Shulou(Shulou.com)06/01 Report--

This article introduces the knowledge of "the detailed process of deploying Docker container environment on CentOS6.x". Many people will encounter this dilemma in the operation of actual cases, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

Docker.io is a lightweight "container engine + image repository" that builds on LXC (linux lightweight containers) and can run any application.

The core layer of docker.io consists of the following parts:

1. Executable program, "/ usr/bin/docker"

2. There are a series of created operating system and application images on the docker.io website.

3, AUFS (another unified file system) to achieve file system snapshots, file changes, control read-only or read-write requirements.

4. LXC (Linux lightweight container)

5. Cgroups (management of various resources and namespaces)

At the time of this writing, the latest version is 0.5.3, but the current development is very active, and some features and features may change in the new version.

It should be noted that the installation of CentOS 6.5 is a little different from 7.0. the installation package of docker on CentOS-6 is called docker-io and comes from the Fedora epel library, this repository maintains a large number of software that is not included in the distribution, so first install EPEL, while the docker of CentOS-7 is directly included in the Extras repository of the official mirror source (enable=1 is enabled in the [extras] section under CentOS-Base.repo). The premise is that they all need to be connected to the Internet, and the specific installation process is as follows.

1. Disable selinux

[/ code]

# getenforce

Enforcing

# setenforce 0

Permissive

# vi / etc/selinux/config

SELINUX=disabled

...

[/ code]

two。 Install Fedora EPEL

The epel-release-6-8.noarch.rpm package is included in the distribution media and can be installed from rpm.

The code is as follows:

# yum install epel-release-6-8.noarch.rpm

/ / or

Yum-y install http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

If there is a problem with GPG key retrieval failed: [Errno 14] Could not open/read file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6, install epel online and download the RPM-GPG-KEY-EPEL-6 file.

After this step is performed, two files, epel.repo and epel-testing.repo, will be generated under / etc/yum.repos.d/ to download the rpm package from the Fedora official website.

3. Check the kernel version

The code is as follows:

# uname-r

2.6.32-431.el6.x86_64

# cat / etc/redhat-release

CentOS release 6.5 (Final)

Seeing this minimum kernel version, it actually doesn't have much of a problem, and you can upgrade to version 3.10.x.

Alternatively, you can run the script check-config.sh to check that the kernel module characters do not match (there are some missing below, and my docker can still start normally):

The code is as follows:

[root@sean ~] #. / check-config

Warning: / proc/config.gz does not exist, searching other paths for kernel config...

Info: reading kernel config from / boot/config-2.6.32-431.el6.x86_64...

Generally Necessary:

-cgroup hierarchy: properly mounted [/ cgroup]

-CONFIG_NAMESPACES: enabled

-CONFIG_NET_NS: enabled

-CONFIG_PID_NS: enabled

-CONFIG_IPC_NS: enabled

-CONFIG_UTS_NS: enabled

-CONFIG_DEVPTS_MULTIPLE_INSTANCES: enabled

-CONFIG_CGROUPS: enabled

-CONFIG_CGROUP_CPUACCT: enabled

-CONFIG_CGROUP_DEVICE: enabled

-CONFIG_CGROUP_FREEZER: enabled

-CONFIG_CGROUP_SCHED: enabled

-CONFIG_MACVLAN: enabled

-CONFIG_VETH: enabled

-CONFIG_BRIDGE: enabled

-CONFIG_NF_NAT_IPV4: missing

-CONFIG_IP_NF_TARGET_MASQUERADE: enabled

-CONFIG_NETFILTER_XT_MATCH_ADDRTYPE: missing

-CONFIG_NETFILTER_XT_MATCH_CONNTRACK: enabled

-CONFIG_NF_NAT: enabled

-CONFIG_NF_NAT_NEEDED: enabled

Optional Features:

-CONFIG_MEMCG_SWAP: missing

-CONFIG_RESOURCE_COUNTERS: enabled

-CONFIG_CGROUP_PERF: enabled

-Storage Drivers:

"aufs":

-CONFIG_AUFS_FS: missing

-CONFIG_EXT4_FS_POSIX_ACL: enabled

-CONFIG_EXT4_FS_SECURITY: enabled

"btrfs":

-CONFIG_BTRFS_FS: enabled

"devicemapper":

-CONFIG_BLK_DEV_DM: enabled

-CONFIG_DM_THIN_PROVISIONING: enabled

-CONFIG_EXT4_FS: enabled

-CONFIG_EXT4_FS_POSIX_ACL: enabled

-CONFIG_EXT4_FS_SECURITY: enabled

If you are compiling the kernel yourself, pay special attention to a few absolutely indispensable things: DM_THIN_PROVISIONING, IP_NF_TARGET_MASQUERADE, NF_NAT. (there is no corresponding option for AUFS_FS. It is not clear what happened, but it is not necessary.)

4. Install docker-io

The code is as follows:

# yum install docker-io

Dependencies Resolved

=

Package Arch Version Repository Size

=

Installing:

Docker-io x8631 64 1.1.2-1.el6 epel 4.5m

Installing for dependencies:

Lua-alt-getopt noarch 0.7.0-1.el6 epel 6.9k

Lua-filesystem x8631 64 1.4.2-1.el6 epel 24k

Lua-lxc x8631 64 1.0.6-1.el6 epel 15k

Lxc x8631 64 1.0.6-1.el6 epel 120k

Lxc-libs x8631 64 1.0.6-1.el6 epel 248k

Transaction Summary

=

Install 6 Package (s)

Many documents are introduced here, and the next step is to mount the / cgroup file system. My docker version is 1.1.2, and there are no steps to modify / etc/fstab.

5. Start trial run

The code is as follows:

# service docker start

/ / or

# docker-d

6. Run docker.io in daemon mode (in a new terminal)

The code is as follows:

[root@localhost ~] # docker-d

2013-08-21 07:47:07 WARNING: Your kernel does not support cgroup swap limit.

07:47:07 on 2013-08-21 Listening for HTTP on / var/run/docker.sock (unix)

7. Output hello world in a centos6.4 container

The code is as follows:

[root@localhost ~] # docker run centos:6.4 echo "hello world"

2013-08-21 07:48:41 POST / v1.4/containers/create

2013-08-21 07:48:41 POST / v1.4/containers/c6bc9e80097e/start

2013-08-21 07:48:41 POST / v1.4/containers/c6bc9e80097e/attach?logs=1&stderr=1&stdout=1&stream=1

Hello world

8. Test ping from the container

The code is as follows:

[root@localhost ~] # docker-dns' 8.8.8.8' run centos:6.4 ping-c 3 yahoo.com

2013-08-21 08:02:15 POST / v1.4/containers/create

2013-08-21 08:02:15 POST / v1.4/containers/c40a1244f9bc/start

2013-08-21 08:02:15 POST / v1.4/containers/c40a1244f9bc/attach?logs=1&stderr=1&stdout=1&stream=1

PING yahoo.com (98.138.253.109) 56 (84) bytes of data.

64 bytes from ir1.fp.vip.ne1.yahoo.com (98.138.253.109): icmp_seq=1 ttl=48 time=323 ms

64 bytes from ir1.fp.vip.ne1.yahoo.com (98.138.253.109): icmp_seq=2 ttl=48 time=329 ms

64 bytes from ir1.fp.vip.ne1.yahoo.com (98.138.253.109): icmp_seq=3 ttl=49 time=302 ms

-yahoo.com ping statistics

3 packets transmitted, 3 received, 0 packet loss, time 2304ms

Rtt min/avg/max/mdev = 302.032 ms 318.318 max 329.656 max 11.807

9. Abnormal

During one of my installations, I unfortunately encountered the following problems:

Docker-d starts, or tail-f / var/log/docker views the log

The code is as follows:

[f32e7d9f] + job initserver ()

[f32e7d9f.initserver ()] Creating server

[f32e7d9f] + job serveapi (unix:///var/run/docker.sock)

13:02:45 on 2014-10-22 Listening for HTTP on unix (/ var/run/docker.sock)

Error running DeviceCreate (createPool) dm_task_run failed

[f32e7d9f]-job initserver () = ERR (1)

13:02:45 on 2014-10-22 Error running DeviceCreate (createPool) dm_task_run failed

\ nWed Oct 22 14:35:54 CST 2014\ n

Or service docker restart.

The code is as follows:

Stopping docker: [OK]

Starting cgconfig service: Error: cannot mount cpuset to / cgroup/cpuset: Device or resource busy

/ sbin/cgconfigparser; error loading / etc/cgconfig.conf: Cgroup mounting failed

Failed to parse / etc/cgconfig.conf [FAILED]

Starting docker: [OK]

Copy it all and put it in the note Unable to enable network bridge NAT: iptables failed: iptables-I POSTROUTING-t nat-s 172.17.42.1 can't initialize iptables table 16!-d 172.17.42.1 can't initialize iptables table 16-j MASQUERADE: iptables v1.4.7: can't initialize iptables table `note (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

This is the end of the detailed process of deploying a Docker container environment on CentOS6.x. Thank you for reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.