Shulou(Shulou.com)05/31 Report--

This article mainly introduces the docker file layering principle is what the relevant knowledge, the content is detailed and easy to understand, the operation is simple and fast, with a certain reference value, I believe you read this docker file layering principle is what the article will have a harvest, let's take a look at it.

Knowledge preparation

Docker actually uses some features of Linux Kernel Features to achieve resource isolation, file system is one of them, but in order to make resources can be used more efficiently, docker uses a hierarchical file system structure to implement container file system.

Personally, I think the principle is a bit like the concept of parallel universes. Some people think that there are parallel universes in our universe, that is, different choices we make will distribute different universes and continue to run. And dreaming can wander between these parallel universes. It is also a bit similar here. After we pack an image and run it through docker run, we actually create a different universe on this basis. With the continuous operation of container, there will be many deviations between the content of container and what is on the original image, diff, and gradually form a universe of our own.

Docker file system

The file system layering of each container can be obtained from docker inspect [container-id]-- format= {{.GraphDriver}}.

{map [LowerDir:/var/lib/docker/overlay2/52f456f455215e56b77087495a5d35323fbf1c0e0391f45349f386006c75865b-init/diff:/var/lib/docker/overlay2/e4b90240aa77212dde6499a49c421d26977ed9fe8a1f6fcbaaaf77d85c67654e/diff MergedDir:/var/lib/docker/overlay2/52f456f455215e56b77087495a5d35323fbf1c0e0391f45349f386006c75865b/merged UpperDir:/var/lib/docker/overlay2/52f456f455215e56b77087495a5d35323fbf1c0e0391f45349f386006c75865b/diff WorkDir:/var/lib/docker/overlay2/52f456f455215e56b77087495a5d35323fbf1c0e0391f45349f386006c75865b/work] overlay2}

There are four main types

LowerDir

This is that all container based on the image will point to the same file system, which is the mirror layer, and all container will use this layer.

So where does this layer come from? we can take a look at the mirror image we use.

MergedDir

This is a different container that combines the Lower layer and the Upper layer to provide the final file system in container.

UpperDir

This is to record the operation of different container, and then through the comparison of the Lower layer, you can generate a Merge layer

WorkDir

I don't have a deep understanding yet.

Example docker run-d alpine:latest looks at the file system information of the mirror layer docker inspect alpine-- format= {{.GraphDriver}} {map [MergedDir:/var/lib/docker/overlay2/e4b90240aa77212dde6499a49c421d26977ed9fe8a1f6fcbaaaf77d85c67654e/merged UpperDir:/var/lib/docker/overlay2/e4b90240aa77212dde6499a49c421d26977ed9fe8a1f6fcbaaaf77d85c67654e/diff WorkDir:/var/lib/docker/overlay2/e4b90240aa77212dde6499a49c421d26977ed9fe8a1f6fcbaaaf77d85c67654e/work] overlay2}

Notice that UpperDir, which is the mirrored upper layer, that is, we can make changes at this level, will affect the container created later.

View the file system information docker inspect 9a118484ba of container-- format= {{.GraphDriver}} {map [LowerDir:/var/lib/docker/overlay2/3d3f32727c4f7867d43c1e61d635ac0ed22e95ff39c66240166dd6614b81fe14-init/diff:/var/lib/docker/overlay2/e4b90240aa77212dde6499a49c421d26977ed9fe8a1f6fcbaaaf77d85c67654e/diff MergedDir:/var/lib/docker/overlay2/3d3f32727c4f7867d43c1e61d635ac0ed22e95ff39c66240166dd6614b81fe14/merged UpperDir:/var/lib/docker/overlay2/3d3f32727c4f7867d43c1e61d635ac0ed22e95ff39c66240166dd6614b81fe14/diff WorkDir:/var/lib/docker/overlay2/3d3f32727c4f7867d43c1e61d635ac0ed22e95ff39c66240166dd6614b81fe14/work] overlay2}

You can see the Lower layer of container, that is, the mirrored upper layer. All the changes we made to container will be reflected in the upper layer, and the merged layer will be sorted out and shown to container.

We can use the command line to see the changes in the container file system

Docker diff 9a118484ba

Since we have not operated on container, there is no difference between this container and the mirror image.

Let's start another container and let it sleep for 300 seconds, and then go in to container to modify some file information.

# docker exec-it ca91bb / bin/sh/ # echo "helloWorld" > / tmp/hello.txt

View changes in the container file system

Docker diff ca91bbffb801C / rootC / root/.ash_historyC / tmpA / tmp/hello.txt

As you can see, we made these changes to the file system, all of which were recorded.

These contents are actually under the directory of UpperDir.

Tree-L 1 diff/diff/ ├── root └── tmp2 directories, 0 files modify container content from host

From the above experiments, we can know that the upper layer is the added content, through merge with the lower layer to reflect the changes of container. So can we directly modify the upper layer to operate on container?

We add a directory demo to the directory where upper is located, and touch a file in it

# tree-L 2. /. / ├── demo │ └── mytest.log ├── root └── tmp └── hello.txt

Let's see from container if we can see the file we created.

/ demo # pwd/demo/demo # lsmytest.log

As you can see, it has already taken effect, so if we want to initialize this container, we can simply delete all the contents of the upper layer.

Application

Look for software installation traces

In the previous project process, customers always need us to provide, our agent software will modify what content, has not found a better way to provide customers, from the application of this docker hierarchical file, we can deploy the agent on a container, and then we can clearly find which directories and files the software will modify.

Rapid recovery of container

Fast interaction with container file system

Protect the underlying file system from being corrupted

Save host space

This is the end of the article on "what is the principle of docker file layering". Thank you for reading! I believe that everyone has a certain understanding of the knowledge of "what is the principle of docker file layering". If you want to learn more knowledge, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.