问题描述
我正在使用CentOS 7.4.1708。当前环境无法访问互联网。所以我安装了docker (and docker-compose) from binaries.
首先,我遇到以下错误,发现与docker与selinux有关。所以我禁用了selinux。
[root@DB1 MysqL-docker]# docker-compose up -d
Starting MysqL-docker_db_1 ...
INFO[2020-08-27T10:18:39.817597300+08:00] shim containerd-shim started address="/containerd-shim/moby/596c3ab06926e99ffeccca8ffebfa08a540ca792517285f7a9cdc4855508af38/shim.sock" debug=false pid=5110
INFO[2020-08-27T10:18:39.896480000+08:00] shim reaped id=596c3ab06926e99ffeccca8ffebfa08a540ca792517285f7a9cdc4855508af38
ERRO[2020-08-27T10:18:39.916766100+08:00] stream copy error: reading from a closed fifo
ERRO[2020-08-27T10:18:39.928696800+08:00] stream copy error: reading from a closed fifo
ERRO[2020-08-27T10:18:40.077880000+08:00] 596c3ab06926e99ffeccca8ffebfa08a540ca792517285f7a9cdc4855508af38 cleanup: Failed to delete container from containerd: no such contaiStarting MysqL-docker_db_1 ... error
ERROR: for MysqL-docker_db_1 Cannot start service db: OCI runtime create Failed: container_linux.go:349: starting container process caused "process_linux.go:449: container init caused \"write /proc/self/attr/keycreate: permission denied\"": unkNown
ERROR: for db Cannot start service db: OCI runtime create Failed: container_linux.go:349: starting container process caused "process_linux.go:449: container init caused \"write /proc/self/attr/keycreate: permission denied\"": unkNown
ERROR: Encountered errors while bringing up the project.
禁用selinux后,我仍然遇到以下错误
[root@DB1 MysqL-docker]# docker-compose up -d
Removing MysqL-docker_db_1
Recreating 596c3ab06926_MysqL-docker_db_1 ...
INFO[2020-08-27T11:06:24.808910400+08:00] shim containerd-shim started address="/containerd-shim/moby/3324ac0a68749295f631247fdd071d687fbeeb946920bc788af782e880797fc6/shim.sock" debug=false pid=5888
INFO[2020-08-27T11:06:25.178909600+08:00] shim reaped id=3324ac0a68749295f631247fdd071d687fbeeb946920bc788af782e880797fc6
ERRO[2020-08-27T11:06:25.200213100+08:00] stream copy error: reading from a closed fifo
ERRO[2020-08-27T11:06:25.200224900+08:00] stream copy error: reading from a closed fifo
ERRO[2020-08-27T11:06:25.354324500+08:00] 3324ac0a68749295f631247fdd071d687fbeeb946920bc788af782e880797fc6 cleanup: Failed to delete container from containerd: no such contaRecreating 596c3ab06926_MysqL-docker_db_1 ... error
ERROR: for 596c3ab06926_MysqL-docker_db_1 Cannot start service db: OCI runtime create Failed: container_linux.go:349: starting container process caused "exec: \"--default-authentication-plugin=MysqL_native_password\": executable file not found in $PATH": unkNown
ERROR: for db Cannot start service db: OCI runtime create Failed: container_linux.go:349: starting container process caused "exec: \"--default-authentication-plugin=MysqL_native_password\": executable file not found in $PATH": unkNown
ERROR: Encountered errors while bringing up the project.
我的docker-compose.yaml:
version: '3.8'
services:
db:
image: MysqL:5.7
container_name: db1_MysqL
command: --default-authentication-plugin=MysqL_native_password
restart: always
environment:
MysqL_ROOT_PASSWORD: password
MysqL_USER: user
MysqL_PASS: password
ports:
- 3306:3306
volumes:
- ./db_data:/var/lib/MysqL
我已经在本地PC上进行了测试。它可以启动并连接到MysqL。
编辑:
尝试运行centos映像时出现相同的错误:
[user@host ~]$ docker run -it centos:7 /usr/bin/bash
INFO[2020-08-27T14:09:31.576862000+08:00] shim containerd-shim started address="/containerd-shim/moby/9c51066015093177fa65305ba3a8efe510f27ee6849f043ce73e82e71195680c/shim.sock" debug=false pid=2495
INFO[2020-08-27T14:09:31.702726300+08:00] shim reaped id=9c51066015093177fa65305ba3a8efe510f27ee6849f043ce73e82e71195680c
ERRO[2020-08-27T14:09:31.723296400+08:00] stream copy error: reading from a closed fifo
ERRO[2020-08-27T14:09:31.752329700+08:00] 9c51066015093177fa65305ba3a8efe510f27ee6849f043ce73e82e71195680c cleanup: Failed to delete container from containerd: no such container
docker: Error response from daemon: OCI runtime create Failed: container_linux.go:349: starting container process caused "exec: \"/usr/bin/bash\": stat /usr/bin/bash: no such file or directory": unkNown.
docker image inspect MysqL:5.7:
[
{
"Id": "sha256:f40b94ddfb35bbb991c05191ffddf988a6c660c039f441a133ed35df5a71a8f0","RepoTags": [
"MysqL:5.7"
],"RepoDigests": [],"Parent": "","Comment": "Imported from -","Created": "2020-08-27T04:00:13.8522196Z","Container": "","ContainerConfig": {
"Hostname": "","Domainname": "","User": "","AttachStdin": false,"AttachStdout": false,"AttachStderr": false,"Tty": false,"OpenStdin": false,"StdinOnce": false,"Env": null,"Cmd": null,"Image": "","Volumes": null,"WorkingDir": "","Entrypoint": null,"OnBuild": null,"Labels": null
},"DockerVersion": "19.03.9","Author": "","Config": {
"Hostname": "","Architecture": "amd64","Os": "linux","Size": 453807757,"VirtualSize": 453807757,"GraphDriver": {
"Data": {
"MergedDir": "/var/lib/docker/overlay2/a6d62e03185b9cb1baf2e8a59f49c8e5b8a11ddbe6c724dbbeecf8e7d270f705/merged","UpperDir": "/var/lib/docker/overlay2/a6d62e03185b9cb1baf2e8a59f49c8e5b8a11ddbe6c724dbbeecf8e7d270f705/diff","workdir": "/var/lib/docker/overlay2/a6d62e03185b9cb1baf2e8a59f49c8e5b8a11ddbe6c724dbbeecf8e7d270f705/work"
},"Name": "overlay2"
},"RootFS": {
"Type": "layers","Layers": [
"sha256:926d1cc1d1ceda07eca8dc3df0aa1da131a02cad0cf2ae52c28e7e4ee0eee69b"
]
},"Metadata": {
"LastTagTime": "2020-08-27T12:00:13.8580127+08:00"
}
}
]
解决方法
第一个图像问题可能是因为您不正确地导入了图像。 docker import命令是docker export的反函数,它适用于容器文件系统而不是带有图像元数据的图像。相反,您应该将docker load与docker save一起运行以传输图像。如果该方法正常运行,您将在映像中看到一个定义的入口点,该入口点就是docker应该尝试使用command值作为入口点的参数运行的地方:
$ docker image inspect mysql:5.7 --format '{{.Config.Entrypoint}}'
[docker-entrypoint.sh]
第二个错误似乎是centos:7图像的错误导入/导出。如果您使用overlay2,则可以检查图像和文件系统层:
# docker image inspect centos:7 --format '{{.RootFS.Layers}}'
[sha256:77b174a6a187b610e4699546bd973a8d1e77663796e3724318a2a4b24cb07ea0]
# cat /var/lib/docker/image/overlay2/layerdb/sha256/77b174a6a187b610e4699546bd973a8d1e7
7663796e3724318a2a4b24cb07ea0/cache-id
e82a8ede7fba48074c4c41c53db8244002cb6896f0687e1af29d15a411de11c7
# ls -al /var/lib/docker/overlay2/e82a8ede7fba48074c4c41c53db8244002cb6896f0687e1af29d15a411de11c7/
committed diff/ link
root@bmitch-t490:/home/bmitch# ls -al /var/lib/docker/overlay2/e82a8ede7fba48074c4c41c53db8244002cb6896f0687e1af29d15a411de11c7/diff/usr/bin/bash
-rwxr-xr-x 1 root root 964600 Aug 8 2019 /var/lib/docker/overlay2/e82a8ede7fba48074c4c41c53db8244002cb6896f0687e1af29d15a411de11c7/diff/usr/bin/bash
仔细检查您要启动容器的确切命令;从该输出中,您似乎在尝试运行的图像名称之后传递了-d选项。因此,-d用作在容器内运行的命令,因此将失败;
-d(--detach)选项是docker run的一个选项,因此必须在正在运行的映像名称之前传递;
docker run -d containername