Docker配置问题

1. Docker容器和宿主机时间同步问题

原因:宿主机时区和Docker容器的不一致，导致两者相差8小时
解决方法一:
启动容器的时候指定启动参数，自动挂载localtime文件到容器内
1
docker run --name <name> -v /etc/localtime:/etc/localtime:ro ....

解决方法二:
把时区设置加入到Dockerfile中

# CentOS
RUN echo "Asia/shanghai" > /etc/timezone;
# Ubuntu
RUN cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

2. 设置自定义仓库

修改 /etc/docker/daemon.json 文件

1
2
3

"insecure-registries": [
   "dgemc.asuscomm.com:9293"
 ]

3. 设置Docker Hub源

修改 /etc/docker/daemon.json 文件

1
2
3

"registry-mirrors": [
    "http://d2f5eeb9.m.daocloud.io"
  ]

4. volume数据共享 –volumes-from

1
2
3

docker run -d --privileged -p 8692:8121 --name shunde_accounting-wechat -v shunde_accounting:/home shunde_accounting-wechat:1.0

docker run -d --privileged -p 8692:8121 --name shunde_accounting-wechat2 --volumes-from shunde_accounting-wechat shunde_accounting-wechat:1.0

5. docker容器固定ip

network plugin创建一个新的bridge

1	docker network create -d bridge --subnet=192.168.210.0/24 --gateway=192.168.210.1 -o parent=eth0 br1

创建容器

1	docker run -it -d --net=br1 --ip=192.168.210.3 --name=nginx2 nginx:1.10-alpine

6. 全局设置日志大小

在/etc/docker/daemon.json添加:

1	"log-opts": {"max-size":"100m", "max-file":"3"}

7. volume权限问题

执行命令的时候加入-u [当前linux用户名]
1
docke -run -u root ....

8. docker容器无法通过IP访问宿主机:`No route to host`

centos 7

查询docker0网卡ip

ip addr |grep docker0

3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
32: veth3adebab@if31: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default 
48: veth7c11510@if47: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default 
353: vethc143d81@if352: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default 
423: veth5b7bcdf@if422: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default

inet 172.17.0.1/16就是docker的ip范围

在 /etc/firewalld/zones/public.xml添加以下内容:

<rule family="ipv4">
  <source address="172.17.0.0/16" />
  <accept />
</rule>

例如:

<?xml version="1.0" encoding="utf-8"?>
<zone>
  <short>Public</short>
  <description>For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description>
  <service name="ssh"/>
  <service name="dhcpv6-client"/>
 <rule family="ipv4">
  <source address="172.17.0.0/16" />
  <accept />
</rule>
</zone>

重启防火墙
1
systemctl restart firewalld

9. alpine类型容器使用宿主机docker命令

-v /etc/localtime:/etc/localtime:ro
-v /var/run/docker.sock:/var/run/docker.sock
-v $(which docker):/usr/bin/docker
-v /etc/docker:/etc/docker


docker exec {容器名} bash -c 'mkdir /lib64 && ln -s /lib/libc.musl-x86_64.so.1 /lib64/ld-linux-x86-64.so.2'

10.device or resource busy

错误内容

Error response from daemon: container ebd41f555dc1f027eb76eb74ecd14f803a07bbacd2cb9bc4ee1143fa68e90c66: driver "btrfs" failed to remove root filesystem: Failed to destroy btrfs snapshot /volume1/@docker/btrfs/subvolumes for 78f48d4542b189e1b2603fd4d55cb3a2fcb091bc76f3a5023e7bcf33baeac1ba: device or resource busy

检查

1	grep docker /proc/*/mountinfo \|grep 78f48d4542b189e1b2603fd4d55cb3a2fcb091bc76f3a5023e7bcf33baeac1ba

输出类似这样的东西，其中/proc/之后的数字是pid：

1
2

/proc/2232/mountinfo:347 258 0:27 /@docker/btrfs/subvolumes/78f48d4542b189e1b2603fd4d55cb3a2fcb091bc76f3a5023e7bcf33baeac1ba / rw,relatime master:1 - btrfs /dev/vg1/volume_1 rw,synoacl,nospace_cache,metadata_ratio=50
/proc/2340/mountinfo:347 258 0:27 /@docker/btrfs/subvolumes/78f48d4542b189e1b2603fd4d55cb3a2fcb091bc76f3a5023e7bcf33baeac1ba / rw,relatime master:1 - btrfs /dev/vg1/volume_1 rw,synoacl,nospace_cache,metadata_ratio=50

查看占用的进程