標籤:apr and 刪除 運行 ima hdr ufs 個人 reload
一.devicemapper介紹Device Mapper是Linux系統中基於核心的進階卷管理技術架構。Docker的devicemapper儲存驅動就是基於該架構的精簡置備和快照功能來實現鏡像和容器的管理。注:Device Mapper是Linux的一種技術架構,而devicemapper是Docker Engine基於Device Mapper提供的一種儲存驅動。早期的Docker運行在Ubuntu和Debian Linux上並使用AUFS作為後端儲存。Docker流行之後,越來越多的的公司希望在Red Hat Enterprise Linux這類企業級的作業系統上面運行Docker,但可惜的是RHEL的核心並不支援AUFS。這個時候紅帽公司出手了,決定和Docker公司合作去開發一種基於Device Mapper技術的後端儲存,也就是現在的devicemapper。devicemapper驅動將每一個Docker鏡像和容器儲存在它自身的具有精簡置備(thin-provisioned)、寫時拷貝(copy-on-write)和快照功能(snapshotting)的虛擬設備上。由於Device Mapper技術是在塊(block)層面而非檔案層面,所以Docker Engine的devicemapper儲存驅動使用的是塊裝置來儲存資料而非檔案系統。
二.devicemapper的模式
devicemapper是RHEL下Docker Engine的預設儲存驅動,它有兩種配置模式:loop-lvm和direct-lvm。loop-lvm是預設的模式,它使用OS層面離散的檔案來構建精簡池(thin pool)。該模式主要是設計出來讓Docker能夠簡單的被”開箱即用(out-of-the-box)”而無需額外的配置。但如果是在生產環境的部署Docker,官方明文不推薦使用該模式。我們使用docker info命令可以看到以下警告: WARNING: Usage of loopback devices is strongly discouraged for production use. Either use `–storage-opt dm.thinpooldev` or use `–storage-opt dm.no_warn_on_loop_devices=true` to suppress this warning.direct-lvm是Docker推薦的生產環境的推薦模式,他使用塊裝置來構建精簡池來存放鏡像和容器的資料。前段時間有篇很不錯的文章是關於老司機填devicemapper坑的血淚史,仔細研讀之後發現老司機使用的是loop-lvm模式,那個坑有可能由此引起,最終老司機使用overlayfs的儲存驅動解決了問題。注:Linux核心在3.18以上才能支援overlayfs,但RHEL 7.2的核心版本為3.10,所以原生並不支援。但是的確有人在RHEL7.2上成功應用了overlayfs驅動,個人猜測可能是手動在核心裡面載入了overlay的模組。
三.配置direct-lvm模式
1.停止Docker並備份
如果Docker服務已在運行且有需要保留的鏡像和容器,停服務前把相關資料給備份。個人也強烈建議如果是在生產環境使用Docker的話,拿到host的第一時間就將direct-lvm模式給配置了。(當然也可以選擇其他的storage driver)
2.查看當前devicemapper模式
[[email protected] ~]# docker infoContainers: 0 Running: 0 Paused: 0 Stopped: 0Images: 0Server Version: 17.12.0-ceStorage Driver: devicemapper Pool Name: docker-8:3-1073035-pool Pool Blocksize: 65.54kB Base Device Size: 10.74GB Backing Filesystem: xfs Udev Sync Supported: true Data file: /dev/loop0 Metadata file: /dev/loop1 Data loop file: /var/lib/docker/devicemapper/devicemapper/data Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata Data Space Used: 11.8MB Data Space Total: 107.4GB Data Space Available: 51.36GB Metadata Space Used: 581.6kB Metadata Space Total: 2.147GB Metadata Space Available: 2.147GB Thin Pool Minimum Free Space: 10.74GB Deferred Removal Enabled: true Deferred Deletion Enabled: true Deferred Deleted Device Count: 0 Library Version: 1.02.140-RHEL7 (2017-05-03)Logging Driver: json-fileCgroup Driver: cgroupfsPlugins: Volume: local Network: bridge host macvlan null overlay Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslogSwarm: inactiveRuntimes: runcDefault Runtime: runcInit Binary: docker-initcontainerd version: 89623f28b87a6004d4b785663257362d1658a729runc version: b2567b37d7b75eb4cf325b77297b140ea686ce8finit version: 949e6faSecurity Options: seccomp Profile: defaultKernel Version: 3.10.0-327.el7.x86_64Operating System: CentOS Linux 7 (Core)OSType: linuxArchitecture: x86_64CPUs: 2Total Memory: 1.954GiBName: dockerID: IMMY:YLYX:LF5E:GZID:ACCP:4V43:2IPT:MCSD:DINH:MKFJ:DSDV:TWF4Docker Root Dir: /var/lib/dockerDebug Mode (client): falseDebug Mode (server): falseRegistry: https://index.docker.io/v1/Labels:Experimental: falseInsecure Registries: 127.0.0.0/8Live Restore Enabled: falseWARNING: devicemapper: usage of loopback devices is strongly discouraged for production use. Use `--storage-opt dm.thinpooldev` to specify a custom block storage device.[[email protected] ~]#
基於docker info查詢的結果可以看到當前模式為loop-lvm。
3.停止docker服務
[[email protected] ~]# systemctl stop docker
四.分配裸裝置
本例以添加硬碟到docker宿主機,推薦使用外部共用儲存的裝置但不局限於此種方式,可根據自己的環境決定。
添加200GB的硬碟
建立一個Volume Group
將Volume Group掛給docker宿主機
建立VG
1.查看裝置
[[email protected] ~]# fdisk -l /dev/sdbDisk /dev/sdb: 214.7 GB, 214748364800 bytes, 419430400 sectorsUnits = sectors of 1 * 512 = 512 bytesSector size (logical/physical): 512 bytes / 512 bytesI/O size (minimum/optimal): 512 bytes / 512 bytes[[email protected] ~]#
2.建立PV
[[email protected] ~]# pvcreate /dev/sdb Physical volume "/dev/sdb" successfully created.[[email protected] ~]#
3.建立VG
[[email protected] ~]# vgcreate docker /dev/sdb Volume group "docker" successfully created[[email protected] ~]#
4.查看VG資訊
[[email protected] ~]# vgs VG #PV #LV #SN Attr VSize VFree docker 1 0 0 wz--n- <200.00g <200.00g[[email protected] ~]# vgdisplay docker --- Volume group --- VG Name docker System ID Format lvm2 Metadata Areas 1 Metadata Sequence No 1 VG Access read/write VG Status resizable MAX LV 0 Cur LV 0 Open LV 0 Max PV 0 Cur PV 1 Act PV 1 VG Size <200.00 GiB PE Size 4.00 MiB Total PE 51199 Alloc PE / Size 0 / 0 Free PE / Size 51199 / <200.00 GiB VG UUID m6or9g-k3Ff-s5eX-w9yz-MjyN-oaA5-l2Vwsw [[email protected] ~]#
建立thinpool
建立pool
[[email protected] ~]# lvcreate --wipesignatures y -n thinpool docker -l 95%VG Logical volume "thinpool" created. [[email protected] ~]# lvcreate --wipesignatures y -n thinpoolmeta docker -l 1%VG Logical volume "thinpoolmeta" created.[[email protected] ~]#
資料LV大小為VG的95%,中繼資料LV大小為VG的1%,剩餘的空間用來自動擴充。
2.將pool轉換為thinpool
[[email protected] ~]# lvcreate --wipesignatures y -n thinpoolmeta docker -l 1%VG Logical volume "thinpoolmeta" created.[[email protected] ~]# lvconvert -y --zero n -c 512K --thinpool docker/thinpool --poolmetadata docker/thinpoolmeta Thin pool volume with chunk size 512.00 KiB can address at most 126.50 TiB of data. WARNING: Converting logical volume docker/thinpool and docker/thinpoolmeta to thin pool's data and metadata volumes with metadata wiping. THIS WILL DESTROY CONTENT OF LOGICAL VOLUME (filesystem etc.) Converted docker/thinpool_tdata to thin pool.[[email protected] ~]#
配置thinpool
配置池的自動擴充
[[email protected] ~]# cat /etc/lvm/profile/docker-thinpool.profileactivation { thin_pool_autoextend_threshold=80 thin_pool_autoextend_percent=20}[[email protected] ~]#
2.應用配置變更
[[email protected] ~]# lvchange --metadataprofile docker-thinpool docker/thinpool Logical volume docker/thinpool changed.[[email protected] ~]#
3.狀態監控檢查
[[email protected] ~]# lvs -o+seg_monitor LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert Monitor thinpool docker twi-a-t--- <190.00g 0.00 0.01 monitored[[email protected] ~]#
配置Docker
1.修改服務組態檔
[[email protected] ~]# vim /usr/lib/systemd/system/docker.service--storage-driver=devicemapper --storage-opt=dm.thinpooldev=/dev/mapper/docker-thinpool --storage-opt dm.use_deferred_removal=true
ExecStart後加入storage相關配置參數,如果配置了$OPTIONS也可以在對應的EnvironmentFile中加入。
2.清除graphdriver
[[email protected] ~]# rm -rf /var/lib/docker/*
之前已提醒資料備份,因為在這裡清除graphdriver會將image,Container和volume所有資料都刪除。如果不刪除,則會遇到以下的錯誤導致docker服務起不來的。
Error starting daemon: error initializing graphdriver: devmapper: Base Device UUID and Filesystem verification failed: devicemapper: Error running deviceCreate (ActivateDevice) dm_task_run failed
啟動docker服務
[[email protected] ~]# systemctl daemon-reload[[email protected] ~]# systemctl start docker
檢查devicemapper配置
[[email protected] ~]# docker infoContainers: 0 Running: 0 Paused: 0 Stopped: 0Images: 0Server Version: 17.12.0-ceStorage Driver: devicemapper Pool Name: docker-thinpool Pool Blocksize: 524.3kB Base Device Size: 10.74GB Backing Filesystem: xfs Udev Sync Supported: true Data Space Used: 20.45MB Data Space Total: 204GB Data Space Available: 204GB Metadata Space Used: 266.2kB Metadata Space Total: 2.143GB Metadata Space Available: 2.143GB Thin Pool Minimum Free Space: 20.4GB Deferred Removal Enabled: true Deferred Deletion Enabled: true Deferred Deleted Device Count: 0 Library Version: 1.02.140-RHEL7 (2017-05-03)Logging Driver: json-fileCgroup Driver: cgroupfsPlugins: Volume: local Network: bridge host macvlan null overlay Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslogSwarm: inactiveRuntimes: runcDefault Runtime: runcInit Binary: docker-initcontainerd version: 89623f28b87a6004d4b785663257362d1658a729runc version: b2567b37d7b75eb4cf325b77297b140ea686ce8finit version: 949e6faSecurity Options: seccomp Profile: defaultKernel Version: 3.10.0-327.el7.x86_64Operating System: CentOS Linux 7 (Core)OSType: linuxArchitecture: x86_64CPUs: 2Total Memory: 1.954GiBName: dockerID: IMMY:YLYX:LF5E:GZID:ACCP:4V43:2IPT:MCSD:DINH:MKFJ:DSDV:TWF4Docker Root Dir: /var/lib/dockerDebug Mode (client): falseDebug Mode (server): falseRegistry: https://index.docker.io/v1/Labels:Experimental: falseInsecure Registries: 127.0.0.0/8Live Restore Enabled: false[[email protected] ~]#
基於docker info查詢的結果可以看到當前模式為direct-lvm。
測試
pull一個鏡像看是否資料會寫到thinpool裡;
[[email protected] ~]# lvs LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert thinpool docker twi-a-t--- <190.00g 0.01 0.01 [[email protected] ~]# docker pull centosUsing default tag: latestlatest: Pulling from library/centosaf4b0a2388c6: Pull complete Digest: sha256:2671f7a3eea36ce43609e9fe7435ade83094291055f1c96d9d1d1d7c0b986a5dStatus: Downloaded newer image for centos:latest[[email protected] ~]# lvs LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert thinpool docker twi-a-t--- <190.00g 0.13 0.01 [[email protected] ~]#
可以看到Data%在pull一個centos鏡像後使用率由0.01變為0.13,說明direct-lvm配置成功且正常工作。
Docker儲存驅動devicemapper介紹和配置
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
