docker run源码分析(二)之Docker daemon--container start

最新推荐文章于 2024-06-04 07:36:54 发布
最新推荐文章于 2024-06-04 07:36:54 发布
阅读量1.9k 收藏
点赞数
分类专栏: Docker 文章标签: docker docker run docker user
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/goose_flesh/article/details/83895585
版权

上一篇咱们简单的分析了docker run命令在Docker daemon中的create实现,接下来咱们开始start的分析。源码基于Docker-ce17.09

1、daemon端对container start的处理,即 r.postContainersStart() 函数。

1.1、流程:

1.2、源码:postContainerStart()函数

func (s *containerRouter) postContainersStart(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {

	version := httputils.VersionFromContext(ctx)
	//获取hostConfig配置信息
	var hostConfig *container.HostConfig
	// A non-nil json object is at least 7 characters.
	//非nil 的json对象至少为7个字符。一系列检查
	if r.ContentLength > 7 || r.ContentLength == -1 {
		if versions.GreaterThanOrEqualTo(version, "1.24") {
			return bodyOnStartError{}
		}
		if err := httputils.CheckForJSON(r); err != nil {
			return err
		}
		c, err := s.decoder.DecodeHostConfig(r.Body)
		if err != nil {
			return err
		}
		hostConfig = c
	}
	//解析form表单
	if err := httputils.ParseForm(r); err != nil {
		return err
	}
	//获得与键关联的值
	checkpoint := r.Form.Get("checkpoint")
	checkpointDir := r.Form.Get("checkpoint-dir")
	//调用ContainerStart进一步启动容器,下面详细分析
	if err := s.backend.ContainerStart(vars["name"], hostConfig, checkpoint, checkpointDir); err != nil {
		return err
	}

	w.WriteHeader(http.StatusNoContent)
	return nil
}

1.3、源码: backend.ContainerStart()函数 和  ContainerStart()函数

// ContainerStart starts a container.
func (daemon *Daemon) ContainerStart(name string, hostConfig *containertypes.HostConfig, checkpoint string, checkpointDir string) error {
	if checkpoint != "" && !daemon.HasExperimental() {
		return validationError{errors.New("checkpoint is only supported in experimental mode")}
	}
	//可以根据全容器ID、容器名、容器ID前缀获取容器对象
	container, err := daemon.GetContainer(name)
	if err != nil {
		return err
	}

	//调用containerStart进一步启动容器,下面详细分析
	if err := daemon.containerStart(container, checkpoint, checkpointDir, true); err != nil {
		return err
	}
	return nil
}

下面的containerStart()  没看懂,再补充

// containerStart prepares the container to run by setting up everything the
// container needs, such as storage and networking, as well as links
// between containers. The container is left waiting for a signal to
// begin running.
func (daemon *Daemon) containerStart(container *container.Container, checkpoint string, checkpointDir string, resetRestartManager bool) (err error) {
	start := time.Now()
	container.Lock()
	defer container.Unlock()

	if resetRestartManager && container.Running { // skip this check if already in restarting step and resetRestartManager==false
		return nil
	}

	if container.RemovalInProgress || container.Dead {
		return stateConflictError{errors.New("container is marked for removal and cannot be started")}
	}

	// if we encounter an error during start we need to ensure that any other
	// setup has been cleaned up properly
	defer func() {
		if err != nil {
			container.SetError(err)
			// if no one else has set it, make sure we don't leave it at zero
			if container.ExitCode() == 0 {
				container.SetExitCode(128)
			}
			if err := container.CheckpointTo(daemon.containersReplica); err != nil {
				logrus.Errorf("%s: failed saving state on start failure: %v", container.ID, err)
			}
			container.Reset(false)

			daemon.Cleanup(container)
			// if containers AutoRemove flag is set, remove it after clean up
			if container.HostConfig.AutoRemove {
				container.Unlock()
				if err := daemon.ContainerRm(container.ID, &types.ContainerRmConfig{ForceRemove: true, RemoveVolume: true}); err != nil {
					logrus.Errorf("can't remove container %s: %v", container.ID, err)
				}
				container.Lock()
			}
		}
	}()

	if err := daemon.conditionalMountOnStart(container); err != nil {
		return err
	}

	if err := daemon.initializeNetworking(container); err != nil {
		return err
	}

	spec, err := daemon.createSpec(container)
	if err != nil {
		return systemError{err}
	}

	createOptions, err := daemon.getLibcontainerdCreateOptions(container)
	if err != nil {
		return err
	}

	if resetRestartManager {
		container.ResetRestartManager(true)
	}

	if checkpointDir == "" {
		checkpointDir = container.CheckpointDir()
	}

	if daemon.saveApparmorConfig(container); err != nil {
		return err
	}

	if err := daemon.containerd.Create(container.ID, checkpoint, checkpointDir, *spec, container.InitializeStdio, createOptions...); err != nil {
		return translateContainerdStartErr(container.Path, container.SetExitCode, err)

	}

	containerActions.WithValues("start").UpdateSince(start)

	return nil
}

1.4、daemon.containerd.Create()中的Create是在client 接口里面,client提供对容器功能的访问。下面分析Create()函数 ,位置

func (clnt *client) Create(containerID string, checkpoint string, checkpointDir string, spec specs.Spec, attachStdio StdioCallback, options ...CreateOption) (err error) {
	clnt.lock(containerID)
	defer clnt.unlock(containerID)

	if _, err := clnt.getContainer(containerID); err == nil {
		return fmt.Errorf("Container %s is already active", containerID)
	}

	uid, gid, err := getRootIDs(spec)
	if err != nil {
		return err
	}
	dir, err := clnt.prepareBundleDir(uid, gid)
	if err != nil {
		return err
	}
	//生成一个libcontainerd.container对象
	container := clnt.newContainer(filepath.Join(dir, containerID), options...)
	if err := container.clean(); err != nil {
		return err
	}

	defer func() {
		if err != nil {
			container.clean()
			clnt.deleteContainer(containerID)
		}
	}()
	//创建目录
	if err := idtools.MkdirAllAndChown(container.dir, 0700, idtools.IDPair{uid, gid}); err != nil && !os.IsExist(err) {
		return err
	}
	//生成文件config.json
	f, err := os.Create(filepath.Join(container.dir, configFilename))
	if err != nil {
		return err
	}
	defer f.Close()
	if err := json.NewEncoder(f).Encode(spec); err != nil {
		return err
	}
	//调用container.start()进一步启动container
	return container.start(&spec, checkpoint, checkpointDir, attachStdio)
}

1.5、分析:container.start()

该函数主要功能是发送CreateContainerRequest RPC请求给 docker-containerd。(不明白)

func (ctr *container) start(spec *specs.Spec, checkpoint, checkpointDir string, attachStdio StdioCallback) (err error) {
	ctx, cancel := context.WithCancel(context.Background())
	defer cancel()
	ready := make(chan struct{})

	fifoCtx, cancel := context.WithCancel(context.Background())
	defer func() {
		if err != nil {
			cancel()
		}
	}()

	iopipe, err := ctr.openFifos(fifoCtx, spec.Process.Terminal)
	if err != nil {
		return err
	}

	var stdinOnce sync.Once

	// we need to delay stdin closure after container start or else "stdin close"
	// event will be rejected by containerd.
	// stdin closure happens in attachStdio
	stdin := iopipe.Stdin
	iopipe.Stdin = ioutils.NewWriteCloserWrapper(stdin, func() error {
		var err error
		stdinOnce.Do(func() { // on error from attach we don't know if stdin was already closed
			err = stdin.Close()
			go func() {
				select {
				case <-ready:
				case <-ctx.Done():
				}
				select {
				case <-ready:
					if err := ctr.sendCloseStdin(); err != nil {
						logrus.Warnf("failed to close stdin: %+v", err)
					}
				default:
				}
			}()
		})
		return err
	})
	//CreateContainerRequest对象,应该是保存一些容器信息给libcontainer start时使用
	r := &containerd.CreateContainerRequest{
		Id:            ctr.containerID,
		BundlePath:    ctr.dir,
		Stdin:         ctr.fifo(unix.Stdin),
		Stdout:        ctr.fifo(unix.Stdout),
		Stderr:        ctr.fifo(unix.Stderr),
		Checkpoint:    checkpoint,
		CheckpointDir: checkpointDir,
		// check to see if we are running in ramdisk to disable pivot root
		NoPivotRoot: os.Getenv("DOCKER_RAMDISK") != "",
		Runtime:     ctr.runtime,
		RuntimeArgs: ctr.runtimeArgs,
	}
	ctr.client.appendContainer(ctr)

	if err := attachStdio(*iopipe); err != nil {
		ctr.closeFifos(iopipe)
		return err
	}
	//发送CreateContainerRequest RPC请求给docker containerd(不懂)
	resp, err := ctr.client.remote.apiClient.CreateContainer(context.Background(), r)
	if err != nil {
		ctr.closeFifos(iopipe)
		return err
	}
	ctr.systemPid = systemPid(resp.Container)
	close(ready)

	return ctr.client.backend.StateChanged(ctr.containerID, StateInfo{
		CommonStateInfo: CommonStateInfo{
			State: StateStart,
			Pid:   ctr.systemPid,
		}})

}

参考:

        https://guanjunjian.github.io/2017/09/28/study-5-docker-5-postContainersStart/

       《Docker源码分析》

        百度网盘:链接: https://pan.baidu.com/s/1m5AqgfZKvPRu2BcmWz-WxA 提取码: wjrj 

 

 

 

goose_flesh
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
如何删除Dead状态的container
weixin_30606669的博客
05-24 139
删除Dead状态的container: Error response from daemon: Driver devicemapper failed to remove root filesystem ebbd42547ae4f4059e70740d363edc766f0b79a102d18724787ee44f2d34f161: Device is Busy>> docker ps...
使用 docker Compose 出现Starting rmqnamesrv ... error
acan88的博客
08-25 1947
ERROR: for rmqnamesrv Cannot start service rmqnamesrv: container is marked for removal and cannot be started ERROR: for rmqnamesrv Cannot start service rmqnamesrv: container is marked for removal and cannot be started ERROR: Encountered errors while brin
container is marked for removal and cannot be started容器提示这个怎么解决
最新发布
qq_33192454的博客
06-04 328
这个错误通常表示容器被标记为待删除状态,因此无法启动。这可能是由于容器已经处于停止状态,并且被标记为删除,或者在删除过程中遇到了一些问题。如果容器删除过程中遇到问题,可能需要查看并解决这些问题。查看容器的日志可能会提供有关删除失败的更多信息,您可以根据这些信息采取相应的措施。如果以上方法无法解决问题,可能需要进一步检查容器的状态并采取适当的行动。尝试停止容器并删除它,然后重新启动该容器。或者,根据您的操作系统,使用适当的命令重启 Docker 服务。
Docker基础之container start命令
m0_43405302的博客
11-27 2897
一、postContainersStart daemon的路由定义如下: router.NewPostRoute("/containers/{name:.*}/start", r.postContainersStart), 查看handler函数postContainersStart得知,postContainersStart的执行步骤如下: 1、 解析request 2、调用daemon启动ContainerStart()、s.backend.ContainerStart(vars[“name”], h
找回停掉docker的文件
weixin_34235105的博客
12-04 2111
如果容器还能重启,就restart, 如果状态是DEAD的话, Error response from daemon: Container is marked for removal and cannot be started.  Error response from daemon: Cannot restart container eaa7b3b95d50: Contain...
Blockchain Hyperledger Fabric — 问题和解决方案
姽婳一方
12-30 3118
外网看到了一个关于fabric网络搭建遇到问题的好文,搬运过来 Blockchain Hyperledger Fabric — Errors & Solutions Hello, In this article I wanted to share some of the errors you might face & the possible solutions. please n...
Docker源码分析--DockerDaemon的启动
03-03
本文将从源码的角度分析Docker的启动,主要是作为一个daemon进程的启动。在这之前,需要先清晰Docker内部最主要的几个概念:Daemon,Engine以及Job。Daemon可以认为是Docker守护进程的载体。从源码的视角来看,...
docker离线资源(包含container-selinux-2.9-4).rar
02-21
docker安装部署依赖包container-selinux-2.9-4.el7.noarch.rpm,yum资源无法下载。
docker-node-container:Docker实验室
05-15
您可以将此代码与Docker中的容器一起使用节点服务器说明: - redis-server (this will raise the redis db)- npm start (this will raise the node server in the port 5000)docker-compose的说明容器设置为使用此...
nginx-docker-container:nginx docker容器
01-31
nginx-docker-container:nginx docker容器
docker进入容器报:Error response from daemon Container is not running
热门推荐
m0_67391401的博客
08-14 3万+
1.如果需要设置docker中MySQL自启,使用命令:docker update mysql --restart=always 容器id;3.然后即可使用命令:docker exec -it 容器id /bin/bash进入docker容器。docker cp 容器id:/etc/mysql/my.cnf /opt。2.使用命令:docker start 容器id,启动docker容器。docker /opt/my.cnf 容器id:/etc/mysql。使用命令:vi /opt/my.cnf。...
深入理解Docker容器和镜像
ianlyianly的专栏
03-16 1957
这篇文章希望能够帮助读者深入理解Docker的命令,还有容器(container)和镜像(image)之间的区别,并深入探讨容器和运行中的容器之间的区别。 当我对Docker技术还是一知半解的时候,我发现理解Docker的命令非常困难。于是,我花了几周的时间来学习Docker的工作原理,更确切地说,是关于Docker统一文件系统(the union file system)的
docker启动出现Error response from daemon: Cannot restart container的报错
一起加油吧
11-22 3万+
Error response from daemon: Cannot restart container 容器id: driver failed programming external connectivity on endpoint 容器名 (容器id): (iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 8080 -j DNAT --to-destination 172.17.0.2:8080 ! -i d
docker run 命令详解(新手入门必备)
m0_67391121的博客
09-01 1万+
如果你的容器启动会打印日志,那边加-d选项在终端就看不到了,需要用docker logs -f 容器ID查看。这种模式下容器对docker宿主机拥有root访问权限,允许我们以其宿主机具有(几乎)所有能力来运行容器,包括一些内核特性和设备访问,端口映射,前面为宿主机的端口,后面为容器服务进程端口,访问宿主机的80,最终会转发给容器的80端口,实现方式为iptables。默认情况下,container拥有对设备的读,写,创建设备文件的权限。增加主机的一个设备到容器,也就是让容器拥有访问这个设备的权限。...
docker 源码分析 六(基于1.8.2版本),Docker run启动过程
dingmu2707的博客
01-29 377
上一篇大致了解了docker 容器的创建过程,其实主要还是从文件系统的视角分析了创建一个容器时需要得建立 RootFS,建立volumes等步骤;本章来分析一下建立好一个容器后,将这个容器运行起来的过程, 本章主要分析一下 docker deamon端的实现方法;根据前面几章的介绍可以容易找到,客户端的实现代码在api/client/run.go中,大体步骤是首先通过上一篇文章中的cr...
Docker速查笔记
白话屋
11-02 293
准备 查看目前centos版本 rpm -q centos-release 打开官方文档 https://docs.docker.com/engine/install/centos/#install-using-the-repository 安装 根据官方文档安装docker 官方文档 修改镜像 需要登录阿里云开发者平台,具体操作看这一篇博客 容器镜像服务地址 ...
docker错误:Error response from daemon: cannot stop container
qq_28719743的博客
04-04 2万+
今天在停止一个docker容器的时候,报了一个错误,错误内容如下: Error response from daemon: cannot stop container: d3ddf33c1450: Cannot kill container d3ddf33c14505241a71f6f23d74bab3156047d1b0de72f61ea872ec29bd4a87a: unknown error...
docker: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?. See 'docker run --help'.
03-28
This error message indicates that the Docker daemon is not running on your system, or that the Docker client is unable to connect to it. To resolve this issue, you can try the following steps: 1. Start the Docker daemon: You can do this by running the command `sudo systemctl start docker` on Linux or `docker run hello-world` on Windows or macOS. This will start the Docker daemon and allow the Docker client to connect to it. 2. Check if the Docker daemon is running: You can run the command `sudo systemctl status docker` on Linux or `docker ps` on Windows or macOS to check if the Docker daemon is running. If it is not running, you will need to start it as described in step 1. 3. Check Docker socket permissions: Ensure that the Docker socket file (/var/run/docker.sock) has the correct permissions. You can run the command `ls -l /var/run/docker.sock` to check the permissions. The owner should be root and the group should be docker. If the permissions are incorrect, you can change them by running the command `sudo chown root:docker /var/run/docker.sock`. 4. Check if Docker is installed: If you have recently installed Docker, make sure that it is installed correctly. You can run the command `docker version` to check if Docker is installed and running correctly. 5. Check if Docker is running in a container: If you are running Docker in a container, make sure that the container is running and that the Docker daemon is started within the container. If none of these steps resolve your issue, you may need to refer to the Docker documentation or seek assistance from the Docker community.

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值