Master Docker: From Image Basics to Advanced Container Deployments

Docker Image Overview

Docker images are lightweight, executable software packages that bundle an application’s runtime environment, code, libraries, environment variables, and configuration files.

Image Loading Principle

UnionFS: Union File System

UnionFS is a layered, lightweight, high‑performance file system that stacks modifications as separate layers. Docker images are built on UnionFS, allowing inheritance through layers and presenting a single unified view of the file system.

Docker Image Loading Process

Docker images consist of multiple UnionFS layers:

bootfs : contains the bootloader and kernel; it is loaded first and then unloaded after the kernel takes over.

rootfs sits above bootfs and includes standard Linux directories such as /dev, /proc, /bin, /etc, representing the base OS (e.g., Ubuntu, CentOS).

In practice:

For an OS image, Docker uses the host’s bootfs and adds the required rootfs.

For regular images, Docker downloads layered images and reuses common layers.

Image Characteristics

Docker images are read‑only; when a container starts, a writable layer is added on top of the image layers.

Commit Image

# 提交本地镜像</code>
<code># -a：作者信息 -m：描述信息 容器ID 镜像名称:版本信息</code>
<code>docker commit -a="test" -m="test" 容器id tomcat01:1.0

Docker Container Data Volumes

What Is a Data Volume?

Data volumes enable sharing data between containers and synchronizing container‑generated data to the host.

They are implemented by mounting a host directory into the container.

Volume Commands

# 命令</code>
<code>docker run -it -v 主机目录:容器内目录 /bin/bash

Mount MySQL to the Host

# 1. 下载 MySQL</code>
<code>docker pull mysql</code>
<code># 2. 启动并挂载 -e 设置密码</code>
<code>docker run -d -p 3344:3306 -v /home/conf:/etc/mysql/conf.d -v /home/logs:/logs -v /home/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=123456 mysql

This may cause remote connection errors.

# 解决报错</code>
<code># 1. 进入容器内</code>
<code>docker exec -it 容器ID /bin/bash</code>
<code># 2. 进入 MySQL</code>
<code>mysql -uroot -p123456</code>
<code># 3. 授权</code>
<code>GRANT ALL ON *.* TO 'root'@'%';</code>
<code># 4. 刷新权限</code>
<code>flush privileges;</code>
<code># 5. 更新加密规则</code>
<code>ALTER USER 'root'@'localhost' IDENTIFIED BY 'password' PASSWORD EXPIRE NEVER;</code>
<code># 6. 更新 root 用户密码</code>
<code>ALTER USER 'root'@'%' IDENTIFIED WITH mysql_native_password BY '123456';</code>
<code># 7. 刷新权限</code>
<code>flush privileges;

Named and Anonymous Mounts

-v 容器内路径          # 匿名挂载</code>
<code>-v 卷名:容器内路径   # 具名挂载</code>
<code>-v 宿主机路径:容器内路径 # 指定路径挂载</code>
<code>Docker 容器内的卷默认位于 /var/lib/docker/volumes/xxx/_data

Binding Permissions

# 通过 -v 容器内路径:ro rw 改变读写权限</code>
<code>ro # readonly 只读</code>
<code>rw # read‑write 可读可写</code>
<code>docker run -d nginx01 -v nginxdemo:/etc/nginx:ro nginx</code>
<code>docker run -d nginx01 -v nginxdemo:/etc/nginx:rw nginx

Data Volume Container Mount

Purpose: synchronize data among multiple containers (e.g., sharing MySQL data).

# 使用 --volumes-from 容器名称 实现数据卷容器挂载</code>
<code>docker run -d --name mysql02 -p 3345:3306 --volumes-from mysql01 -e MYSQL_ROOT_PASSWORD=123456 mysql

Dockerfile

A Dockerfile is a script of commands used to build a Docker image.

Dockerfile Instructions

FROM        # Base image</code>
<code>MAINTAINER  # Author</code>
<code>RUN         # Commands executed during build</code>
<code>ADD         # Add files or archives</code>
<code>WORKDIR     # Set working directory</code>
<code>VOLUME      # Define mount point</code>
<code>EXPOSE      # Expose ports</code>
<code>CMD         # Default command (last one wins)</code>
<code>ENTRYPOINT  # Command that can be appended to</code>
<code>COPY        # Copy files</code>
<code>ENV         # Set environment variables

Create a Custom CentOS Image

Create Dockerfile vim mycentos Write Dockerfile

FROM centos</code>
<code>MAINTAINER MT<[email protected]></code>
<code>ENV MYPATH /usr/local</code>
<code>WORKDIR $MYPATH</code>
<code>RUN yum -y install vim</code>
<code>EXPOSE 80</code>
<code>CMD /bin/bash

Build the image

docker build -f mycentos -t mycentosdemodo:1.0 .

View image history

docker history 镜像ID

Create a Tomcat Image

1. Prepare Tomcat and JDK archives.

2. Write Dockerfile.

FROM centos</code>
<code>MAINTAINER fortuneteller<[email protected]></code>
<code>COPY README.txt /usr/local/README.txt</code>
<code>ADD jdk-8u251-linux-x64.tar.gz /usr/local</code>
<code>ADD apache-tomcat-9.0.35.tar.gz /usr/local</code>
<code>RUN yum -y install vim</code>
<code>ENV MYPATH /usr/local</code>
<code>WORKDIR $MYPATH</code>
<code>ENV JAVA_HOME /usr/local/jdk1.8.0_251</code>
<code>ENV CATALINA_HOME /usr/local/apache-tomcat-9.0.35</code>
<code>ENV PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/lib:$CATALINA_HOME/bin</code>
<code>EXPOSE 8080</code>
<code>CMD ["/usr/local/apache-tomcat-9.0.35/bin/catalina.sh", "run"]

3. Build the image:

# Build using Dockerfile</code>
<code>docker build -t mytomcat .

4. Run the container:

docker run -d -p 3344:8080 --name mttomcat -v /home/fortuneteller/tomcat/test:/usr/local/apache-tomcat-9.0.35/webapps/test -v /home/fortuneteller/tomcat/logs:/usr/local/apache-tomcat-9.0.35/logs mytomcat

5. Test access (open http://host_ip:3344).

Push Local Image to Alibaba Cloud

Log in to Alibaba Cloud Container Registry.

Create a namespace.

Create a repository.

Set a fixed password.

View push command.

Execute push command.

Pull using the provided command.

Docker Summary

Deploy a SpringBoot Project with Docker

Build the JAR with Maven.

Create Dockerfile.

FROM java:8</code>
<code>COPY *.jar /app.jar</code>
<code>CMD ["--server.port=8080"]</code>
<code>EXPOSE 8080</code>
<code>ENTRYPOINT ["java", "-jar", "app.jar"]

Upload Dockerfile and JAR to the Linux server.

Build the image. docker build -t ideatest . List images to get the image ID. docker images Run the container.

docker run -d -p 3344:8080 ideatest # Ensure port 3344 is open in Alibaba Cloud

Test access by visiting server_ip:3344.

In the browser, enter: server_ip:3344