如果我没有先关闭反向代理 (nginx),我的容器将无法正常重启。这些日志显示了事件的顺序:
2017-03-23 19:50:29 140019590191872 [Note] mysqld: Shutdown complete
mar 23 19:50:57 server env[4805]: example_peerjs_1 exited with code 137
mar 23 19:50:49 server env[4805]: example_mariadb_1 exited with code 0
mar 23 19:50:48 server env[4805]: example_es_1 exited with code 143
mar 23 19:50:48 server env[4805]: example_web_1 exited with code 0
mar 23 19:50:57 server env[5951]: Removing example_web_1 ...
mar 23 19:50:57 server env[5951]: Removing example_mariadb_1 ...
mar 23 19:50:57 server env[5951]: Removing example_es_1 ...
mar 23 19:51:56 server systemd[1]: example.service: Stopping timed out. Terminating
mar 23 19:51:56 server systemd[1]: Stopped example Service.
mar 23 19:51:56 server systemd[1]: example.service: Unit entered failed state
mar 23 19:51:56 server systemd[1]: example.service: Failed with result 'timeout'.
-- "systemctl restart example"
mar 23 19:51:56 server systemd[1]: Started example Service.
mar 23 19:52:18 server env[7372]: Starting example_web_1
mar 23 19:52:18 server env[7372]: Starting example_peerjs_1
mar 23 19:52:18 server env[7372]: Starting example_mariadb_1
mar 23 19:52:18 server env[7372]: Starting example_es_1
mar 23 19:52:18 server env[7372]: ERROR: for web Cannot start service web: b'Container is marked for removal and cannot be started.'
mar 23 19:52:18 server env[7372]: ERROR: for peerjs Cannot start service peerjs: b'Container is marked for removal and cannot be started.'
mar 23 19:52:18 server env[7372]: ERROR: for es Cannot start service es: b'Container is marked for removal and cannot be started.'
mar 23 19:52:18 server env[7372]: ERROR: for mariadb Cannot start service mariadb: b'Container is marked for removal and cannot be started.'
mar 23 19:52:18 server env[7372]: Encountered errors while bringing up the project.
mar 23 19:52:18 server systemd[1]: example.service: Main process exited, code=exited, status=1/FAILURE
mar 23 19:52:19 server env[7714]: Removing example_peerjs_1 ...
mar 23 19:52:19 server env[7714]: Removing example_web_1 ...
mar 23 19:52:19 server env[7714]: Removing example_mariadb_1 ...
mar 23 19:52:19 server env[7714]: Removing example_es_1 ...
mar 23 19:53:19 server env[7714]: ERROR: for example_mariadb_1 b'Driver devicemapper failed to remove root filesystem dfbe00a23038e5427c340afc41b43827042e9ec75afb2b4620462639b01e5f5e: Device is Busy'
mar 23 19:53:19 server env[7714]: ERROR: for example_es_1 b'Driver devicemapper failed to remove root filesystem 3c4f49634c5f602dbb752e12d4d1d26dbb1f98cbf9b0d425313f513ee52bb717: Device is Busy'
mar 23 19:53:19 server env[7714]: ERROR: for example_peerjs_1 UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60)
mar 23 19:53:19 server env[7714]: ERROR: for example_web_1 UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60)
mar 23 19:53:19 server env[7714]: An HTTP request took too long to complete. Retry with --verbose to obtain debug information.
mar 23 19:53:19 server env[7714]: If you encounter this issue regularly because of slow network conditions, consider setting COMPOSE_HTTP_TIMEOUT to a higher value (current value: 60).
mar 23 19:53:19 server systemd[1]: example.service: Control process exited, code=exited status=1
mar 23 19:53:19 server systemd[1]: example.service: Unit entered failed state.
完成所有这些操作后,我必须重新启动 docker 守护进程才能恢复到可用状态。这意味着大量的停机时间。
这个特定的项目使用这个docker-compose文件:
version: '2'
services:
mariadb:
image: mariadb
environment:
- MYSQL_ROOT_PASSWORD=${DB_PASSWORD}
volumes:
- mariadb:/var/lib/mysql
web:
image: example
volumes:
- web:/var/www/html/storage
ports:
- ${LOCAL_PORT}:80
es:
image: docker.elastic.co/elasticsearch/elasticsearch:5.2.2
environment:
- "ES_JAVA_OPTS=-Xms256m -Xmx256m"
- xpack.security.enabled=false
volumes:
- es:/usr/share/elasticsearch/data
peerjs:
image: example-peerjs
volumes:
es:
driver: local
web:
driver: local
mariadb:
driver: local
这是该项目的 nginx 配置:
upstream example_backend {
server localhost:82;
keepalive 32;
}
server {
listen [::]:80;
listen 80;
server_name example.com www.example.com;
return 301 https://example.com$request_uri;
}
server {
listen [::]:443 ssl http2;
listen 443 ssl http2;
server_name www.example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
include h5bp/directive-only/ssl.conf;
return 301 https://example.com$request_uri;
}
server {
listen [::]:443 ssl http2;
listen 443 ssl http2;
server_name example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
include h5bp/directive-only/ssl.conf;
error_log /var/log/nginx/example.error.log;
access_log /var/log/nginx/example.access.log;
location ^~ {
proxy_pass http://example_backend;
proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;
proxy_set_header host $http_host;
}
charset utf-8;
include h5bp/basic.conf;
}
Systemd 单元文件:
[Unit]
Description=example Service
After=network.target
[Service]
WorkingDirectory=/srv/http/example
ExecStart=/usr/bin/env docker-compose -p "example" -f "docker-compose.yml" up
ExecStop=/usr/bin/env docker-compose -p "example" -f "docker-compose.yml" down
[Install]
WantedBy=network-online.target
“示例”的 Dockerfile:
FROM php:7.1-apache
RUN apt-get update \
&& apt-get install -y libmcrypt-dev libjpeg62-turbo-dev libpng12-dev cron \
&& docker-php-ext-install mcrypt pdo_mysql mysqli \
&& docker-php-ext-configure gd --with-jpeg-dir=/usr/include/ --with-png-dir=/usr/include/ \
&& docker-php-ext-install gd \
&& a2enmod rewrite \
&& a2enmod headers
ADD crontab /etc/cron.d/example
RUN chmod 0644 /etc/cron.d/example
ADD . /var/www
ADD docker/php.ini /usr/local/etc/php/
ADD . /var/www
ADD docker/php.ini /usr/local/etc/php/
RUN usermod -u 1000 www-data \
&& chown -R www-data:www-data /var/www
VOLUME /var/www/html/storage
“docker 信息”:
Containers: 14
Running: 11
Paused: 0
Stopped: 3
Images: 66
Server Version: 17.03.0-ce
Storage Driver: devicemapper
Pool Name: docker-8:0-33097-pool
Pool Blocksize: 65.54 kB
Base Device Size: 10.74 GB
Backing Filesystem: xfs
Data file: /dev/loop0
Metadata file: /dev/loop1
Data Space Used: 8.75 GB
Data Space Total: 107.4 GB
Data Space Available: 23.83 GB
Metadata Space Used: 13.27 MB
Metadata Space Total: 2.147 GB
Metadata Space Available: 2.134 GB
Thin Pool Minimum Free Space: 10.74 GB
Udev Sync Supported: true
Deferred Removal Enabled: false
Deferred Deletion Enabled: false
Deferred Deleted Device Count: 0
Data loop file: /var/lib/docker/devicemapper/devicemapper/data
WARNING: Usage of loopback devices is strongly discouraged for production use. Use `--storage-opt dm.thinpooldev` to specify a custom block storage device.
Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
Library Version: 1.02.137 (2016-11-30)
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 977c511eda0925a723debdc94d09459af49d082a
runc version: a01dafd48bc1c7cc12bdb01206f9fea7dd6feb70
init version: 949e6fa
Security Options:
seccomp
Profile: default
Kernel Version: 4.8.6-x86_64-linode78
Operating System: Arch Linux
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 3.856 GiB
Name: server
ID: ACCU:HOO7:WIMC:R7WM:MBWC:6F2F:G4G3:DH3X:A7L4:DLDC:KDOL:TPAA
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
WARNING: No swap limit support
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
有什么办法可以避免这个问题?Linux、docker 和 nginx 版本:
Linux server 4.8.6-x86_64 #1 SMP Tue Nov 1 14:51:21 EDT 2016 x86_64 GNU/Linux
docker 1:17.03.0-1
nginx 1.10.3-2
答案1
问题解决了。对于遇到此问题的人:停止在循环模式下使用 devicemapper。我切换到 overlay2,因为我使用的是最新内核。