Quit docker-desktop wsl --shutdown Export Docker Desktop data wsl --export docker-desktop-data D:\data.tar wsl --unregister docker-desktop-data Import the exported data to your desired location wsl --import docker-desktop-data D:\wsl\docker-desktop-data d:\data.tar --version 2 restart docker-desktop λ wsl -l -v NAME STATE VERSION * Ubuntu2 Running 2 docker-desktop-data Running 2 docker-desktop Running 2
Kubernetes is removing the “dockershim”, which is special in-process support the kubelet has for docker.
However, the kubelet still has the CRI (container runtime interface) to support arbitrary runtimes. containerd is currently supported via the CRI, as is every runtime except docker. Docker is being moved from having special-case support to being the same in terms of support as other runtimes.
Does that mean using docker as your runtime is deprecated?
重新安装 Ensure that Docker Desktop is set to Linux containers mode when you run Dapr in self hosted mode
d:\code>dapr uninstall Removing Dapr from your machine... Removing directory: C:\Users\wubigo\.dapr\bin Removing container: dapr_placement Dapr has been removed successfully d:\code>dapr init Making the jump to hyperspace... Installing runtime version 1.6.0 Downloading binaries and setting up components... Downloaded binaries and completed components set up. daprd binary has been installed to C:\Users\wubigo\.dapr\bin. dapr_placement container is running.
在windows中使用docker有多种方式:
docker WIN10 desktop
WSL
本文主要介绍在WSL中使用docker
前提条件 Windows 10 Version 1803以上(支持cgroups)
Ubuntu for WSL 16.0.4 LTS(WSL支持的最新版本)
Docker 17.09
安装WSL install WSL
WSL 命令行和默认 shell cmd:\>wsl wubigo:/tmp/docker-desktop-root/mnt/host/d/code#/etc# cat /etc/wsl.conf [automount] root = /mnt/host crossDistro = true options = "metadata" WSL DOCKER磁盘卷路径 cmd:\>docker volume inspect edgex_consul-config [ { "CreatedAt": "2022-03-07T08:04:34Z", "Driver": "local", "Labels": { "com.docker.compose.project": "edgex", "com.docker.compose.version": "2.2.3", "com.docker.compose.volume": "consul-config" }, "Mountpoint": "/var/lib/docker/volumes/edgex_consul-config/_data", "Name": "edgex_consul-config", "Options": null, "Scope": "local" } ] \\wsl$\docker-desktop-data\version-pack-data\community\docker\volumes\
DOCKER DEAMON PROXY systemd level /etc/systemd/system/docker.service.d/https-proxy.conf
[Service] Environment="http_proxy=http://127.0.0.1:8123" "https_proxy=https://127.0.0.1:8123" "NO_PROXY=registry-1.docker.io" sudo systemctl daemon-reload sudo systemctl restart docker service level /etc/default/docker
export http_proxy="http://127.0.0.1:3128/" daemon level /etc/docker/daemon
DOCKER CLIENT PROXY ~/.docker/config.json
"proxies":{ "default":{} }
The Container Network Interface (CNI) is a library definition, and a set of tools under the umbrella of the Cloud Native Computing Foundation project. For more information visit their GitHub project. Kubernetes uses CNI as an interface between network providers and Kubernetes networking.
Why Use CNI Kubernetes default networking provider, kubenet, is a simple network plugin that works with various cloud providers. Kubenet is a very basic network provider, and basic is good, but does not have very many features.
Improve docker container detection and resource configuration usage
https://blog.softwaremill.com/docker-support-in-new-java-8-finally-fd595df0ca54
https://www.oracle.com/technetwork/java/javase/8u191-relnotes-5032181.html
在windows,启动卷必须线启用共享驱动
启用共享驱动 1: Open "Settings" in Docker Desktop -> "Shared Drives" -> "Reset Credentials" -> select drive "D" -> "Apply" 检查测试卷 docker run --rm -v d:/tmp:/data alpine ls /data
docker proxy run cmd as administrator cmd>cd $GIT_HOME cmd>echo > .bash_profile export HTTP_PROXY=http://127.0.0.1:1080 export HTTPS_PROXY=http://127.0.0.1:1080 export no_proxy=localhost,127.0.0.1,192.168.99.100
FROM centos:7 RUN echo "ip_resolve=4" >> /etc/yum.conf RUN yum update -y && yum install -y java-1.8.0-openjdk # 设置时区(日志、调用链) RUN /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime RUN echo "Asia/Shanghai" > /etc/timezone ENV workdir /app/ ADD VERSION . WORKDIR ${workdir} # JAVA_OPTS环境变量JVM 启动参数,在运行时 bash 替换 # 使用 exec 以使 Java 程序可以接收 SIGTERM 信号。 CMD ["sh", "-ec", "exec java ${JAVA_OPTS} -jar ${jar}"]
提示: 以下操作是在VirtualBox虚机环境,并做如下配置
网络 下拉高级设置,在”Adapter Type”选择PCnet-FAST III”, 而不是默认的e1000 (Intel PRO/1000). 另外”Promiscuous Mode”必须设置为”Allow All”. 否则通过网桥连接的容器无法工作, 因为虚拟网卡 会过滤掉掉所有带有不同MAC的数据包。
多网卡 每块网卡都要做上述调整
准备 安装util-linux
sudo apt install util-linux /etc/network/interface
cat interfaces # interfaces(5) file used by ifup(8) and ifdown(8) auto lo iface lo inet loopback auto enp0s3 iface enp0s3 inet static address 192.168.1.10 netmask 255.255.255.0 gateway 192.168.1.1 dns-nameservers 192.168.1.1 auto enp0s8 iface enp0s8 inet static address 192.168.1.16 netmask 255.
set date FROM alpine:3.8 RUN apk add --no-cache tzdata && rm -rf /var/cache/apk/* ENV TZ Asia/Shanghai RUN ln -s /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone docker run -it --rm -e TZ=Asia/Shanghai alpine:3.8 ash 创建/etc/localtime
ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
容器网络 容器网络方案 = 接入 + 流控 + 通道
docker默认的网络 桥接网络
Docker网络macvlan 网络macvlan
Docker宿主网络 宿主网络
Docker覆盖网络 宿主端口绑定 绑定方式: -p
绑定形式
ip:hostPort:containerPort| ip::containerPort | hostPort:containerPort | containerPort
containerPort必须指定
docker run --rm --name web -p 80:80 -v /home/bigo/site:/usr/share/nginx/html:ro -d nginx:1.14-alpine docker 会为端口绑定的容器自动启动docker-proxy进程
docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 80 -container-ip 172.17.0.2 -container-port 80
介绍 Macvlan支持从一个上层物理接口创建子接口,每个子接口有自己独立的MAC和IP地址。 应用程序,容器或虚机可以绑定到子接口,用子接口的IP和物理网络直接通信。
好处
现有的很多网络监控设备还不支持虚拟网络设备的监控,Macvlan支持 不需要新建iptable,nat,route单独管理容器网络 不足
交换机的每个端口上能连接的不同MAC有策略上限 网卡上过多的MAC会影响性能 Macvlan只支持LINUX 准备 需要4.0以上的内核
uname -r 4.15.0-45-generic 加载macvlan模块
sudo modprobe macvlan lsmod | grep macvlan ... macvlan 24576 0 ... 配置网卡为混杂模式
主机 IP PC 192.168.1.5/24 VM1 192.168.1.10/24 Container1 192.168.1.128/25 MACVLAN四种工作模式 Macvlan VEPA Macvlan Bridge Macvlan Passthru 创建macvlan ip addr show enp0s3 enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 1000 link/ether 08:00:27:c0:91:4c brd ff:ff:ff:ff:ff:ff inet 192.
Everything a containerized application writes to stdout and stderr is handled and redirected somewhere by a container engine. For example, the Docker container engine redirects those two streams to a logging driver
The docker logs command is not available for drivers other than json-file and journald.
docker-compose日志 docker-compose -f docker-compose-0.7.1.yml logs -f logging driver To configure the Docker daemon to default to a specific logging driver, set the value of log-driver to the name of the logging driver in the daemon.
Dockerfile ENTRYPOINT有两种形式
exec shell exec(preferred) shell ENTRYPOINT [“executable”, “param1”, “param2”] command param1 param2 Command line arguments to docker run appended not being used ENTRYPOINT will be started as a subcommand of /bin/sh -c default N/A /bin/sh -c (start it with exec to sned stop signal) CMD [“exec_cmd”, “p1_cmd”] exec_entry p1_entry exec_cmd p1_cmd /bin/sh -c exec_entry p1_entry ENTRYPOINT exec FROM alpine:3.
#!/usr/bin/env bash set -e EXITCODE=0 # bits of this were adapted from lxc-checkconfig # see also https://github.com/lxc/lxc/blob/lxc-1.0.2/src/lxc/lxc-checkconfig.in possibleConfigs=( '/proc/config.gz' "/boot/config-$(uname -r)" "/usr/src/linux-$(uname -r)/.config" '/usr/src/linux/.config' ) if [ $# -gt 0 ]; then CONFIG="$1" else : ${CONFIG:="${possibleConfigs[0]}"} fi if ! command -v zgrep &> /dev/null; then zgrep() { zcat "$2" | grep "$1" } fi kernelVersion="$(uname -r)" kernelMajor="${kernelVersion%%.*}" kernelMinor="${kernelVersion#$kernelMajor.}" kernelMinor="${kernelMinor%%.*}" is_set() { zgrep "CONFIG_$1=[y|m]" "$CONFIG" > /dev/null } is_set_in_kernel() { zgrep "CONFIG_$1=y" "$CONFIG" > /dev/null } is_set_as_module() { zgrep "CONFIG_$1=m" "$CONFIG" > /dev/null } color() { local codes=() if [ "$1" = 'bold' ]; then codes=( "${codes[@]}" '1' ) shift fi if [ "$#" -gt 0 ]; then local code= case "$1" in # see https://en.
工具 查看容器启动命令行 docker run --rm -v /var/run/docker.sock:/var/run/docker.sock:ro \ assaflavie/runlike <container-id> 查看容器对应的主机PID systemd-cgls pstree -s -p -a <pid> 端口绑定 By default, when you create or run a container using docker create or docker run, it does not publish any of its ports to the outside world. To make a port available to services outside of Docker, or to Docker containers which are not connected to the container’s network, use the –publish or -p flag.