Create base image from current CentOS 7 system with one command:
tar --numeric-owner --exclude=/proc --exclude=/sys --exclude=/boot --exclude=/usr/lib/firmware --exclude=/usr/lib/modules --exclude=/usr/lib/udev -cvf centos7.tar /
You will have file size 565M from CentOS 7 minimal install.
More optimal way: https://github.com/docker/docker/blob/master/contrib/mkimage-yum.sh
As result you'll have 247M file.
Copy centos7.tar to Ubuntu and install docker:
apt-get install docker.io
CentOS 7 has issues if Storage Driver AUFS. Recommended driver: devicemapper.
# docker info | grep Storage
Storage Driver: aufs
# echo 'DOCKER_OPTS="--storage-driver=devicemapper"' >> /etc/default/docker
# service docker restart
Import new docker image:
cat centos7.tar | docker import - c7-v0
Check:
# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
c7-v0 latest 29a8eab387cf 11 seconds ago 571.3 MB
# docker run -i -t --rm c7-v0 cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
Options:
--rm Automatically remove the container when it exits.
-t Allocate a pseudo-TTY. You cannot run bash without this option for example.
-i Keep STDIN open even if not attached.
Understanding how commit works.
Create 3 files. And 3 containers will be created:
docker run -i -t c7-v0 touch /root/1.txt
docker run -i -t c7-v0 touch /root/2.txt
docker run -i -t c7-v0 touch /root/3.txt
List containers: docker ps -a
# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6e5123730f7b c7-v0:latest "touch /root/3.txt" 59 seconds ago Exited (0) 58 seconds ago berserk_colden
313e04322a2f c7-v0:latest "touch /root/2.txt" About a minute ago Exited (0) About a minute ago romantic_colden
8f48f50290cb c7-v0:latest "touch /root/1.txt" About a minute ago Exited (0) About a minute ago suspicious_stallman
Create a new image from a container's changes: docker commit
# docker commit 313e04322a2f
# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
<none> <none> 268ec44b328b 8 seconds ago 571.3 MB
c7-v0 latest 29a8eab387cf 4 minutes ago 571.3 MB
# docker tag 268ec44b328b c7-v1
# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
c7-v1 latest 268ec44b328b About a minute ago 571.3 MB
c7-v0 latest 29a8eab387cf 5 minutes ago 571.3 MB
Check new image:
# docker run -i -t --rm c7-v1 ls /root/
2.txt anaconda-ks.cfg
Only file 2.txt was commited.
Cleaning
Now we can delete unused containes and image.
Remove one or more containers: docker rm
Remove one or more images: docker rmi
# docker rm 6e5123730f7b
# docker rm 313e04322a2f
# docker rm 8f48f50290cb
# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
# docker rmi c7-v0
# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
c7-v1 latest 268ec44b328b 6 minutes ago 571.3 MB
Install Apache HTTPD:
docker run -i -t c7-v1 bash
yum -y install httpd
exit
# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ce2c30eae819 c7-v1:latest "bash" 10 minutes ago Exited (1) 8 seconds ago focused_thompson
If you want to start the same container again and install some thing in addition:
docker start ce2c30eae819
docker attach ce2c30eae819
Let's create next image release:
# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ce2c30eae819 c7-v1:latest "bash" 24 minutes ago Exited (0) 30 seconds ago focused_thompson
# docker commit ce2c30eae819
# docker tag 8d8cc96460c1 c7-v2
# docker rm ce2c30eae819
# docker rmi c7-v1
Run HTTPD and SSHD:
docker run -i -t -p 2200:22 -p 8000:80 c7-v2
/usr/sbin/sshd
/usr/sbin/httpd
# ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 115384 3324 ? Ss 13:16 0:00 bash
root 19 0.0 0.0 82552 2664 ? Ss 13:17 0:00 /usr/sbin/sshd
root 42 0.0 0.0 221908 6036 ? Ss 13:18 0:00 /usr/sbin/httpd
apache 43 0.0 0.0 221908 6012 ? S 13:18 0:00 /usr/sbin/httpd
apache 44 0.0 0.0 221908 6012 ? S 13:18 0:00 /usr/sbin/httpd
apache 45 0.0 0.0 221908 6012 ? S 13:18 0:00 /usr/sbin/httpd
apache 46 0.0 0.0 221908 6012 ? S 13:18 0:00 /usr/sbin/httpd
apache 47 0.0 0.0 221908 6012 ? S 13:18 0:00 /usr/sbin/httpd
root 48 0.0 0.0 139500 3376 ? R+ 13:18 0:00 ps aux
To detach the tty without exiting the shell, use the escape sequence Ctrl+p + Ctrl+q.
Test SSHD:
ssh 127.0.0.1 -p 2200
Test HTTPD:
# curl http://127.0.0.1:8000 | grep Test
. . .
<title>Apache HTTP Server Test Page powered by CentOS</title>
. . .
Network
Ports 2200 and 8000 available outside. By default docker adds iptables rules:
# iptables -t nat -L -n
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DOCKER all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DOCKER all -- 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0
MASQUERADE tcp -- 172.17.0.2 172.17.0.2 tcp dpt:80
MASQUERADE tcp -- 172.17.0.2 172.17.0.2 tcp dpt:22
Chain DOCKER (2 references)
target prot opt source destination
DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8000 to:172.17.0.2:80
DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2200 to:172.17.0.2:22
Links:
- https://docs.docker.com/
- http://developerblog.redhat.com/2014/05/15/practical-introduction-to-docker-containers/