docker环境及配置
# 安装
# 源码方式安装
tar xf docker-xxxxx.tgz
- 拷贝二进制文件
cp docker/* /usr/bin/
- docker注册为server
创建 /etc/systemd/system/docker.service文件内容如下:
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
- 给执行权限
chmod +x /etc/systemd/system/docker.service
systemctl daemon-reload
2
启动并设置开机启动
systemctl daemon-reload systemctl start redis-server.service systemctl enable redis-server.servic ps -A|grep docker1
2
3
4
5
# 设置
创建docker用户组
sudo groupadd docker #添加docker用户组
sudo gpasswd -a $USER docker #将登陆用户加入到docker用户组中
newgrp docker #更新用户组
docker ps #测试docker命令是否可以使用sudo正常使用
2
3
4
# 存储目录迁移
# 背景
docker的默认存储目录是/var/lib/docker,目录结构如下:
[root@ztscshop docker]# cd /var/lib/docker
[root@ztscshop docker]# ll
total 64
drwx------ 2 root root 4096 Jan 24 2019 builder
drwx------ 4 root root 4096 Jan 24 2019 buildkit
drwx--x--x 3 root root 4096 Jan 24 2019 containerd
drwx------ 4 root root 4096 Oct 24 15:05 containers
drwx------ 3 root root 4096 Jan 24 2019 image
drwxr-x--- 3 root root 4096 Jan 24 2019 network
drwx------ 80 root root 16384 Oct 24 15:25 overlay2
drwx------ 4 root root 4096 Jan 24 2019 plugins
drwx------ 2 root root 4096 Oct 22 11:57 runtimes
drwx------ 2 root root 4096 Jan 24 2019 swarm
drwx------ 2 root root 4096 Oct 24 15:13 tmp
drwx------ 2 root root 4096 Jan 24 2019 trust
drwx------ 15 root root 4096 Feb 7 2019 volumes
[root@ztscshop docker]#
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
docker所有自身的东西都会存在这些文件夹下面包括镜像文件和容器,所以会占用越来越多的磁盘空间。
如果docker所在的磁盘空间比较小,磁盘空间被占满没有空间的时候,显然会导致docker容器运行失败,此时必然要迁移docker的存储目录到一个更大的磁盘下面。
# 查看占用空间
检查各磁盘空间的命令:
#全局查看
df -h
#依次查看各个目录的磁盘大小
du -ah --max-depth=1
2
3
4
查看磁盘占用情况:df -h
[root@ecs-8f49 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
devtmpfs 7.8G 0 7.8G 0% /dev
tmpfs 7.8G 0 7.8G 0% /dev/shm
tmpfs 7.8G 73M 7.7G 1% /run
tmpfs 7.8G 0 7.8G 0% /sys/fs/cgroup
/dev/vda1 40G 13G 25G 33% /
tmpfs 1.6G 0 1.6G 0% /run/user/0
overlay 40G 13G 25G 33% /var/lib/docker/overlay2/53eb033fae8fadc98df74b118e743092fcd0ee68b579c2b771288c3c023b0b8b/merged
shm 64M 0 64M 0% /var/lib/docker/containers/8ecb90f024c08468c5f32e7c8b8b0d1ff87616536e6c2155cfb58447bded3071/shm
2
3
4
5
6
7
8
9
10
查看docker自身的内存占用:docker system df
[root@ecs-8f49 ~]# docker system df
TYPE TOTAL ACTIVE SIZE RECLAIMABLE
Images 16 12 2.893 GB 1.535 GB (53%)
Containers 12 1 155.6 MB 155.6 MB (100%)
Local Volumes 1 1 4.212 GB 0 B (0%)
2
3
4
5
# 清除无用垃圾
docker system prune
命令可以用于清理磁盘,删除关闭的容器、无用的数据卷和网络,以及dangling镜像(即无tag的镜像)。
[root@ecs-8f49 ~]# docker system prune
WARNING! This will remove:
- all stopped containers
- all volumes not used by at least one container
- all networks not used by at least one container
- all dangling images
Are you sure you want to continue? [y/N] y
Deleted Containers:
9bd48276fcd28b3882605fd67a156a7ea848f8fbfe16c3588b630955dfda253d
74af4504bdefbc58b83a476c12d6ce10260f91349eed0e5bfca5e51b86fb8474
d405d43eeb7908472b4b8712f668ca3b97f3796f6afc1c1d19a15879140ddf64
9f645670de22840d04249351d07b2f68f77754e4dfebdb4b39c56d827d6b6805
79d32c6b3c34bb359cbbf8309d7be34074da391d3b48083f456a5911259a5213
ad7137d7e018144e17790a3c86a8217a95faecd07a39003bc4df275c8c8d351d
b02eb42677a52663e50fc4a2b1344d37a8d2a2cca445fe5eae49648a0ca54b13
0813454a5421cf380b72265c2e6832411a590479424dbc3470e47e1cc9cdd740
a58b5f545ce1cd03a2899ba277641b5f52203802d9672c72f281f2d5a31fc219
936e65f72c60d754cb2a1441d0cdeb18f9a7ebde353f091fc44a034733fed52c
ad86565bd85af04f5847703ba213d226c7d7b69e5210211e4170671d3ea4051c
Deleted Volumes:
37620879ca58c052c47e7677a1851f45c25cbc0437c8883cc2fe8e70e1cb921a
Total reclaimed space: 4.368 GB
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
docker system prune -a命令清理得更加彻底,可以将没有容器使用Docker镜像都删掉。
注意,这两个命令会把你暂时关闭的容器,以及暂时没有用到的Docker镜像都删掉了…所以使用之前一定要想清楚.。我没用过,因为会清理 没有开启的 Docker 镜像。
# 配置及目录迁移
停止docker服务
systemctl stop docker
创建新的docker目录,执行命令df -h,找一个大的磁盘。 我在 /home目录下面建了 /home/docker/lib目录,执行的命令是:
mkdir -p /home/docker/lib
迁移/var/lib/docker目录下面的文件到 /home/docker/lib:
(rsync是linux文件夹同步的命令,参数要加一个-r,因为文件夹要递归copy,如果在同一台服务器上面,直接cp也是可以的)
rsync -r -avz /var/lib/docker /home/docker/lib/
配置 /etc/systemd/system/docker.service.d/devicemapper.conf。查看 devicemapper.conf 是否存在。如果不存在,就新建。
mkdir -p /etc/systemd/system/docker.service.d/
vi /etc/systemd/system/docker.service.d/devicemapper.conf
2
然后在 devicemapper.conf 写入:(同步的时候把父文件夹一并同步过来,实际上的目录应在 /home/docker/lib/docker )
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd --graph=/home/docker/lib/docker
2
3
重新加载 docker
systemctl daemon-reload
systemctl restart docker
systemctl enable docker
2
3
为了确认一切顺利,运行
docker info
命令检查Docker 的根目录.它将被更改为 /home/docker/lib/docker
...
Docker Root Dir: /home/docker/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
...
2
3
4
5
6
启动成功后,再确认之前的镜像还在:
root@nn0:~$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
AAA/AAA v2 7331b8651bcc 27 hours ago 3.85GB
BBB/BBB v1 da4a80dd8424 28 hours ago 3.47GB
2
3
4
确定容器没问题后删除/var/lib/docker/目录中的文件。
# 可能相关问题
# Docker无法启动 driver not supported
迁移/var/lib/docker目录后,Docker无法启动 (error initializing graphdriver: driver not supported)
启动信息
[root@nn0 ~]# systemctl start docker
Job for docker.service failed because the control process exited with error code. See "systemctl status docker.service" and "journalctl -xe" for details.
2
启动详情
8月 31 01:47:25 localhost.localdomain systemd[1]: Starting Docker Application Container Engine...
-- Subject: Unit docker.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit docker.service has begun starting up.
8月 31 01:47:25 localhost.localdomain dockerd[2390]: time="2018-08-31T01:47:25.197015872+08:00" level=info msg="libcontainerd: new containerd process, pid: 2393"
8月 31 01:47:26 localhost.localdomain dockerd[2390]: time="2018-08-31T01:47:26.204103195+08:00" level=error msg="[graphdriver] prior storage driver overlay2 failed: driver not supported"
8月 31 01:47:26 localhost.localdomain dockerd[2390]: Error starting daemon: error initializing graphdriver: driver not supported
8月 31 01:47:26 localhost.localdomain systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE
8月 31 01:47:26 localhost.localdomain systemd[1]: Failed to start Docker Application Container Engine.
2
3
4
5
6
7
8
9
10
11
错误原因:error initializing graphdriver: driver not supported
解决办法:在 /etc/docker 目录下创建daemon.json文件,并且加入以下配置
touch daemon.json
vi daemon.json
{
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
]
}
2
3
4
5
6
7
8
再次启动:systemctl start docker
# docker-runc not installed on system 问题
问题描述
docker运行镜像的时候,报错如下: (如果报错端口映射的错误,那就先不映射端口直接启动镜像,试一下是不是这个错误,因为如果直接映射端口启动镜像的话,这个错误导致容器启动失败,但是报错是端口映射失败)
[root@nn0 k8s]# docker run -it registry.helloworld.com/test/atsd:latest bash
WARNING: IPv4 forwarding is disabled. Networking will not work.
/usr/bin/docker-current: Error response from daemon: shim error: docker-runc not installed on system.
2
3
问题解决:
[root@nn0 k8s]# cd /usr/libexec/docker/
[root@nn0 docker]# ln -s docker-runc-current docker-runc
2
# Job for docker.service failed because the control process exited with error code.
首先查看一下内核版本
因为使用命令: yum install docker下载时, 默认下载的是Docker的最新版本, 但是内核版本低的话可能不兼容新版本Docker, 所以有可能出现如上错误
首先要来验证CentOS 版本是否支持 Docker,Docker 要求 CentOS 系统的内核版本高于 3.10
通过 uname -r 命令查看你当前的内核版本
1 [root@localhost /]# uname -r
2 3.10.0-123.el7.x86_64
2
方案一、内核版本过低
1.将以前下载好的Docker卸载干净,使用如下命令:
yum remove docker-*
sudo yum remove docker \ docker-client \ docker-client-latest \ docker-common \ docker-latest \ docker-latest-logrotate \ docker-logrotate \ docker-selinux \ docker-engine-selinux \ docker-engine
2
2.更新改linux系统的内核版本
yum update
建议更新完之后, 重启一下系统
3.继续下载安装docker(尽量使用高级管理员权限下载)使用如下命令
yum install dacker
4.使用如下命令启动docker
systemctl start docker
问题解决! 如果这样安装完之后还报错, 按照这个步骤再来一遍即可
如果方案一不能解决,请向下继续阅读,根据场景选择解决方式
*方案二、检查配置文件是否错误*
检查一下配置文件,使用如下命令:
vim /etc/sysconfig/docker
*方案三、检查daemon.json文件是否错误*
检查一下daemon.json文件,使用如下命令:
vim /etc/docker/daemon.json
检查以下内容是否存在,如果没有则加入文件中(注意引号和冒号的输入格式是否为英文):
{
"graph": "/mnt/docker-data",
"storage-driver": "overlay"
}
2
3
4
****方案四、****删除 /var/lib/docker 目录**
删除 /var/lib/docker 目录
重启 daemon
重启 docker
使用如下命令:
rm -rf /var/lib/docker
sudo systemctl daemon-reload
sudo service docker restart
2
3
****方案五、安装 docker-io-selinux******
安装 docker-io-selinux
重启 daemon
重启 docker
使用如下命令:
sudo yum install docker-io-selinux
sudo systemctl daemon-reload
sudo service docker restart
2
3
*方案六、重新安装Docker*
如果以上方案都没有解决你的问题,笔者建议按照步骤重新安装一下Docker,注意不要疏漏。