Question

我一直在尝试在启动时在Linux（Debian 9.4）计算机上启动某些docker（创建未运行已停止的docker）。我一直依靠Linux中的rc脚本。为了简单说明我的问题，rc脚本会启动一个守护进程，该进程负责执行执行脚本以获取，创建和部署docker。从shell手动启动时，此方法工作得很好，但是当守护程序尝试使用错误代码256（根据记录的数据）运行它时，它将出错。详细信息如下：

设置

设置中有4个主要元素，即rc.d脚本，守护程序可执行文件，docker启动脚本，docker删除脚本（以防启动失败）。

将名为dockghost的rc.d脚本放入/etc/init.d/中（如下所示），并将其添加到运行级别3、4、5（不是2，因为需要联网，因此需要进行软链接K01dockghost （如果有帮助，请在rc * .d中，* = {0,2,6}和S02dockghost在其他文件夹中）。每次启动时都会可靠地启动。我目前仅使用服务的开始部分，因此不需要停止部分。 dockghost文件如下所示：

#!/bin/sh
# kFreeBSD do not accept scripts as interpreters, using #!/bin/sh and sourcing.
if [ true != "$INIT_D_SCRIPT_SOURCED" ] ; then
    set "$0" "$@"; INIT_D_SCRIPT_SOURCED=true . /lib/init/init-d-script
fi
### BEGIN INIT INFO
# Provides:         docker startup daemon 
### END INIT INFO

DESC="starts the dockers on startup of system"
DAEMON=/usr/sbin/ghost
DESTROY=/etc/init.d/destroy.sh

case "$1" in 
   start) $DAEMON
          ;;
   stop)  $DESTROY
          ;;   
esac

如您所见，它在ghost中调用/usr/sbin守护程序，该守护程序具有以下来源。该程序不执行任何操作，仅生成守护程序并尝试制作docker，并在发生故障时无限期重试。

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <string.h>

int main(int argc, char* argv[]){
  FILE* file = NULL;
  file = fopen("/docker/log","w+");
  fprintf(file, "============================================\n");
  fflush(file);
  fprintf(file, "Starting the ghost daemon.\n");
  fflush(file);
  pid_t process_id = 0;
  pid_t sid = 0;
  process_id = fork();
  if(process_id < 0){
    fprintf(file, "fork failed, GHOST daemon\n");
    fflush(file);
    fclose(file);
    exit(1);
  }
  if(process_id > 0){
    fclose(file);
    exit(0);
  }
  sid = setsid();
  if(sid < 0) {
    fprintf(file, "closing session because of failure in changing sessions\n");
    fflush(file);
    fclose(file);
    exit(1);
  }
  close(STDIN_FILENO);
  close(STDOUT_FILENO);
  close(STDERR_FILENO);
  fprintf(file, "daemon started successfully.\n");
  fflush(file);
  int done = 0; 
  while(!done){
    sleep(1);
    int ret = system("/etc/init.d/lab.sh"); 
    if( ret == 0 ){
      done = 1;
    }else{
      fprintf(file, "exit status of this try is %d", ret);
    }
    if(done == 1){
      // may choose to write another program that handles this notif but for time being let's direct it to the logs
      fprintf(file, "Daemon finished task successfully\n");
      fflush(file);
    }else{
      fprintf(file, "Retrying in 3 seconds\n");
      fflush(file);
      system("/etc/init.d/destroy.sh");
      sleep(3);
    }    
  }
  fclose(file);
  return 0;
}

创建dockers（/etc/init.d/lab.sh）的脚本如下。请注意，已设置-e标志，因此脚本发现错误时将停止。

#!/bin/bash
set -e

# creating the networks
docker network create --subnet 172.30.0.0/16 net1 >> /docker/tally 2>> /docker/tally
docker network create --subnet 172.31.0.0/16 net2 >> /docker/tally 2>> /docker/tally
docker network create --subnet 172.32.0.0/16 mitm >> /docker/tally 2>> /docker/tally

# run nodes on only one network
docker container run --privileged -p 8080:22 --network=mitm --ip 172.32.0.2 -itd --name=cont3 SERVER:PORT/debian-ssh:latest >> /docker/tally 2>> /docker/tally
docker container run --privileged -p 4040:22 --network=mitm --ip 172.32.0.3 -itd --name=cont1 SERVER:PORT/debian-ssh:latest >> /docker/tally 2>> /docker/tally
docker container run --privileged -p 6060:22 --network=mitm --ip 172.32.0.4 -itd --name=cont2 -e DISPLAY=$DISPLAY SERVER:PORT/debian-wshark:latest >> /docker/tally 2>> /docker/tally

# make a bridging node between two networks
docker network connect --ip 172.30.0.2 net1 cont1  >> /docker/tally 2>> /docker/tally
docker network connect --ip 172.31.0.2 net2 cont3  >> /docker/tally 2>> /docker/tally
docker network connect --ip 172.30.0.3 net1 cont2  >> /docker/tally 2>> /docker/tally
docker network connect --ip 172.31.0.3 net2 cont2  >> /docker/tally 2>> /docker/tally

# add static routes to cont1 and cont2 to make the private networks visible to each other
docker exec cont3 ip route add 172.30.0.0/16 via 172.31.0.3 >> /docker/tally 2>> /docker/tally
docker exec cont1 ip route add 172.31.0.0/16 via 172.30.0.3 >> /docker/tally 2>> /docker/tally

# rename interfaces eth0 in the containers 
docker exec cont1 ip link set eth0 down >> /docker/tally 2>> /docker/tally
docker exec cont1 ip link set eth0 name wctrl >> /docker/tally 2>> /docker/tally
docker exec cont1 ip link set wctrl up >> /docker/tally 2>> /docker/tally

docker exec cont2 ip link set eth0 down >> /docker/tally 2>> /docker/tally
docker exec cont2 ip link set eth0 name wctrl >> /docker/tally 2>> /docker/tally
docker exec cont2 ip link set wctrl up >> /docker/tally 2>> /docker/tally

docker exec cont3 ip link set eth0 down >> /docker/tally 2>> /docker/tally
docker exec cont3 ip link set eth0 name wctrl >> /docker/tally 2>> /docker/tally
docker exec cont3 ip link set wctrl up >> /docker/tally 2>> /docker/tally

销毁docker（/etc/init.d/destroy.sh）的脚本如下。请注意，已设置+ e标志，因此脚本在收到错误时将继续运行。

#!/bin/bash
set +e
L="docker container rm -f"
for i in $(seq 1 3) ; do
  $L cont$i || true
done
docker network prune --force
exit 0

日志

我已将所有日志累积在/docker文件夹中。日志文件包含守护程序的日志，而提示文件中包含来自脚本的日志。就日志文件而言，代码32000是用于ssl超时的，但是对于导致256的原因我没有任何线索。

日志文件：

============================================
Starting the ghost daemon.
daemon started successfully.
exit status of this try is 32000Retrying in 3 seconds
exit status of this try is 256Retrying in 3 seconds
it status of this try is 32000Retrying in 3 seconds
exit status of this try is 256Retrying in 3 seconds
exit status of this try is 256Retrying in 3 seconds

理货文件：

Error response from daemon: cannot create network af5a77e00420371c154f123ff06d0de203a3f3b714e910b43999fd6e1c28ebbe (br-af5a77e00420): conflicts with network c535a57c530c8845d3a0279e8f83f07b2b481af636d40ac359e78d3c52813654 (br-c535a57c530c): networks have overlapping IPv4
c535a57c530c8845d3a0279e8f83f07b2b481af636d40ac359e78d3c52813654
7cf34ba14b46396961b021f5afaa4ffbc84580dc16e1a35e66bd1e2c45522153
c1c88b39d8a3cbff06c55b9ba6f5654dc496deacd04e7c7bc217836e9022c862
Unable to find image 'SERVER:PORT/debian-ssh:latest' locally
latest: Pulling from debian-ssh
343845282fc1: Pulling fs layer
51a6de5005ab: Pulling fs layer
af3cafd93e6f: Pulling fs layer
5140a92c8af6: Pulling fs layer
5f6bb1c6f369: Pulling fs layer
72a72a14723b: Pulling fs layer
5140a92c8af6: Waiting
5f6bb1c6f369: Waiting
72a72a14723b: Waiting
af3cafd93e6f: Verifying Checksum
af3cafd93e6f: Download complete
5140a92c8af6: Verifying Checksum
5140a92c8af6: Download complete
5f6bb1c6f369: Verifying Checksum
5f6bb1c6f369: Download complete
72a72a14723b: Verifying Checksum
72a72a14723b: Download complete
4405aa385fd346fcadff40cd00296054c9d1f3d4d055f72051dd56aeb9ddd0e4
df36c833024f5a96deeb4420fc33200b621f308d597d7b72b77f99995893d0df
Error response from daemon: network with name mitm already exists
343845282fc1: Verifying Checksum
343845282fc1: Download complete
07defbf2ff691a57d8862cc0135698ac4abc5b35e29969bd6e6bce61c230e842
51a6de5005ab: Verifying Checksum
51a6de5005ab: Download complete
a48dec81aff3fb379aa0ec581708a289b5b7c498bb7066b3c74d6811af885947
5b65556fb0b696a20896b379843adaf4bdbd23bb2b8f6d7afe18f05be353a2dd
Unable to find image 'SERVER:PORT/debian-ssh:latest' locally
latest: Pulling from debian-ssh
343845282fc1: Pulling fs layer
51a6de5005ab: Pulling fs layer
af3cafd93e6f: Pulling fs layer
5140a92c8af6: Pulling fs layer
5f6bb1c6f369: Pulling fs layer
72a72a14723b: Pulling fs layer
72a72a14723b: Download complete
51a6de5005ab: Download complete
af3cafd93e6f: Download complete
5140a92c8af6: Download complete
5f6bb1c6f369: Download complete
343845282fc1: Pull complete
343845282fc1: Pull complete
51a6de5005ab: Pull complete
51a6de5005ab: Pull complete
af3cafd93e6f: Pull complete
af3cafd93e6f: Pull complete
5140a92c8af6: Pull complete
5140a92c8af6: Pull complete
5f6bb1c6f369: Pull complete
5f6bb1c6f369: Pull complete
72a72a14723b: 72a72a14723b: Pull complete
Pull complete
Digest: sha256:4018aeefd4c4397eb351e0a4d36029addc1785f020f7c3d4c6125166496cb99c
Digest: sha256:4018aeefd4c4397eb351e0a4d36029addc1785f020f7c3d4c6125166496cb99c
Status: Downloaded newer image for SERVER:PORT/debian-ssh:latest
Status: Downloaded newer image for SERVER:PORT/debian-ssh:latest
docker: Error response from daemon: Conflict. The container name "/cont3" is already in use by container "af303e34837712cd77e9912d6b9cf2801324a497c2cb6957efb77f78f70f9fe0". You have to remove (or rename) that container to be able to reuse that name.
See 'docker run --help'.
af303e34837712cd77e9912d6b9cf2801324a497c2cb6957efb77f78f70f9fe0
5541a58ab9611b770cd5eba1700f98c744be8603702a9616405abbb00ab096a0
Unable to find image 'SERVER:PORT/debian-wshark:latest' locally
4a7a8fe0594b7269a0af1af52886790704c2a34e12088738ca890b8ddcb37e2b
latest: Pulling from debian-wshark
343845282fc1: Already exists
e3dbd23a1b42: Pulling fs layer
6fa9449d855f: Pulling fs layer
a962a5706539: Pulling fs layer
f0450f253c2c: Pulling fs layer
f0450f253c2c: Waiting
a962a5706539: Verifying Checksum
a962a5706539: Download complete
f0450f253c2c: Verifying Checksum
f0450f253c2c: Download complete
0d86a0ae0e29525a3f26f845c82f33f3bf80ca9e8af14d711a6f0bc069fbfead
Error response from daemon: network with name mitm already exists
6fa9449d855f: Verifying Checksum
6fa9449d855f: Download complete
25e5493b50f02cb345a4e88a089d239a7d2d8cb008f07a0a90dad3026ff0c4b4
22b8a3f5ae8b663e3d872001cceefa9e634067d3de9ef32740bc39686f2e4054
b9517f7e89f6c980be76bdae20ee443160ddc72ccd4d5883d8e1d8e2383df0d6
1f30e4c1ec0cb88d8b4fd8490da401f13a1a45b90557c9ecc590bb59f65dcdf6
a7c4751ce525908002ae2d1460d8d18d4880b8401727394a2da81c9863cd9286
Unable to find image 'SERVER:PORT/debian-wshark:latest' locally
latest: Pulling from debian-wshark
343845282fc1: Already exists
e3dbd23a1b42: Pulling fs layer
6fa9449d855f: Pulling fs layer
a962a5706539: Pulling fs layer
f0450f253c2c: Pulling fs layer
f0450f253c2c: Download complete
6fa9449d855f: Download complete
a962a5706539: Download complete
e3dbd23a1b42: Verifying Checksum
e3dbd23a1b42: Verifying Checksum
e3dbd23a1b42: Download complete
e3dbd23a1b42: Download complete
e3dbd23a1b42: Pull complete
e3dbd23a1b42: Pull complete
6fa9449d855f: Pull complete
6fa9449d855f: Pull complete
a962a5706539: Pull complete
a962a5706539: Pull complete
f0450f253c2c: Pull complete
f0450f253c2c: Pull complete
Digest: sha256:88734f9229df09bad053d60bd4dd01905e8b7ee2b3792e7178fc74730cc74145
Digest: sha256:88734f9229df09bad053d60bd4dd01905e8b7ee2b3792e7178fc74730cc74145
Status: Downloaded newer image for SERVER:PORT/debian-wshark:latest
Status: Downloaded newer image for SERVER:PORT/debian-wshark:latest
docker: Error response from daemon: Conflict. The container name "/cont2" is already in use by container "c59019d0360d58cdb7e469bc7475164fde92c3cf92acec3128440feae956840c". You have to remove (or rename) that container to be able to reuse that name.
See 'docker run --help'.
c59019d0360d58cdb7e469bc7475164fde92c3cf92acec3128440feae956840c
Error response from daemon: No such container: cont1
33af1af4fa2ebb8c8ab19c791164d24efd7657bbe0fda9ee7dbec44c1e4c35ee
Error response from daemon: network with name net1 already exists
6f06a8b005c3fd82f2ee866c50ff61f9e7564e649f43f92e8285fc8038020178
a9f4ada657ee0ad206ddb16dcb1b7801786a74eadfeefcee337d8e67ae10ee0c
5bd7bc815e5731116729b60358a54a0714342c73a39857c4804386090a6818c9

最奇怪的部分是，记录日志显示“已经存在”错误，这是不可能的，因为destroy.sh是在重新执行lab.sh脚本之前执行的。如果在外壳程序中使用/etc/init.d/destroy.sh; /etc/init.d/lab.sh执行它，则可以正常工作。

我已尝试提供描述中各个方面的完整详细信息，并尝试检查此问题，但无济于事。请告诉我设置中缺少的内容。

守护进程中的Docker API调用失败

设置

日志

0 个答案: