[ TOC]
CentOS7: The default Docker installation directory and configuration file
# Systemctl startup item parameters
/etc/systemd/system/docker.service
/usr/lib/systemd/system/docker.service
# Docker metadata directory
/var/lib/docker
# Docker Deamon startup items
/etc/sysconfig/docker
# Docker daemon.json parameters
/etc/docker/daemon.json
/root/.docker/config.json
Ubuntu: Docker installed by snap
# Global configuration
/var/snap/docker
/var/snap/docker/current/ #Docker startup configuration
config/ etc/ run/
# User configuration
/root/snap/docker
Description: By default, the storage location of Docker is /var/lib/docker
, and the specific location can be checked through sudo docker info | grep "Docker Root Dir"
.
Method 1: Realize through soft connection. When starting Docker, it is found that the storage directory is still /var/lib/docker
but it is actually stored in the data disk (capacity change).
systemctl stop docker
# Way 1.Soft connection
mv /var/lib/docker /disk/docker
ln -s /disk/docker /var/lib/docker #Target soft link
# Way 2.Package the docker directory
sudo tar -czvf /usr/docker.tar.gz docker/
cd /disk/&& sudo tar -xzvf docker.tar.gz
Method 2: Change the storage path of the image and container, that is, we need to modify the configuration file to specify the startup parameters. The parameter to specify the storage path of the image and container is --graph=/var/lib/docker
, because it is in docker.service Load the following into the environment variables, the last picture can be clear (the following several ways can be regarded as one)
#(1) note:Similarities and differences of release version,Restart after modification
Ubuntu:/etc/default/docker
OPTIONS='--graph="/disk/docker" -H fd://' #Or DOCKER_OPTS="-g /disk/docker"
CentOS6:/etc/sysconfig/docker
OPTIONS='--graph="/disk/docker" --selinux-enabled -H fd://'
#(2) Configuration file location(Not recommended this way)
# /usr/lib/docker-storage-setup/docker-storage-setup or/etc/sysconfig/docker-storage-setup、/etc/sysconfig/docker-storage
DOCKER_STORAGE_OPTIONS=--graph="Path to save"
# Restrictive default value, such as 100GB maximum storage space.
DATA_SIZE=800GB #Change docker default storage size
# In fact, relying on the loading of the following files, we can directly specify the storage location of the docker hang in the ExecStart startup, so it is regarded as a modification method);
CentOS7:/usr/lib/systemd/system/docker.service
EnviromentFile=-/etc/sysconfig/docker
Environment=GRAPH=/disk/docker
ExecStart=/usr/bin/dockerd --graph=/disk/docker $GRAPH $OPTIONS
systemctl daemon-reload #reload configuration file
systemctl restart docker.service #Restart docker
WeiyiGeek.docker
Method 4: If docker is version 1.12 or above, you can modify (or create a new) /etc/docker/daemon.json
file
The advantages of this method will take effect immediately after the modification, without restarting the docker service.
vim /etc/docker/daemon.json
{" registry-mirrors":["http://7e61f7f9.m.daocloud.io"],"graph":"/disk/docker"}
Description: In addition to docker image taking up a lot of disk space for a long time, writing a lot of logs when the container is running is also a headache, and the business will be down at any time without any monitoring warning (at least I have encountered 1 Times).
By default (JSON File logging drive), Docker captures the standard output (and standard error) of all containers and writes it to a file in JSON format. For the application's standard output (stdout) log, Docker Daemon is running this container A goroutine will be created at the time, responsible for the standard output log.
Since this goroutine is bound to the standard output file descriptor of all processes in the entire container
, all standard output logs applied in the container will be received by the goroutine and written to the log file corresponding to this container, that is, the log file is located /var/lib/docker/containers/<container_id> /The file name is -json.log
Docker provides users with a log interface through the docker logs command. The essence of its implementation principle is based on the one-to-one correspondence with the container -json.log, (kubectl logs is similar
)
WeiyiGeek.goroutine
Several solutions for excessive log files:
# docker storage-When the driver is overlay2, limit the disk space that a single container can occupy
- 1. xfs, the linux file system CentOS 7, the default file system changed from the original EXT4 to the XFS file system
- 2. pquot(project quotas )SystemXFS supports setting disk quotas by users, groups and projects. Project disk quotas allow you to limit the amount of disk space on a single directory hierarchy.
# Specify the file system type when mounting, use-o enbale project quotas
mount –o prjquota /dev/xvdb1 /xfs
# Limited project=test/data directory soft limit=5M hard limit=6M
xfs_quota –x –c 'limit –p bsoft=5m bhard=6m test'/data
docker system df -v
to list the disk space occupied by each container. When the current size exceeds a certain threshold, you can associate the container id with application information according to the container id Up) delete it(1) Images space usage:
REPOSITORY TAG IMAGE ID CREATED SIZE SHARED SIZE UNIQUE SIZE CONTAINERS
onlyoffice/documentserver latest d06214a03e27 2 months ago 2.145GB 0B 2.145GB 1(2)Containers space usage:
CONTAINER ID IMAGE COMMAND LOCAL VOLUMES SIZE CREATED STATUS NAMES
d415211e52da onlyoffice/documentserver "/bin/sh -c /app/ds/…"6 986MB 4 weeks ago Up 3 days onlyoffice(4)Local Volumes space usage:
VOLUME NAME LINKS SIZE
a4974599165f539b98fd57fc53ccc073a7e8cdf4cd36cbc5e349fb8d4f6a1325 02.51MB(5)Build cache usage: 0B
CACHE ID CACHE TYPE SIZE CREATED LAST USED USAGE SHARED
Practical solution:
# Example 1.Empty stopped containers and volumes including logs/container/The internet/Mirror(To free up space-尽量在缺订需要的container)
docker system prune -af
# Deleted Containers:
# 9 c8a4f60ad62cee63c7d5b48041e29363ee4f839aedb2cec9a76df3e6ccda2e8
# 2 d5cca572c06e11a6a2005cd46d154b71bad151610ce074424a32850aedb2b39
# 8 c78c868d29285afeb00eb617d0a8e3280b6da2f69bf8dd42e04a8e334d3ae22
# Deleted Networks:
# blog_default
# Deleted Images:
# untagged: snipe/snipe-it:latest
# untagged: snipe/[email protected]:7a61e8a407490b9e99c758a18ba814c10fe55f1465e036bfd1ee5445537c7661
# Total reclaimed space:1.096GB
# Example 2./etc/docker/daemon.The modification of this option in the container created by json [restart daemon] cannot take effect,Only valid for newly created containers;"log-driver":"json-file","log-opts":{"max-size":"500m","max-file":"3"}
docker inspect -f '{{.HostConfig.LogConfig}}' test1
# { json-file map[max-file:10 max-size:2m]}
more /var/lib/docker/containers/25d2d645bfc9e6530039d6aac890f69dd9af33f8f966adc2d7287b74964678e3/25d2d645bfc9e6530039d6aac890f69dd9af33f8f966adc2d7287b74964678e3-json.log
# {" log":"Mem: 3164836K used, 696576K free, 45448K shrd, 2104K buff, 1633504K cached\n","stream":"stdout","time":"2020-06-18T03:34:33.738111441Z"}
# {" log":"CPU: 0% usr 0% sys 0% nic 100% idle 0% io 0% irq 0% sirq\n","stream":"stdout","time":"2020-06-18T03:34:33.73833528Z"}
# {" log":"Load average: 0.16 0.20 0.19 1/639 5\n","stream":"stdout","time":"2020-06-18T03:34:33.738342617Z"}
# Example 3.Set the disk space that each container can use to 1G:
{" data-root":"/data/docker","storage-driver":"overlay2","storage-opts":["overlay2.override_kernel_check=true","overlay2.size=1G"],}
# Example 4.Clean up log files
# By rm-If rf or file manager deletes a file, it will unlink from the directory structure of the file system. The premise is that the container is stopped. Otherwise, if the file is occupied by the process, the disk space will always be occupied.
cat /dev/null>/var/lib/docker/containers/<container_id>/containerid-json.log
Answer: We need to make changes in the docker.service configuration file and add -H tcp://0.0.0.0:2375
to the startup parameters of dockerd
# Modify startup parameters
nano /usr/lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd -H fd://--containerd=/run/containerd/containerd.sock -H tcp://0.0.0.0:2375
# Reload the daemon and restart docker
systemctl daemon-reload
systemctl restart docker
# Check the monitoring situation
netstat -tlnp
# Active Internet connections(only servers)
# Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
# tcp6 00:::2375:::* LISTEN 11389/dockerd
# Simple authentication remote access
curl http://127.0.0.1:2375/containers/json | jq
[{" Id":"25d2d645bfc9e6530039d6aac890f69dd9af33f8f966adc2d7287b74964678e3","Names":["/test1"],"Image":"test1","ImageID":"sha256:5ec0e2b89f7aadb6178c17b3db73aba2e209f9556a436562de7f32b077b776bd","Command":"top -b -d 2","Created":1592451272,"Ports":[],"Labels":{"Author":"WeiyiGeek","Description":"Test Dockerfile"},"State":"running","Status":"Up 35 minutes","HostConfig":{"NetworkMode":"default"},"NetworkSettings":{"Networks":{"bridge":{"IPAMConfig":null,"Links":null,"Aliases":null,"NetworkID":"257f6a8500710d76efba6a1c9be8c0f10b4308afb481baf1e9ba77cf98f596bd","EndpointID":"ac4518815359da7b8182167dfeeec728c0ea51accd1736719005f1596797e944","Gateway":"172.17.0.1","IPAddress":"172.17.0.2","IPPrefixLen":16,"IPv6Gateway":"","GlobalIPv6Address":"","GlobalIPv6PrefixLen":0,"MacAddress":"02:42:ac:11:00:02","DriverOpts":null}}},"Mounts":[]}]
WeiyiGeek.Dockerd-TCP
Description: Recommended method 2 and 3 for the running container to modify its mapping port;
The simplest solution, often use it in a test environment
)docker commit
to commit the file changes and configuration information of a container to a new image, and then use this new image to restart a container. The advantage of this method is that this method will not affect [Su Host] (https://cloud.tencent.com/product/cdh?from=10680) other containers have any impact; docker stop container01 docker commit container01 new_image:tag docker run --name container02 -p 80:80 new_image:tag$nano /var/lib/docker/containers/d415211e52da6ca66aeee3c81b38be609ffac59522b06e0ff9fa253e29fa441a/hostconfig.json
# Set the port to be mapped according to the following json format
" PortBindings":{"443/tcp":[{"HostIp":"","HostPort":"9000"}],"80/tcp":[{"HostIp":"","HostPort":"9001"}]}
$systemctl restart docker
$docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d415211e52da onlyoffice/documentserver "/bin/sh -c /app/ds/…"43 minutes ago Up 14 seconds 0.0.0.0:9001->80/tcp,0.0.0.0:9000->443/tcp onlyoffice
Answer: The local resources related to Docker are stored in the /var/lib/docker/ directory by default, and the overlay2 file system is taken as an example by default
The container directory stores container information, the graph directory stores image information, and the aufs directory stores specific image layer files.
$ll /var/lib/docker/image/overlay2/distribution/diffid-by-digest/sha256/
Total amount 16-rw-r--r--1 root root 716 months 415:15 3c78d525c5d6e0101e4f53d5e4ee827c838b9d346f44e40db49c66638040d980
- rw-r--r--1 root root 716 months 415:15 44559339aea968e196d4930b3d79068926964f415c0fccd3e1b197a5dd928ee7
Answer: Customize the establishment of a fixed subnet for network settings and a fixed IP of the container
$ docker network create -d bridge --subnet 172.25.0.0/16 my-net
$ docker run --network=my-net --ip=172.25.3.3-itd --name=my-container busybox
Description: Modify the operation process related to the newly mounted path in the created image or the running container;
The process is as follows:
#1. Stop the docker container and service
sudo docker stop $(docker ps -a | awk '{ print $1}'| tail -n +2)
sudo service docker stop
#2. Backup container configuration file
cd /var/lib/docker/containers/de9c6501cdd3
cp hostconfig.json{,.bak}
cp config.v2.json{,.bak}
#3. Modify the configuration path before the colon of hostconfig
cat -n hostconfig.json | grep -C 5"Binds"
#4. Modify the source configuration path of config
cat config.v2.json
" MountPoints":{"/etc/mysql/my.cnf":{"Source":"/home/server/mysql/conf/my.cnf","Destination":"/etc/mysql/my.cnf","RW":true,"Name":"","Driver":"","Relabel":"","Propagation":"rprivate","Named":false,"ID":""},....
#5. Then start the docker service
Description: Docker deleted the relevant network namespace files in the /var/run/netns directory on the host host after creating the container.
Therefore, the network namespace of the container cannot be seen or accessed on the host host.
# The following operations can view and set the network namespace
$ docker inspect --format='{{. State.Pid}} ' $container_id #Get the container process ID
1234
$ sudo ln -s /proc/1234/ns/net /var/run/netns/ #Link the corresponding network namespace file in the proc directory to/var/run/netns directory.
# Then, you can see the network namespace information of the container on the host host. E.g**
$ sudo ip netns show
1234
# Set the namespace of the operation container
$ sudo ip netns exec 1234 ifconfig eth0 172.17.0.100/16
$ sudo rm -rf /var/lib/docker
#Note that this operation will remove all Docker local data, including images and containers.
Report error problem 0: requires containerd.io >= 1.2.2-3, but none of the providers can be installed
Environment: CentOS 8 1911 (Core)
Error problem:
package docker-ce-3:18.09.9-3.el7.x86_64 requires containerd.io >=1.2.2-3, but none of the providers can be installed
- conflicting requests
- package containerd.io-1.2.10-3.2.el7.x86_64 is excluded
- package containerd.io-1.2.13-3.1.el7.x86_64 is excluded
- package containerd.io-1.2.2-3.3.el7.x86_64 is excluded
- package containerd.io-1.2.2-3.el7.x86_64 is excluded
- package containerd.io-1.2.4-3.1.el7.x86_64 is excluded
- package containerd.io-1.2.5-3.1.el7.x86_64 is excluded
- package containerd.io-1.2.6-3.3.el7.x86_64 is excluded(Try to add'--skip-broken'To skip packages that cannot be installed or'--nobest'Not only use the best choice of software packages)
Solution:
yum install -y wget
wget https://download.docker.com/linux/centos/7/x86_64/edge/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm
yum install -y containerd.io-1.2.6-3.3.el7.x86_64.rpm
yum install docker-ce docker-ce-cli
Error question 1: Error running DeviceCreate (createSnapDevice) dm_task_run failed
Error message:
docker:Error running DeviceCreate(createSnapDevice) dm_task_run failed
Solution: Rebuild the resource pool metadata, https://stackoverflow.com/questions/30719896/docker-dm-task-run-failed-error
# Different installation paths may be different
service docker stop
thin_check /var/lib/docker/devicemapper/devicemapper/metadata
thin_check --clear-needs-check-flag /var/lib/docker/devicemapper/devicemapper/metadata
service docker start
Error question 2: Error response from daemon: devmapper: Error mounting: invalid argument
Error message:
docker start e7e
Error response from daemon: devmapper: Error mounting '/dev/mapper/docker-253:4-11534337-ee772425c4996ca581e5c234806adf41aede9424a83ce1402596105a9f66434d' on '/export/docker/devicemapper/mnt/ee772425c4996ca581e5c234806adf41aede9424a83ce1402596105a9f66434d': invalid argument
The reason for the error: The container was created when selinux was enabled. Then modified /etc/selinux/config to selinux as disabled.
After the physical machine is restarted, selinux is in the closed state, the container originally created when selinux is enabled cannot start and report this error.
Repair method:
There are two main types:
1. You can reset selinux to enable and restart the physical machine to fix it.
2. Modify the configuration of the container, for example, the configuration of my container is/var/lib/docker/containers/e7ef71494940ba293be4b3f74198bf34835c35537810053b051d9a6c33adbd32/config.v2.json file. Among them"MountLabel":"system_u:object_r:svirt_sandbox_file_t:s0:c12,c257","ProcessLabel":"system_u:system_r:svirt_lxc_net_t:s0:c12,c257"Rework and modify to"MountLabel":"","ProcessLabel":"", And then restart the docker daemon, the container can be repaired.
Error question 3: Error response from daemon: devmapper: Thin Pool has 155398 free data blocks which is less than minimum required 163840 free data blocks.
Error message:
/usr/bin/docker-current: Error response from daemon: devmapper: Thin Pool has 155398 free data blocks which is less than minimum required 163840 free data blocks. Create more free space in thin pool or use dm.min_free_space option to change behavior
Solution:
sudo docker rm $(sudo docker ps -q -f status=exited)
sudo docker volume rm $(sudo docker volume ls -qf dangling=true)
sudo docker rmi $(sudo docker images --filter "dangling=true"-q --no-trunc)
Error question 4: [graphdriver] prior storage driver \”devicemapper\” failed: devmapper: Base Device UUID and Filesystem verification failed: devmapper: Current Base Device
Operating environment: CentOS 7.3.1611, Docker Version 1.12.6-16.el7.centis.x86_64, API 1.24;
Error message:
# Docker startup error
docker.service - Docker Application Container Engine
Loaded:loaded(/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Drop-In:/usr/lib/systemd/system/docker.service.d
└─flannel.conf
Process:5226 ExecStart=/usr/bin/dockerd-current --add-runtime docker-runc=/usr/libexec/docker/docker-runc-current --default-runtime=docker-runc --exec-opt native.cgroupdriver=systemd --userland-proxy-path=/usr/libexec/docker/docker-proxy-current $OPTIONS $DOCKER_STORAGE_OPTIONS $DOCKER_NETWORK_OPTIONS $ADD_REGISTRY $BLOCK_REGISTRY $INSECURE_REGISTRY(code=exited, status=1/FAILURE)
Main PID:5226(code=exited, status=1/FAILURE)
# Key point of error
dockerd-current[5226]: time="..." level=info msg="libcontainerd: new containerd process, pid: 5238"
dockerd-current[5226]: time="..." level=warning msg="devmapper: Usage of loopback devices is strongly discouraged for production use. Please use `--storage-opt dm.thinpooldev` or use `man docker` to refer to dm.thinpooldev section."
node-198 dockerd-current[5226]: time="2020-01-18T17:00:27.872191345+08:00" level=error msg="[graphdriver] prior storage driver \"devicemapper\" failed: devmapper: Base Device UUID and Filesystem verification failed: devmapper: Current Base Device UUID:59df6192-df22-4d88-9e90-02755e7e3242 does not match with stored UUID:24907e3f-5114-4948-91ea-c1a4e92854ef. Possibly using a different thin pool than last invocation"
node-198 dockerd-current[5226]: time="2020-01-18T17:00:27.872410561+08:00" level=fatal msg="Error starting daemon: error initializing graphdriver: devmapper: Base Device UUID and Filesystem verification failed: devmapper: Current Base Device UUID:59df6192-df22-4d88-9e90-02755e7e3242 does not match with stored UUID:24907e3f-5114-4948-91ea-c1a4e92854ef. Possibly using a different thin pool than last invocation"
The cause of the error: Since the Metadata disk storing Docker was mounted, the storage was abnormally shut down during a certain shutdown. After the solution was resolved, the machine was mounted on the remote NFS disk. After the mounting, the UUID of the disk changed, resulting in the loopback. The method cannot connect to the storage pool of Docker's DeviceMapper;
Solution: Check the actual uuid of loop0 and modify the UUID in deviceset-metadata
# View system disk UUID
$ls -alh /dev/disk/by-uuid
$blkid
#59 df6192-df22-4d88-9e90-02755e7e3242
# Conventional path
/var/lib/docker/devicemapper/metadata/deviceset-metadata
# Custom path
/disk/docker/devicemapper/metadata/deviceset-metadata
# Content settings
{" next_device_id":1,"BaseDeviceUUID":"59df6192-df22-4d88-9e90-02755e7e3242","BaseDeviceFilesystem":"xfs"}
Precautions:
aufs/Device mapper/btrfs/overlayfs and zfs
, and both use the copy-on-write (CoW) technology, but aufs is not supported by default on CentOS;Error message 5: Usage of loopback devices is strongly discouraged for production use
# docker info or can be seen at startup
WARNING: Usage of loopback devices is strongly discouraged for production use
Reason for error: It is strongly not recommended to run docker in loopback mode;
Solution:
# Way 1:Add Docker in the Docker startup item_STORAGE_OPTIONS(Not recommended,Just ignore the warning)
DOCKER_STORAGE_OPTIONS="--storage-opt dm.no_warn_on_loop_devices=true"
# Method 2: When the docker daemon is started, add the metadata storage of the device mapper and the mirror data storage of the docker to select independent block devices, either lvm or independent disk partitions
- - storage-opt dm.datadev=/dev/xxxx --storage-opt dm.metadatadev=/dev/xxx
WeiyiGeek. Solution
Error message 6: Socket/TCP of Docker Deamon service cannot be connected
#1. start up/Stop docker:
Start systemctl start docker
Daemon restart sudo systemctl daemon-reload
Restart the docker service systemctl restart docker
Sudo service docker restart
Close docker service docker stop
Close docker systemctl stop docker
#2. Add the current user to the docker user group, and then log in to the current user again
sudo gpasswd -a ${USER} docker
#3. Run docker as a high-privileged user
sudo systemctl start docker
Exception message 7: The specified container is connected to the current connection and the networks keyword custom network, the application still cannot interconnect with each other
Problem: When using Docker-compose to deploy multiple containers, it has been set to connect the specified container to the current connection and the network keyword custom network, and the applications still cannot be interconnected;
Reason: firewalld does not trust docker's ip address
Solution: Add all docker ip to the whitelist.
$firewall-cmd --zone=trusted --add-source=172.17.0.1/16--permanent
success
$firewall-cmd --zone=trusted --add-source=172.20.0.1/16--permanent
success
$firewall-cmd --reload
success
WeiyiGeek. Container Interconnection
Exception message 8: pull images x509 certificate has expired or is not yet valid
Description: Set up docker to pull the mirror mirror source, when pulling and downloading the mirror, it prompts that the certificate verification fails;
$sudo docker pull onlyoffice/documentserver
Using default tag: latest
Error response from daemon: Get https://registry-1.docker.io/v2/: x509: certificate has expired or is not yet valid
Cause of the error: Generally, the local system time error causes the error certificate to expire, so check the local system time first
$date
2019 Sunday, May 19,:57:54 CST
Solution: Synchronize the time to the current time to solve: ntpdate cn.pool.ntp.org
;
Exception information 9. The following warning appears when docker info is executed: bridge-nf-call-iptables is disabled
Problem Description:
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
Solution: Configure iptables to view bridged network traffic
cat >/etc/sysctl.conf<<'EOF'
net.bridge.bridge-nf-call-ip6tables =1
net.bridge.bridge-nf-call-iptables =1
EOF
sysctl -p
Exception message 10. The error message standard_init_linux.go:211: exec user process caused "no such file or directory" is displayed when building a container image.
Problem recovery:
$docker-compose up
Starting blog ... done
Attaching to blog
blog | standard_init_linux.go:211: exec user process caused "no such file or directory"
blog exited with code 1
problem causes:
unix (/n)
but dos (/r/n)
Exception information 11.Error response from daemon: driver failed programming external connectivity on endpoint loving_bassi (37b4c399f676cf46e35fd26b2298ad81aac87739d8aee416f449e36c6cb22503)
Problem information: docker: Error response from daemon: driver failed programming external connectivity on endpoint loving_bassi (37b4c399f676cf46e35fd26b2298ad81aac87739d8aee416f449e36c6cb22503): (iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 90 DNA to-destination 172.17.0.2:80! -i docker0: iptables: No chain/target/match by that name.
The cause of the problem: There is no such chain, target, and rule match in the docker0 network card in iptables, that is, the custom chain DOCKER defined when the docker service is started is cleared for some reason;
Solution: Restart the docker service and regenerate the custom chain DOCKER and then start the container;
# pkill docker
# iptables -t nat -F
# ifconfig docker0 down
# brctl delbr docker0
# service docker restart
Exception information 12. When using the docker port command to map the port of the container, the system reports an error "Error: No public port '80' published for xxx"
The cause of the problem: Dockerfile must specify the correct open port through EXPOSE when creating a mirror.
Solution: Specify PublishAllPort = true
when the container starts.
**Exception information 13. When using memory and swap restrictions to start the container, a warning is reported: "WARNING: Your kernel does not support cgroup swap limit. WARNING: Your kernel does not support swap limit capabilities. Limitation discarded."? **
Cause of the problem: Because the system does not enable the statistical function of memory and swap usage by default, the introduction of this function will bring performance degradation. To enable this function, you can take the following actions;
Solution:
/etc/default/grub
file (Ubuntu system as an example), configure GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1"
$ sudo update-grub
and restart the system.Exception information 14.Docker warning WARING: No swap limit support
Problem description: The warning WARNING: No swap limit support
in the docker memory limit under the Linux operating system probably means that the swap memory limit is not supported;
Solution: Tested under Ubuntu 20.04 TLS
# 1. edit/etc/default/grub file.
vim /etc/default/grub
# 2. Find GRUB_CMDLINE_LINUX=Configuration item and append "cgroup_enable=memory swapaccount=1”。
# 3. Save the file and execute the following command:
sudo update-grub
# 4. Restart server
reboot
Interview Q&A 2. How to temporarily exit the terminal of a container that is interacting without terminating it? *
Answer: Press Ctrl-p Ctrl-q
, if you press Ctrl-c, the application process in the container will often be terminated, which in turn will terminate the container.
Interview Q&A 3. What is the difference between ADD and COPY in Dockerfile?*
Answer: When using the ADD command, if the source file to be copied is a tar package, it will help us unpack the tar package to the specified directory when building the container, and
using the copy command will not decompress the tar package
;
Another difference is that the ADD instruction can either add a file in the build context or a URL, while COPY can only add files in the build context;
Answer: The difference in usage scenarios CMD instructions are the commands and parameters that are executed by default after the container is started ((if multiple CMDs are defined, only the last one is executed)), and ENTRYPOINT is used for the preparation work before the application runs (let the container be the application Or run as a service);
Note: At least one CMD or ENTRYPOINT instruction needs to be set in the Dockerfile;
Recommended Posts