|
Docker.io is the lightweight "container engine + image repository" built on top of LXC (linux lightweight containers) to ship any application.
At the core of there are
an application "/usr/bin/docker" set of pre-created operating-system/application images hosted with "" AUFS (Another Union filesystem) to take care of snapshots, diffs, ro/rw requirements LXC (Linux lightweight containers) cgroups (for resource management and namespacing)
As of writing this blog, the latest version is 0.5.3 . The project is actively being developed and things can change in near future.
譯者信息
 譯者信息
Docker.io 是輕量級(jí)的“容器引擎+映像倉庫”,在LXC(linux輕量級(jí)容器)的基礎(chǔ)上構(gòu)建�,可以運(yùn)行任何應(yīng)用程序��。
的核心層由以下幾個(gè)部分組成:
1、可執(zhí)行程序���,“/usr/bin/docker”
2��、網(wǎng)站上有一系列創(chuàng)建好的操作系統(tǒng)和應(yīng)用程序映像
3��、AUFS(另一個(gè)統(tǒng)一文件系統(tǒng))來實(shí)現(xiàn)文件系統(tǒng)的快照����,文件變化��,控制只讀或讀寫的需求���。
4��、LXC(Linux輕量級(jí)容器)
5���、Cgroups(各種資源和命名空間的管理)
在本文寫作的時(shí)候���,最新版本是0.5.3,但目前開發(fā)很活躍�����,一些功能和特性可能在新版本中會(huì)發(fā)生變化����。
Follow these instructions to get installed on your system.
0. Install centos 6.x
1. Disable selinux as it interferes with functionality of LXC
[root@localhost ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
2. Download and setup Fedora EPEL Repository
sudo yum install http://ftp./Linux/fedora/epel/6/i386/epel-release-6-8.noarch.rpm
3. Setup repository
cd /etc/yum.repos.d
sudo wget http://www./yum/el6/hop5.repo
4. Install docker-io package
[root@localhost ~]# yum install docker-io
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
* base: centos.excellmedia.net
* epel: kartolo.sby.datautama.net.id
* extras: centos.excellmedia.net
* updates: centos.excellmedia.net
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package docker-io.x86_64 0:0.5.3-4.el6 will be installed
--> Processing Dependency: lxc >= 0.8.0 for package: docker-io-0.5.3-4.el6.x86_64
--> Processing Dependency: kernel-ml-aufs >= 3.10.5 for package: docker-io-0.5.3-4.el6.x86_64
--> Running transaction check
---> Package kernel-ml-aufs.x86_64 0:3.10.5-3.el6 will be installed
---> Package lxc.x86_64 0:0.8.0-3.el6 will be installed
--> Processing Dependency: liblxc.so.0()(64bit) for package: lxc-0.8.0-3.el6.x86_64
--> Running transaction check
---> Package lxc-libs.x86_64 0:0.8.0-3.el6 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
============================================================================================
Package Arch Version Repository Size
============================================================================================
Installing:
docker-io x86_64 0.5.3-4.el6 hop5 1.2 M
Installing for dependencies:
kernel-ml-aufs x86_64 3.10.5-3.el6 hop5 33 M
lxc x86_64 0.8.0-3.el6 hop5 81 k
lxc-libs x86_64 0.8.0-3.el6 hop5 75 k
Transaction Summary
============================================================================================
Install 4 Package(s)
Total download size: 34 M
Installed size: 159 M
Is this ok [y/N]: y
Downloading Packages:
(1/4): docker-io-0.5.3-4.el6.x86_64.rpm | 1.2 MB 00:03
(2/4): kernel-ml-aufs-3.10.5-3.el6.x86_64.rpm | 33 MB 00:33
(3/4): lxc-0.8.0-3.el6.x86_64.rpm | 81 kB 00:00
(4/4): lxc-libs-0.8.0-3.el6.x86_64.rpm | 75 kB 00:00
--------------------------------------------------------------------------------------------
Total 896 kB/s | 34 MB 00:39
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : lxc-libs-0.8.0-3.el6.x86_64 1/4
Installing : lxc-0.8.0-3.el6.x86_64 2/4
Installing : kernel-ml-aufs-3.10.5-3.el6.x86_64 3/4
Installing : docker-io-0.5.3-4.el6.x86_64 4/4
Verifying : kernel-ml-aufs-3.10.5-3.el6.x86_64 1/4
Verifying : lxc-0.8.0-3.el6.x86_64 2/4
Verifying : lxc-libs-0.8.0-3.el6.x86_64 3/4
Verifying : docker-io-0.5.3-4.el6.x86_64 4/4
Installed:
docker-io.x86_64 0:0.5.3-4.el6
Dependency Installed:
kernel-ml-aufs.x86_64 0:3.10.5-3.el6 lxc.x86_64 0:0.8.0-3.el6
lxc-libs.x86_64 0:0.8.0-3.el6
Complete!
[root@localhost ~]#
5. See the package is installed correctly
[root@localhost ~]# docker -h
Usage of docker:
-D=false: Debug mode
-H=[unix:///var/run/docker.sock]: tcp://host:port to bind/connect to or unix://path/to/socket to use
-api-enable-cors=false: Enable CORS requests in the remote api.
-b="": Attach containers to a pre-existing network bridge. Use 'none' to disable container networking
-d=false: Daemon mode
-dns="": Set custom dns servers
-g="/var/lib/docker": Path to graph storage base dir.
-p="/var/run/docker.pid": File containing process PID
-r=false: Restart previously running containers
6. Add cgroup filesystem to /etc/fstab , so that docker will work correctly
[root@localhost ~]# echo "none /sys/fs/cgroup cgroup defaults 0 0" >> /etc/fstab
[root@localhost ~]# mount /sys/fs/cgroup
Per "Peter Zimmerman" a reboot is needed to actually mount /sys/fs/cgroup (due to the kernel doesn't have cgroup support). So, the above mount step is not really needed. As its used only upon reboot.
譯者信息
譯者信息
按下面的步驟安裝:
0、安裝centos6.x
1���、因?yàn)閟elinux和LXC有沖突����,所以需要禁用
[root@localhost ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
2���、配置Fedora EPEL 源
sudo yum install http://ftp./Linux/fedora/epel/6/i386/epel-release-6-8.noarch.rpm
3���、配置源
cd /etc/yum.repos.d
sudo wget http://www./yum/el6/hop5.repo
4、安裝docker-io
[root@localhost ~]# yum install docker-io
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
* base: centos.excellmedia.net
* epel: kartolo.sby.datautama.net.id
* extras: centos.excellmedia.net
* updates: centos.excellmedia.net
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package docker-io.x86_64 0:0.5.3-4.el6 will be installed
--> Processing Dependency: lxc >= 0.8.0 for package: docker-io-0.5.3-4.el6.x86_64
--> Processing Dependency: kernel-ml-aufs >= 3.10.5 for package: docker-io-0.5.3-4.el6.x86_64
--> Running transaction check
---> Package kernel-ml-aufs.x86_64 0:3.10.5-3.el6 will be installed
---> Package lxc.x86_64 0:0.8.0-3.el6 will be installed
--> Processing Dependency: liblxc.so.0()(64bit) for package: lxc-0.8.0-3.el6.x86_64
--> Running transaction check
---> Package lxc-libs.x86_64 0:0.8.0-3.el6 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
============================================================================================
Package Arch Version Repository Size
============================================================================================
Installing:
docker-io x86_64 0.5.3-4.el6 hop5 1.2 M
Installing for dependencies:
kernel-ml-aufs x86_64 3.10.5-3.el6 hop5 33 M
lxc x86_64 0.8.0-3.el6 hop5 81 k
lxc-libs x86_64 0.8.0-3.el6 hop5 75 k
Transaction Summary
============================================================================================
Install 4 Package(s)
Total download size: 34 M
Installed size: 159 M
Is this ok [y/N]: y
Downloading Packages:
(1/4): docker-io-0.5.3-4.el6.x86_64.rpm | 1.2 MB 00:03
(2/4): kernel-ml-aufs-3.10.5-3.el6.x86_64.rpm | 33 MB 00:33
(3/4): lxc-0.8.0-3.el6.x86_64.rpm | 81 kB 00:00
(4/4): lxc-libs-0.8.0-3.el6.x86_64.rpm | 75 kB 00:00
--------------------------------------------------------------------------------------------
Total 896 kB/s | 34 MB 00:39
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : lxc-libs-0.8.0-3.el6.x86_64 1/4
Installing : lxc-0.8.0-3.el6.x86_64 2/4
Installing : kernel-ml-aufs-3.10.5-3.el6.x86_64 3/4
Installing : docker-io-0.5.3-4.el6.x86_64 4/4
Verifying : kernel-ml-aufs-3.10.5-3.el6.x86_64 1/4
Verifying : lxc-0.8.0-3.el6.x86_64 2/4
Verifying : lxc-libs-0.8.0-3.el6.x86_64 3/4
Verifying : docker-io-0.5.3-4.el6.x86_64 4/4
Installed:
docker-io.x86_64 0:0.5.3-4.el6
Dependency Installed:
kernel-ml-aufs.x86_64 0:3.10.5-3.el6 lxc.x86_64 0:0.8.0-3.el6
lxc-libs.x86_64 0:0.8.0-3.el6
Complete!
[root@localhost ~]#
5�����、檢查安裝情況
[root@localhost ~]# docker -h
Usage of docker:
-D=false: Debug mode
-H=[unix:///var/run/docker.sock]: tcp://host:port to bind/connect to or unix://path/to/socket to use
-api-enable-cors=false: Enable CORS requests in the remote api.
-b="": Attach containers to a pre-existing network bridge. Use 'none' to disable container networking
-d=false: Daemon mode
-dns="": Set custom dns servers
-g="/var/lib/docker": Path to graph storage base dir.
-p="/var/run/docker.pid": File containing process PID
-r=false: Restart previously running containers
6、要想docker正常運(yùn)行還需要在/etc/fstab里增加cgroup文件系統(tǒng)
[root@localhost ~]# echo "none /sys/fs/cgroup cgroup defaults 0 0" >> /etc/fstab
[root@localhost ~]# mount /sys/fs/cgroup
只有重新啟動(dòng)才能掛載/sys/fs/cgroup(因?yàn)楫?dāng)前運(yùn)行的內(nèi)核不支持cgroup)����,所以上面掛載的命令也可以不執(zhí)行,但系統(tǒng)需要重新啟動(dòng)��。
7. Reboot the system ; make sure to select "3.10.5-3.el6.x86_64" kernel version while booting.
8. Once system is up and running, make sure you are on right kernel
[root@localhost ~]# uname -r
3.10.5-3.el6.x86_64
[root@localhost ~]# grep aufs /proc/filesystems
nodev aufs
9. Start the in daemon mode (in a different terminal)
[root@localhost ~]# docker -d
2013/08/21 07:47:07 WARNING: Your kernel does not support cgroup swap limit.
2013/08/21 07:47:07 Listening for HTTP on /var/run/docker.sock (unix)
10. Print hello world from a centos 6.4 container.
[root@localhost ~]# docker run centos:6.4 echo "hello world"
2013/08/21 07:48:41 POST /v1.4/containers/create
2013/08/21 07:48:41 POST /v1.4/containers/c6bc9e80097e/start
2013/08/21 07:48:41 POST /v1.4/containers/c6bc9e80097e/attach?logs=1&stderr=1&stdout=1&stream=1
hello world
11. Ping from inside the container
[root@localhost ~]# docker -dns '8.8.8.8' run centos:6.4 ping -c 3 yahoo.com
2013/08/21 08:02:15 POST /v1.4/containers/create
2013/08/21 08:02:15 POST /v1.4/containers/c40a1244f9bc/start
2013/08/21 08:02:15 POST /v1.4/containers/c40a1244f9bc/attach?logs=1&stderr=1&stdout=1&stream=1
PING yahoo.com (98.138.253.109) 56(84) bytes of data.
64 bytes from ir1.fp.vip.ne1.yahoo.com (98.138.253.109): icmp_seq=1 ttl=48 time=323 ms
64 bytes from ir1.fp.vip.ne1.yahoo.com (98.138.253.109): icmp_seq=2 ttl=48 time=329 ms
64 bytes from ir1.fp.vip.ne1.yahoo.com (98.138.253.109): icmp_seq=3 ttl=49 time=302 ms
--- yahoo.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2304ms
rtt min/avg/max/mdev = 302.032/318.318/329.656/11.807 ms
TROUBLESHOOTING
"DNS/Networking Errors inside the docker"
[root@localhost ~]# docker -dns="8.8.8.8" run centos:6.4 yum install hiphop-php
2013/08/21 07:53:05 POST /v1.4/containers/create
2013/08/21 07:53:05 POST /v1.4/containers/6d9fef14bd1a/start
2013/08/21 07:53:05 POST /v1.4/containers/6d9fef14bd1a/attach?logs=1&stderr=1&stdout=1&stream=1
Loaded plugins: fastestmirror
Error: Cannot retrieve repository metadata (repomd.xml) for repository: base. Please verify its path and try again
Could not retrieve mirrorlist http://mirrorlist./?release=6&arch=x86_64&repo=os error was
14: PYCURL ERROR 6 - "Couldn't resolve host 'mirrorlist.'"
Please issue the following commands, so that docker and its environment will be reset and above issue will be taken care of.
pkill docker
iptables -t nat -F
ifconfig docker0 down
brctl delbr docker0
docker -d
CREDITS: Thanks to sciurus for doing the hardwork in creating the spec file for kernel-ml-aufs.
譯者信息
譯者信息
7���、重啟系統(tǒng),選擇“3.10.5-3.el6.x86_64”內(nèi)核
8�����、系統(tǒng)啟動(dòng)后�����,確認(rèn)當(dāng)前運(yùn)行的內(nèi)核
[root@localhost ~]# uname -r
3.10.5-3.el6.x86_64
[root@localhost ~]# grep aufs /proc/filesystems
nodev aufs
9�����、以守護(hù)模式運(yùn)行(在一個(gè)新的終端里)
[root@localhost ~]# docker -d
2013/08/21 07:47:07 WARNING: Your kernel does not support cgroup swap limit.
2013/08/21 07:47:07 Listening for HTTP on /var/run/docker.sock (unix)
10�����、在centos6.4容器里輸出hello world
[root@localhost ~]# docker run centos:6.4 echo "hello world"
2013/08/21 07:48:41 POST /v1.4/containers/create
2013/08/21 07:48:41 POST /v1.4/containers/c6bc9e80097e/start
2013/08/21 07:48:41 POST /v1.4/containers/c6bc9e80097e/attach?logs=1&stderr=1&stdout=1&stream=1
hello world
11、從容器里測試ping
[root@localhost ~]# docker -dns '8.8.8.8' run centos:6.4 ping -c 3 yahoo.com
2013/08/21 08:02:15 POST /v1.4/containers/create
2013/08/21 08:02:15 POST /v1.4/containers/c40a1244f9bc/start
2013/08/21 08:02:15 POST /v1.4/containers/c40a1244f9bc/attach?logs=1&stderr=1&stdout=1&stream=1
PING yahoo.com (98.138.253.109) 56(84) bytes of data.
64 bytes from ir1.fp.vip.ne1.yahoo.com (98.138.253.109): icmp_seq=1 ttl=48 time=323 ms
64 bytes from ir1.fp.vip.ne1.yahoo.com (98.138.253.109): icmp_seq=2 ttl=48 time=329 ms
64 bytes from ir1.fp.vip.ne1.yahoo.com (98.138.253.109): icmp_seq=3 ttl=49 time=302 ms
--- yahoo.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2304ms
rtt min/avg/max/mdev = 302.032/318.318/329.656/11.807 ms
常見錯(cuò)誤:
"DNS/Networking Errors inside the docker"
[root@localhost ~]# docker -dns="8.8.8.8" run centos:6.4 yum install hiphop-php
2013/08/21 07:53:05 POST /v1.4/containers/create
2013/08/21 07:53:05 POST /v1.4/containers/6d9fef14bd1a/start
2013/08/21 07:53:05 POST /v1.4/containers/6d9fef14bd1a/attach?logs=1&stderr=1&stdout=1&stream=1
Loaded plugins: fastestmirror
Error: Cannot retrieve repository metadata (repomd.xml) for repository: base. Please verify its path and try again
Could not retrieve mirrorlist http://mirrorlist./?release=6&arch=x86_64&repo=os error was
14: PYCURL ERROR 6 - "Couldn't resolve host 'mirrorlist.'"
可以執(zhí)行下面的命令來重置docker的運(yùn)行環(huán)境�,從而解決上述問題。
pkill docker
iptables -t nat -F
ifconfig docker0 down
brctl delbr docker0
docker -d
感謝sciurus在創(chuàng)建kernel-ml-aufs的相關(guān)文件時(shí)付出的辛勤工作�����。
|
