我在OpenSUSE 13.2中更新了docker。 经过一些测试后,我发现/ etc / sysconfig / docker中的-H标志导致dockerd无法启动,但是我需要它来启用端口2375或2376(因为它已经工作好几个月)。有了它,TSL或不是TSL,所有或任何端口,docker都无法启动。我已经尝试绑定到0.0.0.0,localhost,...
-- Logs begin at Tue 2016-10-25 12:48:00 CEST, end at Thu 2017-02-02 23:02:35 CET. --
Feb 02 23:01:35 ezequiel dockerd[22661]: time="2017-02-02T23:01:35.134216922+01:00" level=info msg="Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip can be used to set a preferred IP address"
Feb 02 23:01:35 ezequiel dockerd[22661]: time="2017-02-02T23:01:35.247510727+01:00" level=info msg="Loading containers: done."
Feb 02 23:01:35 ezequiel dockerd[22661]: time="2017-02-02T23:01:35.247659069+01:00" level=info msg="Daemon has completed initialization"
Feb 02 23:01:35 ezequiel dockerd[22661]: time="2017-02-02T23:01:35.247709386+01:00" level=info msg="Docker daemon" commit=78d1802 graphdriver=btrfs version=1.12.6
Feb 02 23:01:35 ezequiel dockerd[22661]: time="2017-02-02T23:01:35.267370317+01:00" level=info msg="API listen on 192.168.100.1:2375"
Feb 02 23:02:35 ezequiel docker_service_helper.sh[22662]: Docker is dead
Feb 02 23:02:35 ezequiel systemd[1]: docker.service: control process exited, code=exited status=1
Feb 02 23:02:35 ezequiel dockerd[22661]: time="2017-02-02T23:02:35.810756005+01:00" level=info msg="Processing signal 'terminated'"
Feb 02 23:02:35 ezequiel systemd[1]: Failed to start Docker Application Container Engine.
-- Subject: Unit docker.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit docker.service has failed.
--
-- The result is failed.
Feb 02 23:02:35 ezequiel systemd[1]: Unit docker.service entered failed state.
如果我将其删除,docker会启动,但我无法从主机外部访问它(我以前通过端口2376使用TSL)
我直接尝试了dockerd,它绑定到tcp端口:
# /usr/bin/dockerd --containerd /run/containerd/containerd.sock --add-runtime oci=/usr/bin/docker-runc --label provider=generic -g /optLVM/varLibDocker -H tcp://127.0.0.1:2375
WARN[0000] [!] DON'T BIND ON ANY IP ADDRESS WITHOUT setting -tlsverify IF YOU DON'T KNOW WHAT YOU'RE DOING [!]
INFO[0000] [graphdriver] using prior storage driver "btrfs"
INFO[0000] Graph migration to content-addressability took 0.00 seconds
WARN[0000] Your kernel does not support swap memory limit.
WARN[0000] Your kernel does not support kernel memory limit.
WARN[0000] mountpoint for pids not found
INFO[0000] Loading containers: start.
.................INFO[0000] Firewalld running: false
INFO[0000] Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip can be used to set a preferred IP address
INFO[0000] Loading containers: done.
INFO[0000] Daemon has completed initialization
INFO[0000] Docker daemon commit=78d1802 graphdriver=btrfs version=1.12.6
INFO[0000] API listen on 127.0.0.1:2375
所以配置似乎发生了变化。
我的旧版本是: 搬运工-1.12.1-152.3.x86_64
新的: 搬运工-1.12.6-176.1.x86_64
感谢您的帮助......我确实需要使用TCP(无论是否有TSL)远程访问docker。
答案 0 :(得分:1)
更新后我遇到了同样的问题。 从1.12.1到1.12.6,他们用" fd://"改变了一些东西。对我来说它不再起作用了。我使用tcp和tls。
在我的配置文件(/etc/docker/daemon.json)
中{
"tls" : true,
"tlsverify": true,
"tlscacert": "/etc/docker/ca.pem",
"tlscert" : "/etc/docker/server/server-cert.pem",
"tlskey" : "/etc/docker/server/server-key.pem",
"hosts" : ["unix:///var/run/docker.sock", "tcp://10.10.1.1:2376"]
}
我正在添加"主机":unix:///var/run/docker.sock
我认为本地通信是通过unix套接字处理的,远程连接是通过tcp运行的。