[英]Dockerfile vs create image from container
Is there some difference between creating image using Dockerfile vs Creating image from container?使用 Dockerfile 创建图像与从容器创建图像之间有什么区别吗? (eg run a container from the same base as Dockerfile, transfer isntaller to the container, run them from command line and then create image from container).
(例如,从与 Dockerfile 相同的基础上运行容器,将 istaller 传输到容器,从命令行运行它们,然后从容器创建映像)。
At least I found out that installing VC Runtime from Windows Base docker container does not work :(至少我发现从 Windows Base docker 容器安装 VC Runtime 不起作用:(
If you create an image using a Dockerfile, it's all but trivial to update the image by checking it out from source control, updating the tag on a base image or docker pull
ing a newer version of it, and re-running docker build
.如果您创建使用Dockerfile的图像,它的所有,但琐碎的从源头控制检查出来,在基图像或更新的标签更新映像
docker pull
荷兰国际集团它的一个新版本,并重新运行docker build
。
If you create an image by running docker commit
, and you discover in a year that there's a critical security vulnerability in the base Linux distribution and you need to stop using it immediately , you need to remember what it was you did a year ago to build the image and exactly what steps you did to repeat them, and you'd better hope you do them exactly the same way again.如果您通过运行
docker commit
创建一个映像,并且在一年内发现基本 Linux 发行版中存在严重的安全漏洞并且您需要立即停止使用它,那么您需要记住一年前您做了什么来构建图像以及您重复它们的确切步骤,您最好希望您再次以完全相同的方式执行它们。 Oh, if only you had written down in a text file what base image you started FROM
, what files you had to COPY
in, and then what commands you need to RUN
to set up the application in the image...哦,如果你在一个文本文件中写下了你
FROM
哪个基础镜像开始,你必须COPY
哪些文件,然后你需要RUN
哪些命令来设置镜像中的应用程序......
In short, writing a Dockerfile, committing it to source control, and running docker build
is almost always vastly better practice than running docker commit
.简而言之,编写 Dockerfile,将其提交到源代码控制,并运行
docker build
几乎总是比运行docker commit
好得多的实践。 You can set up a continuous-integration system to rebuild the image whenever your source code changes;您可以设置一个持续集成系统,以便在源代码更改时重建映像; when there is that security vulnerability it's trivial to bump the
FROM
line to a newer base image and rebuild.当存在该安全漏洞时,将
FROM
行撞到更新的基本映像并重建是微不足道的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.