I want to dynamically change the contents in the container's directory according to the mounted removable USB disks. To fulfill this, I do the following steps.
Run the container with -v option, which mount the host directory (/mnt) into container (/share). Assume the name of the new container is test. The command should look like docker run --name test -d -v /mnt:/share ubuntu:latest.
Inspect the contents via docker exec -it test /usr/bin/bash. For now, the /share is empty.
mount the USB disk to host. Execute mount /dev/sdxY /mntcommand. the /mnt directory on the host now contains files and directories which are stored on the removable USB disk.
Inspect the contents in the containers again. The /share directory in the container is still empty. Nothing has been changed at all.
If I do this reversely: 1) first mount the USB disk to host, 2) run the container, 3) umount the USB disk. The contents in the container keep remained, but the /mnt directory on the host is swept.
Do docker has some mechanism to keep the contents synchronous across the container and the host after I mount/umount the disk.
docker info:
Containers: 2
Running: 2
Paused: 0
Stopped: 0
Images: 1
Server Version: 17.03.1-ce
Storage Driver: aufs
Root Dir: /var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 14
Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 4ab9917febca54791c5f071a9d1f404867857fcc
runc version: 54296cf40ad8143b62dbcaa1d90e520a2136ddfe
init version: 949e6fa
Security Options:
apparmor
seccomp
Profile: default
Kernel Version: 4.8.0-46-generic
Operating System: Ubuntu 16.04.2 LTS
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 7.684 GiB
Name: tri-xps
ID: LMPY:EGYU:QUAF:DPUF:GZNR:AHFS:URFD:EFW3:5DFV:WHR3:NAYJ:PKQV
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
WARNING: No swap limit support
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
You can use --device option for accessing usb device directly within container.
docker run -t -i --device=/dev/ttyUSB0 ubuntu bash
More documentation available at https://docs.docker.com/engine/reference/commandline/run/#add-host-device-to-container---device
Sorry for my late post. After creating an issue on docker's official github page. #cpuguy83 gave me the answer. https://github.com/moby/moby/issues/32512.
To make the the mount operations propagate to the container, append slave flag to -v options. e.g:
-v media/usb:/smb_share:slave
For more information, check HERE.
Related
i want to change the pull location for the docker image, i already follow the instruction from this link https://quick-adviser.com/how-do-i-change-docker-location/.
i already try adding file daemon.json to C:\ProgramData\Docker\config and fill it with following code:
{
"data-root": "D:\\docker-image"
}
then restarting docker desktop. After that, i trying pull a small size docker image like adminer docker pull adminer and check to D:\docker-image. After the execution is completed, the folder still empty
here's my docker info output:
$ docker info
Client:
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc., v0.7.1)
compose: Docker Compose (Docker Inc., v2.2.3)
scan: Docker Scan (Docker Inc., v0.16.0)
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 20.10.12
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 7b11cfaabd73bb80907dd23182b9347b4245eb5d
runc version: v1.0.2-0-g52b36a2
init version: de40ad0
Security Options:
seccomp
Profile: default
Kernel Version: 5.10.16.3-microsoft-standard-WSL2
Operating System: Docker Desktop
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 6.04GiB
Name: docker-desktop
ID: V6FY:3JES:DVIP:5ZLG:6J26:IXE7:RKCB:T3MK:RR4B:X2XC:JR7B:LEIH
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
WARNING: No blkio throttle.read_bps_device support
WARNING: No blkio throttle.write_bps_device support
WARNING: No blkio throttle.read_iops_device support
WARNING: No blkio throttle.write_iops_device support
Basically you're running Docker Desktop with WSL2. So files are no longer located in Windows directly. Docker creates an Linux-Virtual-Machine (WSL2) where all files are located inside in a Linux folder structure.
# Image-Layers are somewhere here:
\\wsl$\docker-desktop-data\version-pack-data\community\docker\image\overlay2
\\wsl$\docker-desktop-data\version-pack-data\community\docker\overlay2
If you want to change the folder on Windows side (e.g. to use disk space on another drive) then you have to move the image file. This is described in the question I posted. How can I change the location of docker images when using Docker Desktop on WSL2 with Windows 10 Home?
Two different possibilities given: Moving the WSL2 in total or Move the file and generate a Symlink (mklink) to keep WSL2 like it is and just redirect to the file in another location.
By default docker locates the WSL-Image-File for the Data here: %homepath%\AppData\Local\Docker\wsl\data as ext4.vhdx
With this Docker Desktop and WSL2 setup you can't just change the path where the images are located by just using a windows path because under the hood docker works in Linux. So images are stored in Linux.
If you just want to get the image data to move them to another system check docker save and docker load https://docs.docker.com/engine/reference/commandline/save/
Does this fit your use case?
I'm having problems getting a listing of images from a specific registry that I've set up on a local server, or, maybe, I'm having issues publishing them to that registry in the first place, as this is my first adventure into docker registries, I may just be confused with the terms used.
There's an old question, here, that kind of looks like what I want to achieve, but it appears that docker has gained built-in support for this, in the meanwhile, so the methods mentioned here are no longer relevant.
I have 2 servers (for the purpose of this question):
rancher-server: This server has a rancher:v2.6.0 container running and a registry:2 container.
k8s-server: This is just a freshly installed server, with the docker and kubernetes packages installed, that I want the rancher server to administer.
On k8s-server, I'm trying to spin up a docker image rancher/rancher-agent:v2.6.0 with a few arguments, that should let it relinquish control to the rancher server.
The trick here is, that this is all required to work without internet access (currently there IS internet access, but it's a PoC for a task that requires to be air-gapped). For the purposes of this question, I really just want to be able to spin up docker containers on k8s-server, using the registry on rancher-server.
Currently, this is the state of rancher-server:
# docker ps --all
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b9a15ea00d5e registry:2 "/entrypoint.sh /e..." About an hour ago Up About an hour 0.0.0.0:5000->5000/tcp local-registry
1b6bc6b88a8e 08c9693b4357 "entrypoint.sh 08c..." 26 hours ago Up 2 hours 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp goofy_minsky
# docker image ls --all (the list is big, this is just a sample):
REPOSITORY TAG IMAGE ID CREATED
rancher/rancher-agent v2.6.0 9c35a790aa16 2 weeks ago
rancher-server.example.com:5000/rancher/rancher-agent v2.6.0 9c35a790aa16 2 weeks ago
# docker info
Containers: 2
Running: 2
Paused: 0
Stopped: 0
Images: 225
Server Version: 1.13.1
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: journald
Cgroup Driver: systemd
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Swarm: inactive
Runtimes: docker-runc runc
Default Runtime: docker-runc
Init Binary: /usr/libexec/docker/docker-init-current
containerd version: (expected: aa8187dbd3b7ad67d8e5e3a15115d3eef43a7ed1)
runc version: 66aedde759f33c190954815fb765eedc1d782dd9 (expected: 9df8b306d01f59d3a8029be411de015b7304dd8f)
init version: fec3683b971d9c3ef73f284f176672c44b448662 (expected: 949e6facb77383876aeff8a6944dde66b3089574)
Security Options:
seccomp
WARNING: You're not using the default seccomp profile
Profile: /etc/docker/seccomp.json
selinux
Kernel Version: 3.10.0-1160.41.1.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
Number of Docker Hooks: 3
CPUs: 2
Total Memory: 3.701 GiB
Name: rancher-server
ID: SA2T:G2IA:CGER:6BC5:HIV2:4T6T:LF3Q:2YVS:SYU7:SQ5V:ACUS:BMEX
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
rancher-server.example.com:5000
127.0.0.0/8
Live Restore Enabled: false
Registries: docker.io (secure)
On the k8s-server, I try to list the contents of that registry:
# docker image ls --all rancher-server.example.com:5000
REPOSITORY TAG IMAGE ID CREATED SIZE
# docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 1.13.1
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: journald
Cgroup Driver: systemd
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Swarm: inactive
Runtimes: docker-runc runc
Default Runtime: docker-runc
Init Binary: /usr/libexec/docker/docker-init-current
containerd version: (expected: aa8187dbd3b7ad67d8e5e3a15115d3eef43a7ed1)
runc version: 66aedde759f33c190954815fb765eedc1d782dd9 (expected: 9df8b306d01f59d3a8029be411de015b7304dd8f)
init version: fec3683b971d9c3ef73f284f176672c44b448662 (expected: 949e6facb77383876aeff8a6944dde66b3089574)
Security Options:
seccomp
WARNING: You're not using the default seccomp profile
Profile: /etc/docker/seccomp.json
selinux
Kernel Version: 3.10.0-1160.41.1.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
Number of Docker Hooks: 3
CPUs: 2
Total Memory: 3.701 GiB
Name: k8s-server
ID: QETJ:QSPQ:VS36:OOOA:ZPYL:CDHK:AJ5G:N4BD:ZQUH:UL6O:PHAB:5UOE
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
rancher-server.example.com:5000
127.0.0.0/8
Live Restore Enabled: false
Registries: docker.io (secure)
I had to jump through a few hoops to get there, in the first place, marking the registry as unsafe in /etc/docker/daemon.json on the k8s-server and disabling selinux on the rancher-server, for example.
I've tried to docker login rancher-server.example.com:5000 first, but that made no difference. It does look like, to me, that the k8s-server is configured correctly, but that the images on rancher-server haven't been tagged/pushed properly, but when I look back at the registry, I don't know how to do it differently, and, as far as I understand the registry, it looks fine to me?
I've changed the server names for anonymity and the output has been lightly edited for presentation.
EDIT:
I think I found a clue to what's happening here, it turns out that I can actually run the images from this registry remotely, just fine, it just so happens that I have no way to discover the names of the images, however, if I do a docker run -d --privileged --restart=unless-stopped --net=host -v /etc/kubernetes:/etc/kubernetes -v /var/run:/var/run rancher-server.example.com:5000/rancher/rancher-agent:v2.6.0 --server https://rancher-server.example.com:5000 --token <token> --ca-checksum <ca-checksum> --etcd --controlplane it actually pulls and runs the container, so it looks like the registry itself is fine, but maybe the index isn't?
I've been trying to do a backup system for my dockers and everything works fine for databases containers except for the webserver's one which runs under Nginx. I've been looking around and it seems I'm not the only one having this issue, I have however not been able to find a solution.
Steps:
# docker load -i /path/to/backup-image.tar
# docker run \
> -v $(pwd)/volumes/home/project/project-git-repo/project-docker/volumes/php-conf/custom-php.ini:/usr/local/etc/php/conf.d/custom-php.ini \
> -v $(pwd)/volumes/home/project/project-git-repo/project-docker/volumes/php-conf/opcache-recommended.ini:/usr/local/etc/php/conf.d/opcache-recommended.ini \
> -v $(pwd)/volumes/home/project/project-git-repo/project-docker/volumes/wp-content:/var/www/html \
> -v $(pwd)/volumes/tmp/html/.well-known:/var/www/html/.well-known \
> --name websrv project_backup_tmp
This last command outputs:
container_linux.go:262: starting container process caused "process_linux.go:339: container init caused \"rootfs_linux.go:57: mounting \\\"/tmp/project_restore/docker/7aa016ba40e9/volumes/home/project/project-git-repo/project-docker/volumes/php-conf/custom-php.ini\\\" to rootfs \\\"/var/lib/docker/aufs/mnt/b23066c3007d106ae9364ca4e2603e4d5a3e63a0f47d2669ca6580be735adb06\\\" at \\\"/var/lib/docker/aufs/mnt/b23066c3007d106ae9364ca4e2603e4d5a3e63a0f47d2669ca6580be735adb06/usr/local/etc/php/conf.d/custom-php.ini\\\" caused \\\"not a directory\\\"\""
docker: Error response from daemon: oci runtime error: container_linux.go:262: starting container process caused "process_linux.go:339: container init caused \"rootfs_linux.go:57: mounting \\\"/tmp/project_restore/docker/7aa016ba40e9/volumes/home/project/project-git-repo/project-docker/volumes/php-conf/custom-php.ini\\\" to rootfs \\\"/var/lib/docker/aufs/mnt/b23066c3007d106ae9364ca4e2603e4d5a3e63a0f47d2669ca6580be735adb06\\\" at \\\"/var/lib/docker/aufs/mnt/b23066c3007d106ae9364ca4e2603e4d5a3e63a0f47d2669ca6580be735adb06/usr/local/etc/php/conf.d/custom-php.ini\\\" caused \\\"not a directory\\\"\""
: Are you trying to mount a directory onto a file (or vice-versa)? Check if the specified host path exists and is the expected type.
ERRO[0001] error waiting for container: context canceled
Here is the result of my docker info:
Containers: 14
Running: 1
Paused: 0
Stopped: 13
Images: 79
Server Version: 17.06.0-ce
Storage Driver: aufs
Root Dir: /var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 184
Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: cfb82a876ecc11b5ca0977d1733adbe58599088a
runc version: 2d41c047c83e09a6d61d464906feb2a2f3c52aa4
init version: 949e6fa
Security Options:
apparmor
seccomp
Profile: default
Kernel Version: 4.4.0-83-generic
Operating System: Ubuntu 16.04.2 LTS
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 19.59GiB
Name: rajiska-server
ID: 4YFX:52ZF:QKGV:IMY4:6PP4:6P33:JXGT:QHJW:MZTI:QVVX:YU77:ZGR6
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
WARNING: No swap limit support
I've across the same issue and it is generally about trying to mount a file on the host to a container running in another machine or VM.
So if the containers you're running are in a VirtualBox VM or some other machine than your local, you must find another way to sync your directories.
However, if you're using docker-machine to setup your VirtualBox VM, it usually mounts your /home directory to /hosthome on the created VM.
For instance, if your project is situated in your home directory, then it could be mounted like this:
docker run -v /hosthome/USERNAME/PROJECT:/path/on/container imagename
Where:
USERNAME is your username on the host machine
PROJECT is the name of the project directory on the host machine
The same error appeared while setting up the elk:
The reason for the error was I had manually named the config file with a Capital letter c in my computer while in docker searching for home/imusebe/elastdocker/elasticsearch/config/elasticsearch.yml.
Setting this got things running.
when I volume mapping in Docker 1.13.0, some file is corrupted.
In docker container, when "ls -l" the folder, it displayed like this:
"?????????? ? ? ? ? ? file_corrpted_and_cant_access.conf"
and can't edit it or delete it.
it just show "No such file or directory".
I think it can't link file inode and path.
how to fix it?
Additional information
after volume mapping, I soft link volume mapping folder inside docker container.
docker run --privileged -d -v /opt/volume_mapping_folder/:/inside_container/inside_folder --restart=always testcontainer
and insde docker container I soft link folder
docker -it testcontainer /bin/bash
ln -s /inside_container/inside_folder /opt/appFolder
touch /opt/appFolder/file_corrpted_and_cant_access.conf
Output of docker info:
Server Version: 1.13.0
Storage Driver: overlay
Backing Filesystem: xfs
Supports d_type: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 03e5862ec0d8d3b3f750e19fca3ee367e13c090e
runc version: 2f7393a47307a16f8cee44a37b262e8b81021e3e
init version: 949e6fa
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-514.6.1.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 5.671 GiB
ID: 2D2E:73MA:BJQ3:WQAJ:BR3W:TYF5:F3MQ:E7S3:KZGV:A64K:ASZK:UEXE
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
This is is related xfs filesystem with overlay mode.
https://github.com/docker/docker/issues/27358
the solution is one of these.
xfs partitions need to be formatted with ftype set to 1
use ext4 filesystem instead of xfs
setting docker Storage Driver to 'devicemapper'
I hit a similar problem today using Docker 1.13.0 running a CentOS image on a RHEL 7.3 system. Files in my containers root filesystem were acting odd. For example, I would try to delete a file but it would not be removed from the filesystem and display the same '?' you posted when running 'ls'. I also had problems trying to change ownership of files. Anyway, my guess is Docker 1.13.0 changed the default Storage Driver to overlay when in the past (Docker 1.12.5) it was devicemapper. I changed the default back to devicemapper and the problems went away.
I am not a Docker or Linux Filesystem expert and I am not sure if the change to overlay as a default was intentional.
In my scenario I use "consul" as the key-value store backend, and two more VMs with docker installed on them. The command I am running the docker daemon on these two VMs is:
sudo docker daemon -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock \
--cluster-store consul://{CONSUL_IP}:8500 --cluster-advertise eth0:2376
Also the command for running the consul is :
sudo docker daemon -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock
After this, I try to create a network using:
sudo docker network create -d overlay --subnet=192.168.3.0/24 my-overlay
And in each of VMs I run a busybox container:
sudo docker run -itd --name containerX --net my-overlay busybox
Where X is A for one of them and B for another.
here is "docker info" from the first VM:
$ sudo docker info
Containers: 4
Running: 2
Paused: 0
Stopped: 2
Images: 3
Server Version: 1.12.3
Storage Driver: aufs
Root Dir: /var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 17
Dirperm1 Supported: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: overlay bridge host null
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Security Options: apparmor
Kernel Version: 3.13.0-76-generic
Operating System: Ubuntu 14.04.3 LTS
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 1.955 GiB
Name: cs-webserving-4
ID: ESSZ:WBCV:W6NU:ODJ6:3ZIW:QHMH:TEXP:M66M:NYF5:MNWB:H4M7:Z3L6
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
WARNING: No swap limit support
Cluster Store: consul://10.254.1.92:8500
Cluster Advertise: 10.254.1.123:2376
Insecure Registries:
127.0.0.0/8
And here is the other VM:
$ sudo docker info
Containers: 4
Running: 2
Paused: 0
Stopped: 2
Images: 3
Server Version: 1.12.3
Storage Driver: aufs
Root Dir: /var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 17
Dirperm1 Supported: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: overlay host bridge null
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Security Options: apparmor
Kernel Version: 3.13.0-76-generic
Operating System: Ubuntu 14.04.3 LTS
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 1.955 GiB
Name: cs-webserving-3
ID: BTAL:L3LE:BHSX:DQRD:HTC4:KXJE:T772:47TU:4KJZ:NIY4:7WTY:Q6TO
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
WARNING: No swap limit support
Cluster Store: consul://10.254.1.92:8500
Cluster Advertise: 10.254.1.122:2376
Insecure Registries:
127.0.0.0/8
Problem
When I try to ping containerB from containerA, I get no answer:
sudo docker exec containerB ping -w 5 192.168.3.5
PING 192.168.3.5 (192.168.3.5): 56 data bytes
--- 192.168.3.5 ping statistics ---
5 packets transmitted, 0 packets received, 100% packet loss
Where 192.168.3.5 is the IP of containerA in overlay network.
**Note: ** I also tried the name "containerA" instead of the IP, it didn't work neither.
What is the problem in my scenario? any hint or solutions would be appreciated.
Try linking containers.
Ex:
$ docker run -ti --name containerA --link containerB:containerB_alias ubuntu bash
You can ping: [root#cad0fef8c778]$ ping containerB_alias
What version of Docker are you using? Currently, traditional containers are not allowed to connect to overlay networks, only services are. That will be fixed in version 1.13 with the --attachable keyword for overlay network creation.
What may make more sense is to create two services on the same overlay network. Then they'll be able to refer to each other directly by service name.