centos 7 服务器在构建 docker 图像时不断重启
centos 7 server keeps restarting while building the docker images
我在 centos 和系统上安装了 docker。
我可以使用 docker pull 命令下载 docker 图像。
但是当我 运行 容器使用 docker run alpine 时,服务器重新启动。
每次都会发生这种情况。
我从 /var/log/messages | 中找到了这个grep docker
代码
以下是我的配置:
$ docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 1
Server Version: 18.09.0
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: c4446665cb9c30056f4998ed953e6d4ff22c7c39
runc version: 4fc53a81fb7c994640722ac585fa9ca548971871
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-957.1.3.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 40
Total Memory: 251.7GiB
Name: CHMCISPRDOCKENG
ID: XFPC:SYGF:Q3P7:M32Z:VRTX:TFGZ:YA43:NYSY:UGVK:PC2M:HVAU:TIM2
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
some-registry
127.0.0.0/8
Live Restore Enabled: false
Product License: Community Engine
WARNING: API is accessible on http://127.0.0.1:2375 without encryption.
Access to the remote API is equivalent to root access on the host. Refer
to the 'Docker daemon attack surface' section in the documentation for
more information:
https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
现在当我运行docker pull alpine。图片下载成功。
但是当我 运行 docker run -it alpine 时,我从服务器注销并且服务器重新启动。
下面是我 运行 cat /var/log/messages | grep docker.
时的日志
Dec 17 19:28:12 CHMCISPRDOCKENG systemd: Started docker.service.
Dec 17 19:28:12 CHMCISPRDOCKENG audispd: node=CHMCISPRDOCKENG type=SERVICE_START msg=audit(1545055092.725:167): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=docker comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.023820157+05:30" level=warning msg="[!] DON'T BIND ON ANY IP ADDRESS WITHOUT setting --tlsverify IF YOU DON'T KNOW WHAT YOU'RE DOING [!]"
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.043715041+05:30" level=info msg="libcontainerd: started new containerd process" pid=15564
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.043788743+05:30" level=info msg="parsed scheme: \"unix\"" module=grpc
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.043810434+05:30" level=info msg="scheme \"unix\" not registered, fallback to default scheme" module=grpc
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.044206037+05:30" level=info msg="ccResolverWrapper: sending new addresses to cc: [{unix:///var/run/docker/containerd/containerd.sock 0 <nil>}]" module=grpc
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.044227097+05:30" level=info msg="ClientConn switching balancer to \"pick_first\"" module=grpc
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.044283337+05:30" level=info msg="pickfirstBalancer: HandleSubConnStateChange: 0xc420963f00, CONNECTING" module=grpc
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.726282962+05:30" level=info msg="starting containerd" revision=c4446665cb9c30056f4998ed953e6d4ff22c7c39 version=1.2.0
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.727202682+05:30" level=info msg="loading plugin "io.containerd.content.v1.content"..." type=io.containerd.content.v1
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.733393760+05:30" level=info msg="loading plugin "io.containerd.snapshotter.v1.btrfs"..." type=io.containerd.snapshotter.v1
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.733593273+05:30" level=warning msg="failed to load plugin io.containerd.snapshotter.v1.btrfs" error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.btrfs must be a btrfs filesystem to be used with the btrfs snapshotter"
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.733607841+05:30" level=info msg="loading plugin "io.containerd.snapshotter.v1.aufs"..." type=io.containerd.snapshotter.v1
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.737142848+05:30" level=warning msg="failed to load plugin io.containerd.snapshotter.v1.aufs" error="modprobe aufs failed: "modprobe: FATAL: Module aufs not found.\n": exit status 1"
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.737165057+05:30" level=info msg="loading plugin "io.containerd.snapshotter.v1.native"..." type=io.containerd.snapshotter.v1
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.740458140+05:30" level=info msg="loading plugin "io.containerd.snapshotter.v1.overlayfs"..." type=io.containerd.snapshotter.v1
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.747800098+05:30" level=info msg="loading plugin "io.containerd.snapshotter.v1.zfs"..." type=io.containerd.snapshotter.v1
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.748343654+05:30" level=warning msg="failed to load plugin io.containerd.snapshotter.v1.zfs" error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.zfs must be a zfs filesystem to be used with the zfs snapshotter"
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.748359281+05:30" level=info msg="loading plugin "io.containerd.metadata.v1.bolt"..." type=io.containerd.metadata.v1
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.748378883+05:30" level=warning msg="could not use snapshotter zfs in metadata plugin" error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.zfs must be a zfs filesystem to be used with the zfs snapshotter"
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.748386577+05:30" level=warning msg="could not use snapshotter btrfs in metadata plugin" error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.btrfs must be a btrfs filesystem to be used with the btrfs snapshotter"
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.748392893+05:30" level=warning msg="could not use snapshotter aufs in metadata plugin" error="modprobe aufs failed: "modprobe: FATAL: Module aufs not found.\n": exit status 1"
有什么建议吗?
找到答案是存储驱动程序问题。
服务器的配置不支持 docker 的默认 overlay2 存储驱动程序。将其更改为 devicemapper 固定的东西。
我在 centos 和系统上安装了 docker。
我可以使用 docker pull 命令下载 docker 图像。
但是当我 运行 容器使用 docker run alpine 时,服务器重新启动。
每次都会发生这种情况。
我从 /var/log/messages | 中找到了这个grep docker
代码
以下是我的配置:
$ docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 1
Server Version: 18.09.0
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: c4446665cb9c30056f4998ed953e6d4ff22c7c39
runc version: 4fc53a81fb7c994640722ac585fa9ca548971871
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-957.1.3.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 40
Total Memory: 251.7GiB
Name: CHMCISPRDOCKENG
ID: XFPC:SYGF:Q3P7:M32Z:VRTX:TFGZ:YA43:NYSY:UGVK:PC2M:HVAU:TIM2
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
some-registry
127.0.0.0/8
Live Restore Enabled: false
Product License: Community Engine
WARNING: API is accessible on http://127.0.0.1:2375 without encryption.
Access to the remote API is equivalent to root access on the host. Refer
to the 'Docker daemon attack surface' section in the documentation for
more information:
https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
现在当我运行docker pull alpine。图片下载成功。
但是当我 运行 docker run -it alpine 时,我从服务器注销并且服务器重新启动。
下面是我 运行 cat /var/log/messages | grep docker.
Dec 17 19:28:12 CHMCISPRDOCKENG systemd: Started docker.service.
Dec 17 19:28:12 CHMCISPRDOCKENG audispd: node=CHMCISPRDOCKENG type=SERVICE_START msg=audit(1545055092.725:167): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=docker comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.023820157+05:30" level=warning msg="[!] DON'T BIND ON ANY IP ADDRESS WITHOUT setting --tlsverify IF YOU DON'T KNOW WHAT YOU'RE DOING [!]"
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.043715041+05:30" level=info msg="libcontainerd: started new containerd process" pid=15564
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.043788743+05:30" level=info msg="parsed scheme: \"unix\"" module=grpc
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.043810434+05:30" level=info msg="scheme \"unix\" not registered, fallback to default scheme" module=grpc
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.044206037+05:30" level=info msg="ccResolverWrapper: sending new addresses to cc: [{unix:///var/run/docker/containerd/containerd.sock 0 <nil>}]" module=grpc
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.044227097+05:30" level=info msg="ClientConn switching balancer to \"pick_first\"" module=grpc
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.044283337+05:30" level=info msg="pickfirstBalancer: HandleSubConnStateChange: 0xc420963f00, CONNECTING" module=grpc
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.726282962+05:30" level=info msg="starting containerd" revision=c4446665cb9c30056f4998ed953e6d4ff22c7c39 version=1.2.0
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.727202682+05:30" level=info msg="loading plugin "io.containerd.content.v1.content"..." type=io.containerd.content.v1
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.733393760+05:30" level=info msg="loading plugin "io.containerd.snapshotter.v1.btrfs"..." type=io.containerd.snapshotter.v1
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.733593273+05:30" level=warning msg="failed to load plugin io.containerd.snapshotter.v1.btrfs" error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.btrfs must be a btrfs filesystem to be used with the btrfs snapshotter"
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.733607841+05:30" level=info msg="loading plugin "io.containerd.snapshotter.v1.aufs"..." type=io.containerd.snapshotter.v1
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.737142848+05:30" level=warning msg="failed to load plugin io.containerd.snapshotter.v1.aufs" error="modprobe aufs failed: "modprobe: FATAL: Module aufs not found.\n": exit status 1"
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.737165057+05:30" level=info msg="loading plugin "io.containerd.snapshotter.v1.native"..." type=io.containerd.snapshotter.v1
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.740458140+05:30" level=info msg="loading plugin "io.containerd.snapshotter.v1.overlayfs"..." type=io.containerd.snapshotter.v1
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.747800098+05:30" level=info msg="loading plugin "io.containerd.snapshotter.v1.zfs"..." type=io.containerd.snapshotter.v1
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.748343654+05:30" level=warning msg="failed to load plugin io.containerd.snapshotter.v1.zfs" error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.zfs must be a zfs filesystem to be used with the zfs snapshotter"
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.748359281+05:30" level=info msg="loading plugin "io.containerd.metadata.v1.bolt"..." type=io.containerd.metadata.v1
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.748378883+05:30" level=warning msg="could not use snapshotter zfs in metadata plugin" error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.zfs must be a zfs filesystem to be used with the zfs snapshotter"
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.748386577+05:30" level=warning msg="could not use snapshotter btrfs in metadata plugin" error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.btrfs must be a btrfs filesystem to be used with the btrfs snapshotter"
Dec 17 19:28:16 CHMCISPRDOCKENG dockerd: time="2018-12-17T19:28:16.748392893+05:30" level=warning msg="could not use snapshotter aufs in metadata plugin" error="modprobe aufs failed: "modprobe: FATAL: Module aufs not found.\n": exit status 1"
有什么建议吗?
找到答案是存储驱动程序问题。 服务器的配置不支持 docker 的默认 overlay2 存储驱动程序。将其更改为 devicemapper 固定的东西。