天天看點
傳回

Docker啟動時的報錯彙總

報錯一:error initializing graphdriver

Docker啟動報錯

系統是CentOS 7.2

系統核心及docker版本如下 :

[root@docker ~]# uname -r
3.10.0-327.el7.x86_64
[root@docker ~]# 
[root@docker ~]# 
[root@docker ~]# 
[root@docker ~]# docker version
Client:
 Version:   18.04.0-ce
 API version:   1.37
 Go version:    go1.9.4
 Git commit:    3d479c0
 Built: Tue Apr 10 18:21:36 2018
 OS/Arch:   linux/amd64
 Experimental:  false
 Orchestrator:  swarm

Server:
 Engine:
  Version:  18.04.0-ce
  API version:  1.37 (minimum version 1.12)
  Go version:   go1.9.4
  Git commit:   3d479c0
  Built:    Tue Apr 10 18:25:25 2018
  OS/Arch:  linux/amd64
  Experimental: false

啟動報錯提示如下 :

[root@docker ~]# systemctl start docker
Job for docker.service failed because the control process exited with error code. See "systemctl status docker.service" and "journ
[root@docker ~]# 
[root@docker ~]# 
[root@docker ~]# 
[root@docker ~]# systemctl status docker
● docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
   Active: failed (Result: start-limit) since 日 2018-04-22 20:52:39 CST; 5s ago
     Docs: https://docs.docker.com
  Process: 4810 ExecStart=/usr/bin/dockerd (code=exited, status=1/FAILURE)
 Main PID: 4810 (code=exited, status=1/FAILURE)

4月 22 20:52:39 docker.cgy.com systemd[1]: Failed to start Docker Application Container Engine.
4月 22 20:52:39 docker.cgy.com systemd[1]: Unit docker.service entered failed state.
4月 22 20:52:39 docker.cgy.com systemd[1]: docker.service failed.
4月 22 20:52:39 docker.cgy.com systemd[1]: docker.service holdoff time over, scheduling restart.
4月 22 20:52:39 docker.cgy.com systemd[1]: start request repeated too quickly for docker.service
4月 22 20:52:39 docker.cgy.com systemd[1]: Failed to start Docker Application Container Engine.
4月 22 20:52:39 docker.cgy.com systemd[1]: Unit docker.service entered failed state.
4月 22 20:52:39 docker.cgy.com systemd[1]: docker.service failed.

從以上報錯提示資訊中也沒看到錯誤的具體原因。然後我又用

dockerd

來直接啟動,就在輸出資訊最下面看到一條錯誤提示,如下:

[root@docker ~]# dockerd
INFO[2018-04-22T21:12:46.111704443+08:00] libcontainerd: started new docker-containerd process  pid=5903
INFO[0000] starting containerd                           module=containerd revision=773c489c9c1b21a6d78b5c538cd395416ec50f88 version=v1.0.3

。。。。。。省略一部分輸出。。。。。。

INFO[0000] loading plugin "io.containerd.grpc.v1.introspection"...  module=containerd type=io.containerd.grpc.v1
INFO[0000] serving...                                    address="/var/run/docker/containerd/docker-containerd-debug.sock" module="containerd/debug"
INFO[0000] serving...                                    address="/var/run/docker/containerd/docker-containerd.sock" module="containerd/grpc"
INFO[0000] containerd successfully booted in 0.002763s   module=containerd
Error starting daemon: error initializing graphdriver: overlay: the backing xfs filesystem is formatted without d_type support, which leads to incorrect behavior. Reformat the filesystem with ftype=1 to en d_type support. Backing filesystems without d_type support are not supported.

根據最後的報錯

Error starting daemon:

搜尋到這篇部落格,得到解決。

https://blog.csdn.net/liu9718214/article/details/79134900

具體解決辦法是:

vim /etc/sysconfig/docker

加入如下:

OPTIONS="--selinux-enabled --log-driver=journald --signature-verification=false"

/etc/docker/daemon.json

加入如下内容:

{
    "registry-mirrors": ["http://4a1df5ef.m.daocloud.io"],   # 是用來pull容器加速用的,跟此次問題無關。
    "storage-driver": "devicemapper"    # 解決此次問題
}

然後重新開機docker,順利解決:

[root@docker ~]# systemctl restart docker
[root@docker ~]# 
[root@docker ~]# 
[root@docker ~]# ps aux | grep docker
root       5922  1.7  1.6 528432 62568 ?        Ssl  21:15   0:00 /usr/bin/dockerd
root       5927  1.1  0.5 356984 22100 ?        Ssl  21:15   0:00 docker-containerd --config /var/run/docker/containerd/containerd.toml
root       6028  0.0  0.0 112664   964 pts/0    S+   21:15   0:00 grep --color=auto docker

報錯二:iptables failed

FirewallD

CentOS-7 中介紹了 firewalld,firewall的底層是使用iptables進行資料過濾,建立在iptables之上,這可能會與 Docker 産生沖突。

當 firewalld 啟動或者重新開機的時候,将會從 iptables 中移除 DOCKER 的規則,進而影響了 Docker 的正常工作。

當你使用的是 Systemd 的時候, firewalld 會在 Docker 之前啟動,但是如果你在 Docker 啟動之後再啟動 或者重新開機 firewalld ,你就需要重新開機 Docker 程序了。

系統: 

[root@controller ~]# cat /etc/redhat-release 
CentOS Linux release 7.0.1406 (Core)

報錯提示如下: 

[root@controller ~]# docker run -it -P docker.io/nginx
/usr/bin/docker-current: Error response from daemon: driver failed programming external connectivity on endpoint gloomy_kirch (10289e7a87e65771da90cda531951b7339bee9cb5953474460451cd48013aff0): iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 32810 -j DNAT --to-destination 172.17.0.2:80 ! -i docker0: iptables: No chain/target/match by that name.
 (exit status 1).

這是由于在運作這次容器之前,成功啟動過一次,在上次通路時,因為防火牆的問題導緻不能正常通路Nginx,是以将iptables的filter表清空了,并且重新開機過iptables,然後再次運作時,就報了以上錯誤。

解決辦法

重新開機防火牆

#CentOS 7下執行
[root@controller ~]# systemctl restart firewalld

再重新開機docker守護程序即可

[root@controller ~]# systemctl restart docker

再次在容器中運作一個nginx就不會報錯了 

[root@controller ~]# docker run -it --name nginx -p 80:80 -v /www:/wwwroot docker.io/nginx /bin/bash
root@a8a92c8f7760:/#

報錯三 : Unable to take ownership of thin-pool

docker daemon啟動失敗:Unable to take ownership of thin-pool

Apr 27 13:51:59 master systemd: Started Docker Storage Setup.
Apr 27 13:51:59 master systemd: Starting Docker Application Container Engine...
Apr 27 13:51:59 master dockerd-current: time="2018-04-27T13:51:59.088441356+08:00" level=warning msg="could not change group /var/run/docker.sock to docker: group docker not found"
Apr 27 13:51:59 master dockerd-current: time="2018-04-27T13:51:59.091166189+08:00" level=info msg="libcontainerd: new containerd process, pid: 20930"
Apr 27 13:52:00 master dockerd-current: Error starting daemon: error initializing graphdriver: devmapper: Unable to take ownership of thin-pool (docker--vg-docker--pool) that already has used data blocks
Apr 27 13:52:00 master systemd: docker.service: main process exited, code=exited, status=1/FAILURE
Apr 27 13:52:00 master systemd: Failed to start Docker Application Container Engine.
Apr 27 13:52:00 master systemd: Unit docker.service entered failed state.
Apr 27 13:52:00 master systemd: docker.service failed

原因: /var/lib/docker/devicemapper/metadata/ 内metadata丢失

workaround:

https://bugzilla.redhat.com/show_bug.cgi?id=1321640#c5

Eric Paris 2016-04-27 08:20:10 EDT

I feel like the kcs kinda misses telling users the actual problem. Nor does it really make it clear the solution.

IF you are using device mapper (instead of loopback) /var/lib/docker contains metadata informing docker about the contents of the device mapper storage area. If you delete /var/lib/docker that metadata is lost. Docker is then able to detect that the thin pool has data but docker is unable to make use of that information. The only solution is to delete the thin pool and recreate it so that both the thin pool and the metadata in /var/lib/docker will be empty.

解決辦法:

  1. 執行指令:

    rm -rf /var/lib/docker/*

  2. rm -rf /etc/sysconfig/docker-storage

  3. lvremove /dev/docker-vg/docker-pool
  4. 使用現有的docker-vg LVM卷組: 
cat <<EOF > /etc/sysconfig/docker-storage-setup
VG=docker-vg
EOF

  1. docker-storage-setup
  2. 重新開機docker即可:

    systemctl start docker
Linux 應用服務中間件 nginx Docker 容器 網絡安全 開發工具 go git api Docker啟動報錯 docker彙總 docker檢視報錯 docker啟動容器報錯
上一篇: 讀《演講的本質-讓思想更有影響力》
下一篇: 第21天,Django之Form元件

繼續閱讀