我正在使用CentOS 7.4.1708。当前环境无法访问互联网。所以我安装了docker (and docker-compose) from binaries.
首先,我遇到以下错误,发现与docker与selinux有关。所以我禁用了selinux。
[root@DB1 mysql-docker]# docker-compose up -d
Starting mysql-docker_db_1 ...
INFO[2020-08-27T10:18:39.817597300+08:00] shim containerd-shim started address="/containerd-shim/moby/596c3ab06926e99ffeccca8ffebfa08a540ca792517285f7a9cdc4855508af38/shim.sock" debug=false pid=5110
INFO[2020-08-27T10:18:39.896480000+08:00] shim reaped id=596c3ab06926e99ffeccca8ffebfa08a540ca792517285f7a9cdc4855508af38
ERRO[2020-08-27T10:18:39.916766100+08:00] stream copy error: reading from a closed fifo
ERRO[2020-08-27T10:18:39.928696800+08:00] stream copy error: reading from a closed fifo
ERRO[2020-08-27T10:18:40.077880000+08:00] 596c3ab06926e99ffeccca8ffebfa08a540ca792517285f7a9cdc4855508af38 cleanup: failed to delete container from containerd: no such contaiStarting mysql-docker_db_1 ... error
ERROR: for mysql-docker_db_1 Cannot start service db: OCI runtime create failed: container_linux.go:349: starting container process caused "process_linux.go:449: container init caused \"write /proc/self/attr/keycreate: permission denied\"": unknown
ERROR: for db Cannot start service db: OCI runtime create failed: container_linux.go:349: starting container process caused "process_linux.go:449: container init caused \"write /proc/self/attr/keycreate: permission denied\"": unknown
ERROR: Encountered errors while bringing up the project.
禁用selinux后,我仍然遇到以下错误
[root@DB1 mysql-docker]# docker-compose up -d
Removing mysql-docker_db_1
Recreating 596c3ab06926_mysql-docker_db_1 ...
INFO[2020-08-27T11:06:24.808910400+08:00] shim containerd-shim started address="/containerd-shim/moby/3324ac0a68749295f631247fdd071d687fbeeb946920bc788af782e880797fc6/shim.sock" debug=false pid=5888
INFO[2020-08-27T11:06:25.178909600+08:00] shim reaped id=3324ac0a68749295f631247fdd071d687fbeeb946920bc788af782e880797fc6
ERRO[2020-08-27T11:06:25.200213100+08:00] stream copy error: reading from a closed fifo
ERRO[2020-08-27T11:06:25.200224900+08:00] stream copy error: reading from a closed fifo
ERRO[2020-08-27T11:06:25.354324500+08:00] 3324ac0a68749295f631247fdd071d687fbeeb946920bc788af782e880797fc6 cleanup: failed to delete container from containerd: no such contaRecreating 596c3ab06926_mysql-docker_db_1 ... error
ERROR: for 596c3ab06926_mysql-docker_db_1 Cannot start service db: OCI runtime create failed: container_linux.go:349: starting container process caused "exec: \"--default-authentication-plugin=mysql_native_password\": executable file not found in $PATH": unknown
ERROR: for db Cannot start service db: OCI runtime create failed: container_linux.go:349: starting container process caused "exec: \"--default-authentication-plugin=mysql_native_password\": executable file not found in $PATH": unknown
ERROR: Encountered errors while bringing up the project.
我的docker-compose.yaml
:
version: '3.8'
services:
db:
image: mysql:5.7
container_name: db1_mysql
command: --default-authentication-plugin=mysql_native_password
restart: always
environment:
MYSQL_ROOT_PASSWORD: password
MYSQL_USER: user
MYSQL_PASS: password
ports:
- 3306:3306
volumes:
- ./db_data:/var/lib/mysql
我已经在本地PC上进行了测试。它可以启动并连接到mysql。
尝试运行centos映像时出现相同的错误:
[user@host ~]$ docker run -it centos:7 /usr/bin/bash
INFO[2020-08-27T14:09:31.576862000+08:00] shim containerd-shim started address="/containerd-shim/moby/9c51066015093177fa65305ba3a8efe510f27ee6849f043ce73e82e71195680c/shim.sock" debug=false pid=2495
INFO[2020-08-27T14:09:31.702726300+08:00] shim reaped id=9c51066015093177fa65305ba3a8efe510f27ee6849f043ce73e82e71195680c
ERRO[2020-08-27T14:09:31.723296400+08:00] stream copy error: reading from a closed fifo
ERRO[2020-08-27T14:09:31.752329700+08:00] 9c51066015093177fa65305ba3a8efe510f27ee6849f043ce73e82e71195680c cleanup: failed to delete container from containerd: no such container
docker: Error response from daemon: OCI runtime create failed: container_linux.go:349: starting container process caused "exec: \"/usr/bin/bash\": stat /usr/bin/bash: no such file or directory": unknown.
docker image inspect mysql:5.7
:
[
{
"Id": "sha256:f40b94ddfb35bbb991c05191ffddf988a6c660c039f441a133ed35df5a71a8f0",
"RepoTags": [
"mysql:5.7"
],
"RepoDigests": [],
"Parent": "",
"Comment": "Imported from -",
"Created": "2020-08-27T04:00:13.8522196Z",
"Container": "",
"ContainerConfig": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": null,
"Cmd": null,
"Image": "",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": null
},
"DockerVersion": "19.03.9",
"Author": "",
"Config": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": null,
"Cmd": null,
"Image": "",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": null
},
"Architecture": "amd64",
"Os": "linux",
"Size": 453807757,
"VirtualSize": 453807757,
"GraphDriver": {
"Data": {
"MergedDir": "/var/lib/docker/overlay2/a6d62e03185b9cb1baf2e8a59f49c8e5b8a11ddbe6c724dbbeecf8e7d270f705/merged",
"UpperDir": "/var/lib/docker/overlay2/a6d62e03185b9cb1baf2e8a59f49c8e5b8a11ddbe6c724dbbeecf8e7d270f705/diff",
"WorkDir": "/var/lib/docker/overlay2/a6d62e03185b9cb1baf2e8a59f49c8e5b8a11ddbe6c724dbbeecf8e7d270f705/work"
},
"Name": "overlay2"
},
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:926d1cc1d1ceda07eca8dc3df0aa1da131a02cad0cf2ae52c28e7e4ee0eee69b"
]
},
"Metadata": {
"LastTagTime": "2020-08-27T12:00:13.8580127+08:00"
}
}
]
答案 0 :(得分:1)
第一个图像问题可能是因为您不正确地导入了图像。 docker import
命令是docker export
的反函数,它适用于容器文件系统而不是带有图像元数据的图像。相反,您应该将docker load
与docker save
一起运行以传输图像。如果该方法正常运行,您将在映像中看到一个定义的入口点,该入口点就是docker应该尝试使用command
值作为入口点的参数运行的地方:
$ docker image inspect mysql:5.7 --format '{{.Config.Entrypoint}}'
[docker-entrypoint.sh]
第二个错误似乎是centos:7图像的错误导入/导出。如果您使用overlay2,则可以检查图像和文件系统层:
# docker image inspect centos:7 --format '{{.RootFS.Layers}}'
[sha256:77b174a6a187b610e4699546bd973a8d1e77663796e3724318a2a4b24cb07ea0]
# cat /var/lib/docker/image/overlay2/layerdb/sha256/77b174a6a187b610e4699546bd973a8d1e7
7663796e3724318a2a4b24cb07ea0/cache-id
e82a8ede7fba48074c4c41c53db8244002cb6896f0687e1af29d15a411de11c7
# ls -al /var/lib/docker/overlay2/e82a8ede7fba48074c4c41c53db8244002cb6896f0687e1af29d15a411de11c7/
committed diff/ link
root@bmitch-t490:/home/bmitch# ls -al /var/lib/docker/overlay2/e82a8ede7fba48074c4c41c53db8244002cb6896f0687e1af29d15a411de11c7/diff/usr/bin/bash
-rwxr-xr-x 1 root root 964600 Aug 8 2019 /var/lib/docker/overlay2/e82a8ede7fba48074c4c41c53db8244002cb6896f0687e1af29d15a411de11c7/diff/usr/bin/bash
答案 1 :(得分:0)
仔细检查您要启动容器的确切命令;从该输出中,您似乎在尝试运行的图像名称之后传递了-d选项。因此,-d用作在容器内运行的命令,因此将失败;
-d(--detach)选项是docker run的一个选项,因此必须在正在运行的映像名称之前传递;
docker run -d containername