docker学习（九）docker 调试

cliffordl

已于 2024-09-26 14:39:19 修改

阅读量731

点赞数

分类专栏： docker 文章标签： docker 学习容器

于 2023-07-03 14:16:19 首次发布

本文链接：https://blog.csdn.net/cliffordl/article/details/131514339

版权

docker 专栏收录该内容

9 篇文章 3 订阅

订阅专栏

docker学习（一）docker 概述
 docker学习（二）docker 安装部署
 docker学习（三）常用命令
 docker学习（四）使用 commit 制作镜像
 docker学习（五）使用 Dockerfile 制作镜像
 docker学习（六）卷 Volume
docker学习（七）docker daemon
docker学习（八）HTTP/HTTPS 代理
 docker学习（九）docker 调试
 docker学习（十）docker 持久化存储

1.Docker 日志

常用操作系统中Docker守护进程日志的位置：
RHEL、Oracle Linux：/var/log/messages。
Debian：/var/log/daemon.log。
Ubuntu 14.10：/var/log/upstart/docker.log。
macOS（Docker 18.01及以上版本）：~/Library/Containers/com.docker.docker/Data/vms/0/console-ring。
macOS（Docker <18.01）：~/Library/Containers/com.docker.docker/Data/com.docker. driver.amd64-linux/console-ring。
Windows：AppData\Local。
使用systemctl的linux系统查看Docker守护进程日志：

[test@localhost ~]$ sudo journalctl -u docker.service
-- Logs begin at 一 2023-07-03 08:34:45 CST, end at 一 2023-07-03 11:00:31 CST. --
7月 03 08:35:18 localhost.localdomain systemd[1]: Starting Docker Application Container Engine...
7月 03 08:35:18 localhost.localdomain dockerd[3779]: time="2023-07-03T08:35:18.831377513+08:00" level=info msg="Starting up"
7月 03 08:35:18 localhost.localdomain dockerd[3779]: time="2023-07-03T08:35:18.832222414+08:00" level=warning msg="Binding to IP address without --tlsverify is insecure and gives root access on this machine to everyone 
7月 03 08:35:18 localhost.localdomain dockerd[3779]: time="2023-07-03T08:35:18.832280598+08:00" level=warning msg="Binding to an IP address, even on localhost, can also give access to scripts run in a browser. Be safe o
7月 03 08:35:19 localhost.localdomain dockerd[3779]: time="2023-07-03T08:35:19.833136704+08:00" level=warning msg="Binding to an IP address without --tlsverify is deprecated. Startup is intentionally being slowed down t
7月 03 08:35:19 localhost.localdomain dockerd[3779]: time="2023-07-03T08:35:19.833263451+08:00" level=warning msg="Please consider generating tls certificates with client validation to prevent exposing unauthenticated r
7月 03 08:35:19 localhost.localdomain dockerd[3779]: time="2023-07-03T08:35:19.833300931+08:00" level=warning msg="You can override this by explicitly specifying '--tls=false' or '--tlsverify=false'" host="tcp://0.0.0.0
7月 03 08:35:19 localhost.localdomain dockerd[3779]: time="2023-07-03T08:35:19.833325135+08:00" level=warning msg="Support for listening on TCP without authentication or explicit intent to run without authentication wil
7月 03 08:35:34 localhost.localdomain dockerd[3779]: time="2023-07-03T08:35:34.843915112+08:00" level=info msg="parsed scheme: \"unix\"" module=grpc
7月 03 08:35:34 localhost.localdomain dockerd[3779]: time="2023-07-03T08:35:34.843991859+08:00" level=info msg="scheme \"unix\" not registered, fallback to default scheme" module=grpc
7月 03 08:35:34 localhost.localdomain dockerd[3779]: time="2023-07-03T08:35:34.844051220+08:00" level=info msg="ccResolverWrapper: sending update to cc: {[{unix:///run/containerd/containerd.sock  <nil> 0 <nil>}] <nil> <
7月 03 08:35:34 localhost.localdomain dockerd[3779]: time="2023-07-03T08:35:34.844084253+08:00" level=info msg="ClientConn switching balancer to \"pick_first\"" module=grpc
7月 03 08:35:34 localhost.localdomain dockerd[3779]: time="2023-07-03T08:35:34.849359605+08:00" level=info msg="parsed scheme: \"unix\"" module=grpc
7月 03 08:35:34 localhost.localdomain dockerd[3779]: time="2023-07-03T08:35:34.849409736+08:00" level=info msg="scheme \"unix\" not registered, fallback to default scheme" module=grpc
7月 03 08:35:34 localhost.localdomain dockerd[3779]: time="2023-07-03T08:35:34.849452356+08:00" level=info msg="ccResolverWrapper: sending update to cc: {[{unix:///run/containerd/containerd.sock  <nil> 0 <nil>}] <nil> <
7月 03 08:35:34 localhost.localdomain dockerd[3779]: time="2023-07-03T08:35:34.849476301+08:00" level=info msg="ClientConn switching balancer to \"pick_first\"" module=grpc
7月 03 08:35:34 localhost.localdomain dockerd[3779]: time="2023-07-03T08:35:34.883485121+08:00" level=info msg="[graphdriver] using prior storage driver: overlay2"
7月 03 08:35:35 localhost.localdomain dockerd[3779]: time="2023-07-03T08:35:35.003155926+08:00" level=info msg="Loading containers: start."
7月 03 08:35:35 localhost.localdomain dockerd[3779]: time="2023-07-03T08:35:35.217361543+08:00" level=info msg="Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip can be used to s
7月 03 08:35:35 localhost.localdomain dockerd[3779]: time="2023-07-03T08:35:35.284347936+08:00" level=info msg="Loading containers: done."
7月 03 08:35:35 localhost.localdomain dockerd[3779]: time="2023-07-03T08:35:35.383056576+08:00" level=info msg="Docker daemon" commit=eeddea2 graphdriver(s)=overlay2 version=20.10.0
......

使用sudo tailf /var/log/messages也可以查看日志。

2.Docker 调试模式

方法一：在daemon.json文件中将debug键值设置为true。

[test@localhost ~]# sudo vim /etc/docker/daemon.json
{
  "registry-mirrors": ["https://nxwgbmaq.mirror.aliyuncs.com"],
  "debug":true
}

方式二：直接停止Docker守护进程，并使用-D 调试选项手动重新启动

[test@localhost ~]$ sudo systemctl stop docker 
Warning: Stopping docker.service, but it can still be activated by:
  docker.socket
[test@localhost ~]$ sudo dockerd -D
INFO[2023-07-03T11:08:37.281255069+08:00] Starting up                                  
WARN[2023-07-03T11:08:37.281696387+08:00] Binding to IP address without --tlsverify is insecure and gives root access on this machine to everyone who has access to your network.  host="tcp://0.0.0.0:5678"
WARN[2023-07-03T11:08:37.281728844+08:00] Binding to an IP address, even on localhost, can also give access to scripts run in a browser. Be safe out there!  host="tcp://0.0.0.0:5678"
WARN[2023-07-03T11:08:38.284159553+08:00] Binding to an IP address without --tlsverify is deprecated. Startup is intentionally being slowed down to show this message  host="tcp://0.0.0.0:5678"
WARN[2023-07-03T11:08:38.284202173+08:00] Please consider generating tls certificates with client validation to prevent exposing unauthenticated root access to your network  host="tcp://0.0.0.0:5678"
WARN[2023-07-03T11:08:38.284222240+08:00] You can override this by explicitly specifying '--tls=false' or '--tlsverify=false'  host="tcp://0.0.0.0:5678"
WARN[2023-07-03T11:08:38.284256453+08:00] Support for listening on TCP without authentication or explicit intent to run without authentication will be removed in the next release  host="tcp://0.0.0.0:5678"

第二种方式可能会导致 Docker 在不同于主机启动脚本创建的环境中重新启动，使调试更加困难。

3.自定义 Docker 守护进程选项

daemon.json文件可以用来配置几乎所有的守护进程配置选项。
案例：运行时目录和存储驱动的配置

[test@localhost ~]# sudo vim /etc/docker/daemon.json
{
  "registry-mirrors":["https://nxwgbmaq.mirror.aliyuncs.com"],
  "data-root":"/mnt/docker-data",
  "storage-driver":"overlay"
}