locale-archive}
#  docs
rm -rf "$target"/usr/share/{man,doc,info,gnome/help}
#  cracklib
rm -rf "$target"/usr/share/cracklib
#  i18n
rm -rf "$target"/usr/share/i18n
#  sln
rm -rf "$target"/sbin/sln
#  ldconfig
rm -rf "$target"/etc/ld.so.cache
rm -rf "$target"/var/cache/ldconfig/*

version=
if [ -r "$target"/etc/redhat-release ]; then
    version="$(sed 's/^[^0-9\]*\([0-9.]\+\).*$/\1/' "$target"/etc/redhat-release)"
fi

if [ -z "$version" ]; then
    echo >&2 "warning: cannot autodetect OS version, using '$name' as tag"
    version=$name
fi

tar --numeric-owner -c -C "$target" . | docker import - $name:$version
docker run -i -t $name:$version echo success

rm -rf "$target"

yum的installroot用于将包安装到指定的root, 而不是本地.

man yum 

       --installroot=root
              Specifies an alternative installroot, relative to which all packages will be installed.
              Configuration Option: installroot

[root@150 ~]# cat /etc/yum.conf  

[main]
cachedir=/var/cache/yum/$basearch/$releasever
keepcache=0
debuglevel=2
logfile=/var/log/yum.log
exactarch=1
obsoletes=1
gpgcheck=1
plugins=1
installonly_limit=5
bugtracker_url=http://bugs.centos.org/set_project.php?project_id=16&ref=http://bugs.centos.org/bug_report_page.php?category=yum
distroverpkg=centos-release

#  This is the default, if you make this bigger yum won't see if the metadata
# is newer on the remote and so you'll "gain" the bandwidth of not having to
# download the new metadata and "pay" for it by yum not having correct
# information.
#  It is esp. important, to have correct metadata, for distributions like
# Fedora which don't keep old packages around. If you don't like this checking
# interupting your command line usage, it's much better to have something
# manually check the metadata once an hour (yum-updatesd will do this).
# metadata_expire=90m

# PUT YOUR REPOS HERE OR IN separate files named file.repo
# in /etc/yum.repos.d

跑这个脚本, 就可以创建centos6的镜像了, 自动tag为最新版本. 

[root@150 ~]# chmod 500 ./build.sh
[root@150 ~]# ./build.sh
build.sh [OPTIONS] <name>
OPTIONS:
  -y <yumconf>  The path to the yum config to install packages from. The
                default is /etc/yum.conf.

运行过程的输出提取如下 : 

[root@150 ~]# ./build.sh -y /etc/yum.conf centos6

+ mkdir -m 755 /tmp/build.sh.BEGiT6/dev
+ mknod -m 600 /tmp/build.sh.BEGiT6/dev/console c 5 1
+ mknod -m 600 /tmp/build.sh.BEGiT6/dev/initctl p
+ mknod -m 666 /tmp/build.sh.BEGiT6/dev/full c 1 7
+ mknod -m 666 /tmp/build.sh.BEGiT6/dev/null c 1 3
+ mknod -m 666 /tmp/build.sh.BEGiT6/dev/ptmx c 5 2
+ mknod -m 666 /tmp/build.sh.BEGiT6/dev/random c 1 8
+ mknod -m 666 /tmp/build.sh.BEGiT6/dev/tty c 5 0
+ mknod -m 666 /tmp/build.sh.BEGiT6/dev/tty0 c 4 0
+ mknod -m 666 /tmp/build.sh.BEGiT6/dev/urandom c 1 9
+ mknod -m 666 /tmp/build.sh.BEGiT6/dev/zero c 1 5
+ yum -c /etc/yum.conf --installroot=/tmp/build.sh.BEGiT6 --releasever=/ --setopt=tsflags=nodocs --setopt=group_package_types=mandatory -y groupinstall Core
..........................................................................................................................................................
Complete!
+ yum -c /etc/yum.conf --installroot=/tmp/build.sh.BEGiT6 -y clean all
Loaded plugins: fastestmirror, refresh-packagekit, security, versionlock
Cleaning repos: base extras updates
Cleaning up Everything
Cleaning up list of fastest mirrors
+ cat
+ rm -rf /tmp/build.sh.BEGiT6/usr/lib/locale /tmp/build.sh.BEGiT6/usr/share/locale /tmp/build.sh.BEGiT6/usr/lib/gconv /tmp/build.sh.BEGiT6/usr/lib64/gconv /tmp/build.sh.BEGiT6/usr/bin/localedef /tmp/build.sh.BEGiT6/usr/sbin/build-locale-archive
+ rm -rf /tmp/build.sh.BEGiT6/usr/share/man /tmp/build.sh.BEGiT6/usr/share/doc /tmp/build.sh.BEGiT6/usr/share/info /tmp/build.sh.BEGiT6/usr/share/gnome/help
+ rm -rf /tmp/build.sh.BEGiT6/usr/share/cracklib
+ rm -rf /tmp/build.sh.BEGiT6/usr/share/i18n
+ rm -rf /tmp/build.sh.BEGiT6/sbin/sln
+ rm -rf /tmp/build.sh.BEGiT6/etc/ld.so.cache
+ rm -rf /tmp/build.sh.BEGiT6/var/cache/ldconfig/aux-cache
+ version=
+ '[' -r /tmp/build.sh.BEGiT6/etc/redhat-release ']'
++ sed 's/^[^0-9\]*\([0-9.]\+\).*$/\1/' /tmp/build.sh.BEGiT6/etc/redhat-release
+ version=6.6
+ '[' -z 6.6 ']'
+ tar --numeric-owner -c -C /tmp/build.sh.BEGiT6 .
+ docker import - centos6:6.6
c459824791f12b110ae8c2bd83847b2cd34c5a36d9afbb69db4e2acfe2c7c79c
+ docker run -i -t centos6:6.6 echo success

success
+ rm -rf /tmp/build.sh.BEGiT6

运行完后, 可以在本地查看到刚才生成的image. 

[root@150 ~]# docker images
REPOSITORY                        TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
centos6                           6.6                 c459824791f1        34 seconds ago      192.2 MB

使用这个image 

[root@150 ~]# docker run -t -i --rm centos6:6.6 /bin/bash
bash-4.1# cat /etc/redhat-release
CentOS release 6.6 (Final)
bash-4.1# df -h
Filesystem            Size  Used Avail Use% Mounted on
rootfs                9.9G  354M  9.0G   4% /
/dev/mapper/docker-8:33-3407874-86d271118901ababe886058c9cfca4790857f38117c4a3b9f09b8b03d1f1ebb5
                      9.9G  354M  9.0G   4% /
tmpfs                  48G     0   48G   0% /dev
shm                    64M     0   64M   0% /dev/shm
/dev/sdc1             221G  156G   54G  75% /.dockerinit
/dev/sda1              39G  4.4G   34G  12% /etc/resolv.conf
/dev/sdc1             221G  156G   54G  75% /etc/hostname
/dev/sdc1             221G  156G   54G  75% /etc/hosts
tmpfs                  48G     0   48G   0% /proc/kcore

提交到docker hub或私有docker registry

提交到docker hub

[root@150 tmp]# docker ps -a
CONTAINER ID        IMAGE                                     COMMAND             CREATED             STATUS                      PORTS               NAMES
64b683e221ae        centos6:6.6                               echo success        19 minutes ago      Exited (0) 19 minutes ago                       ecstatic_fermi      

[root@150 ~]# docker commit -a "digoal@126.com" -m "this is centos6.6 base image created on centos6.5 x64" -p 64b683e221ae digoal/centos6:6.6
6f7b94e36cd2bb846209418195b7569a048bc03a4badc51095a488ff6ddc8709

[root@150 ~]# docker push digoal/centos6:6.6
The push refers to a repository [digoal/centos6] (len: 1)
Sending image list
Pushing repository digoal/centos6 (1 tags)
Pushing tag for rev [6f7b94e36cd2] on {https://cdn-registry-1.docker.io/v1/repositories/digoal/centos6/tags/6.6}

上传到私有registry 

[root@150 ~]# docker tag centos6:6.6 172.16.3.221:5000/digoal/centos6:6.6

[root@150 ~]# docker push 172.16.3.221:5000/digoal/centos6:6.6
The push refers to a repository [172.16.3.221:5000/digoal/centos6] (len: 1)
Sending image list
Pushing repository 172.16.3.221:5000/digoal/centos6 (1 tags)
c459824791f1: Image successfully pushed
Pushing tag for rev [c459824791f1] on {http://172.16.3.221:5000/v1/repositories/digoal/centos6/tags/6.6}

[参考]

1. https://github.com/docker/docker/blob/master/contrib/mkimage-yum.sh

2. https://docs.docker.com/articles/baseimages/

3. man docker-import

时间: 2025-01-20 19:55:33

how to create owned centos base image on centos的相关文章

在线直接升级CentOS 4.x到CentOS 5.x最新版本

说明: 当前操作系统:CentOS 4.x 64位 实现目的: 通过yum命令在线升级CentOS 4.x到CentOS 5.x最新版本 一.升级CentOS 4.x到CentOS 4.9版本 cd /etc/yum.repos.d/  #进入目录 mv CentOS-Base.repo  CentOS-Base.repo-bak  #备份之前的文件 wget http://vault.centos.org/4.9/CentOS-Base.repo  #下载CentOS 4.9的yum源文件 y

centos sshd-阿里云 centos 6.7 64位服务器,sshd 远程服务 貌似有个漏洞

问题描述 阿里云 centos 6.7 64位服务器,sshd 远程服务 貌似有个漏洞 本人在阿里云 搭建了一个服务器,里面开启sshd服务. 为了登录方便,为sshd开启了PubkeyAuthentication yes,其他password方式关闭. 那么问题来了: 正常情况下,我使用secureCRT,使用正确的KEY,一切没有问题,能马上登录不用密码.但是有一次,我在secureCRT中错误的使用了其他的publickey,居然也登录到了我的服务器. 而且我还发现,我使用小米路由器(已经

centos 覆盖安装-关于centOS安装遇到的问题

问题描述 关于centOS安装遇到的问题 我原本在个人计算机上安装了win7和Ubuntu,今天我想在ubuntu分区重新安装centOS,安装成功之后,我想继续熟悉安装过程,就继续想用原来的centOS安装光盘重新覆盖安装已经存在的centOS系统,可是这次怎么也安装不上,警告提示安装光盘里找不到镜像文件,所以根本就进入不了安装界面.我也感觉自己没事儿找事,不过我是真的想了解.学习linux系统,还望各路大神指教啊!! 解决方案 分区已经达到4个主分区的原因?

如何在CentOS中添加Swap?CentOS添加交换分区的教程

使用 DigitalOcean 有很长一段时间了,前几天在编译 PHP 的时候出现了进程被 killed 的状况,经过我的吐槽以及和别人交流后发现,是内存耗尽的缘故.其实是因为当时开着 MySQL 进程消耗了不少内存,后来觉得有必要手动添加一下 Swap(交换分区),这样以免以后再编译什么的时候进程被K . 关于 Linux 中 Swap(交换分区),类似于 Windows 的虚拟内存,就是当内存不足的时候,把一部分硬盘空间虚拟成内存使用,从而解决内存容量不足的情况. 那么如何在 CentOS

Centos 6.X 与Centos 7.X一些区别整理

man: centos 6.x [root@Lnmp ~]# whatis man man: nothing appropriate [root@Lnmp ~]# makewhatis [root@Lnmp ~]# man -f man man                  (1)  - format and display the on-line manual pages man.config [man]     (5)  - configuration data for man man

Docker —— 用于统一开发和部署的轻量级 Linux 容器【转】

转自:http://www.oschina.net/translate/docker-lightweight-linux-containers-consistent-development-and-deployment 英文原文:Docker: Lightweight Linux Containers for Consistent Development and Deployment 使用Docker容器--轻量灵活的VM同类,来接管"依赖地狱".学习Docker是如何基于LXC技术,

CentOS 7 lvm cache dev VS zfs VS flashcache VS bcache VS direct SSD

本文测试结果仅供参考, rhel 7.0的lvm cache也只是一个预览性质的特性, 从测试结果来看, 用在生产环境也尚早. 前段时间对比了Linux下ZFS和FreeBSD下ZFS的性能, 在fsync接口上存在较大的性能差异, 这个问题已经提交给zfsonlinux的开发组员.  http://blog.163.com/digoal@126/blog/static/1638770402014526992910/ https://github.com/zfsonlinux/zfs/issue

use process&#039;s network device namespace on CentOS 6.5+ x64 by openstack modified iproute package

在阅读docker 高级网络时, 发现原来还可以设置进程级别的网络设备namespace. 我这里的环境是CentOS 6.5 x64, 这个版本的iproute包还比较老, 不支持ip netns指令, 所以需要更新一下, 参考本文末尾, 如果你使用的也是CentOS 6.5, 请务必更新iproute后再来做这个实验. 使用ip netns自定义docker container的网络配置例子. 1. 启动2个container, 并且使用--net=none, 即不分配网络设备. # Sta

Installing docker.io on centos 6.4 (64-bit)

Installing docker.io on centos 6.4 (64-bit) NOTES: epel has another package called docker (which is a KDE docking application and is not related to this). So, you will get an error performing these steps, if you have that package already installed. U