Docker映像拉延迟时间

时间:2019-05-08 22:48:40

标签: docker kubernetes

当K8s尝试在K8s奴才节点上启动容器(在Pod内)时,我想探索Docker内部。

我对探索容器图像提取的工作方式特别感兴趣?因为K8s大部分时间要在节点上启动容器。

我在docker中启用了调试标志,并启动了一个K8s容器,该容器仅在官方centos容器映像中执行sleep 100;我从docker找到以下日志

 1) May 07 13:23:13T HOST215 dockerd[236863]: time="2019-05-07T13:23:13.470382988-07:00" level=debug msg="Trying to pull centos from https://registry-1.docker.io v2"
 2) May 07 13:23:13T HOST215 dockerd[236863]: time="2019-05-07T13:23:13.533394060-07:00" level=debug msg="Calling GET /v1.38/containers/json?all=1&filters=%7B%22label%22%3A%7B%22io.kubernetes.docker.type%3Dpodsandbox%22%3Atrue%7D%7D&limit=0"
 3) May 07 13:23:13T HOST215 dockerd[236863]: time="2019-05-07T13:23:13.539019135-07:00" level=debug msg="Calling GET /v1.38/containers/json?all=1&filters=%7B%22label%22%3A%7B%22io.kubernetes.docker.type%3Dcontainer%22%3Atrue%7D%7D&limit=0"
 4) May 07 13:23:13T HOST215 dockerd[236863]: time="2019-05-07T13:23:13.542900893-07:00" level=debug msg="Calling GET /v1.38/containers/json?all=1&filters=%7B%22label%22%3A%7B%22io.kubernetes.docker.type%3Dpodsandbox%22%3Atrue%2C%22io.kubernetes.pod.uid%3Deff90de1-7105-11e9-b320-a4bf014bcf99%22%3Atrue%7D%7D&limit=0"
 5) May 07 13:23:13T HOST215 dockerd[236863]: time="2019-05-07T13:23:13.544960424-07:00" level=debug msg="Calling GET /v1.38/containers/05e7cb3d1efdb6105e030712f18d358a96062a72ec241c26a91b03c2d5a38154/json"
 6) May 07 13:23:13T HOST215 dockerd[236863]: time="2019-05-07T13:23:13.546231371-07:00" level=debug msg="Calling GET /v1.38/containers/05e7cb3d1efdb6105e030712f18d358a96062a72ec241c26a91b03c2d5a38154/json"
 7) May 07 13:23:13T HOST215 dockerd[236863]: time="2019-05-07T13:23:13.553221377-07:00" level=debug msg="Calling GET /v1.38/containers/json?all=1&filters=%7B%22label%22%3A%7B%22io.kubernetes.docker.type%3Dcontainer%22%3Atrue%2C%22io.kubernetes.pod.uid%3Deff90de1-7105-11e9-b320-a4bf014bcf99%22%3Atrue%7D%7D&limit=0"
 8) May 07 13:23:14T HOST215 dockerd[236863]: time="2019-05-07T13:23:14.300443613-07:00" level=debug msg="Calling GET /v1.38/containers/json?filters=%7B%22label%22%3A%7B%22io.kubernetes.docker.type%3Dpodsandbox%22%3Atrue%7D%7D&limit=0"
 9) May 07 13:23:14T HOST215 dockerd[236863]: time="2019-05-07T13:23:14.306325116-07:00" level=debug msg="Calling GET /v1.38/containers/json?all=1&filters=%7B%22label%22%3A%7B%22io.kubernetes.docker.type%3Dcontainer%22%3Atrue%7D%2C%22status%22%3A%7B%22running%22%3Atrue%7D%7D&limit=0"
10) May 07 13:23:14T HOST215 dockerd[236863]: time="2019-05-07T13:23:14.555374722-07:00" level=debug msg="Calling GET /v1.38/containers/json?all=1&filters=%7B%22label%22%3A%7B%22io.kubernetes.docker.type%3Dpodsandbox%22%3Atrue%7D%7D&limit=0"
11) May 07 13:23:14T HOST215 dockerd[236863]: time="2019-05-07T13:23:14.561243955-07:00" level=debug msg="Calling GET /v1.38/containers/json?all=1&filters=%7B%22label%22%3A%7B%22io.kubernetes.docker.type%3Dcontainer%22%3Atrue%7D%7D&limit=0"
12) May 07 13:23:15T HOST215 dockerd[236863]: time="2019-05-07T13:23:15.566067938-07:00" level=debug msg="Calling GET /v1.38/containers/json?all=1&filters=%7B%22label%22%3A%7B%22io.kubernetes.docker.type%3Dpodsandbox%22%3Atrue%7D%7D&limit=0"
13) May 07 13:23:15T HOST215 dockerd[236863]: time="2019-05-07T13:23:15.572037981-07:00" level=debug msg="Calling GET /v1.38/containers/json?all=1&filters=%7B%22label%22%3A%7B%22io.kubernetes.docker.type%3Dcontainer%22%3Atrue%7D%7D&limit=0"
14) May 07 13:23:16T HOST215 dockerd[236863]: time="2019-05-07T13:23:16.275032672-07:00" level=debug msg="Pulling ref from V2 registry: centos:latest"
15) May 07 13:23:16T HOST215 dockerd[236863]: time="2019-05-07T13:23:16.275113897-07:00" level=debug msg="docker.io/library/centos:latest resolved to a manifestList object with 5 entries; looking for a unknown/amd64 match"
16) May 07 13:23:16T HOST215 dockerd[236863]: time="2019-05-07T13:23:16.275158124-07:00" level=debug msg="found match for linux/amd64 with media type application/vnd.docker.distribution.manifest.v2+json, digest sha256:ca58fe458b8d94bc6e3072f1cfbd334855858e05e1fd633aa07cf7f82b048e66"
17) May 07 13:23:16T HOST215 dockerd[236863]: time="2019-05-07T13:23:16.299948758-07:00" level=debug msg="Calling GET /v1.38/containers/json?filters=%7B%22label%22%3A%7B%22io.kubernetes.docker.type%3Dpodsandbox%22%3Atrue%7D%7D&limit=0"
18) May 07 13:23:16T HOST215 dockerd[236863]: time="2019-05-07T13:23:16.305673333-07:00" level=debug msg="Calling GET /v1.38/containers/json?all=1&filters=%7B%22label%22%3A%7B%22io.kubernetes.docker.type%3Dcontainer%22%3Atrue%7D%2C%22status%22%3A%7B%22running%22%3Atrue%7D%7D&limit=0"
19) May 07 13:23:16T HOST215 dockerd[236863]: time="2019-05-07T13:23:16.309405996-07:00" level=debug msg="Calling GET /v1.38/containers/json?filters=%7B%22label%22%3A%7B%22io.kubernetes.docker.type%3Dpodsandbox%22%3Atrue%7D%7D&limit=0"
20) May 07 13:23:16T HOST215 dockerd[236863]: time="2019-05-07T13:23:16.315129131-07:00" level=debug msg="Calling GET /v1.38/containers/json?all=1&filters=%7B%22label%22%3A%7B%22io.kubernetes.docker.type%3Dcontainer%22%3Atrue%7D%2C%22status%22%3A%7B%22running%22%3Atrue%7D%7D&limit=0"
21) May 07 13:23:16T HOST215 dockerd[236863]: time="2019-05-07T13:23:16.576681711-07:00" level=debug msg="Calling GET /v1.38/containers/json?all=1&filters=%7B%22label%22%3A%7B%22io.kubernetes.docker.type%3Dpodsandbox%22%3Atrue%7D%7D&limit=0"
22) May 07 13:23:16T HOST215 dockerd[236863]: time="2019-05-07T13:23:16.582512131-07:00" level=debug msg="Calling GET /v1.38/containers/json?all=1&filters=%7B%22label%22%3A%7B%22io.kubernetes.docker.type%3Dcontainer%22%3Atrue%7D%7D&limit=0"

在上面的日志中,我发现来自日志第1行和日志第14行的消息很有趣,因为docker花了3秒钟或3000毫秒(而源代码中的大多数功能在10毫秒内完成;这是巨大的),来自Trying拉动实际上开始拉动图像。

在遵循docker源代码时,我遇到了https://github.com/docker/docker-ce/blob/18.06/components/engine/registry/auth.go#L252,此功能可ping通v2注册表并向前生成日志行2

它向我提出了以下问题

  1. 为什么Docker在/v1.38/containers/*上执行ping操作?这些似乎是已经在节点上运行的K8吊舱/容器;不是docker注册表?我要求的centos映像位于docker hub上,并且已在本地存储中拉出。

后面的代码继续进入https://github.com/docker/docker-ce/blob/18.06/components/engine/distribution/pull_v2.go#L331,在这里尝试拉标签;以及我们从docker获得的消息;显示其“调用GET /v1.38/containers / *”

  1. 为什么Docker从/v1.38/containers/*上拉标签?这些似乎是已经在节点上运行的K8s吊舱/容器;没有注册表?我要求的centos映像位于docker hub上,并且已在本地存储中拉出。

进一步的以下代码将您带到 https://github.com/docker/docker-ce/blob/18.06/components/engine/distribution/pull_v2.go#L382将在上面的日志中打印第14行。

您能帮助进一步了解Docker在日志第1行和日志第14行之间做什么吗?

谢谢

0 个答案:

没有答案
相关问题
最新问题