04-存储原理
2021-10-12 本文已影响0人
紫荆秋雪_文
一、思考问题
1、容器是什么?
- 为什么容器可以不依赖其他环境而独立提供服务,比如:Nginx、MySQL,好像容器自带系统
- 容器包含一个小型的Linux系统 + 某个软件(Nginx、MySQL)完整的运行环境
2、如果在一个Linux系统中同时运行多个(5个)Nginx容器(如果一个完整的Nginx容器占用20MB),那么多个Nginx容器需要占用多少空间(5 x 20 MB)?
3、一个基础镜像(Nginx)是固定不变的,那么由它启动的容器,不同容器的配置信息存储在哪里?相互会影响?
二、镜像 和 层
1、Images 和 layers
- 镜像是由一系列层构建而成的
- 每一层代表镜像的 Dockerfile 中的一条指令
- 除了最后一条,其它层都是只读的
# syntax=docker/dockerfile:1
FROM ubuntu:18.04
LABEL org.opencontainers.image.authors="org@example.com"
COPY . /app
RUN make /app
RUN rm -r $HOME/.cache
CMD python /app/app.py
- 这个 Dockerfile 包含四个命令。修改文件系统的命令会创建一个层
- 该 FROM 语句首先从
ubuntu:18.04镜像创建一个镜像层 -
LABEL命令仅修改镜像的元数据,并不会生成新镜像层 -
COPY命令从 Docker 客户端的当前目录中添加一些文件。 - 第一个
RUN命令使用该命令构建make,并将结构写入新的镜像层 - 第二个
RUN命令删除缓存目录,并将结构写入新的镜像层 - 最后,
CMD指令指定在容器内运行什么命令,它只修改图像的元数据,并不会产生新的镜像层
- 该 FROM 语句首先从
- 小结:每一层只是与它之前的层的一组差异,这些镜像层堆叠在彼此的顶部,当您创建一个新容器时,您会在底层层之上添加一个新的可写层。这一层通常被称为
容器层。对正在运行的容器所做的所有更改,例如写入新文件、修改现有文件和删除文件,都将写入这个Thin的可写容器层。如下图显示的是基于ubuntu:15.04镜像的容器
image.png
三、容器 和 层
- 容器和镜像之间的主要区别在于顶部可写层。添加新数据或修改现有数据的所有写入容器都存储在此可写层中。当容器被删除时,科协层也就被删除。底层镜像不变
- 因为每个容器都有自己的可写容器层,所有的变化都存储在这个容器层中,所以多个容器可以共享对同一个底层镜像的访问,同时又拥有自己的数据状态,如下图 显示了共享同一个
ubuntu:15.04镜像的多个容器
官网图片.png
image.png
- Docker使用
存储驱动程序来管理镜像层和可写容器层的内容。每个存储驱动程序以不同的方式处理实现,但所有驱动程序都使用可堆叠的图像层和写时复制策略
写时复制
写时复制是一种共享和复制文件以获得最大效率的策略。如果文件或目录存在于镜像的下层,而另一层(包括可写层)需要对其进行读访问,则它仅使用现有文件。第一次另一个层需要修改文件时(构建镜像或运行容器时),文件被复制到该层并修改。这最大限度地减少了 I / O 和每个后续层的大小。
四、磁盘上的容器大小
- 命令
docker ps -s
image.png
-
size:用于每个容器的可写层的数据量(在磁盘上) -
virtual size:容器使用的只读镜像数据+容器的可写层的数据量size。 - 多个容器可以共享部分或全部只读镜像数据
- 从同一个镜像启动的两个容器共享 100% 的只读数据,而具有相同层的具有不同镜像的两个容器共享这些公共层
五、镜像存储
上面我们了解,镜像是由一层一层镜像层堆叠而成。
1、查看Nginx镜像是由多少层
docker history nginx
IMAGE CREATED CREATED BY SIZE COMMENT
f8f4ffc8092c 13 days ago /bin/sh -c #(nop) CMD ["nginx" "-g" "daemon… 0B
<missing> 13 days ago /bin/sh -c #(nop) STOPSIGNAL SIGQUIT 0B
<missing> 13 days ago /bin/sh -c #(nop) EXPOSE 80 0B
<missing> 13 days ago /bin/sh -c #(nop) ENTRYPOINT ["/docker-entr… 0B
<missing> 13 days ago /bin/sh -c #(nop) COPY file:09a214a3e07c919a… 4.61kB
<missing> 13 days ago /bin/sh -c #(nop) COPY file:0fd5fca330dcd6a7… 1.04kB
<missing> 13 days ago /bin/sh -c #(nop) COPY file:0b866ff3fc1ef5b0… 1.96kB
<missing> 13 days ago /bin/sh -c #(nop) COPY file:65504f71f5855ca0… 1.2kB
<missing> 13 days ago /bin/sh -c set -x && addgroup --system -… 64MB
<missing> 13 days ago /bin/sh -c #(nop) ENV PKG_RELEASE=1~buster 0B
<missing> 13 days ago /bin/sh -c #(nop) ENV NJS_VERSION=0.6.2 0B
<missing> 13 days ago /bin/sh -c #(nop) ENV NGINX_VERSION=1.21.3 0B
<missing> 13 days ago /bin/sh -c #(nop) LABEL maintainer=NGINX Do… 0B
<missing> 2 weeks ago /bin/sh -c #(nop) CMD ["bash"] 0B
<missing> 2 weeks ago /bin/sh -c #(nop) ADD file:99db7cfe7952a1c7a… 69.3MB
2、查看Nginx镜像是怎么存储的(每层存储了什么)
# inspect 命令可以查看 镜像 或 容器 的详细信息
docker image inspect nginx
[
{
"Id": "sha256:f8f4ffc8092c956ddd6a3a64814f36882798065799b8aedeebedf2855af3395b",
"RepoTags": [
"nginx:latest"
],
"RepoDigests": [
"nginx@sha256:06e4235e95299b1d6d595c5ef4c41a9b12641f6683136c18394b858967cd1506"
],
"Parent": "",
"Comment": "",
"Created": "2021-09-28T08:26:07.57996119Z",
"Container": "449a8a48a9f56c3616a0b58ce3fea705fa34293def3c95bc32b50b9bc52f3ff7",
"ContainerConfig": {
"Hostname": "449a8a48a9f5",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.21.3",
"NJS_VERSION=0.6.2",
"PKG_RELEASE=1~buster"
],
"Cmd": [
"/bin/sh",
"-c",
"#(nop) ",
"CMD [\"nginx\" \"-g\" \"daemon off;\"]"
],
"Image": "sha256:dce61176f89cfe1ba4ca3eb3c39097b455d90108498072a77ebaac245c5732cc",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": [
"/docker-entrypoint.sh"
],
"OnBuild": null,
"Labels": {
"maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>"
},
"StopSignal": "SIGQUIT"
},
"DockerVersion": "20.10.7",
"Author": "",
"Config": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.21.3",
"NJS_VERSION=0.6.2",
"PKG_RELEASE=1~buster"
],
"Cmd": [
"nginx",
"-g",
"daemon off;"
],
"Image": "sha256:dce61176f89cfe1ba4ca3eb3c39097b455d90108498072a77ebaac245c5732cc",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": [
"/docker-entrypoint.sh"
],
"OnBuild": null,
"Labels": {
"maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>"
},
"StopSignal": "SIGQUIT"
},
"Architecture": "amd64",
"Os": "linux",
"Size": 133283279,
"VirtualSize": 133283279,
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/2639f8f3420a4be991cbeec99a7469878a7e2b4800e7e0c63c07c640b46cbe96/diff:/var/lib/docker/overlay2/987ba75856862bd5fd1475ba04d4392ee1f1f2de2db4aa5f1bbf2b846ea4522c/diff:/var/lib/docker/overlay2/80814a5662b4893ef088766cb184621638635ec3be0b443cc77ec01ad5d9957d/diff:/var/lib/docker/overlay2/d8bf757fa7d333a578c0df3f857593246b4d1207388deab1680ea21b5daf3a69/diff:/var/lib/docker/overlay2/d3db0eb5df44cae935c00e0e8e2b56e3bdd45aac6e0274474c45fda7775a8fe5/diff",
"MergedDir": "/var/lib/docker/overlay2/a42a845eb3a8c4ebd267fdc2fbabd8715f7ccb79421a749209ee941800d3b476/merged",
"UpperDir": "/var/lib/docker/overlay2/a42a845eb3a8c4ebd267fdc2fbabd8715f7ccb79421a749209ee941800d3b476/diff",
"WorkDir": "/var/lib/docker/overlay2/a42a845eb3a8c4ebd267fdc2fbabd8715f7ccb79421a749209ee941800d3b476/work"
},
"Name": "overlay2"
},
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:476baebdfbf7a68c50e979971fcd47d799d1b194bcf1f03c1c979e9262bcd364",
"sha256:5259501115588b1be0b1bb6eee115422d2939f402137979603cea9d9f1e649ec",
"sha256:0772cb25d5cae1b4e6e47ff15af95fa1d2640c3b7c74cb4c008d61e2c8c28559",
"sha256:6e109f6c2f99fdfa436dd66299d2ed87a18fee00b5f22fbd761dbacac27b76a6",
"sha256:88891187bdd7d71eeaa5f468577eb253eca29f57e3577ea0a954f6991313fd71",
"sha256:65e1ea1dc98ccb565bf8dd0f7664fc767796d3a6eecaf29b79ce7e9932517ae5"
]
},
"Metadata": {
"LastTagTime": "2021-10-11T11:27:29.418812951+08:00"
}
}
]
- GraphDriver
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/2639f8f3420a4be991cbeec99a7469878a7e2b4800e7e0c63c07c640b46cbe96/diff:/var/lib/docker/overlay2/987ba75856862bd5fd1475ba04d4392ee1f1f2de2db4aa5f1bbf2b846ea4522c/diff:/var/lib/docker/overlay2/80814a5662b4893ef088766cb184621638635ec3be0b443cc77ec01ad5d9957d/diff:/var/lib/docker/overlay2/d8bf757fa7d333a578c0df3f857593246b4d1207388deab1680ea21b5daf3a69/diff:/var/lib/docker/overlay2/d3db0eb5df44cae935c00e0e8e2b56e3bdd45aac6e0274474c45fda7775a8fe5/diff",
"MergedDir": "/var/lib/docker/overlay2/a42a845eb3a8c4ebd267fdc2fbabd8715f7ccb79421a749209ee941800d3b476/merged",
"UpperDir": "/var/lib/docker/overlay2/a42a845eb3a8c4ebd267fdc2fbabd8715f7ccb79421a749209ee941800d3b476/diff",
"WorkDir": "/var/lib/docker/overlay2/a42a845eb3a8c4ebd267fdc2fbabd8715f7ccb79421a749209ee941800d3b476/work"
},
"Name": "overlay2"
}
LowerDir: 底层目录
# 宿主机 docker 文件1
/var/lib/docker/overlay2/2639f8f3420a4be991cbeec99a7469878a7e2b4800e7e0c63c07c640b46cbe96/diff
# 宿主机 docker 文件2
/var/lib/docker/overlay2/987ba75856862bd5fd1475ba04d4392ee1f1f2de2db4aa5f1bbf2b846ea4522c/diff
# 宿主机 docker 文件3
/var/lib/docker/overlay2/80814a5662b4893ef088766cb184621638635ec3be0b443cc77ec01ad5d9957d/diff
# 宿主机 docker 文件4
/var/lib/docker/overlay2/d8bf757fa7d333a578c0df3f857593246b4d1207388deab1680ea21b5daf3a69/diff
# 宿主机 docker 文件5
/var/lib/docker/overlay2/d3db0eb5df44cae935c00e0e8e2b56e3bdd45aac6e0274474c45fda7775a8fe5/diff
-
宿主机 docker 文件1
cd /var/lib/docker/overlay2/2639f8f3420a4be991cbeec99a7469878a7e2b4800e7e0c63c07c640b46cbe96/diff
- 显示
drwxr-xr-x 2 root root 4096 Sep 28 16:26 docker-entrypoint.d
- docker-entrypoint.d
# 一个脚本文件
-rwxrwxr-x 1 root root 1037 Sep 28 16:25 20-envsubst-on-templates.sh
-
宿主机 docker 文件2
cd /var/lib/docker/overlay2/987ba75856862bd5fd1475ba04d4392ee1f1f2de2db4aa5f1bbf2b846ea4522c/diff
- diff 文件夹内容
drwxr-xr-x 2 root root 4096 Sep 28 16:26 docker-entrypoint.d
- docker-entrypoint.d文件夹内容
-rwxrwxr-x 1 root root 1961 Sep 28 16:25 10-listen-on-ipv6-by-default.sh
-
宿主机 docker 文件3
cd /var/lib/docker/overlay2/80814a5662b4893ef088766cb184621638635ec3be0b443cc77ec01ad5d9957d/diff
- diff 文件夹内容
-rwxrwxr-x 1 root root 1202 Sep 28 16:25 docker-entrypoint.sh
-
宿主机 docker 文件4
cd /var/lib/docker/overlay2/d8bf757fa7d333a578c0df3f857593246b4d1207388deab1680ea21b5daf3a69/diff
- diff 内容
drwxr-xr-x 2 root root 4096 Sep 28 16:26 docker-entrypoint.d
drwxr-xr-x 20 root root 4096 Sep 28 16:26 etc
drwxr-xr-x 5 root root 4096 Sep 28 16:26 lib
drwxrwxrwt 2 root root 4096 Sep 28 16:26 tmp
drwxr-xr-x 7 root root 4096 Sep 27 08:00 usr
drwxr-xr-x 5 root root 4096 Sep 27 08:00 var
- Linux目录
lrwxrwxrwx. 1 root root 7 Sep 22 10:39 bin -> usr/bin
dr-xr-xr-x. 5 root root 4096 Sep 22 10:54 boot
drwxr-xr-x 19 root root 2960 Oct 12 13:58 dev
drwxr-xr-x. 78 root root 4096 Oct 11 10:33 etc
drwxr-xr-x. 2 root root 4096 Apr 11 2018 home
lrwxrwxrwx. 1 root root 7 Sep 22 10:39 lib -> usr/lib
lrwxrwxrwx. 1 root root 9 Sep 22 10:39 lib64 -> usr/lib64
drwx------. 2 root root 16384 Sep 22 10:39 lost+found
drwxr-xr-x. 2 root root 4096 Apr 11 2018 media
drwxr-xr-x. 2 root root 4096 Apr 11 2018 mnt
drwxr-xr-x. 3 root root 4096 Oct 11 10:33 opt
dr-xr-xr-x 90 root root 0 Oct 12 13:58 proc
dr-xr-x---. 7 root root 4096 Oct 11 15:08 root
drwxr-xr-x 25 root root 720 Oct 12 13:58 run
lrwxrwxrwx. 1 root root 8 Sep 22 10:39 sbin -> usr/sbin
drwxr-xr-x. 2 root root 4096 Apr 11 2018 srv
dr-xr-xr-x 13 root root 0 Oct 12 15:44 sys
drwxrwxrwt. 8 root root 4096 Oct 12 14:47 tmp
drwxr-xr-x. 13 root root 4096 Sep 22 10:39 usr
drwxr-xr-x. 19 root root 4096 Sep 22 02:44 var
- nginx文件
-
宿主机 docker 文件5
cd /var/lib/docker/overlay2/d3db0eb5df44cae935c00e0e8e2b56e3bdd45aac6e0274474c45fda7775a8fe5/diff
- diff
drwxr-xr-x 2 root root 4096 Sep 27 08:00 bin
drwxr-xr-x 2 root root 4096 Jun 13 18:30 boot
drwxr-xr-x 2 root root 4096 Sep 27 08:00 dev
drwxr-xr-x 28 root root 4096 Sep 27 08:00 etc
drwxr-xr-x 2 root root 4096 Jun 13 18:30 home
drwxr-xr-x 7 root root 4096 Sep 27 08:00 lib
drwxr-xr-x 2 root root 4096 Sep 27 08:00 lib64
drwxr-xr-x 2 root root 4096 Sep 27 08:00 media
drwxr-xr-x 2 root root 4096 Sep 27 08:00 mnt
drwxr-xr-x 2 root root 4096 Sep 27 08:00 opt
drwxr-xr-x 2 root root 4096 Jun 13 18:30 proc
drwx------ 2 root root 4096 Sep 27 08:00 root
drwxr-xr-x 3 root root 4096 Sep 27 08:00 run
drwxr-xr-x 2 root root 4096 Sep 27 08:00 sbin
drwxr-xr-x 2 root root 4096 Sep 27 08:00 srv
drwxr-xr-x 2 root root 4096 Jun 13 18:30 sys
drwxrwxrwt 2 root root 4096 Sep 27 08:00 tmp
drwxr-xr-x 10 root root 4096 Sep 27 08:00 usr
drwxr-xr-x 11 root root 4096 Sep 27 08:00 var
- Linux目录
lrwxrwxrwx. 1 root root 7 Sep 22 10:39 bin -> usr/bin
dr-xr-xr-x. 5 root root 4096 Sep 22 10:54 boot
drwxr-xr-x 19 root root 2960 Oct 12 13:58 dev
drwxr-xr-x. 78 root root 4096 Oct 11 10:33 etc
drwxr-xr-x. 2 root root 4096 Apr 11 2018 home
lrwxrwxrwx. 1 root root 7 Sep 22 10:39 lib -> usr/lib
lrwxrwxrwx. 1 root root 9 Sep 22 10:39 lib64 -> usr/lib64
drwx------. 2 root root 16384 Sep 22 10:39 lost+found
drwxr-xr-x. 2 root root 4096 Apr 11 2018 media
drwxr-xr-x. 2 root root 4096 Apr 11 2018 mnt
drwxr-xr-x. 3 root root 4096 Oct 11 10:33 opt
dr-xr-xr-x 90 root root 0 Oct 12 13:58 proc
dr-xr-x---. 7 root root 4096 Oct 11 15:08 root
drwxr-xr-x 25 root root 720 Oct 12 13:58 run
lrwxrwxrwx. 1 root root 8 Sep 22 10:39 sbin -> usr/sbin
drwxr-xr-x. 2 root root 4096 Apr 11 2018 srv
dr-xr-xr-x 13 root root 0 Oct 12 15:44 sys
drwxrwxrwt. 8 root root 4096 Oct 12 14:47 tmp
drwxr-xr-x. 13 root root 4096 Sep 22 10:39 usr
drwxr-xr-x. 19 root root 4096 Sep 22 02:44 var
-
宿主机 docker 文件5是镜像中Linux的最小内核
底层目录小结
- 底层目录主要存储镜像Linux的最小内核
- 文件是从下向上分析
-
容器就是使用镜像中的Linux的最小内核
镜像中的文件.png
容器中文件.png
image.png
猜测:其他镜像的底层目录中第5个文件夹和Nginx镜像中的是一样的
- 分析redis
docker image inspect redis
- LowerDir
/var/lib/docker/overlay2/db80ea28b3e3992a83edf97b0e288619b06086be7b582a1252749748b3bd0d30/diff
/var/lib/docker/overlay2/275d175d6ff1c5f673ce15cbd7376e1ee455c31db117de561f599ffc8c456d91/diff
/var/lib/docker/overlay2/c0bce05e06007dc20c8a85a7f1afba0901478bcf12ff1ba5e8ddb9de108c3622/diff
/var/lib/docker/overlay2/2a8b2016a6f082686c5d8ab9882437556feaa85c94519110178c41f4338484d9/diff
/var/lib/docker/overlay2/98d2b15f314b7f5bef48f3ea733201f2d1cb131a059b4f1a3d6866bf51ac5317/diff
- /var/lib/docker/overlay2/98d2b15f314b7f5bef48f3ea733201f2d1cb131a059b4f1a3d6866bf51ac5317/diff内容
drwxr-xr-x 2 root root 4096 Sep 27 08:00 bin
drwxr-xr-x 2 root root 4096 Apr 11 2021 boot
drwxr-xr-x 2 root root 4096 Sep 27 08:00 dev
drwxr-xr-x 30 root root 4096 Sep 27 08:00 etc
drwxr-xr-x 2 root root 4096 Apr 11 2021 home
drwxr-xr-x 8 root root 4096 Sep 27 08:00 lib
drwxr-xr-x 2 root root 4096 Sep 27 08:00 lib64
drwxr-xr-x 2 root root 4096 Sep 27 08:00 media
drwxr-xr-x 2 root root 4096 Sep 27 08:00 mnt
drwxr-xr-x 2 root root 4096 Sep 27 08:00 opt
drwxr-xr-x 2 root root 4096 Apr 11 2021 proc
drwx------ 2 root root 4096 Sep 27 08:00 root
drwxr-xr-x 3 root root 4096 Sep 27 08:00 run
drwxr-xr-x 2 root root 4096 Sep 27 08:00 sbin
drwxr-xr-x 2 root root 4096 Sep 27 08:00 srv
drwxr-xr-x 2 root root 4096 Apr 11 2021 sys
drwxrwxrwt 2 root root 4096 Sep 27 08:00 tmp
drwxr-xr-x 11 root root 4096 Sep 27 08:00 usr
drwxr-xr-x 11 root root 4096 Sep 27 08:00 var
- 现在从文件上来看,可以推测所有镜像的底层目录的最顶层目录应该是一样的,每个文件具体有没有差异还需待以后验证
MergedDir合并目录
/var/lib/docker/overlay2/a42a845eb3a8c4ebd267fdc2fbabd8715f7ccb79421a749209ee941800d3b476/merged
- 小结
- 容器最终的完整工作目录全部内容都在合并层
-
数据卷在容器层产生,所有的增删该都在容器层
image.png
UpperDir上传目录
/var/lib/docker/overlay2/a42a845eb3a8c4ebd267fdc2fbabd8715f7ccb79421a749209ee941800d3b476/diff
- diff
drwxr-xr-x 2 root root 4096 Sep 28 16:26 docker-entrypoint.d
- docker-entrypoint.d
-rwxrwxr-x 1 root root 4613 Sep 28 16:25 30-tune-worker-processes.sh
WorkDir工作目录
- 存储临时信息
/var/lib/docker/overlay2/a42a845eb3a8c4ebd267fdc2fbabd8715f7ccb79421a749209ee941800d3b476/work
六、实战一:验证所有的容器共用镜像的文件系统
1、使用官方Nginx镜像启动2个容器
- 启动随机端口的Nginx
docker run -dP nginx:latest
5492785d2239 nginx:latest "/docker-entrypoint.…" About a minute ago Up About a minute 0.0.0.0:32769->80/tcp heuristic_raman
62fd58946a3f nginx:latest "/docker-entrypoint.…" About a minute ago Up About a minute 0.0.0.0:32768->80/tcp competent_murdock
2、进入镜像的最小Linux系统文件
- 命令
docker image inspect nginx
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/2639f8f3420a4be991cbeec99a7469878a7e2b4800e7e0c63c07c640b46cbe96/diff:/var/lib/docker/overlay2/987ba75856862bd5fd1475ba04d4392ee1f1f2de2db4aa5f1bbf2b846ea4522c/diff:/var/lib/docker/overlay2/80814a5662b4893ef088766cb184621638635ec3be0b443cc77ec01ad5d9957d/diff:/var/lib/docker/overlay2/d8bf757fa7d333a578c0df3f857593246b4d1207388deab1680ea21b5daf3a69/diff:/var/lib/docker/overlay2/d3db0eb5df44cae935c00e0e8e2b56e3bdd45aac6e0274474c45fda7775a8fe5/diff",
"MergedDir": "/var/lib/docker/overlay2/a42a845eb3a8c4ebd267fdc2fbabd8715f7ccb79421a749209ee941800d3b476/merged",
"UpperDir": "/var/lib/docker/overlay2/a42a845eb3a8c4ebd267fdc2fbabd8715f7ccb79421a749209ee941800d3b476/diff",
"WorkDir": "/var/lib/docker/overlay2/a42a845eb3a8c4ebd267fdc2fbabd8715f7ccb79421a749209ee941800d3b476/work"
},
"Name": "overlay2"
}
- ls -i
262483 bin 262554 dev 262744 home 262958 lib64 262961 mnt 262963 proc 262967 run 263035 srv 263037 tmp 266724 var
262553 boot 262555 etc 262745 lib 262960 media 262962 opt 262964 root 262970 sbin 263036 sys 263038 usr
3、进入第一个容器(端口32769)
- 进入容器
docker exec -it 5492785d2239 /bin/bash
- ls -i
262483 bin 28421 dev 268727 docker-entrypoint.sh 262744 home 262958 lib64 262961 mnt 1 proc 262967 run 263035 srv 267716 tmp 268432 var
262553 boot 268768 docker-entrypoint.d 268822 etc 267698 lib 262960 media 262962 opt 262964 root 262970 sbin 1 sys 267717 usr
3、进入第二个容器(端口32768)
- 进入容器
docker exec -it 62fd58946a3f /bin/bash
- ls -i
262483 bin 27516 dev 268727 docker-entrypoint.sh 262744 home 262958 lib64 262961 mnt 1 proc 262967 run 263035 srv 267716 tmp 268432 var
262553 boot 268768 docker-entrypoint.d 135537 etc 267698 lib 262960 media 262962 opt 262964 root 262970 sbin 1 sys 267717 usr
4、小结
-
bin、boot 等都是共用镜像中的文件
image.png
七、实战二
通过一个例子来把上面的 镜像、容器、写时复制串联起来,并深刻理解当我们修改容器配置时,修改的文件存储在什么位置?底层的文件系统是否也相应修改?
场景:修改Nginx中默认的配置
1、查看 镜像中配置文件
cd etc/nginx/
drwxr-xr-x 2 root root 4096 Sep 28 16:26 conf.d
-rw-r--r-- 1 root root 1007 Sep 7 23:21 fastcgi_params
-rw-r--r-- 1 root root 5290 Sep 7 23:21 mime.types
lrwxrwxrwx 1 root root 22 Sep 7 23:38 modules -> /usr/lib/nginx/modules
-rw-r--r-- 1 root root 648 Sep 7 23:38 nginx.conf
-rw-r--r-- 1 root root 636 Sep 7 23:21 scgi_params
-rw-r--r-- 1 root root 664 Sep 7 23:21 uwsgi_params
- cat nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
2、容器 32769
- 进入容器查看nginx.conf
docker exec -it 54 /bin/bash
cd /etc/nginx
- nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
3、容器 32769
- 进入容器查看nginx.conf
docker exec -it 62fd58946a3f /bin/bash
cd /etc/nginx/
- cat nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
小结
- 镜像、容器32768、容器32769 中的
nginx.conf文件是一样的
4、修改容器32768中的 nginx.conf 文件
- echo "test" >> nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
test
1、首先确认修改容器32768中的nginx.conf,是否会影响镜像中的nginx.conf文件?是否会影响容器32769中的nginx.conf文件?
- 并不会影响镜像中的nginx.conf文件
- 并不会影响容器32769中的nginx.conf文件
2、修改容器32768中的nginx.conf存储在什么位置?
- 查看容器32768信息
docker container inspect 62fd58946a3f
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/f03846e8a2a3523c6e7ff6c102a7ddb003ded468dc6a65037bb9e62031f2ae10-init/diff:/var/lib/docker/overlay2/a42a845eb3a8c4ebd267fdc2fbabd8715f7ccb79421a749209ee941800d3b476/diff:/var/lib/docker/overlay2/2639f8f3420a4be991cbeec99a7469878a7e2b4800e7e0c63c07c640b46cbe96/diff:/var/lib/docker/overlay2/987ba75856862bd5fd1475ba04d4392ee1f1f2de2db4aa5f1bbf2b846ea4522c/diff:/var/lib/docker/overlay2/80814a5662b4893ef088766cb184621638635ec3be0b443cc77ec01ad5d9957d/diff:/var/lib/docker/overlay2/d8bf757fa7d333a578c0df3f857593246b4d1207388deab1680ea21b5daf3a69/diff:/var/lib/docker/overlay2/d3db0eb5df44cae935c00e0e8e2b56e3bdd45aac6e0274474c45fda7775a8fe5/diff",
"MergedDir": "/var/lib/docker/overlay2/f03846e8a2a3523c6e7ff6c102a7ddb003ded468dc6a65037bb9e62031f2ae10/merged",
"UpperDir": "/var/lib/docker/overlay2/f03846e8a2a3523c6e7ff6c102a7ddb003ded468dc6a65037bb9e62031f2ae10/diff",
"WorkDir": "/var/lib/docker/overlay2/f03846e8a2a3523c6e7ff6c102a7ddb003ded468dc6a65037bb9e62031f2ae10/work"
},
"Name": "overlay2"
}
- 查看LowerDir中nginx.conf文件没有变化
cd /var/lib/docker/overlay2/d8bf757fa7d333a578c0df3f857593246b4d1207388deab1680ea21b5daf3a69/diff
cd etc/nginx/
cat nginx.conf
- 查看UpperDir
cd /var/lib/docker/overlay2/f03846e8a2a3523c6e7ff6c102a7ddb003ded468dc6a65037bb9e62031f2ae10/diff
cd etc/nginx/
cd etc/nginx/
- cat nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
test
小结:对容器的修改是保存在容器层的 UpperDir 目录中
image.png
- 所有的系统文件都是存储在
镜像层 - 修改容器文件时都会从
镜像层拷贝一份到容器层的upperdir目录,就想测试中修改了容器的nginx.conf文件,会存储在容器的upperdir目下,而镜像层中的nginx.conf文件没有任何变化。所以其他容器直接就是应用的镜像层中的nginx.conf文件 -
merged目录是最终映射入口的总汇总(镜像层的文件和容器层的文件)
