docker采用CS架构,dockerd是管理后台进程,默认的配置文件为/etc/docker/daemon.json(--config-file可以指定非默认位置)。

一个完整的daemon.json示例参考:https://docs.docker.com/engine/reference/commandline/dockerd//#daemon-configuration-file

通过此文件可修改docker0的默认IP及bridge(Customize the docker0 bridge):

{

  "bip": "192.168.1.5/24",

  "fixed-cidr": "192.168.1.5/25",

  "fixed-cidr-v6": "2001:db8::/64",

  "mtu": 1500,

  "default-gateway": "10.20.1.1",

  "default-gateway-v6": "2001:db8:abcd::89",

  "dns": ["10.20.1.2","10.20.1.3"]

}

几乎可以通过daemon.json配置所有docker daemon特性, 除了HTTP proxy

HTTP/HTTPS proxy

The Docker daemon uses the HTTP_PROXY, HTTPS_PROXY, and NO_PROXY environmental variables in its start-up environment to configure HTTP or HTTPS proxy behavior. You cannot configure these environment variables using the daemon.json file.

Proxy相关配置参考:https://docs.docker.com/config/daemon/systemd/

systemd管理

一般dockerd启动采用systemd管理:

[Service]

ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

其中-H fd://如何理解呢?

When you start the Docker daemon, -H fd:// will tell Docker that the service is being started by Systemd and will use socket activation. systemd will then create the target socket and pass it to the Docker daemon to use. This is described in introduction to Systemd and in introduction to socket activation. The blogs are pretty long but really worth reading, here's a short summary of key points for understanding this question:

  • Systemd is a new init system intended to replace traditional SysV init system. One of its key features is faster init process.
  • Socket activation is one of the technologies used in Systemd to speed up service initialization
  • To receive requests, the service needs a socket to listen on. Take Docker as an example, it needs a unix domain socket like /var/run/docker.sock or a TCP socket. Of course these sockets needs something to create them and most of the time it is the service itself at start time.
  • With socket activation, SystemD will create these sockets and listen to them for services, and pass these sockets to service with exec when the service is started. One benefit is that client requests can be queued in the socket buffer once the socket is successfully created, even before the related service is started.
  • The socket info for a certain service used by Systemd is in socket unit file, for Docker it's [docker.socket][3] with content:
[Unit]

Description=Docker Socket for the API

PartOf=docker.service

[Socket]

ListenStream=/var/run/docker.sock

SocketMode=

SocketUser=root

SocketGroup=docker

[Install]

WantedBy=sockets.target

Let's see how the whole thing works. I have the files docker.socket and docker.service under /etc/systemd/system. The ExecStart line for docker.service is:

ExecStart=/usr/bin/dockerd -H fd://

1)Stop Docker service: systemctl stop docker

$> ps aux | grep 'docker' # the `grep` itself in the output is ignored

$> lsof -Ua | grep 'docker'

$>

No docker process is running, and no docker.sock

2)Execute systemctl start docker.socket:

$> systemctl start docker.socket

$> ps aux | grep 'docker'

$> lsof -Ua | grep 'docker'

systemd           root   27u  unix 0xffff880036da6000      0t0  /var/run/docker.sock

After start docker.socket, we can see that there's still no docker process running, but the socket /var/run/docker.sock has been created, and it belongs to the process systemd.

(Off-Topic: Actually the socket is ready to receive requests now, even though docker is not running yet. systemd will start docker.service at the moment the first request comes, passing the already created sockets to Docker. This is so-called on-demand auto-spawning)

3)Start docker.service

$> systemctl start docker.service

$> ps aux | grep 'docker'

root       0.0  1.8   ?        Ssl  :   : /usr/bin/dockerd -H fd://

<....>

As you can tell Docker is now running. Let's go one step back and try to execute /usr/bin/dockerd -H fd:// manually from terminal:

$> /usr/bin/dockerd -H fd://

FATA[] no sockets found via socket activation: make sure the service was started by systemd

Now you see the difference; when you use -H fd://, docker will expect the socket to be passed by its parent process rather than creating it by itself. When it's started by Systemd, Systemd will do the job, but when you manually start it on terminal, you don't do the job so the docker daemon process failed and aborted. This is the code of how docker process fd:// when docker daemon starts, you can have a look if you're interested.

参考:

1. https://stackoverflow.com/questions/43303507/what-does-fd-mean-exactly-in-dockerd-h-fd

2. https://docs.docker.com/engine/reference/commandline/dockerd//#daemon-configuration-file

3. https://docs.docker.com/config/daemon/systemd/

4.  Docker 如何自定义默认网桥 docker0

dockerd启动配置_修改IP和systemd管理的更多相关文章

  1. Ubuntu配置和修改IP地址

    Ubuntu配置和修改IP地址 1.修改配置文件/etc/network/interfacesroot@ubuntu:~# sudo gedit /etc/network/interfaces 添加以 ...

  2. Linux基础二(修改ip地址、修改网关、修改DNS服务器、重新启动网络配置)

    网络的初始化 .ip地址的修改(临时生效) 使用ifconfig命令 ifconfig 网卡名 ip地址 netmask 子网掩码 [root@localhost /]# ifconfig eth1 ...

  3. Ubuntu下配置修改IP地址

    一.使用命令设置Ubuntu IP地址 1.修改配置文件blacklist.conf禁用IPV6:sudo vi /etc/modprobe.d/blacklist.conf 2.在文档最后添加 bl ...

  4. SpringBoot(十):读取application.yml下配置参数信息,java -jar启动时项目修改参数

    读取application.yml下配置参数信息 在application.yml文件内容 my: remote-address: 192.168.1.1 yarn: weburl: http://1 ...

  5. Docker(十七)-修改Docker容器启动配置参数

    有时候,我们创建容器时忘了添加参数 --restart=always ,当 Docker 重启时,容器未能自动启动, 现在要添加该参数怎么办呢,方法有二: 1.Docker 命令修改 docker c ...

  6. 修改Linux的基本配置(修改主机名修改ip地址安装JDK/Tomcat/MySQL等等)

    (一)基本操作修改 修改主机名 vi /etc/sysconfig/network NETWORKING=yes HOSTNAME=server1.itcast.cn 修改ip地址 vi /etc/s ...

  7. 修改Docker容器启动配置参数

    有时候,我们创建容器时忘了添加参数 --restart=always ,当 Docker 重启时,容器未能自动启动, 现在要添加该参数怎么办呢,方法有二: 1.Docker 命令修改 docker c ...

  8. 大数据学习之路—环境配置——IP设置(虚拟机修改Ip的内在原因及实现)

    一.IP原理 关于IP我的理解, (1)主要去理解IP地址的作用,IP地址包括网络相关部分和主机的相关部分.即:用一段特殊的数据,来标识网络特征和主机的特征. 至于具体的技术实现,日后可以慢慢体会和了 ...

  9. 【转】kali配置--修改IP和DNS

    修改IP地址 1 编辑文件 nano /etc/network/interfaces 2 在选择静态IP或DHCP,编辑文件内容并保存退出 (1)静态IP: ``` #Loop回环地址 auto lo ...

随机推荐

  1. BZOJ.5286.[AHOI/HNOI2018]转盘(线段树)

    BZOJ LOJ 洛谷 如果从\(1\)开始,把每个时间\(t_i\)减去\(i\),答案取决于\(\max\{t_i-i\}\).记取得最大值的位置是\(p\),答案是\(t_p+1+n-1-p=\ ...

  2. BZOJ.3944.Sum(Min_25筛)

    BZOJ 洛谷 不得不再次吐槽洛谷数据好水(连\(n=0,2^{31}-1\)都没有). \(Description\) 给定\(n\),分别求\[\sum_{i=1}^n\varphi(i),\qu ...

  3. BZOJ.3992.[SDOI2015]序列统计(DP NTT 原根)

    题目链接 \(Description\) 给定\(n,m,x\)和集合\(S\).求\(\prod_{i=1}^na_i\equiv x\ (mod\ m)\)的方案数.其中\(a_i\in S\). ...

  4. 杭店 ACM 1864 最大报销额 01背包

    ![勾选C++才能过 题意: 先规定可以报销一定额度的发票,物品类型有A,B,C,三种.要求每张发票总额不得超过1000元,单项物品不得超过600.求报销的最大额 分析: 先找到合格的发票,然后再挑选 ...

  5. 基于socket构造c/s 架构软件

    1.socket作用 socket层介于应用层和传输层之间,它起着连接应用层和传输层的功能,同时它能连接应用层和网络层. socket把复杂的tcp/ip协议隐藏在socket接口后面,对用户来说,一 ...

  6. BZOJ2512 : Groc

    最优解一定是将起点.终点以及所有必经点连接成一棵树,对于每条树边恰好走两次,而从起点到终点的一条路径只走一次. 考虑连通性DP,设$f[i][j][k][x]$表示考虑完前$i$个走道,第$i$个走道 ...

  7. JS内存管理

    背景: 分配给Web浏览器的内存通常比分配给电脑桌面的内存少,因为担心运行JS的网页耗尽全部系统内存而导致系统崩溃 内存限制问题不仅影响给变量分配内存,还会影响调用栈以及在一个线程中能够同时执行的语句 ...

  8. 用单进程、多线程并发、多线程分别实现爬一个或多个网站的所有链接,用浏览器打开所有链接并保存截图 python

    #coding=utf-8import requestsimport re,os,time,ConfigParserfrom selenium import webdriverfrom multipr ...

  9. linux使用Anaconda管理多个版本的Python环境

    1.下载(直接到清华镜像下载) 下载链接,选择合适的版本,我试了几个,选择了一个下载最快的,原谅我的渣渣网速, 官网在国外,必须找镜像,不然很慢很慢,,,,,, 此步骤真的很慢,重新选择下载网址,这个 ...

  10. openstack之glance基础

    第一:glance是什么? glance是Image service的项目代号,是Openstack的镜像服务组件,为创建虚拟机提供镜像服务. 第二:glance的功能 Glance主要提供了一个虚拟 ...