Home >Operation and Maintenance >Docker >An in-depth analysis of docker file layering (detailed examples)
This article brings you relevant knowledge about docker file layering. This article uses a docker container example to describe some principles of docker file layering. I hope it will be helpful to everyone.
The file system layering status of each container can be obtained from docker inspect [container-id] --format={{.GraphDriver}}
{map[LowerDir:/var/lib/docker/overlay2/52f456f455215e56b77087495a5d35323fbf1c0e0391f45349f386006c75865b-init/diff:/var/lib/docker/overlay2/e4b90240aa77212dde6499a49c421d26977ed9fe8a1f6fcbaaaf77d85c67654e/diff MergedDir:/var/lib/docker/overlay2/52f456f455215e56b77087495a5d35323fbf1c0e0391f45349f386006c75865b/merged UpperDir:/var/lib/docker/overlay2/52f456f455215e56b77087495a5d35323fbf1c0e0391f45349f386006c75865b/diff WorkDir:/var/lib/docker/overlay2/52f456f455215e56b77087495a5d35323fbf1c0e0391f45349f386006c75865b/work] overlay2}
There are mainly four types
This is that all containers based on this image will point to the same file system, which is the image layer, and all containers will use it. this layer.
So where does this layer come from? We can look at the image we use
This is a different container that combines the Lower layer and the Upper layer , to provide the final file system in the container
This is to record the operations of different containers, and then through the comparison of the Lower layer, a Merge layer can be generated
Not yet understood in depth
docker run -d alpine:latest
docker inspect alpine --format={{.GraphDriver}}
{map[MergedDir:/var/lib/docker/overlay2/e4b90240aa77212dde6499a49c421d26977ed9fe8a1f6fcbaaaf77d85c67654e/merged UpperDir:/var/lib/docker/overlay2/e4b90240aa77212dde6499a49c421d26977ed9fe8a1f6fcbaaaf77d85c67654e/diff WorkDir:/var/lib/docker/overlay2/e4b90240aa77212dde6499a49c421d26977ed9fe8a1f6fcbaaaf77d85c67654e/work] overlay2}
Notice UpperDir, this is the upper layer of the mirror , that is, we can make modifications at this level, which will affect the container created later
docker inspect 9a118484ba --format={{.GraphDriver}}
{map[LowerDir:/var/lib/docker/overlay2/3d3f32727c4f7867d43c1e61d635ac0ed22e95ff39c66240166dd6614b81fe14-init/diff:/var/lib/docker/overlay2/e4b90240aa77212dde6499a49c421d26977ed9fe8a1f6fcbaaaf77d85c67654e/diff MergedDir:/var/lib/docker/overlay2/3d3f32727c4f7867d43c1e61d635ac0ed22e95ff39c66240166dd6614b81fe14/merged UpperDir:/var/lib/docker/overlay2/3d3f32727c4f7867d43c1e61d635ac0ed22e95ff39c66240166dd6614b81fe14/diff WorkDir:/var/lib/docker/overlay2/3d3f32727c4f7867d43c1e61d635ac0ed22e95ff39c66240166dd6614b81fe14/work] overlay2}
You can see the Lower layer of the container, which is the mirror In the upper layer, the modifications we make to the container will be reflected in the upper layer, and the merged layer will be organized and displayed to the container.
We can use the command line to check the changes in the container file system
docker diff 9a118484ba
Since we have not operated the container, there is no difference between the container and the image now
We Start another container and let it sleep for 300 seconds, and then go into the container to modify some file information
# docker exec -it ca91bb /bin/sh / # echo "helloWorld" > /tmp/hello.txt
Check the changes in the container file system
docker diff ca91bbffb801 C /root C /root/.ash_history C /tmp A /tmp/hello.txt
You can see that we have done something to the file system These changes have been recorded
These contents are actually in the directory of UpperDir
tree -L 1 diff/ diff/ ├── root └── tmp2 directories, 0 files
From From the above experiment, we can know that the upper layer is the added content. It is merged with the lower layer to reflect the changes in the container. So can we directly modify the upper layer to operate the container?
We add a directory demo in the directory where upper is located, and touch a file in it
# tree -L 2 ./ ./ ├── demo │ └── mytest.log ├── root └── tmp └── hello.txt
We see if we can see the file we created from the container
/demo # pwd /demo /demo # ls mytest.log
You can see that it has taken effect, so if we want to initialize this container, we can directly delete all the contents of the upper layer.
Find software installation traces
In the process of previous projects, customers always needed us to provide, We have never found a better way to provide customers with exactly what content our agent software will modify. Judging from the application of this docker layered file, we can deploy the agent on a container, and then it can be seen clearly at a glance Discover which directories and files the software will modify.
Quickly restore container
Quickly interact with the container file system
Protect the underlying file system Not destroyed
Save host space
Recommended study: "docker video tutorial"
The above is the detailed content of An in-depth analysis of docker file layering (detailed examples). For more information, please follow other related articles on the PHP Chinese website!