iProbe/Docs
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

first commit

Browse source
This commit is contained in:
iProbe 2022-10-18 16:59:37 +08:00
commit ba848e218d
1001 changed files with 152333 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

56
CloudNative/Docker/Docker启动异常处理.md Normal file
View file

@ -0,0 +1,56 @@
** docker使用overlay2无法启动 **
docker配置如下:
```bash
cat /etc/docker/daemon.json
```
```json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m",
"max-file": "3"
}
}
```
报错提示如下:
```
Mar 04 18:16:16 harbor.scm.360.back kernel: overlayfs: upper fs needs to support d_type.
Mar 04 18:16:16 harbor.scm.360.back dockerd[3726]: failed to start daemon: error initializing graphdriver: overlay2: the backing xfs filesystem is formatted without d_type support, which leads to incorrect behavior. Reformat the filesystem with ftype=1 to enable d_type support. Backing filesystems without d_type support are not supported.
Mar 04 18:16:16 harbor.scm.360.back systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE
Mar 04 18:16:16 harbor.scm.360.back systemd[1]: Failed to start Docker Application Container Engine.
-- Subject: Unit docker.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit docker.service has failed.
--
-- The result is failed.
```
使用命令
```
xfs_info /
```
打印的信息中
** ftype=0 **
除非重新格式化硬盘,不然无法使用
** 修改配置文件 **
```json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"storage-driver": "devicemapper",
"log-driver": "json-file",
"log-opts": {
"max-size": "100m",
"max-file": "3"
}
}
```

345
CloudNative/Docker/Docker安装配置.doc Normal file
View file

@ -0,0 +1,345 @@
Message-ID: <1350779792.5.1565776340845.JavaMail.root@IEX-SZI-MGT-ATLASSIAN>
Subject: Exported From Confluence
MIME-Version: 1.0
Content-Type: multipart/related;
boundary="----=_Part_4_448096307.1565776340836"
------=_Part_4_448096307.1565776340836
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Content-Location: file:///C:/exported.html
<html xmlns:o=3D'urn:schemas-microsoft-com:office:office'
xmlns:w=3D'urn:schemas-microsoft-com:office:word'
xmlns:v=3D'urn:schemas-microsoft-com:vml'
xmlns=3D'urn:w3-org-ns:HTML'>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8=
">
<title>Docker=E5=AE=89=E8=A3=85=E9=85=8D=E7=BD=AE</title>
<!--[if gte mso 9]>
<xml>
<o:OfficeDocumentSettings>
<o:TargetScreenSize>1024x640</o:TargetScreenSize>
<o:PixelsPerInch>72</o:PixelsPerInch>
<o:AllowPNG/>
</o:OfficeDocumentSettings>
<w:WordDocument>
<w:View>Print</w:View>
<w:Zoom>90</w:Zoom>
<w:DoNotOptimizeForBrowser/>
</w:WordDocument>
</xml>
<![endif]-->
<style>
<!--
@page Section1 {
size: 8.5in 11.0in;
margin: 1.0in;
mso-header-margin: .5in;
mso-footer-margin: .5in;
mso-paper-source: 0;
}
table {
border: solid 1px;
border-collapse: collapse;
}
table td, table th {
border: solid 1px;
padding: 5px;
}
td {
page-break-inside: avoid;
}
tr {
page-break-after: avoid;
}
div.Section1 {
page: Section1;
}
/* Confluence print stylesheet. Common to all themes for print medi=
a */
/* Full of !important until we improve batching for print CSS */
@media print {
#main {
padding-bottom: 1em !important; /* The default padding of 6em is to=
o much for printouts */
}
body {
font-family: Arial, Helvetica, FreeSans, sans-serif;
font-size: 10pt;
line-height: 1.2;
}
body, #full-height-container, #main, #page, #content, .has-personal-sid=
ebar #content {
background: #fff !important;
color: #000 !important;
border: 0 !important;
width: 100% !important;
height: auto !important;
min-height: auto !important;
margin: 0 !important;
padding: 0 !important;
display: block !important;
}
a, a:link, a:visited, a:focus, a:hover, a:active {
color: #000;
}
#content h1,
#content h2,
#content h3,
#content h4,
#content h5,
#content h6 {
font-family: Arial, Helvetica, FreeSans, sans-serif;
page-break-after: avoid;
}
pre {
font-family: Monaco, "Courier New", monospace;
}
#header,
.aui-header-inner,
#navigation,
#sidebar,
.sidebar,
#personal-info-sidebar,
.ia-fixed-sidebar,
.page-actions,
.navmenu,
.ajs-menu-bar,
.noprint,
.inline-control-link,
.inline-control-link a,
a.show-labels-editor,
.global-comment-actions,
.comment-actions,
.quick-comment-container,
#addcomment {
display: none !important;
}
/* CONF-28544 cannot print multiple pages in IE */
#splitter-content {
position: relative !important;
}
.comment .date::before {
content: none !important; /* remove middot for print view */
}
h1.pagetitle img {
height: auto;
width: auto;
}
.print-only {
display: block;
}
#footer {
position: relative !important; /* CONF-17506 Place the footer at en=
d of the content */
margin: 0;
padding: 0;
background: none;
clear: both;
}
#poweredby {
border-top: none;
background: none;
}
#poweredby li.print-only {
display: list-item;
font-style: italic;
}
#poweredby li.noprint {
display: none;
}
/* no width controls in print */
.wiki-content .table-wrap,
.wiki-content p,
.panel .codeContent,
.panel .codeContent pre,
.image-wrap {
overflow: visible !important;
}
/* TODO - should this work? */
#children-section,
#comments-section .comment,
#comments-section .comment .comment-body,
#comments-section .comment .comment-content,
#comments-section .comment p {
page-break-inside: avoid;
}
#page-children a {
text-decoration: none;
}
/**
hide twixies
the specificity here is a hack because print styles
are getting loaded before the base styles. */
#comments-section.pageSection .section-header,
#comments-section.pageSection .section-title,
#children-section.pageSection .section-header,
#children-section.pageSection .section-title,
.children-show-hide {
padding-left: 0;
margin-left: 0;
}
.children-show-hide.icon {
display: none;
}
/* personal sidebar */
.has-personal-sidebar #content {
margin-right: 0px;
}
.has-personal-sidebar #content .pageSection {
margin-right: 0px;
}
.no-print, .no-print * {
display: none !important;
}
}
-->
</style>
</head>
<body>
<h1>Docker=E5=AE=89=E8=A3=85=E9=85=8D=E7=BD=AE</h1>
<div class=3D"Section1">
<p>=E7=8E=AF=E5=A2=83=EF=BC=9A</p>
<p>&nbsp; &nbsp; &nbsp; &nbsp; CentOS&nbsp;7.3 x64</p>
<p><br></p>
<h3 id=3D"Docker=E5=AE=89=E8=A3=85=E9=85=8D=E7=BD=AE-=E5=8D=B8=E8=BD=BD=E6=
=97=A7=E7=89=88Docker">=E5=8D=B8=E8=BD=BD=E6=97=A7=E7=89=88Docker</h3>
<div class=3D"code panel pdl" style=3D"border-width: 1px;">=20
<div class=3D"codeHeader panelHeader pdl hide-border-bottom">=20
<b class=3D"code-title"></b>=20
<span class=3D"collapse-source expand-control" style=3D"display:none;"><spa=
n class=3D"expand-control-icon icon">&nbsp;</span><span class=3D"expand-con=
trol-text">=E5=B1=95=E5=BC=80=E6=BA=90=E7=A0=81</span></span>=20
<span class=3D"collapse-spinner-wrapper"></span>=20
</div>=20
<div class=3D"codeContent panelContent pdl hide-toolbar">=20
<pre class=3D"syntaxhighlighter-pre" data-syntaxhighlighter-params=3D"brush=
: bash; gutter: true; theme: Confluence; collapse: true" data-theme=3D"Conf=
luence">yum -y remove docker docker-client docker-client-latest docker-comm=
on docker-latest docker-latest-logrotate docker-logrotate docker-selinux do=
cker-engine-selinux docker-engine</pre>=20
</div>=20
</div>
<h3 class=3D"auto-cursor-target" id=3D"Docker=E5=AE=89=E8=A3=85=E9=85=8D=E7=
=BD=AE-=E5=AE=89=E8=A3=85=E5=BF=85=E8=A6=81=E4=BE=9D=E8=B5=96=E5=8C=85">=E5=
=AE=89=E8=A3=85=E5=BF=85=E8=A6=81=E4=BE=9D=E8=B5=96=E5=8C=85</h3>
<div class=3D"code panel pdl" style=3D"border-width: 1px;">=20
<div class=3D"codeHeader panelHeader pdl hide-border-bottom">=20
<b class=3D"code-title"></b>=20
<span class=3D"collapse-source expand-control" style=3D"display:none;"><spa=
n class=3D"expand-control-icon icon">&nbsp;</span><span class=3D"expand-con=
trol-text">=E5=B1=95=E5=BC=80=E6=BA=90=E7=A0=81</span></span>=20
<span class=3D"collapse-spinner-wrapper"></span>=20
</div>=20
<div class=3D"codeContent panelContent pdl hide-toolbar">=20
<pre class=3D"syntaxhighlighter-pre" data-syntaxhighlighter-params=3D"brush=
: bash; gutter: true; theme: Confluence; collapse: true" data-theme=3D"Conf=
luence">yum install -y yum-utils device-mapper-persistent-data lvm2</pre>=
=20
</div>=20
</div>
<h3 class=3D"auto-cursor-target" id=3D"Docker=E5=AE=89=E8=A3=85=E9=85=8D=E7=
=BD=AE-=E6=B7=BB=E5=8A=A0yum=E6=BA=90">=E6=B7=BB=E5=8A=A0yum=E6=BA=90</h3>
<div class=3D"code panel pdl" style=3D"border-width: 1px;">=20
<div class=3D"codeHeader panelHeader pdl hide-border-bottom">=20
<b class=3D"code-title"></b>=20
<span class=3D"collapse-source expand-control" style=3D"display:none;"><spa=
n class=3D"expand-control-icon icon">&nbsp;</span><span class=3D"expand-con=
trol-text">=E5=B1=95=E5=BC=80=E6=BA=90=E7=A0=81</span></span>=20
<span class=3D"collapse-spinner-wrapper"></span>=20
</div>=20
<div class=3D"codeContent panelContent pdl hide-toolbar">=20
<pre class=3D"syntaxhighlighter-pre" data-syntaxhighlighter-params=3D"brush=
: bash; gutter: true; theme: Confluence; collapse: true" data-theme=3D"Conf=
luence">yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/l=
inux/centos/docker-ce.repo</pre>=20
</div>=20
</div>
<h3 class=3D"auto-cursor-target" id=3D"Docker=E5=AE=89=E8=A3=85=E9=85=8D=E7=
=BD=AE-=E5=AE=89=E8=A3=85Docker-ce">=E5=AE=89=E8=A3=85Docker-ce</h3>
<div class=3D"code panel pdl" style=3D"border-width: 1px;">=20
<div class=3D"codeHeader panelHeader pdl hide-border-bottom">=20
<b class=3D"code-title"></b>=20
<span class=3D"collapse-source expand-control" style=3D"display:none;"><spa=
n class=3D"expand-control-icon icon">&nbsp;</span><span class=3D"expand-con=
trol-text">=E5=B1=95=E5=BC=80=E6=BA=90=E7=A0=81</span></span>=20
<span class=3D"collapse-spinner-wrapper"></span>=20
</div>=20
<div class=3D"codeContent panelContent pdl hide-toolbar">=20
<pre class=3D"syntaxhighlighter-pre" data-syntaxhighlighter-params=3D"brush=
: bash; gutter: true; theme: Confluence; collapse: true" data-theme=3D"Conf=
luence">yum makecache fast
yum install docker-ce</pre>=20
</div>=20
</div>
<h3 class=3D"auto-cursor-target" id=3D"Docker=E5=AE=89=E8=A3=85=E9=85=8D=E7=
=BD=AE-=E5=90=AF=E5=8A=A8Docker">=E5=90=AF=E5=8A=A8Docker</h3>
<div class=3D"code panel pdl" style=3D"border-width: 1px;">=20
<div class=3D"codeHeader panelHeader pdl hide-border-bottom">=20
<b class=3D"code-title"></b>=20
<span class=3D"collapse-source expand-control" style=3D"display:none;"><spa=
n class=3D"expand-control-icon icon">&nbsp;</span><span class=3D"expand-con=
trol-text">=E5=B1=95=E5=BC=80=E6=BA=90=E7=A0=81</span></span>=20
<span class=3D"collapse-spinner-wrapper"></span>=20
</div>=20
<div class=3D"codeContent panelContent pdl hide-toolbar">=20
<pre class=3D"syntaxhighlighter-pre" data-syntaxhighlighter-params=3D"brush=
: bash; gutter: true; theme: Confluence; collapse: true" data-theme=3D"Conf=
luence">systemctl enable docker
systemctl start docker</pre>=20
</div>=20
</div>
<h3 class=3D"auto-cursor-target" id=3D"Docker=E5=AE=89=E8=A3=85=E9=85=8D=E7=
=BD=AE-=E6=9F=A5=E7=9C=8BDocker=E7=89=88=E6=9C=AC">=E6=9F=A5=E7=9C=8BDocker=
=E7=89=88=E6=9C=AC</h3>
<div class=3D"code panel pdl" style=3D"border-width: 1px;">=20
<div class=3D"codeHeader panelHeader pdl hide-border-bottom">=20
<b class=3D"code-title"></b>=20
<span class=3D"collapse-source expand-control" style=3D"display:none;"><spa=
n class=3D"expand-control-icon icon">&nbsp;</span><span class=3D"expand-con=
trol-text">=E5=B1=95=E5=BC=80=E6=BA=90=E7=A0=81</span></span>=20
<span class=3D"collapse-spinner-wrapper"></span>=20
</div>=20
<div class=3D"codeContent panelContent pdl hide-toolbar">=20
<pre class=3D"syntaxhighlighter-pre" data-syntaxhighlighter-params=3D"brush=
: bash; gutter: true; theme: Confluence; collapse: true" data-theme=3D"Conf=
luence">docker version</pre>=20
</div>=20
</div>
<p><br></p>
</div>
</body>
</html>
------=_Part_4_448096307.1565776340836--

BIN
CloudNative/Docker/Docker监控.docx Normal file
View file

Binary file not shown.

2
CloudNative/Docker/Namespace和Cgroup.md Normal file
View file

@ -0,0 +1,2 @@
Namespace 的作用是“隔离”,它让应用进程只能看到该 Namespace 内的“世界”;
Cgroups 的作用是“限制”,它给这个“世界”围上了一圈看不见的墙

17
CloudNative/Docker/cgroup限制cpu Normal file
View file

@ -0,0 +1,17 @@
cgroup用来管理linux下的cpu资源使用cgroup可以很好的限制程序的资源使用情况下面是对cgroup限制程序cpu使用情况的一些介绍
1、首先构造一个占用cpu资源的程序
echo 'while True:pass'|python &
使用top命令可以看到该进程CPU使用达到90%以上
2、进入到/sys/fs/cgroup/cpu目录下创建一个文件夹例如test
3、进入到test文件夹下会看到已自动创建了一些文件此时输入
echo 50000 > cpu.cfs_quota_us
echo 1741 > tasks
会使得把1741进程的cpu占用时间比例降到50%。使用top命令可以确认查看该设置是否成功。

148
CloudNative/Docker/docker-compose相关.md Normal file
View file

@ -0,0 +1,148 @@
常用命令
```
docker-compose up -d nginx 构建建启动nignx容器
docker-compose exec nginx bash 登录到nginx容器中
docker-compose down 删除所有nginx容器,镜像
docker-compose ps 显示所有容器
docker-compose restart nginx 重新启动nginx容器
docker-compose run --no-deps --rm php-fpm php -v 在php-fpm中不启动关联容器并容器执行php -v 执行完成后删除容器
docker-compose build nginx 构建镜像 。
docker-compose build --no-cache nginx 不带缓存的构建。
docker-compose logs nginx 查看nginx的日志
docker-compose logs -f nginx 查看nginx的实时日志
docker-compose config -q 验证docker-compose.yml文件配置当配置正确时不输出任何内容当文件配置错误输出错误信息。
docker-compose events --json nginx 以json的形式输出nginx的docker日志
docker-compose pause nginx 暂停nignx容器
docker-compose unpause nginx 恢复ningx容器
docker-compose rm nginx 删除容器(删除前必须关闭容器)
docker-compose stop nginx 停止nignx容器
docker-compose start nginx 启动nignx容器
```
## yaml官方示例解析
```
version: "3.7"
services:
## 使用已有镜像redis:alpine
redis:
image: redis:alpine
ports:
- "6379"
networks:
- frontend
deploy:
replicas: 2
update_config:
parallelism: 2
delay: 10s
restart_policy:
condition: on-failure
db:
image: postgres:9.4
volumes:
- db-data:/var/lib/postgresql/data
networks:
- backend
deploy:
placement:
constraints: [node.role == manager]
vote:
image: dockersamples/examplevotingapp_vote:before
ports:
- "5000:80"
networks:
- frontend
depends_on:
- redis
deploy:
replicas: 2
update_config:
parallelism: 2
restart_policy:
condition: on-failure
result:
image: dockersamples/examplevotingapp_result:before
ports:
- "5001:80"
networks:
- backend
depends_on:
- db
deploy:
replicas: 1
update_config:
parallelism: 2
delay: 10s
restart_policy:
condition: on-failure
worker:
image: dockersamples/examplevotingapp_worker
networks:
- frontend
- backend
deploy:
mode: replicated
replicas: 1
labels: [APP=VOTING]
restart_policy:
condition: on-failure
delay: 10s
max_attempts: 3
window: 120s
placement:
constraints: [node.role == manager]
visualizer:
image: dockersamples/visualizer:stable
ports:
- "8080:8080"
stop_grace_period: 1m30s
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
deploy:
placement:
constraints: [node.role == manager]
networks:
frontend:
backend:
volumes:
db-data:
```
### 说明:
#### 容器不仅可以使用已有的镜像构建还可以使用Dockerfile
```
## Dockerfile所在目录可以是相对路径也可以是绝对路径
build: /path/to/dir
build: ./dir
build:
context: ../
dockerfile: path/of/Dockerfile
```
####

BIN
CloudNative/Docker/docker_ Error response from daemon_ error creating.docx Normal file
View file

Binary file not shown.

19
CloudNative/Docker/docker多容器共享网络.md Normal file
View file

@ -0,0 +1,19 @@
1、创建网络
```
docker network create -d bridge mynet
```
2、启动容器nginx
```
docker run -d --name=nginx --network mynet --network-alias nginx -p 80:80 -v /usr/local/nginx/nginx.conf:/etc/nginx/nginx.conf -v /usr/local/nginx/html:/usr/share/nginx/html nginx
```
3、启动容器php
```
docker run -d --name=php --network mynet --network-alias php -v /data/www:/usr/local/nginx/html php
```
4、nginx容器pingphp
```
docker exec -it nginx ping php
```

18
CloudNative/Docker/docker容器指定ip.md Normal file
View file

@ -0,0 +1,18 @@
默认的bridge网络不支持指定IP地址
```
# docker run -itd --net bridge --ip 172.17.0.10 centos:latest /bin/bash
6eb1f228cf308d1c60db30093c126acbfd0cb21d76cb448c678bab0f1a7c0df6
docker: Error response from daemon: User specified IP address is supported on user defined networks only.
```
需要自定义网络
```
docker network create --subnet=172.18.0.0 /16 mynetwork
```
查看网络
```
docker network list
```
指定ip
```
docker run -itd --name networkTest1 --net mynetwork --ip 172.18.0.2 centos:latest /bin/bash
```

14
CloudNative/Docker/docker清理镜像.md Normal file
View file

@ -0,0 +1,14 @@
```
## 清理tag为none的镜像
docker rmi $(docker images -f "dangling=true" -q)
```
```
## 清理不再使用的镜像
docker image prune -a --force
```
```
## 清理两天未使用的镜像
docker image prune -a --force --filter "until=48h"
```

BIN
CloudNative/Docker/docker监控方案的最佳实践(cadvisor+influxdb+grafana).docx Normal file
View file

Binary file not shown.

6
CloudNative/Docker/dumb-init.md Normal file
View file

@ -0,0 +1,6 @@
容器化环境中往往直接运行应用程序而缺少初始化系统如systemd、sysvinit等。这可能需要应用程序来处理系统信号接管子进程进而导致容器无法停止、产生僵尸进程等问题。dumb-init旨在模拟初始化系统功能避免上述问题的发生。
```
### 举例
docker run quay.io/gravitational/debian-tall /usr/bin/dumb-init /bin/sh -c "sleep 10000"
```
除了在容器中使用之外dumb-init也可以直接在shell脚本中使用。使用dumb-init作为shell的父进程可以解决shell创建的子进程优雅退出问题

11
CloudNative/Docker/一些基本命令.md Normal file
View file

@ -0,0 +1,11 @@
#### 查看docker进程宿主机上的真实pid
docker inspect --format '{{.State.Pid}}' containerID
#### 查看容器挂载的volume id等信息
docker volume ls
#### 查看镜像构建历史
docker history cid
#### 查看镜像构建历史展开CREATED BY 列)
docker history cid --no-trunc

BIN
CloudNative/Docker/构建docker应用时,push镜像失败.docx Normal file
View file

Binary file not shown.

3
CloudNative/Docker/查看docker容器的进程id.md Normal file
View file

@ -0,0 +1,3 @@
```
docker inspect -f '{{.State.Pid}} {{.Id}}' $(docker ps -a -q)
```

8
CloudNative/Docker/生产进入docker容器 Normal file
View file

@ -0,0 +1,8 @@
# 宿主机安装util-linux
yum -y install util-linux
# 获取容器pid
docker inspect --format "{{.State.Pid}}" 容器ID
# 进入容器
nsenter --target 容器pid --mount --uts --ipc --net --pid