Docker镜像层:`ADD file:<some_hash>在/` 中是什么意思? [英] Docker image layer: What does `ADD file:<some_hash> in /` mean?
问题描述
在 Docker Hub 映像中,有命令列表为每个映像层运行.这是一个golang 示例.
In Docker Hub images there are lists of commands that being run for each image layer. Here is a golang example.
一些应用程序还在 GitHub 中提供了它们的 Dockerfile.这是一个 golang 示例.
Some applications also provide their Dockerfile in GitHub. Here is a golang example.
根据Docker Hub镜像层,ADD file:4b03b5f551e3fbdf47ec609712007327828f7530cc3455c43bbcdcaf449a75a9 in/是第一个命令.图像层没有任何FROM".包括命令,它似乎也不够 ADD 定义.
According to the Docker Hub image layer, ADD file:4b03b5f551e3fbdf47ec609712007327828f7530cc3455c43bbcdcaf449a75a9 in / is the first command. The image layer doesn't have any "FROM" command included, and it doesn't seem to be suffice the ADD definition too.
以下是问题:
添加文件是什么:<HASH>in/是什么意思?这是什么格式?- 有什么方法可以使用哈希向上追踪吗?我想哈希代表
FROM图像,但似乎没有 API. - 为什么不能使用
ADD 文件构建 dockerfile:<HASH>在/语法中?有什么方法可以使用这种语法构建图像,或者在两种格式之间进行转换?
- What does
ADD file:<HASH> in /means? What is this format? - Is there any way I could trace upwards using the hash? I suppose that hash represents the
FROMimage, but it seems there are no API for that. - Why it is not possible to build a dockerfile using the
ADD file:<HASH> in /syntax? Is there any way I could build an image using such syntax, OR do a conversion between two format?
推荐答案
Docker Hub 历史视图没有显示实际的 Dockerfile;相反,它显示的内容本质上是从图像的 docker history 中提取的.这不会保留您正在寻找的具体细节:它不记得基础图像的名称,或者得到 ADDed 或 COPY 的东西的构建上下文文件名嵌入.
That Docker Hub history view doesn't show the actual Dockerfile; instead, it shows content essentially extracted from the docker history of the image. That doesn't preserve the specific details you're looking for: it doesn't remember the names of base images, or the build-context file names of things that get ADDed or COPYed in.
通过 GitHub 和 Docker Hub 链接,golang:*-buster Dockerfile 构建 FROM buildpack-deps:...-scm;buildpack-deps:buster-scm 是 FROM buildpack-deps:buster-curl;那个是FROM debian:buster;并且有 一个非常简单的 Dockerfile(在此引用全部):
Chasing through GitHub and Docker Hub links, the golang:*-buster Dockerfile is built FROM buildpack-deps:...-scm; buildpack-deps:buster-scm is FROM buildpack-deps:buster-curl; that is FROM debian:buster; and that has a very simple Dockerfile (quoted here in its entirety):
FROM scratch
ADD rootfs.tar.xz /
CMD ["bash"]
FROM scratch 从一个完全空白的图像开始;这是 Docker 镜像树的基础(以及告诉 docker history 和类似工具停止的内容).ADD 行解压缩 Debian 系统映像的 tar 文件.
FROM scratch starts from a completely totally empty image; that is the base of the Docker image tree (and what tells docker history and similar tools to stop). The ADD line unpacks a tar file of a Debian system image.
如果您查看 docker history 或您引用的 Docker Hub 历史视图,您应该能够看到这些相同的步骤正在发生./中的ADD file:4b0...对应ADD rootfs.tar.gz/,第二行是CMD["bash";].它不会被 Dockerfile 或图像分割,并且来自 ADD 的原始文件名不会被保存.(如果没有 rootfs.tar.gz 的 contents,您无论如何都无法复制图像,因此知道它的文件名只是有点帮助,但不是必需的.)
If you look at docker history or the Docker Hub history view you cite, you should be able to see these same steps happening. The ADD file:4b0... in / corresponds to the ADD rootfs.tar.gz /, and the second line is the CMD ["bash"]. It is not split up by Dockerfile or image, and the original filenames from ADD aren't saved. (You couldn't reproduce the image anyways without the contents of the rootfs.tar.gz, so it's merely slightly helpful to know its filename but not essential.)
ADD file:hash in/path 语法不是标准的 Dockerfile 语法(尤其是单词 in 不是其中的一部分).我不确定是否有可靠的方法将主机文件或 URL 转换为哈希,但构建图像并查看其 docker history 会告诉你(假设你有一个完美的匹配用于文件元数据).无法恢复到原始文件名或语法,也绝对无法恢复文件内容.
The ADD file:hash in /path syntax is not standard Dockerfile syntax (the word in in particular is not part of it). I'm not sure there's a reliable way to translate from the host file or URL to the hash, but building the image and looking at its docker history would tell you (assuming you've got a perfect match for the file metadata). There's no way to get back to the original filename or syntax, and definitely no way to get back to the file contents.
这篇关于Docker镜像层:`ADD file:<some_hash>在/` 中是什么意思?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
