[docker]通过阿里云源安装docker && flannel不通问题解决(try this guy out)
docker清理容器
# 容器停止后就自动删除:
docker run --rm centos /bin/echo "One";
# 杀死所有正在运行的容器:
docker kill $(docker ps -a -q)
# 删除所有未打标签的镜像:
docker rmi $(docker images -q -f dangling=true)
# 删除所有已经停止的容器:
docker rm $(docker ps -a -q)
# 显示镜像名字:tag
docker images --format "{{.Repository}}:{{.Tag}}"
alias tag='docker images --format "{{.Repository}}:{{.Tag}}"'
alias bb='docker run -it --rm busybox'
alias dp='docker ps -a'
alias dt='docker images --format "{{.Repository}}:{{.Tag}}"'
alias dc='docker rm $(docker ps -a -q)'
alias ds='docker stats'
alias kk='kubectl get pod --all-namespaces -o wide --show-labels'
alias ks='kubectl get svc --all-namespaces -o wide'
alias kss='kubectl get svc --all-namespaces -o wide --show-labels'
alias kd='kubectl get deploy --all-namespaces -o wide'
alias wk='watch kubectl get pod --all-namespaces -o wide --show-labels'
alias kv='kubectl get pv -o wide'
alias kvc='kubectl get pvc -o wide --all-namespaces --show-labels'
alias kbb='kubectl run -it --rm --restart=Never busybox --image=busybox sh'
alias kbbc='kubectl run -it --rm --restart=Never curl --image=appropriate/curl sh'
alias kd='kubectl get deployment --all-namespaces --show-labels'
alias kcm='kubectl get cm --all-namespaces -o wide'
alias kin='kubectl get ingress --all-namespaces -o wide'
自动补全
yum install bash-com* -y
wget https://raw.githubusercontent.com/lannyMa/scripts/master/docker
mv docker /etc/bash_completion.d/
$ wget https://get.docker.com/builds/Linux/x86_64/docker-17.04.0-ce.tgz
$ tar -xvf docker-17.04.0-ce.tgz
$ cp docker/docker* /root/local/bin
$ cp docker/completion/bash/docker /etc/bash_completion.d/
使用阿里云源安装新版docker-ce
安装步骤
参考:
https://mirrors.aliyun.com/help/docker-ce
https://yq.aliyun.com/articles/110806
yum install -y libnetfilter_conntrack-devel libmnl-devel conntrack-tools socat
echo "net.netfilter.nf_conntrack_acct=1" >> /etc/sysctl.conf
echo "net.netfilter.nf_conntrack_timestamp=1" >> /etc/sysctl.conf
sysctl -p /etc/sysctl.conf
yum install -y yum-utils device-mapper-persistent-data lvm2
#如果docker-ce.repo内容为空,则参考下面附.
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sudo yum makecache fast
sudo yum install docker-ce -y
mkdir -p /etc/docker
cat >>/etc/docker/daemon.json<<EOF
{
"registry-mirrors": ["https://registry.docker-cn.com"],
"hosts": [
"tcp://0.0.0.0:2375",
"unix:///var/run/docker.sock"
]
}
EOF
systemctl daemon-reload
systemctl restart docker && systemctl enable docker
配置转发
sysctl -w net.ipv6.conf.all.disable_ipv6=1
sysctl -w net.ipv6.conf.default.disable_ipv6=1
sysctl -w net.ipv4.ip_forward=1
echo 'iptables -P FORWARD ACCEPT' >> /etc/rc.local
iptables -P FORWARD ACCEPT
sysctl -p
docker pull busybox
echo "alias bb='docker run -it --rm busybox'" >> /etc/bashrc
source /etc/bashrc
sudo systemctl stop firewalld
sudo systemctl disable firewalld
sudo iptables -F && sudo iptables -X && sudo iptables -F -t nat && sudo iptables -X -t nat
iptables -t nat -L -n
ip netns ls显示
ln -s /var/run/docker/netns /var/run/netns
查看dockerd日志
journalctl -u docker -f
安装docker-compose
cd
yum install python-pip -y
mkdir ~/.pip
cat >pip.conf<<EOF
[global]
index-url = http://mirrors.aliyun.com/pypi/simple/
[install]
trusted-host=mirrors.aliyun.com
EOF
mv ./pip.conf ~/.pip/
pip install docker-compose
pip install --upgrade pip
二进制安装docker-ce
下载:
https://download.docker.com/linux/static/stable/x86_64/
tar -xvf docker-17.04.0-ce.tgz
cp docker/docker* /user/local/bin
cp docker/completion/bash/docker /etc/bash_completion.d/
dockerd --log-level=error --bip=10.2.20.1/24 --mtu=1500 --ipmasq=true
$ cat docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=http://docs.docker.io
[Service]
Environment="PATH=/root/local/bin:/bin:/sbin:/usr/bin:/usr/sbin"
EnvironmentFile=-/run/flannel/docker ## 这里比较关键
ExecStart=/root/local/bin/dockerd --log-level=error $DOCKER_NETWORK_OPTIONS
ExecReload=/bin/kill -s HUP $MAINPID
Restart=on-failure
RestartSec=5
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
Delegate=yes
KillMode=process
[Install]
WantedBy=multi-user.target
flannel网络不通问题解决
两台机器间容器通过flannel网络无法互ping
- 以往是这样解决的
systemctl stop firewalld && systemctl disable firewalld
sysctl -w net.ipv6.conf.all.disable_ipv6=1
sysctl -w net.ipv6.conf.default.disable_ipv6=1
sysctl -w net.ipv4.ip_forward=1
iptables -P FORWARD ACCEPT
sysctl -p
echo 'iptables -P FORWARD ACCEPT' >> /rc.local
- 这样不好使,排查发现flannel动态生成的subnet.env参数和docker手动指定的不一样
我重启了下所有机器,导致flannel启动后子网发生了变化,而docker启动加载的是之前手动给指定的之前的flannel的子网,因此导致不同.
下面详解了解下flannel如何和docker联动
1.下载flannel后,压缩包里有个生成docker启动参数(网络)的脚本
2.flannel启动会执行这个脚本(flannel的services实现),动态生成docker参数
/usr/local/bin/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/docker
- 创建 flanneld 的 systemd unit 文件
$ cat > flanneld.service << EOF
[Unit]
Description=Flanneld overlay address etcd agent
After=network.target
After=network-online.target
Wants=network-online.target
After=etcd.service
Before=docker.service
[Service]
Type=notify
ExecStart=/root/local/bin/flanneld
ExecStartPost=/root/local/bin/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/docker
Restart=on-failure
[Install]
WantedBy=multi-user.target
RequiredBy=docker.service
EOF
mk-docker-opts.sh 脚本将分配给 flanneld 的 Pod 子网网段信息写入到 /run/flannel/docker 文件中,后续 docker 启动时使用这个文件中参数值设置 docker0 网桥;
-iface 选项值指定 flanneld 和其它 Node 通信的接口,如果机器有内、外网,则最好指定为内网接口;
- 创建docker启动脚本
$ cat docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=http://docs.docker.io
[Service]
Environment="PATH=/root/local/bin:/bin:/sbin:/usr/bin:/usr/sbin"
EnvironmentFile=-/run/flannel/docker
ExecStart=/root/local/bin/dockerd --log-level=error $DOCKER_NETWORK_OPTIONS
ExecReload=/bin/kill -s HUP $MAINPID
Restart=on-failure
RestartSec=5
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
Delegate=yes
KillMode=process
[Install]
WantedBy=multi-user.target
flannel自动生成docker参数脚本
/usr/local/bin/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/docker
#!/bin/sh
usage() {
echo "$0 [-f FLANNEL-ENV-FILE] [-d DOCKER-ENV-FILE] [-i] [-c] [-m] [-k COMBINED-KEY]
Generate Docker daemon options based on flannel env file
OPTIONS:
-f Path to flannel env file. Defaults to /run/flannel/subnet.env
-d Path to Docker env file to write to. Defaults to /run/docker_opts.env
-i Output each Docker option as individual var. e.g. DOCKER_OPT_MTU=1500
-c Output combined Docker options into DOCKER_OPTS var
-k Set the combined options key to this value (default DOCKER_OPTS=)
-m Do not output --ip-masq (useful for older Docker version)
" >&2
exit 1
}
flannel_env="/run/flannel/subnet.env"
docker_env="/run/docker_opts.env"
combined_opts_key="DOCKER_OPTS"
indiv_opts=false
combined_opts=false
ipmasq=true
while getopts "f:d:icmk:?h" opt; do
case $opt in
f)
flannel_env=$OPTARG
;;
d)
docker_env=$OPTARG
;;
i)
indiv_opts=true
;;
c)
combined_opts=true
;;
m)
ipmasq=false
;;
k)
combined_opts_key=$OPTARG
;;
[\?h])
usage
;;
esac
done
if [ $indiv_opts = false ] && [ $combined_opts = false ]; then
indiv_opts=true
combined_opts=true
fi
if [ -f "$flannel_env" ]; then
. $flannel_env
fi
if [ -n "$FLANNEL_SUBNET" ]; then
DOCKER_OPT_BIP="--bip=$FLANNEL_SUBNET"
fi
if [ -n "$FLANNEL_MTU" ]; then
DOCKER_OPT_MTU="--mtu=$FLANNEL_MTU"
fi
if [ -n "$FLANNEL_IPMASQ" ] && [ $ipmasq = true ] ; then
if [ "$FLANNEL_IPMASQ" = true ] ; then
DOCKER_OPT_IPMASQ="--ip-masq=false"
elif [ "$FLANNEL_IPMASQ" = false ] ; then
DOCKER_OPT_IPMASQ="--ip-masq=true"
else
echo "Invalid value of FLANNEL_IPMASQ: $FLANNEL_IPMASQ" >&2
exit 1
fi
fi
eval docker_opts="\$${combined_opts_key}"
if [ "$docker_opts" ]; then
docker_opts="$docker_opts ";
fi
echo -n "" >$docker_env
for opt in $(set | grep "DOCKER_OPT_"); do
OPT_NAME=$(echo $opt | awk -F "=" '{print $1;}');
OPT_VALUE=$(eval echo "\$$OPT_NAME");
if [ "$indiv_opts" = true ]; then
echo "$OPT_NAME=\"$OPT_VALUE\"" >>$docker_env;
fi
docker_opts="$docker_opts $OPT_VALUE";
done
if [ "$combined_opts" = true ]; then
echo "${combined_opts_key}=\"${docker_opts}\"" >>$docker_env
fi
把机器上所有image dump成文件,一键导出本地所有镜像
#!/bin/bash
image_list=`docker images --format "{{.Repository}}:{{.Tag}}"`
for image in $image_list;do
file_name=`echo $image | sed "s#[/:]#_#g"`
echo "Saveing image '$image' into '$file_name.tar.gz'"
docker save -o "$file_name.tar" $image
gzip $file_name.tar
done
# gzip把tar搞成了tar.gz, docker load -i tar.gz即可. 如果空间够,可以不gzip
docker json日志驱动滚动和清理参数
参考: https://docs.docker.com/engine/admin/logging/json-file/#usage
默认一个日志文件.不自动切割.
dockerd前台启动
可以指定bridge启动(默认的docker0有nat)
dockerd -b=br0
可以启动后不让修改iptables
dockerd -b=br0 --iptables=false #默认修改的,iptables -t nat -L -n
$ dockerd --help
Usage: dockerd COMMAND
A self-sufficient runtime for containers.
Options:
--add-runtime runtime Register an additional OCI compatible runtime (default [])
--allow-nondistributable-artifacts list Allow push of nondistributable artifacts to registry
--api-cors-header string Set CORS headers in the Engine API
--authorization-plugin list Authorization plugins to load
--bip string Specify network bridge IP
-b, --bridge string Attach containers to a network bridge
--cgroup-parent string Set parent cgroup for all containers
--cluster-advertise string Address or interface name to advertise
--cluster-store string URL of the distributed storage backend
--cluster-store-opt map Set cluster store options (default map[])
--config-file string Daemon configuration file (default "/etc/docker/daemon.json")
--containerd string Path to containerd socket
--cpu-rt-period int Limit the CPU real-time period in microseconds
--cpu-rt-runtime int Limit the CPU real-time runtime in microseconds
--data-root string Root directory of persistent Docker state (default "/var/lib/docker")
-D, --debug Enable debug mode
--default-gateway ip Container default gateway IPv4 address
--default-gateway-v6 ip Container default gateway IPv6 address
--default-ipc-mode string Default mode for containers ipc ("shareable" | "private") (default "shareable")
--default-runtime string Default OCI runtime for containers (default "runc")
--default-shm-size bytes Default shm size for containers (default 64MiB)
--default-ulimit ulimit Default ulimits for containers (default [])
--disable-legacy-registry Disable contacting legacy registries (default true)
--dns list DNS server to use
--dns-opt list DNS options to use
--dns-search list DNS search domains to use
--exec-opt list Runtime execution options
--exec-root string Root directory for execution state files (default "/var/run/docker")
--experimental Enable experimental features
--fixed-cidr string IPv4 subnet for fixed IPs
--fixed-cidr-v6 string IPv6 subnet for fixed IPs
-G, --group string Group for the unix socket (default "docker")
--help Print usage
-H, --host list Daemon socket(s) to connect to
--icc Enable inter-container communication (default true)
--init Run an init in the container to forward signals and reap processes
--init-path string Path to the docker-init binary
--insecure-registry list Enable insecure registry communication
--ip ip Default IP when binding container ports (default 0.0.0.0)
--ip-forward Enable net.ipv4.ip_forward (default true)
--ip-masq Enable IP masquerading (default true)
--iptables Enable addition of iptables rules (default true)
--ipv6 Enable IPv6 networking
--label list Set key=value labels to the daemon
--live-restore Enable live restore of docker when containers are still running
--log-driver string Default driver for container logs (default "json-file")
-l, --log-level string Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info")
--log-opt map Default log driver options for containers (default map[])
--max-concurrent-downloads int Set the max concurrent downloads for each pull (default 3)
--max-concurrent-uploads int Set the max concurrent uploads for each push (default 5)
--metrics-addr string Set default address and port to serve the metrics api on
--mtu int Set the containers network MTU
--network-control-plane-mtu int Network Control plane MTU (default 1500)
--no-new-privileges Set no-new-privileges by default for new containers
--node-generic-resources string user defined resources (e.g. fpga=2;gpu={UUID1,UUID2,UUID3})
--oom-score-adjust int Set the oom_score_adj for the daemon (default -500)
-p, --pidfile string Path to use for daemon PID file (default "/var/run/docker.pid")
--raw-logs Full timestamps without ANSI coloring
--registry-mirror list Preferred Docker registry mirror
--seccomp-profile string Path to seccomp profile
--selinux-enabled Enable selinux support
--shutdown-timeout int Set the default shutdown timeout (default 15)
-s, --storage-driver string Storage driver to use
--storage-opt list Storage driver options
--swarm-default-advertise-addr string Set default address or interface for swarm advertised address
--tls Use TLS; implied by --tlsverify
--tlscacert string Trust certs signed only by this CA (default "/root/.docker/ca.pem")
--tlscert string Path to TLS certificate file (default "/root/.docker/cert.pem")
--tlskey string Path to TLS key file (default "/root/.docker/key.pem")
--tlsverify Use TLS and verify the remote
--userland-proxy Use userland proxy for loopback traffic (default true)
--userland-proxy-path string Path to the userland proxy binary
--userns-remap string User/Group setting for user namespaces
-v, --version Print version information and quit
开启流数据统计
## 开启流数据包统计(packets和bytes)
echo "net.netfilter.nf_conntrack_acct=1" >> /etc/sysctl.conf
## 开启流持续时间统计(delta-time)
echo "net.netfilter.nf_conntrack_timestamp=1" >> /etc/sysctl.conf
sysctl -p /etc/sysctl.conf
conntrack -L -o ktimestamp
让centos7镜像支持中文
RUN yum -y install kde-l10n-Chinese && \
yum -y reinstall glibc-common &&\
yum clean all && \
localedef -c -f UTF-8 -i zh_CN zh_CN.utf8
ENV LC_ALL "zh_CN.UTF-8"
docker选项配置参考
kubespray安装k8s集群时候,自动给docker配置的
[root@n1 ~]# ps -ef|grep docker
root 14289 1 2 23:18 ? 00:00:32 /usr/bin/dockerd --insecure-registry=10.233.0.0/18 --graph=/var/lib/docker --log-opt max-size=50m --log-opt max-file=5 --iptables=false --dns 10.233.0.3 --dns 114.114.114.114 --dns-search default.svc.cluster.local --dns-search svc.cluster.local --dns-opt ndots:2 --dns-opt timeout:2 --dns-opt attempts:2
[root@n1 ~]# cat /etc/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=http://docs.docker.com
After=network.target docker-storage-setup.service
Wants=docker-storage-setup.service
[Service]
Type=notify
Environment=GOTRACEBACK=crash
ExecReload=/bin/kill -s HUP $MAINPID
Delegate=yes
KillMode=process
ExecStart=/usr/bin/dockerd \
$DOCKER_OPTS \
$DOCKER_STORAGE_OPTIONS \
$DOCKER_NETWORK_OPTIONS \
$DOCKER_DNS_OPTIONS \
$INSECURE_REGISTRY
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
TimeoutStartSec=1min
Restart=on-abnormal
[Install]
WantedBy=multi-user.target
[root@n1 ~]# ll /etc/systemd/system/docker.service.d/
total 12
-rw-r--r-- 1 root root 234 Dec 27 23:18 docker-dns.conf
-rw-r--r-- 1 root root 158 Dec 27 23:18 docker-options.conf
-rw-r--r-- 1 root root 288 Dec 27 23:18 http-proxy.conf
[root@n1 ~]# cat /etc/systemd/system/docker.service.d/docker-options.conf
[Service]
Environment="DOCKER_OPTS=--insecure-registry=10.233.0.0/18 --graph=/var/lib/docker --log-opt max-size=50m --log-opt max-file=5 \
--iptables=false"
[root@n1 ~]# cat /etc/systemd/system/docker.service.d/docker-dns.conf
[Service]
Environment="DOCKER_DNS_OPTIONS=\
--dns 10.233.0.3 --dns 114.114.114.114 \
--dns-search default.svc.cluster.local --dns-search svc.cluster.local \
--dns-opt ndots:2 --dns-opt timeout:2 --dns-opt attempts:2 \
[root@n1 ~]# cat /etc/systemd/system/docker.service.d/http-proxy.conf
[Service]
Environment="HTTP_PROXY=http://192.168.1.88:1080/" "NO_PROXY=192.168.2.14,node4,node4.cluster.local,192.168.2.15,node5,node5.cluster.local,192.168.2.11,node1,node1.cluster.local,192.168.2.12,node2,node2.cluster.local,192.168.2.13,node3,node3.cluster.local,127.0.0.1,localhost"
docker配置代理
参考:https://docs.docker.com/engine/admin/systemd/
修改docker的svc即可.
[Service]
Environment="HTTP_PROXY=http://[proxy-addr]:[proxy-port]/"
或者:
docker -H LOCAL_IP:1028
测试(才700多K的东西):
docker pull gcr.io/google_containers/pause-amd64:3.0
docker多进程启动工具
与Supervisord类似的工具包括monit, daemontools和runit。
参考:
https://hub.docker.com/r/faisyl/alpine-runit/~/dockerfile/
docker加速器
image: registry.cn-shenzhen.aliyuncs.com/rancher_cn/heapster-grafana-amd64:v4.4.3
image: registry.cn-hangzhou.aliyuncs.com/outman_google_containers/heapster-amd64:v1.4.0
vi /etc/docker/daemon.json
{
"registry-mirrors": ["https://docker.mirrors.ustc.edu.cn"]
}
[root@n1 influxdb]# cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://registry.docker-cn.com"],
"hosts": [
"tcp://0.0.0.0:2375",
"unix:///var/run/docker.sock"
]
}
设置insecure-registries
echo '{ "insecure-registries":["registry-srv:5000"] }' >/etc/docker/daemon.json
docker的dns和日志切割设置
/usr/bin/dockerd --insecure-registry=10.233.0.0/18 --graph=/var/lib/docker --log-opt max-size=50m --log-opt max-file=5 --iptables=false --dns 10.233.0.3 --dns 114.114.114.114 --dns-search default.svc.cluster.local --dns-search svc.cluster.local --dns-opt ndots:2 --dns-opt timeout:2 --dns-opt attempts:2
docker run -it --rm busybox
/ # cat /etc/resolv.conf
search default.svc.cluster.local svc.cluster.local
nameserver 10.233.0.3
nameserver 114.114.114.114
docker-ce.repo阿里云
[docker-ce-stable]
name=Docker CE Stable - $basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/$basearch/stable
enabled=1
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-stable-debuginfo]
name=Docker CE Stable - Debuginfo $basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/debug-$basearch/stable
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-stable-source]
name=Docker CE Stable - Sources
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/source/stable
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-edge]
name=Docker CE Edge - $basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/$basearch/edge
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-edge-debuginfo]
name=Docker CE Edge - Debuginfo $basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/debug-$basearch/edge
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-edge-source]
name=Docker CE Edge - Sources
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/source/edge
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-test]
name=Docker CE Test - $basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/$basearch/test
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-test-debuginfo]
name=Docker CE Test - Debuginfo $basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/debug-$basearch/test
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-test-source]
name=Docker CE Test - Sources
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/source/test
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
flannel mtu
FLANNEL_MTU = 1450 是 vxlan FLANNEL_MTU = 1500 是 host-gw
其他参考
docker的2类存储资源
- docker存储
docker提供了2种存储资源:
镜像(由 storage driver 管理):
1.基础镜像层
2.可写层
storage driver
overlay2(devicemapper)
autfs
Data Volume:
1.bind mount
支持f/d
ro/rw
目的任意指定
docker run -v的方式
2.docker managed volume
不支持ro
/var/lib/docker/volumes/
1.--volumes-from: 先启一个数据容器,后引用容器容器名
data-packed volume container
FROM busybox
VOLUME ["/data1","/data2"]
docker build . -t busybox1
docker run -itd --name b1 busybox1
1.先在/var/lib/docker/volumes/创建目录
2.挂载到容器/data1 /data2(容器启动会自动创建这两个)
docker run -itd --volumes-from b1 busybox
2.docker create volume
docker volume create hello
docker run -d -v hello:/world busybox ls /world
devicemapper存储设置容量
[root@n1 ~]# docker run -itd -v /data:/data --name b4 busybox
1ce96b5f4f135e1e98b33997b95e682efa6287ff744e1613aaacab2e159c353b
[root@n1 ~]# docker exec -it b4 sh
/ # df -h
Filesystem Size Used Available Use% Mounted on
overlay 37.8G 1.8G 35.9G 5% /
tmpfs 487.3M 0 487.3M 0% /dev
tmpfs 487.3M 0 487.3M 0% /sys/fs/cgroup
/dev/sda3 37.8G 1.8G 35.9G 5% /data
今天复习了以下docker, 发现竟然有这玩意.
https://docs.docker.com/engine/reference/commandline/dockerd/#options-per-storage-driver
devicemapper存储设置
http://blog.51cto.com/welcomeweb/1696121