在docker deamon重新启动后,docker容器无法启动
我使用docker 1.11.2来使用Ubuntu 16.04。 我已经configurationsystemd自动重启docker守护进程。 当我终止docker守护进程时,docker守护进程会重新启动,但容器甚至不会将RestartPolicy设置为always。 从日志中我可以看到它没有创build目录,因为它存在。 我个人认为这与停止containerd有关。
任何帮助,将不胜感激。
Aug 25 19:20:19 api-31 systemd[1]: docker.service: Main process exited, code=killed, status=9/KILL Aug 25 19:20:19 api-31 docker[17617]: time="2016-08-25T19:20:19Z" level=info msg="stopping containerd after receiving terminated" Aug 25 19:21:49 api-31 systemd[1]: docker.service: State 'stop-sigterm' timed out. Killing. Aug 25 19:21:49 api-31 systemd[1]: docker.service: Unit entered failed state. Aug 25 19:21:49 api-31 systemd[1]: docker.service: Failed with result 'timeout'. Aug 25 19:21:49 api-31 systemd[1]: docker.service: Service hold-off time over, scheduling restart. Aug 25 19:21:49 api-31 systemd[1]: Stopped Docker Application Container Engine. Aug 25 19:21:49 api-31 systemd[1]: Closed Docker Socket for the API. Aug 25 19:21:49 api-31 systemd[1]: Stopping Docker Socket for the API. Aug 25 19:21:49 api-31 systemd[1]: Starting Docker Socket for the API. Aug 25 19:21:49 api-31 systemd[1]: Listening on Docker Socket for the API. Aug 25 19:21:49 api-31 systemd[1]: Starting Docker Application Container Engine... Aug 25 19:21:49 api-31 docker[19023]: time="2016-08-25T19:21:49.913162167Z" level=info msg="New containerd process, pid: 19029\n" Aug 25 19:21:50 api-31 kernel: [87066.742831] audit: type=1400 audit(1472152910.946:23): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="docker-default" pid=19043 comm="apparmor_parser" Aug 25 19:21:50 api-31 docker[19023]: time="2016-08-25T19:21:50.952073973Z" level=info msg="[graphdriver] using prior storage driver \"overlay\"" Aug 25 19:21:50 api-31 docker[19023]: time="2016-08-25T19:21:50.956693893Z" level=info msg="Graph migration to content-addressability took 0.00 seconds" Aug 25 19:21:50 api-31 docker[19023]: time="2016-08-25T19:21:50.961641996Z" level=info msg="Firewalld running: false" Aug 25 19:21:51 api-31 docker[19023]: time="2016-08-25T19:21:51.016582850Z" level=info msg="Removing stale sandbox 66ef9e1af997a1090fac0c89bf96c2631bea32fbe3c238c4349472987957c596 (547bceaad5d121444ddc6effbac3f472d0c232d693d8cc076027e238cf253613)" Aug 25 19:21:51 api-31 docker[19023]: time="2016-08-25T19:21:51.046227326Z" level=info msg="Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip can be used to set a preferred IP address" Aug 25 19:21:51 api-31 docker[19023]: time="2016-08-25T19:21:51.081106790Z" level=warning msg="Your kernel does not support swap memory limit." Aug 25 19:21:51 api-31 docker[19023]: time="2016-08-25T19:21:51.081650610Z" level=info msg="Loading containers: start." Aug 25 19:22:01 api-31 kernel: [87076.922492] docker0: port 1(vethbbc1192) entered disabled state Aug 25 19:22:01 api-31 kernel: [87076.927128] device vethbbc1192 left promiscuous mode Aug 25 19:22:01 api-31 kernel: [87076.927131] docker0: port 1(vethbbc1192) entered disabled state Aug 25 19:22:03 api-31 docker[19023]: .time="2016-08-25T19:22:03.085800458Z" level=warning msg="error locating sandbox id 66ef9e1af997a1090fac0c89bf96c2631bea32fbe3c238c4349472987957c596: sandbox 66ef9e1af997a1090fac0c89bf96c2631bea32fbe3c238c4349472987957c596 not found" Aug 25 19:22:03 api-31 docker[19023]: time="2016-08-25T19:22:03.085907328Z" level=warning msg="failed to cleanup ipc mounts:\nfailed to umount /var/lib/docker/containers/547bceaad5d121444ddc6effbac3f472d0c232d693d8cc076027e238cf253613/shm: invalid argument" Aug 25 19:22:03 api-31 kernel: [87078.882836] device veth5c6999c entered promiscuous mode Aug 25 19:22:03 api-31 kernel: [87078.882984] IPv6: ADDRCONF(NETDEV_UP): veth5c6999c: link is not ready Aug 25 19:22:03 api-31 systemd-udevd[19128]: Could not generate persistent MAC address for veth5c6999c: No such file or directory Aug 25 19:22:03 api-31 systemd-udevd[19127]: Could not generate persistent MAC address for veth39fb4d3: No such file or directory Aug 25 19:22:03 api-31 kernel: [87078.944218] docker0: port 1(veth5c6999c) entered disabled state Aug 25 19:22:03 api-31 kernel: [87078.948636] device veth5c6999c left promiscuous mode Aug 25 19:22:03 api-31 kernel: [87078.948640] docker0: port 1(veth5c6999c) entered disabled state Aug 25 19:22:03 api-31 docker[19023]: time="2016-08-25T19:22:03.219677059Z" level=error msg="Failed to start container 547bceaad5d121444ddc6effbac3f472d0c232d693d8cc076027e238cf253613: rpc error: code = 6 desc = \"mkdir /run/containerd/547bceaad5d121444ddc6effbac3f472d0c232d693d8cc076027e238cf253613: file exists\"" Aug 25 19:22:03 api-31 docker[19023]: time="2016-08-25T19:22:03.219750430Z" level=info msg="Loading containers: done." Aug 25 19:22:03 api-31 docker[19023]: time="2016-08-25T19:22:03.219776593Z" level=info msg="Daemon has completed initialization" Aug 25 19:22:03 api-31 docker[19023]: time="2016-08-25T19:22:03.219847738Z" level=info msg="Docker daemon" commit=b9f10c9 graphdriver=overlay version=1.11.2 Aug 25 19:22:03 api-31 systemd[1]: Started Docker Application Container Engine. Aug 25 19:22:03 api-31 docker[19023]: time="2016-08-25T19:22:03.226116336Z" level=info msg="API listen on /var/run/docker.sock" @VonC – 感谢您指点我正确的方向。 我研究了线程,但在我的情况下,apparmor不是问题。 在线程中提到了一些其他的问题,所以我跟着他们,我find了解决scheme。
解决scheme:在Ubuntu 16.04上,问题在于systemd杀死了docker守护进程的进程。 为了防止它,你需要添加
KillMode =过程
到/lib/systemd/system/docker.service并解决了这个问题。
这里是我使用的来源:
https://github.com/docker/docker/issues/25246
https://github.com/docker/docker/blob/master/contrib/init/systemd/docker.service#L25
紧接着是25487号问题 (2016年8月),甚至在22195号问题之前(2016年4月)也有报告。
检查您是否在TõnisTiigi在第21702期提到的情况下:
这似乎是由docker
docker/contrib/apparmor守护进程的apparmorconfiguration文件造成的。
如果这个configuration文件应用在v1.11(至lessUbuntu的狡猾)然后容器启动不起作用。我不确定用户是否刚刚手动强制执行此configuration文件,或者显然我们也意外地在1.10.0-rc1( #19707 )中安装了此configuration文件。
所以解决方法,直到我们找出如何处理这个问题,是卸载configuration文件像
apparmor_parser -R /etc/apparmor.d/docker-engine,删除它,并重新启动守护进程。
/etc/apparmor.d/docker是容器的configuration文件,不需要更改。