在CentOS Docker的默认文件系统是devicemapper,但是这个貌似有点不好,具体不好的地方在于DC/OS官网给出的解释是会出现unknown issue并且不能再Docker里面运行Docker,DeviceMapper默认情况下创建loop-lvm的方式来构建镜像和容器的snapshots。但是在生产环境下Docker官方建议采用直连的lvm卷来构建镜像和容器,然后在启动Docker Daemon的时候使用如下方式来加载:
{
"storage-driver": "devicemapper",
"storage-opts": [ "dm.thinpooldev=/dev/mapper/docker-thinpool", "dm.use_deferred_removal=true"
]
}
下面是CentOS的默认启动之后的样子
[root@DS-VM-Node200 ~]# docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 1.12.0
Storage Driver: devicemapper
Pool Name: docker-253:3-16797760-pool
Pool Blocksize: 65.54 kB
Base Device Size: 10.74 GB
Backing Filesystem: xfs
Data file: /dev/loop0
Metadata file: /dev/loop1
Data Space Used: 11.8 MB
Data Space Total: 107.4 GB
Data Space Available: 10.68 GB
Metadata Space Used: 581.6 kB
Metadata Space Total: 2.147 GB
Metadata Space Available: 2.147 GB
Thin Pool Minimum Free Space: 10.74 GB
Udev Sync Supported: true
Deferred Removal Enabled: false
Deferred Deletion Enabled: false
Deferred Deleted Device Count: 0
Data loop file: /var/lib/docker/devicemapper/devicemapper/data
WARNING: Usage of loopback devices is strongly discouraged for production use. Use `--storage-opt dm.thinpooldev` to specify a custom block storage device.
Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
Library Version: 1.02.107-RHEL7 (2015-10-14)
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: null host bridge overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Security Options: seccomp
Kernel Version: 3.10.0-327.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 3.451 GiB
Name: DS-VM-Node200.cluster.com
ID: 2DEU:CRW4:4GFU:47F6:ROAV:QZ43:H4L3:YBH7:UO24:YA3Y:GMBA:7ZEA
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
Insecure Registries:
127.0.0.0/8
[root@DS-VM-Node200 ~]#
我们先来修改成OverlayFS的默认文件系统
[root@DS-VM-Node200 ~]# echo "overlay" > /etc/modules-load.d/overlay.conf
[root@DS-VM-Node200 ~]# cat /proc/modules|grep overlay
[root@DS-VM-Node200 ~]# reboot #重启系统让修改参数生效
[root@DS-VM-Node200 ~]# mkdir -p /etc/systemd/system/docker.service.d
[root@DS-VM-Node200 ~]# cat > /etc/systemd/system/docker.service.d/docker_boot.conf <<-EOF
[Service]
ExecStart=
ExecStart=/usr/bin/docker daemon -D -s overlay
EOF
[root@DS-VM-Node200 ~]# cat /etc/systemd/system/docker.service.d/docker_boot.conf
[Service]
ExecStart=/usr/bin/docker daemon -D -s overlay
[root@DS-VM-Node200 ~]#
[root@DS-VM-Node200 ~]# systemctl daemon-reload
[root@DS-VM-Node200 ~]# systemctl start docker.service
[root@DS-VM-Node200 ~]# docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 1.12.0
Storage Driver: overlay
Backing Filesystem: xfs
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: overlay bridge null host
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Security Options: seccomp
Kernel Version: 3.10.0-327.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 3.451 GiB
Name: DS-VM-Node200.cluster.com
ID: 2DEU:CRW4:4GFU:47F6:ROAV:QZ43:H4L3:YBH7:UO24:YA3Y:GMBA:7ZEA
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): true
File Descriptors: 15
Goroutines: 22
System Time: 2016-08-10T23:55:20.643632194+08:00
EventsListeners: 0
Registry: https://index.docker.io/v1/
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
Insecure Registries:
127.0.0.0/8
[root@DS-VM-Node200 ~]#
下面我们来修改成aufs的,这里首先需要把内核换成本站自己编译的内核才可以。(内核源支持CentOS 6 CentOS7)
[root@DS-VM-Node200 ~]# curl -Lks http://mirrors.dwhd.org/kernel-ml-aufs/kernel-ml-auf.repo >/etc/yum.repos.d/kernel-ml-aufs.repo
[root@DS-VM-Node200 ~]# yum -y remove kernel-headers kernel-tools kernel-tools-libs
[root@DS-VM-Node200 ~]# yum -y install kernel-ml-aufs kernel-ml-aufs-headers kernel-ml-aufs-devel kernel-ml-aufs-tools-libs-devel perf
[root@DS-VM-Node200 ~]# awk -F' '$1=="menuentry " {print $2}' /etc/grub2.cfg
CentOS Linux (4.7.0-1.el7.centos.x86_64) 7 (Core)
CentOS Linux (3.10.0-327.el7.x86_64) 7 (Core)
CentOS Linux (0-rescue-c164c19fb49d4b4aa3a60f1bd6ac6a8c) 7 (Core)
[root@DS-VM-Node200 ~]# grub2-set-default 0 #将0设置为启动
[root@DS-VM-Node200 ~]# sed -i '/[main]/a exclude=kernel*' /etc/yum.conf
[root@DS-VM-Node200 ~]# reboot
[root@DS-VM-Node200 ~]# cat /proc/version
Linux version 4.7.0-1.el7.centos.x86_64 ([email protected]) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-4) (GCC) ) #1 SMP Fri Jul 29 05:38:16 CST 2016
[root@DS-VM-Node200 ~]# cat > /etc/systemd/system/docker.service.d/docker_boot.conf <<-EOF
[Service]
ExecStart=
ExecStart=/usr/bin/docker daemon -D -s aufs
EOF
[root@DS-VM-Node200 ~]# systemctl daemon-reload
[root@DS-VM-Node200 ~]# systemctl start docker.service
[root@DS-VM-Node200 ~]# docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 1.12.0
Storage Driver: aufs
Root Dir: /var/lib/docker/aufs
Backing Filesystem: xfs
Dirs: 0
Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge null host overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Security Options: seccomp
Kernel Version: 4.7.0-1.el7.centos.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 3.858 GiB
Name: DS-VM-Node200.cluster.com
ID: 2DEU:CRW4:4GFU:47F6:ROAV:QZ43:H4L3:YBH7:UO24:YA3Y:GMBA:7ZEA
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): true
File Descriptors: 14
Goroutines: 22
System Time: 2016-08-11T00:07:19.40686965+08:00
EventsListeners: 0
Registry: https://index.docker.io/v1/
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
Insecure Registries:
127.0.0.0/8
[root@DS-VM-Node200 ~]#