I’m sure this has been asked a hundred times before but I haven’t found the answer yet.
I am using a registry on my local network not Docker hub. I have a “baseImage” image in my registry. I create a new image, “myImage” from a docker file that has “From baseImge” in the docker file.
When I run “docker build” it pulls base image onto my local machine. Fine I have no problem with that. So now when I run “docker images” I have baseImage and myImage on my machine.
Now I run myImage (docker run) which runs an application that stores configuration settings on and other files on the container’s file system (no volumes, just the Linux file system all contained with in the image).
I now have on my system a container that has new file system changes, I have myImage and baseImage. What I want to do is create a new image (newImage) to push to the registry that contains only those new changes in the container. This would give in my registry 3 small images: newIImage based on myImage which is based on baseImage.
I thought “docker commit” would do the trick creating a new image based on the changes in the container. Well, that’s not what happens, it give me an image that contains “container changes” + baseImage".
Any ideas on how I can get an image out of just the container changes and without the 2 base images?
When you see people talking about “layers” in Docker images, this is exactly what they’re talking about. Try running docker history on your various images. You should see that registry.example.com/baseImage has some layers; then the registry.example.com/myImage you built from that shares the same layers, plus has new layers on top (one for each line in the Dockerfile), and your docker commit image should have exactly one more layer beyond that. If, for instance, you docker pull the baseImage, then docker pull myImage, only the changes will be pulled across the network.
This sequence is exactly what docker build does, and nothing stops you from layering images on top of each other this way. (Images I’m responsible for, in fact, are built from three layers of Dockerfile on top of a standard Linux distribution image.)
I get it. I studied the history of the images a bit more. The final image will contain all the layers of the sub images but when you pull the image it will only pull the layers it needs. If there is already one of the subimages pulled it won’t re-pull them.
Just to make sure I’m completely clear. I have image myImage:1.0. I “docker run myImage:1.0” which creates container mymage:1.0. During the course of working with the container 25MB of changes are done to the file system. The only way to get these changes into the registry is to do “docker commit” into a new image, myImage:1.1 followed by pushing myImage:1.1 into the registry.
…unless you said docker run --name, the container will have an autogenerated name, like for instance pleasant_torvalds.
If you’re making significant changes, you will be better off writing a Dockerfile (or some other equivalent automation) so it is reproducible. But otherwise…