[docker]通过阿里云源安装docker && flannel不通问题解决(try this guy out)

docker清理容器

# 容器停止后就自动删除:
docker run --rm centos /bin/echo "One"; # 杀死所有正在运行的容器:
docker kill $(docker ps -a -q) # 删除所有未打标签的镜像:
docker rmi $(docker images -q -f dangling=true) # 删除所有已经停止的容器:
docker rm $(docker ps -a -q) # 显示镜像名字:tag
docker images --format "{{.Repository}}:{{.Tag}}" alias tag='docker images --format "{{.Repository}}:{{.Tag}}"' alias bb='docker run -it --rm busybox'
alias dp='docker ps -a'
alias dt='docker images --format "{{.Repository}}:{{.Tag}}"'
alias dc='docker rm $(docker ps -a -q)'
alias ds='docker stats'
alias kk='kubectl get pod --all-namespaces -o wide --show-labels'
alias ks='kubectl get svc --all-namespaces -o wide'
alias kss='kubectl get svc --all-namespaces -o wide --show-labels'
alias kd='kubectl get deploy --all-namespaces -o wide'
alias wk='watch kubectl get pod --all-namespaces -o wide --show-labels'
alias kv='kubectl get pv -o wide'
alias kvc='kubectl get pvc -o wide --all-namespaces --show-labels'
alias kbb='kubectl run -it --rm --restart=Never busybox --image=busybox sh'
alias kbbc='kubectl run -it --rm --restart=Never curl --image=appropriate/curl sh'
alias kd='kubectl get deployment --all-namespaces --show-labels'
alias kcm='kubectl get cm --all-namespaces -o wide'
alias kin='kubectl get ingress --all-namespaces -o wide'

自动补全

yum install bash-com* -y
wget https://raw.githubusercontent.com/lannyMa/scripts/master/docker
mv docker /etc/bash_completion.d/ $ wget https://get.docker.com/builds/Linux/x86_64/docker-17.04.0-ce.tgz
$ tar -xvf docker-17.04.0-ce.tgz
$ cp docker/docker* /root/local/bin
$ cp docker/completion/bash/docker /etc/bash_completion.d/

使用阿里云源安装新版docker-ce

安装步骤

参考:

https://mirrors.aliyun.com/help/docker-ce

https://yq.aliyun.com/articles/110806


yum install -y libnetfilter_conntrack-devel libmnl-devel conntrack-tools socat
echo "net.netfilter.nf_conntrack_acct=1" >> /etc/sysctl.conf
echo "net.netfilter.nf_conntrack_timestamp=1" >> /etc/sysctl.conf
sysctl -p /etc/sysctl.conf yum install -y yum-utils device-mapper-persistent-data lvm2
#如果docker-ce.repo内容为空,则参考下面附.
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sudo yum makecache fast
sudo yum install docker-ce -y
mkdir -p /etc/docker
cat >>/etc/docker/daemon.json<<EOF
{
"registry-mirrors": ["https://registry.docker-cn.com"],
"hosts": [
"tcp://0.0.0.0:2375",
"unix:///var/run/docker.sock"
]
}
EOF
systemctl daemon-reload
systemctl restart docker && systemctl enable docker

配置转发

sysctl -w net.ipv6.conf.all.disable_ipv6=1
sysctl -w net.ipv6.conf.default.disable_ipv6=1
sysctl -w net.ipv4.ip_forward=1
echo 'iptables -P FORWARD ACCEPT' >> /etc/rc.local
iptables -P FORWARD ACCEPT
sysctl -p docker pull busybox
echo "alias bb='docker run -it --rm busybox'" >> /etc/bashrc
source /etc/bashrc sudo systemctl stop firewalld
sudo systemctl disable firewalld
sudo iptables -F && sudo iptables -X && sudo iptables -F -t nat && sudo iptables -X -t nat iptables -t nat -L -n

ip netns ls显示

ln -s /var/run/docker/netns /var/run/netns

查看dockerd日志

journalctl -u docker -f

安装docker-compose

cd
yum install python-pip -y
mkdir ~/.pip
cat >pip.conf<<EOF
[global]
index-url = http://mirrors.aliyun.com/pypi/simple/ [install]
trusted-host=mirrors.aliyun.com
EOF mv ./pip.conf ~/.pip/
pip install docker-compose
pip install --upgrade pip

二进制安装docker-ce

下载:

https://download.docker.com/linux/static/stable/x86_64/

tar -xvf docker-17.04.0-ce.tgz
cp docker/docker* /user/local/bin
cp docker/completion/bash/docker /etc/bash_completion.d/ dockerd --log-level=error --bip=10.2.20.1/24 --mtu=1500 --ipmasq=true
$ cat docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=http://docs.docker.io [Service]
Environment="PATH=/root/local/bin:/bin:/sbin:/usr/bin:/usr/sbin"
EnvironmentFile=-/run/flannel/docker ## 这里比较关键
ExecStart=/root/local/bin/dockerd --log-level=error $DOCKER_NETWORK_OPTIONS
ExecReload=/bin/kill -s HUP $MAINPID
Restart=on-failure
RestartSec=5
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
Delegate=yes
KillMode=process [Install]
WantedBy=multi-user.target

flannel网络不通问题解决

两台机器间容器通过flannel网络无法互ping

  • 以往是这样解决的
systemctl stop firewalld && systemctl disable firewalld
sysctl -w net.ipv6.conf.all.disable_ipv6=1
sysctl -w net.ipv6.conf.default.disable_ipv6=1
sysctl -w net.ipv4.ip_forward=1
iptables -P FORWARD ACCEPT
sysctl -p echo 'iptables -P FORWARD ACCEPT' >> /rc.local
  • 这样不好使,排查发现flannel动态生成的subnet.env参数和docker手动指定的不一样

    我重启了下所有机器,导致flannel启动后子网发生了变化,而docker启动加载的是之前手动给指定的之前的flannel的子网,因此导致不同.

下面详解了解下flannel如何和docker联动

1.下载flannel后,压缩包里有个生成docker启动参数(网络)的脚本

2.flannel启动会执行这个脚本(flannel的services实现),动态生成docker参数

/usr/local/bin/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/docker
  • 创建 flanneld 的 systemd unit 文件
$ cat > flanneld.service << EOF
[Unit]
Description=Flanneld overlay address etcd agent
After=network.target
After=network-online.target
Wants=network-online.target
After=etcd.service
Before=docker.service [Service]
Type=notify
ExecStart=/root/local/bin/flanneld
ExecStartPost=/root/local/bin/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/docker
Restart=on-failure [Install]
WantedBy=multi-user.target
RequiredBy=docker.service
EOF

mk-docker-opts.sh 脚本将分配给 flanneld 的 Pod 子网网段信息写入到 /run/flannel/docker 文件中,后续 docker 启动时使用这个文件中参数值设置 docker0 网桥;

-iface 选项值指定 flanneld 和其它 Node 通信的接口,如果机器有内、外网,则最好指定为内网接口;

  • 创建docker启动脚本
$ cat docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=http://docs.docker.io [Service]
Environment="PATH=/root/local/bin:/bin:/sbin:/usr/bin:/usr/sbin"
EnvironmentFile=-/run/flannel/docker
ExecStart=/root/local/bin/dockerd --log-level=error $DOCKER_NETWORK_OPTIONS
ExecReload=/bin/kill -s HUP $MAINPID
Restart=on-failure
RestartSec=5
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
Delegate=yes
KillMode=process [Install]
WantedBy=multi-user.target

flannel自动生成docker参数脚本

/usr/local/bin/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/docker
#!/bin/sh

usage() {
echo "$0 [-f FLANNEL-ENV-FILE] [-d DOCKER-ENV-FILE] [-i] [-c] [-m] [-k COMBINED-KEY] Generate Docker daemon options based on flannel env file
OPTIONS:
-f Path to flannel env file. Defaults to /run/flannel/subnet.env
-d Path to Docker env file to write to. Defaults to /run/docker_opts.env
-i Output each Docker option as individual var. e.g. DOCKER_OPT_MTU=1500
-c Output combined Docker options into DOCKER_OPTS var
-k Set the combined options key to this value (default DOCKER_OPTS=)
-m Do not output --ip-masq (useful for older Docker version)
" >&2 exit 1
} flannel_env="/run/flannel/subnet.env"
docker_env="/run/docker_opts.env"
combined_opts_key="DOCKER_OPTS"
indiv_opts=false
combined_opts=false
ipmasq=true while getopts "f:d:icmk:?h" opt; do
case $opt in
f)
flannel_env=$OPTARG
;;
d)
docker_env=$OPTARG
;;
i)
indiv_opts=true
;;
c)
combined_opts=true
;;
m)
ipmasq=false
;;
k)
combined_opts_key=$OPTARG
;;
[\?h])
usage
;;
esac
done if [ $indiv_opts = false ] && [ $combined_opts = false ]; then
indiv_opts=true
combined_opts=true
fi if [ -f "$flannel_env" ]; then
. $flannel_env
fi if [ -n "$FLANNEL_SUBNET" ]; then
DOCKER_OPT_BIP="--bip=$FLANNEL_SUBNET"
fi if [ -n "$FLANNEL_MTU" ]; then
DOCKER_OPT_MTU="--mtu=$FLANNEL_MTU"
fi if [ -n "$FLANNEL_IPMASQ" ] && [ $ipmasq = true ] ; then
if [ "$FLANNEL_IPMASQ" = true ] ; then
DOCKER_OPT_IPMASQ="--ip-masq=false"
elif [ "$FLANNEL_IPMASQ" = false ] ; then
DOCKER_OPT_IPMASQ="--ip-masq=true"
else
echo "Invalid value of FLANNEL_IPMASQ: $FLANNEL_IPMASQ" >&2
exit 1
fi
fi eval docker_opts="\$${combined_opts_key}" if [ "$docker_opts" ]; then
docker_opts="$docker_opts ";
fi echo -n "" >$docker_env for opt in $(set | grep "DOCKER_OPT_"); do OPT_NAME=$(echo $opt | awk -F "=" '{print $1;}');
OPT_VALUE=$(eval echo "\$$OPT_NAME"); if [ "$indiv_opts" = true ]; then
echo "$OPT_NAME=\"$OPT_VALUE\"" >>$docker_env;
fi docker_opts="$docker_opts $OPT_VALUE"; done if [ "$combined_opts" = true ]; then
echo "${combined_opts_key}=\"${docker_opts}\"" >>$docker_env
fi

把机器上所有image dump成文件,一键导出本地所有镜像

#!/bin/bash
image_list=`docker images --format "{{.Repository}}:{{.Tag}}"`
for image in $image_list;do
file_name=`echo $image | sed "s#[/:]#_#g"`
echo "Saveing image '$image' into '$file_name.tar.gz'"
docker save -o "$file_name.tar" $image
gzip $file_name.tar
done # gzip把tar搞成了tar.gz, docker load -i tar.gz即可. 如果空间够,可以不gzip

docker json日志驱动滚动和清理参数

参考: https://docs.docker.com/engine/admin/logging/json-file/#usage

默认一个日志文件.不自动切割.

[docker]通过阿里云源安装docker && flannel不通问题解决(try this guy out)

[docker]通过阿里云源安装docker && flannel不通问题解决(try this guy out)

dockerd前台启动

可以指定bridge启动(默认的docker0有nat)

dockerd -b=br0

可以启动后不让修改iptables

dockerd -b=br0 --iptables=false #默认修改的,iptables -t nat -L -n
$ dockerd --help

Usage:	dockerd COMMAND

A self-sufficient runtime for containers.

Options:
--add-runtime runtime Register an additional OCI compatible runtime (default [])
--allow-nondistributable-artifacts list Allow push of nondistributable artifacts to registry
--api-cors-header string Set CORS headers in the Engine API
--authorization-plugin list Authorization plugins to load
--bip string Specify network bridge IP
-b, --bridge string Attach containers to a network bridge
--cgroup-parent string Set parent cgroup for all containers
--cluster-advertise string Address or interface name to advertise
--cluster-store string URL of the distributed storage backend
--cluster-store-opt map Set cluster store options (default map[])
--config-file string Daemon configuration file (default "/etc/docker/daemon.json")
--containerd string Path to containerd socket
--cpu-rt-period int Limit the CPU real-time period in microseconds
--cpu-rt-runtime int Limit the CPU real-time runtime in microseconds
--data-root string Root directory of persistent Docker state (default "/var/lib/docker")
-D, --debug Enable debug mode
--default-gateway ip Container default gateway IPv4 address
--default-gateway-v6 ip Container default gateway IPv6 address
--default-ipc-mode string Default mode for containers ipc ("shareable" | "private") (default "shareable")
--default-runtime string Default OCI runtime for containers (default "runc")
--default-shm-size bytes Default shm size for containers (default 64MiB)
--default-ulimit ulimit Default ulimits for containers (default [])
--disable-legacy-registry Disable contacting legacy registries (default true)
--dns list DNS server to use
--dns-opt list DNS options to use
--dns-search list DNS search domains to use
--exec-opt list Runtime execution options
--exec-root string Root directory for execution state files (default "/var/run/docker")
--experimental Enable experimental features
--fixed-cidr string IPv4 subnet for fixed IPs
--fixed-cidr-v6 string IPv6 subnet for fixed IPs
-G, --group string Group for the unix socket (default "docker")
--help Print usage
-H, --host list Daemon socket(s) to connect to
--icc Enable inter-container communication (default true)
--init Run an init in the container to forward signals and reap processes
--init-path string Path to the docker-init binary
--insecure-registry list Enable insecure registry communication
--ip ip Default IP when binding container ports (default 0.0.0.0)
--ip-forward Enable net.ipv4.ip_forward (default true)
--ip-masq Enable IP masquerading (default true)
--iptables Enable addition of iptables rules (default true)
--ipv6 Enable IPv6 networking
--label list Set key=value labels to the daemon
--live-restore Enable live restore of docker when containers are still running
--log-driver string Default driver for container logs (default "json-file")
-l, --log-level string Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info")
--log-opt map Default log driver options for containers (default map[])
--max-concurrent-downloads int Set the max concurrent downloads for each pull (default 3)
--max-concurrent-uploads int Set the max concurrent uploads for each push (default 5)
--metrics-addr string Set default address and port to serve the metrics api on
--mtu int Set the containers network MTU
--network-control-plane-mtu int Network Control plane MTU (default 1500)
--no-new-privileges Set no-new-privileges by default for new containers
--node-generic-resources string user defined resources (e.g. fpga=2;gpu={UUID1,UUID2,UUID3})
--oom-score-adjust int Set the oom_score_adj for the daemon (default -500)
-p, --pidfile string Path to use for daemon PID file (default "/var/run/docker.pid")
--raw-logs Full timestamps without ANSI coloring
--registry-mirror list Preferred Docker registry mirror
--seccomp-profile string Path to seccomp profile
--selinux-enabled Enable selinux support
--shutdown-timeout int Set the default shutdown timeout (default 15)
-s, --storage-driver string Storage driver to use
--storage-opt list Storage driver options
--swarm-default-advertise-addr string Set default address or interface for swarm advertised address
--tls Use TLS; implied by --tlsverify
--tlscacert string Trust certs signed only by this CA (default "/root/.docker/ca.pem")
--tlscert string Path to TLS certificate file (default "/root/.docker/cert.pem")
--tlskey string Path to TLS key file (default "/root/.docker/key.pem")
--tlsverify Use TLS and verify the remote
--userland-proxy Use userland proxy for loopback traffic (default true)
--userland-proxy-path string Path to the userland proxy binary
--userns-remap string User/Group setting for user namespaces
-v, --version Print version information and quit

开启流数据统计

## 开启流数据包统计(packets和bytes)
echo "net.netfilter.nf_conntrack_acct=1" >> /etc/sysctl.conf ## 开启流持续时间统计(delta-time)
echo "net.netfilter.nf_conntrack_timestamp=1" >> /etc/sysctl.conf
sysctl -p /etc/sysctl.conf conntrack -L -o ktimestamp

让centos7镜像支持中文

[docker]通过阿里云源安装docker && flannel不通问题解决(try this guy out)

RUN  yum -y install kde-l10n-Chinese && \
yum -y reinstall glibc-common &&\
yum clean all && \
localedef -c -f UTF-8 -i zh_CN zh_CN.utf8 ENV LC_ALL "zh_CN.UTF-8"

docker选项配置参考

kubespray安装k8s集群时候,自动给docker配置的

[root@n1 ~]# ps -ef|grep docker
root 14289 1 2 23:18 ? 00:00:32 /usr/bin/dockerd --insecure-registry=10.233.0.0/18 --graph=/var/lib/docker --log-opt max-size=50m --log-opt max-file=5 --iptables=false --dns 10.233.0.3 --dns 114.114.114.114 --dns-search default.svc.cluster.local --dns-search svc.cluster.local --dns-opt ndots:2 --dns-opt timeout:2 --dns-opt attempts:2 [root@n1 ~]# cat /etc/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=http://docs.docker.com
After=network.target docker-storage-setup.service
Wants=docker-storage-setup.service [Service]
Type=notify
Environment=GOTRACEBACK=crash
ExecReload=/bin/kill -s HUP $MAINPID
Delegate=yes
KillMode=process
ExecStart=/usr/bin/dockerd \
$DOCKER_OPTS \
$DOCKER_STORAGE_OPTIONS \
$DOCKER_NETWORK_OPTIONS \
$DOCKER_DNS_OPTIONS \
$INSECURE_REGISTRY
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
TimeoutStartSec=1min
Restart=on-abnormal [Install]
WantedBy=multi-user.target [root@n1 ~]# ll /etc/systemd/system/docker.service.d/
total 12
-rw-r--r-- 1 root root 234 Dec 27 23:18 docker-dns.conf
-rw-r--r-- 1 root root 158 Dec 27 23:18 docker-options.conf
-rw-r--r-- 1 root root 288 Dec 27 23:18 http-proxy.conf [root@n1 ~]# cat /etc/systemd/system/docker.service.d/docker-options.conf
[Service]
Environment="DOCKER_OPTS=--insecure-registry=10.233.0.0/18 --graph=/var/lib/docker --log-opt max-size=50m --log-opt max-file=5 \
--iptables=false" [root@n1 ~]# cat /etc/systemd/system/docker.service.d/docker-dns.conf
[Service]
Environment="DOCKER_DNS_OPTIONS=\
--dns 10.233.0.3 --dns 114.114.114.114 \
--dns-search default.svc.cluster.local --dns-search svc.cluster.local \
--dns-opt ndots:2 --dns-opt timeout:2 --dns-opt attempts:2 \ [root@n1 ~]# cat /etc/systemd/system/docker.service.d/http-proxy.conf
[Service]
Environment="HTTP_PROXY=http://192.168.1.88:1080/" "NO_PROXY=192.168.2.14,node4,node4.cluster.local,192.168.2.15,node5,node5.cluster.local,192.168.2.11,node1,node1.cluster.local,192.168.2.12,node2,node2.cluster.local,192.168.2.13,node3,node3.cluster.local,127.0.0.1,localhost"

docker配置代理

参考:https://docs.docker.com/engine/admin/systemd/

修改docker的svc即可.

[Service]
Environment="HTTP_PROXY=http://[proxy-addr]:[proxy-port]/" 或者:
docker -H LOCAL_IP:1028 测试(才700多K的东西):
docker pull gcr.io/google_containers/pause-amd64:3.0

docker多进程启动工具

与Supervisord类似的工具包括monit, daemontools和runit。

参考:

https://hub.docker.com/r/faisyl/alpine-runit/~/dockerfile/

docker加速器

image: registry.cn-shenzhen.aliyuncs.com/rancher_cn/heapster-grafana-amd64:v4.4.3
image: registry.cn-hangzhou.aliyuncs.com/outman_google_containers/heapster-amd64:v1.4.0 vi /etc/docker/daemon.json
{
"registry-mirrors": ["https://docker.mirrors.ustc.edu.cn"]
} [root@n1 influxdb]# cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://registry.docker-cn.com"],
"hosts": [
"tcp://0.0.0.0:2375",
"unix:///var/run/docker.sock"
]
}

设置insecure-registries

echo   '{ "insecure-registries":["registry-srv:5000"] }' >/etc/docker/daemon.json

docker的dns和日志切割设置

/usr/bin/dockerd --insecure-registry=10.233.0.0/18 --graph=/var/lib/docker --log-opt max-size=50m --log-opt max-file=5 --iptables=false --dns 10.233.0.3 --dns 114.114.114.114 --dns-search default.svc.cluster.local --dns-search svc.cluster.local --dns-opt ndots:2 --dns-opt timeout:2 --dns-opt attempts:2

docker run -it --rm busybox
/ # cat /etc/resolv.conf
search default.svc.cluster.local svc.cluster.local
nameserver 10.233.0.3
nameserver 114.114.114.114

docker-ce.repo阿里云

[docker-ce-stable]
name=Docker CE Stable - $basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/$basearch/stable
enabled=1
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg [docker-ce-stable-debuginfo]
name=Docker CE Stable - Debuginfo $basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/debug-$basearch/stable
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg [docker-ce-stable-source]
name=Docker CE Stable - Sources
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/source/stable
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg [docker-ce-edge]
name=Docker CE Edge - $basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/$basearch/edge
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg [docker-ce-edge-debuginfo]
name=Docker CE Edge - Debuginfo $basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/debug-$basearch/edge
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg [docker-ce-edge-source]
name=Docker CE Edge - Sources
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/source/edge
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg [docker-ce-test]
name=Docker CE Test - $basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/$basearch/test
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg [docker-ce-test-debuginfo]
name=Docker CE Test - Debuginfo $basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/debug-$basearch/test
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg [docker-ce-test-source]
name=Docker CE Test - Sources
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/source/test
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg

flannel mtu

FLANNEL_MTU = 1450 是 vxlan FLANNEL_MTU = 1500 是 host-gw

其他参考

“深入浅出”来解读Docker网络核心原理

[docker]通过阿里云源安装docker && flannel不通问题解决(try this guy out)

[docker]通过阿里云源安装docker && flannel不通问题解决(try this guy out)

Docker容器技术入门(二)

docker的2类存储资源

参考

- docker存储

docker提供了2种存储资源:
镜像(由 storage driver 管理):
1.基础镜像层
2.可写层 storage driver
overlay2(devicemapper)
autfs Data Volume:
1.bind mount
支持f/d
ro/rw
目的任意指定 docker run -v的方式
2.docker managed volume
不支持ro
/var/lib/docker/volumes/ 1.--volumes-from: 先启一个数据容器,后引用容器容器名
data-packed volume container FROM busybox
VOLUME ["/data1","/data2"] docker build . -t busybox1 docker run -itd --name b1 busybox1
1.先在/var/lib/docker/volumes/创建目录
2.挂载到容器/data1 /data2(容器启动会自动创建这两个) docker run -itd --volumes-from b1 busybox 2.docker create volume
docker volume create hello
docker run -d -v hello:/world busybox ls /world

其他参考

[docker]通过阿里云源安装docker && flannel不通问题解决(try this guy out)

devicemapper存储设置容量

[root@n1 ~]#  docker run -itd -v /data:/data --name b4 busybox
1ce96b5f4f135e1e98b33997b95e682efa6287ff744e1613aaacab2e159c353b
[root@n1 ~]# docker exec -it b4 sh
/ # df -h
Filesystem Size Used Available Use% Mounted on
overlay 37.8G 1.8G 35.9G 5% /
tmpfs 487.3M 0 487.3M 0% /dev
tmpfs 487.3M 0 487.3M 0% /sys/fs/cgroup
/dev/sda3 37.8G 1.8G 35.9G 5% /data

今天复习了以下docker, 发现竟然有这玩意.

https://docs.docker.com/engine/reference/commandline/dockerd/#options-per-storage-driver

devicemapper存储设置

http://blog.51cto.com/welcomeweb/1696121

上一篇:Java并发(二)—— 并发编程的挑战 与 并发机制的底层原理


下一篇:git克隆远程仓库的时候断电了,使用git-fetch断点续传