March 19, 2017

Docker Layers


    Docker images are read-only templates from which Docker containers are instantiated. Each image consists of a series of layers. Docker uses a union file system to combine these layers to form a runnable file, referred to as a Docker image. Layers are discrete entities, promoting modularity and reuse of resources. Each layer results from an instruction in the Dockerfile.
    • Layers represent filesystem differences
    • The Docker storage driver is responsible for stacking these layers and providing a single unified view.

    • Note: Image layer IDs are cryptographic hashes, while the container ID is a randomly generated UUID.
    • Each instruction in the Dockerfile creates a new layer. Note: only non-zero layers and layers that do not already exist on the system are downloaded with the docker run command.
    • Below is repo information for this nginx image on GitHub. There are eight Dockerfile instructions, reflecting the eight layers from the above output.
      Note: There is no FROM instruction listed, it's likely that the FROM instruction is transformed into ADD file: 89ec.. as they both would pull in the base image.

      ADD file: 89ecb642d662ee7edbb868340551106d51336c7e589fdaca4111725ec64da957 in /
      CMD ["/bin/bash"]
      MAINTAINER NGINX Docker Maintainers ""
      ENV NGINX_VERSION=1.11.10-1~jessie
      RUN apt-key adv --keyserver hkp:// --recv-keys 573BFD6B3D8FBC641079A6ABABF…
      RUN ln -sf /dev/stdout /var/log/nginx/access.log    && ln -sf /dev/stderr /var/log/nginx/error.log
      EXPOSE 443/tcp 80/tcp
      CMD ["nginx" "-g" "daemon off;"]

    • When an image is changed, the new copy of the image stores only the changed layer(s). The new image (e.g. changed-ubuntu below) has layers that are simply pointers to the original image files' layers.

    • Notice the new changed-ubuntu image does not have its own copies of every layer. The new image is sharing its four underlying layers with the ubuntu:15.04 image.

No comments:

Post a Comment