Is there a way to see the Dockerfile that generated an image I downloaded, to use as a template for my own docker images?
Use
docker history --no-trunc IMAGE_NAME_OR_ID
This will show all commands run in the image building process in reverse order. It's not exactly a Dockerfile, but you can find all essential content.
Related
As of now, I am learning Docker. This reference has mentioned two ways of pulling an image from the Docker registry. Can anyone explain this in simple terms?
Does this mean that we cannot get updates on a pulled image if we use docker image pull command?
They are the same command. From the documentation you linked:
To download a particular image, or set of images (i.e., a repository), use docker image pull (or the docker pull shorthand).
There are many "shortand commands" like:
docker push for docker image push
docker run for docker container run
...
What is the difference between docker pull and docker image pull commands?
None.
Can anyone explain this in simple terms?
They are the same.
Does this mean that we cannot get updates on a pulled image if we use docker image pull command?
No.
Also https://forums.docker.com/t/docker-pull-imagename-vs-docker-image-pull-imagename/59283
When we run a docker container if the relevant image is not in the local repo it is being downloaded but in a specific sequence i.e parent images etc.
If I don’t know anything about the image how could I find from which images is being based on based on the layers pulled as displayed in a docker run?
The output only shows the SHA1s on any docker run etc
AFAIK, you can't, there is no reverse function for a hash.
Docker just tries to get the image from local, when its not available tries to fetch it from the registry. The default registry is DockerHub.
When you don't specify any tag when running the container ie: docker run ubuntu instead of docker run ubuntu:16.04 the default latest is used. You'll have to visit the registry and search which version the latest tag is pointing to.
Usually in DockerHub there is a link pointing the GitHub repo where you can find the Dockerfile, in the Dockerfile you can find how its built, including the root image.
You also can get some extra info with docker image inspect image:tag, but you'll find more hashes in the layers.
Take a look to dockerfile-from-image
"Similar to how the docker history command works, the dockerfile-from-image script is able to re-create the Dockerfile (approximately) that was used to generate an image using the metadata that Docker stores alongside each image layer."
With this, maybe you can get the source of the image.
I am running a script to build a Docker image. I need to push this image to 2 different repositories with different tags. For which I need to capture and store the build ID of the image.
Docker build documentation talks about a way to store it in a file using --iidfile.
Do we have any examples around the same?
Thank you.
Actually, you don't need image ID. Just use docker tag existing image in your build pipeline to create other "cloned" images. Example:
docker build -t repo1/image:tag1 .
docker tag repo1/image:tag1 repo2/image:tag2
docker push repo1/image:tag1
docker push repo2/image:tag2
I would like to be able to pull a docker image from dockerhub and edit the dockerfile.. I am wondering if dockerhub actually downloads the dockerfile to the localhost and to where it is stored (I am running it from a MAC).
You dont download the docker image and edit their Dockerfile. The Dockerfile is an instruction set on how to build an image. Once the image is made, theres no going backwards. However if its on Dockerhub there should be a link to the Dockerfile. Look around at the page for links to the Dockerfile. Probably just a link to Github.
Once you have the dockerfile you then build it. For instance if you have a terminal open in the same folder as a Dockerimage file you could run
docker build -t myimage .
where myimage is the tag of your image. You will then have an instance of myimage on your local machine.
Also you can make a docker file that extends theres using FROM. For instance your docker file might start with
FROM java:6b38-jdk
# append to their image.
An image does not include a complete Dockerfile. When pulling an image you get an image manifest along with the required file system layers.
You can see some of the build steps with docker history --no-trunc IMAGE but it's not the complete Dockerfile.
There are utilities that try and generate a Dockerfile from the image history
Is it possible to get back the docker commands which were run to produce a given docker image? Since each line of a docker file should map to a single layer, it seems this would be possible, but I don't see anything in the docs.
docker history <image>
Does pretty much that.
Is it possible to get back the docker commands which were run to produce a given docker image?
No, considering you have commands like docker export / docker import which allows to flatten an image:
docker export <containerID> | docker import - <imagename>
The resulting image would be build from a container, and include only one layer. Not even a docker history would be able to give clues as to the original images and their Dockerfile which where part of the original container.
You can use combinations of two docker commands to achieve what you want:
docker inspect <image>
and
docker history <image>
Or you can use this cool service to see how that image being generated, each layer is a command in your docker file:
https://imagelayers.io/?images=java:latest,golang:latest,node:latest,python:latest,php:latest,ruby:latest
I guess it depends on where you got the image from.
In the case of these docker containers of mine from the Docker Hub you can use
this link from the right hand side of the webpage to follow it to this github repo containing the Dockerfile(s).
I do not think there is a command to "unassemble" a container / image and get back the instructions which made it.
For the images you create image metadata (labels) can be used to store Dockerfile
https://docs.docker.com/engine/userguide/labels-custom-metadata/
Initial solution was proposed here https://speakerdeck.com/garethr/managing-container-configuration-with-metadata
This approach of storing Dockerfile is not very efficient - it requires container to be started in order to extract the Dockerfile.
I personally use different approach - encode Dockerfile with Base64 and pass such encoded string using external arguments to set image label. This way you can read content of Dockerfile directly from image using inspect.
You can find detailed example here: https://gist.github.com/lruslan/3dea3b3d52a66531b2a1