滨湖区知名做网站价格,公司宣传册排版,贵阳网站seo公司,不懂见网站怎么办Centos7 docker 容器内root身份应用自启动 /usr/sbin/init 问题
环境#xff1a;我在一个 docker 容器内手动安装了 mysql、nginx、autotestsystem#xff08;自己的服务#xff09;#xff1b; mysql 和 nginx 都做了服务脚本#xff1a;mysqld.service、nginx.se… Centos7 docker 容器内root身份应用自启动 /usr/sbin/init 问题
环境我在一个 docker 容器内手动安装了 mysql、nginx、autotestsystem自己的服务 mysql 和 nginx 都做了服务脚本mysqld.service、nginx.service并设置了开机自启动 systemctl enable mysqld.service systemctl enable nginx.service
vi mysqld.service vi nginx.service
自己的应用位置 /opt/AutoTestSystem/ui/ #前端前端用的nginx /opt/AutoTestSystem/server/ #后端后端用的python flask /opt/AutoTestSystem/server/start.sh #后端服务启动脚本 /opt/AutoTestSystem/server/stop.sh #后端服务停止脚本 ln -s /opt/AutoTestSystem/server/start.sh /usr/bin/autotestsystem-start ln -s /opt/AutoTestSystem/server/stop.sh /usr/bin/autotestsystem-stop # cat /opt/AutoTestSystem/server/start.sh #!/bin/sh
pid$(ps aux |grep python3 main.py |grep -v grep | awk {print $2}) echo $pid if [ -n $pid ]; then echo WARNNING: main.py already is running, need not run again! exit fi
# start server pushd /opt/AutoTestSystem/server 21 /dev/null $(nohup python3 main.py log ) sleep 2
pid$(ps aux |grep python3 main.py |grep -v grep | awk {print $2}) if [ -z $pid ]; then echo ERROR: start failed! else echo SUCCESS: start success! fi popd 21 /dev/null # cat /opt/AutoTestSystem/server/stop.sh #!/bin/sh
#pid$(ps aux |grep python3 main.py |grep -v grep | awk {print $2}) pid$(ps aux |grep /opt/AutoTestSystem/server/main.py |grep -v grep | awk {print $2})
if [ -z $pid ]; then echo INFO: main.py is not running exit fi
echo INFO: to stop main.py, pid is: $pid $(kill -9 $pid) sleep 3
pid2$(ps aux |grep python3 main.py |grep -v grep | awk {print $2}) if [ -n $pid2 ]; then echo ERROR: stop $pid2 failed! else echo SUCCESS: stop $pid2 success! fi 执行docker commit保存持久化
docker commit -a hrf -m autotestsystem 1.0 478394f89173 autotestsystem:1.0
注意docker commit 时如果指定的 REPOSITORY:TAG 变化则会生成新的image如果不变则不会生成新的image、只会合并docker image查看会多出 REPOSITORY和TAG未空 none 的 IMAGE ID这种是可以删除的docker rmi IMAGE_ID。
创建build目录 Dockerfile init_ats启动脚本执行 docker build 把自启动脚本打包到容器里面去并设置自启动
cd build
vi Dockerfile FROM autotestsystem:1.0 WORKDIR /opt/AutoTestSystem COPY init_ats /usr/bin/ RUN chmod x /usr/bin/init_ats ENTRYPOINT init_ats LABEL userhrf USER root
vi init_ats #!/bin/bash /usr/sbin/init sleep 2 /usr/bin/autotestsystem-start docker build -t autotestsystem:1.0 . docker images docker run -idt --name autotest2 -p 29090:8080 -p 23306:3306 -p 29000:80 --privileged --cap-add SYS_ADMIN --restartalways autotestsystem:1.0
也尝试过docker run是传参替换 docker run -idt --name autotest2 -p 29090:8080 -p 23306:3306 -p 29000:80 --privileged --cap-add SYS_ADMIN --restartalways autotestsystem:1.0 /usr/sbin/init 或 docker run -idt --name autotest2 -p 29090:8080 -p 23306:3306 -p 29000:80 --privileged --cap-add SYS_ADMIN --restartalways autotestsystem:1.0 init_ats 或 docker run -idt --name autotest2 -p 29090:8080 -p 23306:3306 -p 29000:80 --privileged --cap-add SYS_ADMIN --restartalways autotestsystem:1.0 autotestsystem-start 都不行。
执行脚本还尝试了多种都不行 ENTRYPOINT init_ats ENTRYPOINT [init_ats] ENTRYPOINT [sh,init_ats] ENTRYPOINT [sh,-c,init_ats] ENTRYPOINT autotestsystem-start CMD init_ats CMD autotestsystem-start
网上找了很多资料原因是 root 身份运行docker容器需要特权需要加 /usr/sbin/init 运行容器。可是编写 Dockerfile 执行 docker build 的方式无法支持启动时执行多个脚本或命令只能执行一个或一条命令即使写在一个shell脚本中也不行。 最后换了一个思路既然mysqld和nginx做成了service服务自启动可以systemctl enable xxx那我也尝创建自己应用的.service脚本做成系统服务自启动。
查看当前容器 [rootlocalhost build]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 478394f89173 centos:7 /usr/sbin/init 33 hours ago Up 33 hours 0.0.0.0:9000-80/tcp, :::9000-80/tcp, 0.0.0.0:13306-3306/tcp, :::13306-3306/tcp, 0.0.0.0:9090-8080/tcp, :::9090-8080/tcp autotest
查看镜像 [rootlocalhost build]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE autotestsystem 1.0 a781ff5a15b8 46 minutes ago 1.72GB centos 7 eeb6ee3f44bd 2 years ago 204MB
容器 478394f89173 是以root运行的里面的mysqld服务和nginx服务自启正常但自己服务编写的自启动脚本 init_ats 自启不生效。 接下来我尝试把我的 autotestsystem 做成系统服务
进入docker容器 docker exec -it 478394f89173 /bin/bash
创建.service文件 [root478394f89173 system]# vi /lib/systemd/system/autotestsystem.service
[Unit] Descriptionautotestsystem Afternetwork.target [Service] Typeforking ExecStart/opt/AutoTestSystem/server/start.sh ExecReload/opt/AutoTestSystem/server/start.sh ExecStop/opt/AutoTestSystem/server/stop.sh PrivateTmptrue Userroot #Grouproot WorkingDirectory/opt/AutoTestSystem/server/ RestartSec2s [Install] WantedBymulti-user.target [root478394f89173 system]# chmod 754 /lib/systemd/system/autotestsystem.service
[root478394f89173 system]# systemctl daemon-reload # 每次修改service后需要刷新生效
[root478394f89173 system]# systemctl start autotestsystem.service [root478394f89173 system]# systemctl enable autotestsystem.service Created symlink from /etc/systemd/system/multi-user.target.wants/autotestsystem.service to /usr/lib/systemd/system/autotestsystem.service. [root478394f89173 system]# ps aux |grep main.py #启动服务成功
退出容器、停止容器、启动容器进入容器再查看 autotestsystem 能正常自启动 exit docker stop 478394f89173 docker start 478394f89173 docker exec -it 478394f89173 /bin/bash ps aux |grep main.py
退出容器在宿主机下重新 docker build 构建/保存镜像image即持久化 做成.service系统服务了用不到docker启动脚本可以直接docker commit持久化、并删除none镜像 docker commit -a hrf -m autotestsystem 1.0 478394f89173 autotestsystem:1.0 docker rmi docker images | grep none | awk {print $3} 当然如果要使用docker build方式持久化镜像也是可以的。
如果是在宿主机上build目录下直接vi创建和编写的autotestsystem.service服务器脚本而不是在容器内创建服务脚本和设置自启动则可以使用docker build方式构建镜像、打脚本包到容器里面去
cd build
vi autotestsystem.service
[Unit] Descriptionautotestsystem Afternetwork.target [Service] Typeforking ExecStart/opt/AutoTestSystem/server/start.sh ExecReload/opt/AutoTestSystem/server/start.sh ExecStop/opt/AutoTestSystem/server/stop.sh PrivateTmptrue Userroot #Grouproot WorkingDirectory/opt/AutoTestSystem/server/ RestartSec2s [Install] WantedBymulti-user.target vi Dockerfile
FROM autotestsystem:1.0 WORKDIR /opt/AutoTestSystem #COPY init_ats /usr/bin/ #RUN chmod x /usr/bin/init_ats #ENTRYPOINT [init_ats] COPY autotestsystem.service /lib/systemd/system/ COPY autotestsystem.service /etc/systemd/system/multi-user.target.wants/ RUN chmod 754 /lib/systemd/system/autotestsystem.service RUN chmod 754 /etc/systemd/system/multi-user.target.wants/autotestsystem.serviceENTRYPOINT [/usr/sbin/init] LABEL userhrf USER root
说明 build目录下创建和编写下面2个文件autotestsystem.service、Dockerfile。 docker build构建时会执行Dockerfile中的COPY命名COPY是构件阶段执行的。RUN、CMD、ENTRYPOINT命令则是在容器启动阶段执行的。 COPY autotestsystem.service /lib/systemd/system/ 这条命令会在docker build构件阶段把build目录下的utotestsystem.service文件拷贝到容器内的/lib/systemd/system/这个目录下。 重新构建 docker build -t autotestsystem:1.0 .
[rootlocalhost build]# docker build -t autotestsystem:1.0 . [] Building 22.0s (11/11) FINISHED docker:default [internal] load .dockerignore 0.7s transferring context: 2B 0.0s [internal] load build definition from Dockerfile 1.8s transferring dockerfile: 550B 0.0s [internal] load metadata for docker.io/library/autotestsystem:1.0 0.0s [1/6] FROM docker.io/library/autotestsystem:1.0 6.6s [internal] load build context 0.8s transferring context: 461B 0.0s [2/6] WORKDIR /opt/AutoTestSystem 0.7s [3/6] COPY autotestsystem.service /lib/systemd/system/ 1.4s [4/6] COPY autotestsystem.service /etc/systemd/system/multi-user.target.wants/ 1.3s [5/6] RUN chmod 754 /lib/systemd/system/autotestsystem.service 2.3s [6/6] RUN chmod 754 /etc/systemd/system/multi-user.target.wants/autotestsystem.service 2.3s exporting to image 2.9s exporting layers 2.9s writing image sha256:a1750b9abb21ba65b122edfdf21c37b81896ec68ffbe2f510bfff7ce97e4a95b 0.0s naming to docker.io/library/autotestsystem:1.0 0.1s [rootlocalhost build]# [rootlocalhost build]# [rootlocalhost build]# [rootlocalhost build]# docker run -idt --name autotest2 -p 29090:8080 -p 23306:3306 -p 29000:80 --privileged --cap-add SYS_ADMIN --restartalways autotestsystem:1.0 06ce37919cf068e20fdd676fa51ce1988e3a1d40ba7424d645fd5f561b758a27
[rootlocalhost build]# [rootlocalhost build]# [rootlocalhost build]# [rootlocalhost build]# [rootlocalhost build]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 06ce37919cf0 autotestsystem:1.0 /usr/sbin/init 7 seconds ago Up 4 seconds 0.0.0.0:29000-80/tcp, :::29000-80/tcp, 0.0.0.0:23306-3306/tcp, :::23306-3306/tcp, 0.0.0.0:29090-8080/tcp, :::29090-8080/tcp autotest2 478394f89173 centos:7 /usr/sbin/init 33 hours ago Up 33 hours 0.0.0.0:9000-80/tcp, :::9000-80/tcp, 0.0.0.0:13306-3306/tcp, :::13306-3306/tcp, 0.0.0.0:9090-8080/tcp, :::9090-8080/tcp autotest [rootlocalhost build]#
最后导出、备份镜像文件
cd release docker save -o autotestsystem-1.0.tar autotestsystem:1.0
