引言
Docker 是一个开源的应用容器引擎,能够让开发者将应用程序及其依赖打包成轻量级、可移植的容器,极大地方便了应用的开发、测试和部署。在麒麟操作系统V10(Kylin OS V10)上安装和使用 Docker,不仅可以享受到容器技术的便利性,还能充分利用麒麟操作系统作为国产自主可控操作系统的优势,确保应用的高效运行和数据安全。本文将详细介绍在麒麟操作系统V10上安装 Docker 的步骤,以及如何运行和管理 Docker 容器。
一、安装docker
以下操作均在root用户下进行
1.1 查看当前操作系统版本
[root@db1 ~]# cat /etc/os-release
NAME="Kylin Linux Advanced Server"
VERSION="V10 (Sword)"
ID="kylin"
VERSION_ID="V10"
PRETTY_NAME="Kylin Linux Advanced Server V10 (Sword)"
ANSI_COLOR="0;31"
1.2 备份yum包
cp /etc/yum.repos.d/kylin_x86_64.repo /etc/yum.repos.d/kylin_x86_64.repo_bak
1.3 下载阿里云yum源配置文件
wget -O /etc/yum.repos.d/aliyun.repo http://mirrors.aliyun.com/repo/Centos-8.repo
1.4 清除缓存并更新
yum clean all
yum makecache
1.5 查看可用yum源
yum repolist
1.6 安装软件包并设置存储库
yum install -y yum-utils
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
1.7 安装docker
这里选择社区版本(CE版)
yum install docker-ce
1.8 启动服务
systemctl start docker
1.9 验证服务
docker run hello-world
输出日志
[root@db2 docker]# docker run hello-world
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
二、运行git代码
下面是拉取LINUX性能优化案例的代码到本地运行的案例
2.1 获取代码
mkdir -p /root/git-codes
cd /root/git-codes
git clone https://github.com/feiskyer/linux-perf-examples.git
2.2 构建 Docker 镜像
cd /root/git-codes/linux-perf-examples/high-iowait-process
make build
输出如下
gcc -o app app.c
docker build -t feisky/app:iowait -f Dockerfile .
[+] Building 31.9s (7/7) FINISHED docker:default
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 116B 0.0s
=> [internal] load metadata for docker.io/library/ubuntu:latest 16.5s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load build context 0.0s
=> => transferring context: 22.87kB 0.0s
=> [1/2] FROM docker.io/library/ubuntu:latest@sha256:626ffe58f6e7566e00254b638eb7e0f3b11d4da9675088f47 14.9s
=> => resolve docker.io/library/ubuntu:latest@sha256:626ffe58f6e7566e00254b638eb7e0f3b11d4da9675088f478 0.0s
=> => sha256:7b1a6ab2e44dbac178598dabe7cff59bd67233dba0b27e4fbd1f9d4b3c877a54 28.57MB / 28.57MB 12.8s
=> => sha256:626ffe58f6e7566e00254b638eb7e0f3b11d4da9675088f4781a50ae288f3322 1.42kB / 1.42kB 0.0s
=> => sha256:7cc0576c7c0ec2384de5cbf245f41567e922aab1b075f3e8ad565f508032df17 529B / 529B 0.0s
=> => sha256:ba6acccedd2923aee4c2acc6a23780b14ed4b8a5fa4e14e252a23b846df9b6c1 1.46kB / 1.46kB 0.0s
=> => extracting sha256:7b1a6ab2e44dbac178598dabe7cff59bd67233dba0b27e4fbd1f9d4b3c877a54 1.9s
=> [2/2] ADD app /app 0.3s
=> exporting to image 0.1s
=> => exporting layers 0.1s
=> => writing image sha256:169bda677823b435b699b97aff6cb8b4893934fe5eed1ef9a9773335aeddcd32 0.0s
=> => naming to docker.io/feisky/app:iowait 0.0s
gcc -o app app-fix1.c
docker build -t feisky/app:iowait-fix1 -f Dockerfile .
[+] Building 15.4s (7/7) FINISHED docker:default
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 116B 0.0s
=> [internal] load metadata for docker.io/library/ubuntu:latest 15.2s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load build context 0.0s
=> => transferring context: 22.87kB 0.0s
=> CACHED [1/2] FROM docker.io/library/ubuntu:latest@sha256:626ffe58f6e7566e00254b638eb7e0f3b11d4da9675 0.0s
=> [2/2] ADD app /app 0.1s
=> exporting to image 0.1s
=> => exporting layers 0.0s
=> => writing image sha256:861332fb8b0a0a578f904c3a7658b1c8d184979b79406ca8e398a5459f7682bb 0.0s
=> => naming to docker.io/feisky/app:iowait-fix1 0.0s
gcc -o app app-fix2.c
docker build -t feisky/app:iowait-fix2 -f Dockerfile .
[+] Building 15.5s (7/7) FINISHED docker:default
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 116B 0.0s
=> [internal] load metadata for docker.io/library/ubuntu:latest 15.2s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load build context 0.0s
=> => transferring context: 22.92kB 0.0s
=> CACHED [1/2] FROM docker.io/library/ubuntu:latest@sha256:626ffe58f6e7566e00254b638eb7e0f3b11d4da9675 0.0s
=> [2/2] ADD app /app 0.1s
=> exporting to image 0.1s
=> => exporting layers 0.1s
=> => writing image sha256:14ba4b3520460194644d7998aa51e4a31ec3e758a30817bfe89ba7e9f2100ee8 0.0s
=> => naming to docker.io/feisky/app:iowait-fix2
2.3 查看当前镜像
docker images
输出如下
REPOSITORY TAG IMAGE ID CREATED SIZE
feisky/app iowait-fix2 14ba4b352046 2 minutes ago 72.8MB
feisky/app iowait-fix1 861332fb8b0a 2 minutes ago 72.8MB
feisky/app iowait 169bda677823 2 minutes ago 72.8MB
hello-world latest feb5d9fea6a5 2 years ago 13.3kB
feisky/nginx latest 86d56ed32f9f 5 years ago 156MB
2.4 运行应用
make run
输出如下
docker run --privileged --name=app -itd feisky/app:iowait
1670cf0cf2094981f9aa48af4e2f10e6aa3cb9eb78352d738dca42861b5e8d49
2.5 确认进程
[root@db2 high-iowait-process]# ps -ef|grep app
root 212212 212191 0 20:15 pts/0 00:00:00 /app
root 212232 212212 0 20:15 pts/0 00:00:00 [app] <defunct>
root 212233 212212 0 20:15 pts/0 00:00:00 [app] <defunct>
root 212236 178396 0 20:15 pts/0 00:00:00 grep --color=auto app
2.6 关闭应用
make clean
输出如下
rm -f app
docker rm -f app || echo "Container app already deleted."
app
当然还有更简单的方法,不需要拉到本地直接运行
docker run --privileged --name=app -itd feisky/app:iowait /app -d /dev/sdb -s 67108864 -c 20
三、故障排错
3.1 docker run报OCI运行错误
[root@db2 docker]# docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
2db29710123e: Pull complete
Digest: sha256:2498fce14358aa50ead0cc6c19990fc6ff866ce72aeb5546e1d59caac3d0d60f
Status: Downloaded newer image for hello-world:latest
docker: Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: unable to retrieve OCI runtime error (open /run/containerd/io.containerd.runtime.v2.task/moby/5110175fee5bb5297f116c20de60672349ebed6871ae8d0e4b673799d9c62077/log.json: no such file or directory): runc did not terminate successfully: exit status 127: unknown.
原因:未安装RunC,它 是一个轻量级的工具,它是用来运行容器的
解决方案:安装 runC
yum install -y libseccomp-devel
3.2 docker run报IO错误
[root@db1 high-iowait-process]# docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
c1ec31eb5944: Pulling fs layer
docker: error pulling image configuration: Get "https://production.cloudflare.docker.com/registry-v2/docker/registry/v2/blobs/sha256/d2/d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a/data?verify=1720683555-nPlOJjzD72mxqv0DqVR2V4rjuNE%3D": dial tcp 108.160.162.98:443: i/o timeout.
原因:获取镜像效率太低
解决方案:配置镜像加速
配置镜像加速网址:阿里云登录 - 欢迎登录阿里云,安全稳定的云计算服务平台
DOCKER镜像加速
tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://0nej2wpi.mirror.aliyuncs.com"]
}
EOF
--配置完之后重启服务
systemctl daemon-reload
systemctl restart docker
3.3 git clone报Empty reply from server
[root@db1 git-codes]# git clone https://github.com/feiskyer/linux-perf-examples.git
Cloning into 'linux-perf-examples'...
fatal: unable to access 'https://github.com/feiskyer/linux-perf-examples.git/': Empty reply from server
原因:代理设置出错
解决方案:重置代理
git config --global --unset https.https://github.com.proxy
git config --global --unset http.https://github.com.proxy
结语
在麒麟操作系统V10上安装和使用 Docker,不仅可以享受到容器技术带来的便利,还能充分利用麒麟操作系统作为国产操作系统在安全性、可控性和生态兼容性方面的优势。通过上述指南,你可以顺利地在麒麟操作系统V10环境中部署和管理 Docker 应用程序,为你的开发和运维工作带来更高的效率和安全性。