標籤:docker agetty privileged 固定ip nsenter
因為現在的環境還在CentOS5下,但新的庫只有在CentOS6下才能用。然後用Docker啟動完整OS,這樣相對於ESX省資源一點點。
目前的環境是宿主機是ubuntu 16.04, 然後容器就 centos5 和 centos6
首先直接從官方下載相關底包
docker pull centos:5.11docker pull centos:6.8
然後直接在底包上組安裝相關軟體
yum groupinstall ...
上面直接組安裝法對5.11沒問題, 6.8就是沒辦法折騰。6.8上只要這樣安裝,再啟動容器,發現會卡在
sulogin 這個進程上,然後就沒反應了(另外,rc.sysinit 這個進程應該運行一下就消失的卻一直都在)。查詢了一下這個進程是單使用者登入用的,然後只要有這個進程就沒辦法SSH了。
然後我是按下面的包順序安裝的。
# 先安裝的SSH,安裝一個 commit 一次, 一行裝一次openssh-server# 下面的是 Base 包裡的abrt-addon-ccpp abrt-addon-kerneloops abrt-addon-python abrt-cli acpid alsa-utils at authconfig b43-fwcutter bcbiosdevname blktrace bridge-utils centos-indexhtml cpuspeed crontabs cryptsetup-luks cyrus-sasl-plain dbusfprintd-pam hunspell hunspell-en irqbalance ledmon libaio logrotatelsof lvm2 man man-pages man-pages-overrides microcode_ctl mlocate mtr nanontp ntpdate ntsysv openssh-clients pam_passwdqc pciutils pcmciautils pinfo pm-utilsprelink psacct rdate readahead rfkill rng-tools rsync scl-utils setserialsetuptool smartmontools sos strace sysstat system-config-firewall-tui system-config-network-tui systemtap-runtime tcpdump tcsh time tmpwatch traceroute unzip vconfig vim-enhanced virt-what wget words xz yum-plugin-security yum-utils zip bind-utils# 下面的是開發工具組 直接 yum groupinstall ..."Development tools"# 下面這些是 Desktop, "X windows", 還有附加開發中的東西,GConf2-devel NetworkManager NetworkManager-gnome alsa-lib-devel alsa-plugins-pulseaudio at-spi audit-libs-devel binutils-devel boost-devel bzip2-develcontrol-center control-center-extra cyrus-sasl-devel dbus-glib-devel elfutils-devel elfutils-libelf-devel eog evolution-data-server-devel firstboot gdmgdm-plugin-fingerprint gdm-user-switch-applet glx-utils gnome-applets gnome-desktop-devel gnome-keyring-devel gnome-media gnome-packagekit gnome-panel gnome-power-managerjava-1.6.0-openjdk-devel perl-devel mysql-devel python-devel perl-ExtUtils-MakeMaker sqlite-devel libcurl-devellibacl-devel libattr-devel libcanberra-devel libcap-ng-devel libcgroup-devel libgnome-devel libnotify-devel librsvg2-devel libsoup-devel pygtk2-devel readline-devel tbb-devel vnc-server nscd pam_ldap vsftpdxdg-user-dirs-gtk xorg-x11-drivers xorg-x11-server-Xorg xorg-x11-server-utils xorg-x11-utils xorg-x11-xauth xorg-x11-xinit xvattr yelppolkit-devel gnome-terminal polkit-gnome spice-vdagent vino wacomexpresskeys wdaemon notification-daemon
最後還有下面這幾這個包只要安裝就會卡在 sulogin, 暫時不知道乍整
nautilus gok hmaccalc gvfs-devel gnome-vfs2-smb gvfs-archive gvfs-fuse gvfs-smb
引導完整系統官方是不推薦這樣做的,畢竟Docker是輕量級的,這樣違背了他的初衷了。
要引導完整系統run後面的參數就是 /sbin/init
在安裝好 autofs 後,想啟動它發現提示:
Starting automount: automount: test mount forbidden or incorrect kernel protocol version, kernel protocol version 5.00 or above required. [FAILED]
搜尋後發現原來是許可權不夠。
直接在 run 時加上 --privileged 即可,如:
docker run --rm --privileged -p 3000:22 -v /root/centos6:/root centos6/d1103:D /sbin/init
容器啟動後,在宿主機發現 agetty 進程CPU佔用100%,再次放狗,解決辦法如下
systemctl list-units *getty* systemctl stop [email protected] #主要是這個停止後就OKsystemctl stop system-getty.slicesystemctl stop getty.target
另外容器還要固定IP,然後用的macvlan辦法,寫了一個小指令碼用來啟動容器並設定IP
#!/bin/bash# start container and setting container IP addressif [[ $# -ne 3 ]] then echo "./script.sh image_name ip_dev_name container_ip" echo "" echo "./script.sh centos5/new:A enp4s0 192.168.1.6/24" echo "" exitficonfig=/local_home/docker/configdocker run -d --privileged -v $config/${1%/*}:/root $1 /sbin/initdocker_pid=$(docker inspect $(docker ps | awk -vt=$2 ‘NR>1&&$2==t{print $1}‘) 2>/dev/null | awk ‘$1~/Pid\"/{print +$2}‘)if [[ -z "$docker_pid" ]] then echo "docker container name not found" exitfiif [[ `ip link | awk -vdev=$2 ‘$2==dev":"{a=1}END{print a}‘` -ne 1 ]] then echo "ip dev name error" exitfiip link add "$2".d link "$2" type macvlan mode bridgeip link set netns "$docker_pid" "${2}.d"nsenter -t "$docker_pid" -n ip link set "${2}.d" upnsenter -t "$docker_pid" -n ip route del defaultnsenter -t "$docker_pid" -n ip addr add "$3" dev "${2}.d"nsenter -t "$docker_pid" -n ip route add default via `ip r | awk ‘/default/{print $3}‘` dev "${2}.d"# 進入容器# nsenter --target=$docker_pid --net --mount --uts --pid
Docker容器引導完整CentOS
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
