Differences between revisions 19 and 28 (spanning 9 versions)
Revision 19 as of 2015-05-14 13:54:47
Size: 3801
Editor: jmtd
Comment: jmtd
Revision 28 as of 2020-03-10 10:13:38
Size: 3848
Editor: ?Wim Bertels
Comment: docker command from buster repo (not docker.io)
Deletions are marked like this. Additions are marked like this.
Line 3: Line 3:
[[https://index.docker.io/_/debian/|Docker.com provide Debian images]] they describe as "semi-official". They are modified from stock Debian (see [[http://joeyh.name/blog/entry/docker_run_debian/]] for some of the differences) and there is no secure way of obtaining
the images or proving they have not been tampered with.
[[https://index.docker.io/_/debian/|Docker.com provide Debian images]] they describe as "semi-official". They are built from stock Debian (for details on how the root filesystem is made in a fairly secure way, read about [[https://github.com/debuerreotype/debuerreotype|Debuerreotype]]). The modifications and image are maintained by `paultag@` and `tianon@`.
Line 6: Line 5:
You may use Debian images from [[|Docker.io's Debian official repository]] if you trust their author, or you may prefer to create them yourself, using the methods described below. You can create your own Debian Docker images using the methods described below.
Line 10: Line 9:
This page describes different methods for building your own Debian docker images.
Line 14: Line 11:
== Using (upstream provided "contrib" script) mkimage.sh == == Methods ==

=
== Using (upstream provided "contrib" script) mkimage.sh ===
Line 25: Line 24:
sudo docker.io run -i $USER/minbase echo "hello world" sudo docker run -i $USER/minbase echo "hello world"
Line 30: Line 29:
== Using mkimage-debootstrap.sh (now flagged as deprecated by upstream) == === Manual method ===

To build pristine debian images, without cloud/docker-specific, customisations, you can use the scripts at https://github.com/jmtd/debian-docker. These use {{{debootstrap}}} to prepare a basic filesystem and add them into a docker image. Suggestions for improvements are very welcome.

Images built from these scripts are pushed to the Docker Registry as {{{jmtd/debian:wheezy}}}, {{{jmtd/debian:jessie}}} etc., but there is presently no image verification in place (so no way to cryptographically prove the provenance of the images).

See also http://www.debian-administration.org/article/696/A_brief_introduction_to_using_docker#a2 .

=== Using mkimage-debootstrap.sh (now flagged as deprecated by upstream) ===
Line 41: Line 48:
sudo docker.io run -i $USER/minbase:stable echo "hello world" sudo docker run -i $USER/minbase:stable echo "hello world"
Line 45: Line 52:

== Manual method ==

To build pristine debian images, without cloud/docker-specific, customisations, you can use the scripts at <https://github.com/jmtd/debian-docker>. These use {{{debootstrap}}} to prepare a basic filesystem and add them into a docker image. Suggestions for improvements are very welcome.

Images built from these scripts are pushed to the Docker Registry as {{{jmtd/debian:wheezy}}}, {{{jmtd/debian:jessie}}} etc., but there is presently no image verification in place (so no way to cryptographically prove the provenance of the images).

See also <http://www.debian-administration.org/article/696/A_brief_introduction_to_using_docker#a2>.
Line 63: Line 62:
echo "FROM $USER/minbase:stable" | docker.io build -t $USER/test:stable - echo "FROM $USER/minbase:stable" | docker build -t $USER/test:stable -
Line 65: Line 64:

== Alternative, opinionated images ==
For alternative images that have some Docker adaptations, see https://github.com/jgoerzen/docker-debian-base
Line 69: Line 71:

----

CategoryVirtualization

This page attempts to document how to create a Debian image for Docker.

Docker.com provide Debian images they describe as "semi-official". They are built from stock Debian (for details on how the root filesystem is made in a fairly secure way, read about Debuerreotype). The modifications and image are maintained by paultag@ and tianon@.

You can create your own Debian Docker images using the methods described below.

The following is work in progress WITHOUT ANY WARRANTY

Methods

Using (upstream provided "contrib" script) mkimage.sh

The docker.io package ships the /usr/share/docker.io/contrib/mkimage.sh script which may be used, alongside the companion script /usr/share/docker.io/contrib/mkimage/debootstrap to create a Docker image for Debian (or Ubuntu) using debootstrap, and with or without further tweaks.

You may create an image for the stable suite (using the minbase debootstrap variant) with :

sudo .../mkimage.sh -t $USER/minbase debootstrap --variant=minbase stable

The image may then be used with :

sudo docker run -i $USER/minbase echo "hello world"

Contrary to the former mkimage-debootstrap.sh (now deprecated, see below), contrib/mkimage/debootstrap does not need the mandatory variant parameter, and can invoke debootstrap without a specific variant, using its default settings.

Manual method

To build pristine debian images, without cloud/docker-specific, customisations, you can use the scripts at https://github.com/jmtd/debian-docker. These use debootstrap to prepare a basic filesystem and add them into a docker image. Suggestions for improvements are very welcome.

Images built from these scripts are pushed to the Docker Registry as jmtd/debian:wheezy, jmtd/debian:jessie etc., but there is presently no image verification in place (so no way to cryptographically prove the provenance of the images).

See also http://www.debian-administration.org/article/696/A_brief_introduction_to_using_docker#a2 .

Using mkimage-debootstrap.sh (now flagged as deprecated by upstream)

The docker.io package still ships the, now deprecated, /usr/share/docker.io/contrib/mkimage-debootstrap.sh script which may be used to create a Docker image for Debian (or Ubuntu) using debootstrap, and with or without further tweaks.

You may create an image for the stable suite (using the minbase debootstrap variant) with :

.../mkimage-debootstrap.sh $USER/minbase stable

The image may then be used with :

sudo docker run -i $USER/minbase:stable echo "hello world"

As an alternative to upstream's choices, you may modify the script so that it does not use the minbase variant by default (see for instance obergix's version and adjust to your needs), or use the newer mkimage.sh (see above).

Using the newly built image to create a test container

A dockerfile may then refer to your image using the following directive :

FROM YOURUSER/minbase:stable

You may test it with :

echo "FROM $USER/minbase:stable" | docker build -t $USER/test:stable -

Alternative, opinionated images

For alternative images that have some Docker adaptations, see https://github.com/jgoerzen/docker-debian-base

Resources


CategoryVirtualization