翻译于 2014/01/02 21:37
3 人 顶 此译文
加载中
Docker.io is the lightweight "container engine + image repository" built on top of LXC (linux lightweight containers) to ship any application.
At the core of docker.io there are
an application "/usr/bin/docker"
set of pre-created operating-system/application images hosted with "docker.io"
AUFS (Another Union filesystem) to take care of snapshots, diffs, ro/rw requirements
LXC (Linux lightweight containers)
cgroups (for resource management and namespacing)
As of writing this blog, the latest version is 0.5.3 . The project is actively being developed and things can change in near future.
Follow these instructions to get docker.io installed on your system.
0. Install centos 6.x
1. Disable selinux as it interferes with functionality of LXC
[root@localhost ~]# cat /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - SELinux is fully disabled. SELINUX=disabled # SELINUXTYPE= type of policy in use. Possible values are: # targeted - Only targeted network daemons are protected. # strict - Full SELinux protection. SELINUXTYPE=targeted
2. Download and setup Fedora EPEL Repository
sudo yum install http://ftp.riken.jp/Linux/fedora/epel/6/i386/epel-release-6-8.noarch.rpm
3. Setup hop5.in repository
cd /etc/yum.repos.d sudo wget http://www.hop5.in/yum/el6/hop5.repo
4. Install docker-io package
[root@localhost ~]# yum install docker-io Loaded plugins: fastestmirror, security Loading mirror speeds from cached hostfile * base: centos.excellmedia.net * epel: kartolo.sby.datautama.net.id * extras: centos.excellmedia.net * updates: centos.excellmedia.net Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package docker-io.x86_64 0:0.5.3-4.el6 will be installed --> Processing Dependency: lxc >= 0.8.0 for package: docker-io-0.5.3-4.el6.x86_64 --> Processing Dependency: kernel-ml-aufs >= 3.10.5 for package: docker-io-0.5.3-4.el6.x86_64 --> Running transaction check ---> Package kernel-ml-aufs.x86_64 0:3.10.5-3.el6 will be installed ---> Package lxc.x86_64 0:0.8.0-3.el6 will be installed --> Processing Dependency: liblxc.so.0()(64bit) for package: lxc-0.8.0-3.el6.x86_64 --> Running transaction check ---> Package lxc-libs.x86_64 0:0.8.0-3.el6 will be installed --> Finished Dependency Resolution Dependencies Resolved ============================================================================================ Package Arch Version Repository Size ============================================================================================ Installing: docker-io x86_64 0.5.3-4.el6 hop5 1.2 M Installing for dependencies: kernel-ml-aufs x86_64 3.10.5-3.el6 hop5 33 M lxc x86_64 0.8.0-3.el6 hop5 81 k lxc-libs x86_64 0.8.0-3.el6 hop5 75 k Transaction Summary ============================================================================================ Install 4 Package(s) Total download size: 34 M Installed size: 159 M Is this ok [y/N]: y Downloading Packages: (1/4): docker-io-0.5.3-4.el6.x86_64.rpm | 1.2 MB 00:03 (2/4): kernel-ml-aufs-3.10.5-3.el6.x86_64.rpm | 33 MB 00:33 (3/4): lxc-0.8.0-3.el6.x86_64.rpm | 81 kB 00:00 (4/4): lxc-libs-0.8.0-3.el6.x86_64.rpm | 75 kB 00:00 -------------------------------------------------------------------------------------------- Total 896 kB/s | 34 MB 00:39 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Installing : lxc-libs-0.8.0-3.el6.x86_64 1/4 Installing : lxc-0.8.0-3.el6.x86_64 2/4 Installing : kernel-ml-aufs-3.10.5-3.el6.x86_64 3/4 Installing : docker-io-0.5.3-4.el6.x86_64 4/4 Verifying : kernel-ml-aufs-3.10.5-3.el6.x86_64 1/4 Verifying : lxc-0.8.0-3.el6.x86_64 2/4 Verifying : lxc-libs-0.8.0-3.el6.x86_64 3/4 Verifying : docker-io-0.5.3-4.el6.x86_64 4/4 Installed: docker-io.x86_64 0:0.5.3-4.el6 Dependency Installed: kernel-ml-aufs.x86_64 0:3.10.5-3.el6 lxc.x86_64 0:0.8.0-3.el6 lxc-libs.x86_64 0:0.8.0-3.el6 Complete! [root@localhost ~]#
5. See the package is installed correctly
[root@localhost ~]# docker -h Usage of docker: -D=false: Debug mode -H=[unix:///var/run/docker.sock]: tcp://host:port to bind/connect to or unix://path/to/socket to use -api-enable-cors=false: Enable CORS requests in the remote api. -b="": Attach containers to a pre-existing network bridge. Use 'none' to disable container networking -d=false: Daemon mode -dns="": Set custom dns servers -g="/var/lib/docker": Path to graph storage base dir. -p="/var/run/docker.pid": File containing process PID -r=false: Restart previously running containers
6. Add cgroup filesystem to /etc/fstab , so that docker will work correctly
[root@localhost ~]# echo "none /sys/fs/cgroup cgroup defaults 0 0" >> /etc/fstab
[root@localhost ~]# mount /sys/fs/cgroup
Per "Peter Zimmerman" a reboot is needed to actually mount /sys/fs/cgroup (due to the kernel doesn't have cgroup support). So, the above mount step is not really needed. As its used only upon reboot.
按下面的步骤安装docker.io:
0、安装centos6.x
1、因为selinux和LXC有冲突,所以需要禁用
[root@localhost ~]# cat /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - SELinux is fully disabled. SELINUX=disabled # SELINUXTYPE= type of policy in use. Possible values are: # targeted - Only targeted network daemons are protected. # strict - Full SELinux protection. SELINUXTYPE=targeted
2、配置Fedora EPEL 源
sudo yum install http://ftp.riken.jp/Linux/fedora/epel/6/i386/epel-release-6-8.noarch.rpm
3、配置hop5.in源
cd /etc/yum.repos.d sudo wget http://www.hop5.in/yum/el6/hop5.repo
4、安装docker-io
[root@localhost ~]# yum install docker-io Loaded plugins: fastestmirror, security Loading mirror speeds from cached hostfile * base: centos.excellmedia.net * epel: kartolo.sby.datautama.net.id * extras: centos.excellmedia.net * updates: centos.excellmedia.net Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package docker-io.x86_64 0:0.5.3-4.el6 will be installed --> Processing Dependency: lxc >= 0.8.0 for package: docker-io-0.5.3-4.el6.x86_64 --> Processing Dependency: kernel-ml-aufs >= 3.10.5 for package: docker-io-0.5.3-4.el6.x86_64 --> Running transaction check ---> Package kernel-ml-aufs.x86_64 0:3.10.5-3.el6 will be installed ---> Package lxc.x86_64 0:0.8.0-3.el6 will be installed --> Processing Dependency: liblxc.so.0()(64bit) for package: lxc-0.8.0-3.el6.x86_64 --> Running transaction check ---> Package lxc-libs.x86_64 0:0.8.0-3.el6 will be installed --> Finished Dependency Resolution Dependencies Resolved ============================================================================================ Package Arch Version Repository Size ============================================================================================ Installing: docker-io x86_64 0.5.3-4.el6 hop5 1.2 M Installing for dependencies: kernel-ml-aufs x86_64 3.10.5-3.el6 hop5 33 M lxc x86_64 0.8.0-3.el6 hop5 81 k lxc-libs x86_64 0.8.0-3.el6 hop5 75 k Transaction Summary ============================================================================================ Install 4 Package(s) Total download size: 34 M Installed size: 159 M Is this ok [y/N]: y Downloading Packages: (1/4): docker-io-0.5.3-4.el6.x86_64.rpm | 1.2 MB 00:03 (2/4): kernel-ml-aufs-3.10.5-3.el6.x86_64.rpm | 33 MB 00:33 (3/4): lxc-0.8.0-3.el6.x86_64.rpm | 81 kB 00:00 (4/4): lxc-libs-0.8.0-3.el6.x86_64.rpm | 75 kB 00:00 -------------------------------------------------------------------------------------------- Total 896 kB/s | 34 MB 00:39 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Installing : lxc-libs-0.8.0-3.el6.x86_64 1/4 Installing : lxc-0.8.0-3.el6.x86_64 2/4 Installing : kernel-ml-aufs-3.10.5-3.el6.x86_64 3/4 Installing : docker-io-0.5.3-4.el6.x86_64 4/4 Verifying : kernel-ml-aufs-3.10.5-3.el6.x86_64 1/4 Verifying : lxc-0.8.0-3.el6.x86_64 2/4 Verifying : lxc-libs-0.8.0-3.el6.x86_64 3/4 Verifying : docker-io-0.5.3-4.el6.x86_64 4/4 Installed: docker-io.x86_64 0:0.5.3-4.el6 Dependency Installed: kernel-ml-aufs.x86_64 0:3.10.5-3.el6 lxc.x86_64 0:0.8.0-3.el6 lxc-libs.x86_64 0:0.8.0-3.el6 Complete! [root@localhost ~]#
5、检查安装情况
[root@localhost ~]# docker -h Usage of docker: -D=false: Debug mode -H=[unix:///var/run/docker.sock]: tcp://host:port to bind/connect to or unix://path/to/socket to use -api-enable-cors=false: Enable CORS requests in the remote api. -b="": Attach containers to a pre-existing network bridge. Use 'none' to disable container networking -d=false: Daemon mode -dns="": Set custom dns servers -g="/var/lib/docker": Path to graph storage base dir. -p="/var/run/docker.pid": File containing process PID -r=false: Restart previously running containers
6、要想docker正常运行还需要在/etc/fstab里增加cgroup文件系统
[root@localhost ~]# echo "none /sys/fs/cgroup cgroup defaults 0 0" >> /etc/fstab
[root@localhost ~]# mount /sys/fs/cgroup
只有重新启动才能挂载/sys/fs/cgroup(因为当前运行的内核不支持cgroup),所以上面挂载的命令也可以不执行,但系统需要重新启动。
7. Reboot the system ; make sure to select "3.10.5-3.el6.x86_64" kernel version while booting.
8. Once system is up and running, make sure you are on right kernel
[root@localhost ~]# uname -r 3.10.5-3.el6.x86_64 [root@localhost ~]# grep aufs /proc/filesystems nodev aufs
9. Start the docker.io in daemon mode (in a different terminal)
[root@localhost ~]# docker -d 2013/08/21 07:47:07 WARNING: Your kernel does not support cgroup swap limit. 2013/08/21 07:47:07 Listening for HTTP on /var/run/docker.sock (unix)
10. Print hello world from a centos 6.4 container.
[root@localhost ~]# docker run centos:6.4 echo "hello world" 2013/08/21 07:48:41 POST /v1.4/containers/create 2013/08/21 07:48:41 POST /v1.4/containers/c6bc9e80097e/start 2013/08/21 07:48:41 POST /v1.4/containers/c6bc9e80097e/attach?logs=1&stderr=1&stdout=1&stream=1 hello world
11. Ping from inside the container
[root@localhost ~]# docker -dns '8.8.8.8' run centos:6.4 ping -c 3 yahoo.com 2013/08/21 08:02:15 POST /v1.4/containers/create 2013/08/21 08:02:15 POST /v1.4/containers/c40a1244f9bc/start 2013/08/21 08:02:15 POST /v1.4/containers/c40a1244f9bc/attach?logs=1&stderr=1&stdout=1&stream=1 PING yahoo.com (98.138.253.109) 56(84) bytes of data. 64 bytes from ir1.fp.vip.ne1.yahoo.com (98.138.253.109): icmp_seq=1 ttl=48 time=323 ms 64 bytes from ir1.fp.vip.ne1.yahoo.com (98.138.253.109): icmp_seq=2 ttl=48 time=329 ms 64 bytes from ir1.fp.vip.ne1.yahoo.com (98.138.253.109): icmp_seq=3 ttl=49 time=302 ms --- yahoo.com ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2304ms rtt min/avg/max/mdev = 302.032/318.318/329.656/11.807 ms
TROUBLESHOOTING
"DNS/Networking Errors inside the docker"
[root@localhost ~]# docker -dns="8.8.8.8" run centos:6.4 yum install hiphop-php 2013/08/21 07:53:05 POST /v1.4/containers/create 2013/08/21 07:53:05 POST /v1.4/containers/6d9fef14bd1a/start 2013/08/21 07:53:05 POST /v1.4/containers/6d9fef14bd1a/attach?logs=1&stderr=1&stdout=1&stream=1 Loaded plugins: fastestmirror Error: Cannot retrieve repository metadata (repomd.xml) for repository: base. Please verify its path and try again Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=6&arch=x86_64&repo=os error was 14: PYCURL ERROR 6 - "Couldn't resolve host 'mirrorlist.centos.org'"
Please issue the following commands, so that docker and its environment will be reset and above issue will be taken care of.
pkill docker iptables -t nat -F ifconfig docker0 down brctl delbr docker0 docker -d
CREDITS: Thanks to sciurus for doing the hardwork in creating the spec file for kernel-ml-aufs.
7、重启系统,选择“3.10.5-3.el6.x86_64”内核
8、系统启动后,确认当前运行的内核
[root@localhost ~]# uname -r 3.10.5-3.el6.x86_64 [root@localhost ~]# grep aufs /proc/filesystems nodev aufs
9、以守护模式运行docker.io(在一个新的终端里)
[root@localhost ~]# docker -d 2013/08/21 07:47:07 WARNING: Your kernel does not support cgroup swap limit. 2013/08/21 07:47:07 Listening for HTTP on /var/run/docker.sock (unix)
10、在centos6.4容器里输出hello world
[root@localhost ~]# docker run centos:6.4 echo "hello world" 2013/08/21 07:48:41 POST /v1.4/containers/create 2013/08/21 07:48:41 POST /v1.4/containers/c6bc9e80097e/start 2013/08/21 07:48:41 POST /v1.4/containers/c6bc9e80097e/attach?logs=1&stderr=1&stdout=1&stream=1 hello world
11、从容器里测试ping
[root@localhost ~]# docker -dns '8.8.8.8' run centos:6.4 ping -c 3 yahoo.com 2013/08/21 08:02:15 POST /v1.4/containers/create 2013/08/21 08:02:15 POST /v1.4/containers/c40a1244f9bc/start 2013/08/21 08:02:15 POST /v1.4/containers/c40a1244f9bc/attach?logs=1&stderr=1&stdout=1&stream=1 PING yahoo.com (98.138.253.109) 56(84) bytes of data. 64 bytes from ir1.fp.vip.ne1.yahoo.com (98.138.253.109): icmp_seq=1 ttl=48 time=323 ms 64 bytes from ir1.fp.vip.ne1.yahoo.com (98.138.253.109): icmp_seq=2 ttl=48 time=329 ms 64 bytes from ir1.fp.vip.ne1.yahoo.com (98.138.253.109): icmp_seq=3 ttl=49 time=302 ms --- yahoo.com ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2304ms rtt min/avg/max/mdev = 302.032/318.318/329.656/11.807 ms
常见错误:
"DNS/Networking Errors inside the docker"
[root@localhost ~]# docker -dns="8.8.8.8" run centos:6.4 yum install hiphop-php 2013/08/21 07:53:05 POST /v1.4/containers/create 2013/08/21 07:53:05 POST /v1.4/containers/6d9fef14bd1a/start 2013/08/21 07:53:05 POST /v1.4/containers/6d9fef14bd1a/attach?logs=1&stderr=1&stdout=1&stream=1 Loaded plugins: fastestmirror Error: Cannot retrieve repository metadata (repomd.xml) for repository: base. Please verify its path and try again Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=6&arch=x86_64&repo=os error was 14: PYCURL ERROR 6 - "Couldn't resolve host 'mirrorlist.centos.org'"
可以执行下面的命令来重置docker的运行环境,从而解决上述问题。
pkill docker iptables -t nat -F ifconfig docker0 down brctl delbr docker0 docker -d
感谢sciurus在创建kernel-ml-aufs的相关文件时付出的辛勤工作。
