linuxkit试玩
徐阳炎
linuxkit试玩
Docker在DockerCon 2017大会上发布了一个自己的操作系统,宣称LinuxKit,安全,精简,强移植性。
- 项目地址:https://github.com/linuxkit/linuxkit。
- 博客地址:https://blog.docker.com/2017/04/introducing-linuxkit-container-os-toolkit/
本次我在MacOSX上试玩下这个系统,本文章简单记录试玩的步骤。
安装
运行linuxkit需要使用到moby工具,参照GitHub上的步骤。
安装moby
- moby工具
- moby操作系统(也就是以前的Docker项目改名而来):https://github.com/moby/moby
$ go get -u github.com/docker/moby/src/cmd/moby运行linuxkit
编译linuxkit镜像
$ git clone https://github.com/linuxkit/linuxkit.git
$ cd linuxkit
$ moby build linuxkit.yml输出:
Create outputs:
linuxkit-bzImage linuxkit-initrd.img linuxkit-cmdline
linuxkit.iso
linuxkit-efi.iso启动linuxkit
# moby run linuxkit
Welcome to LinuxKit
##.
## ## ## ==
## ## ## ## ## ===
/ "" "" "" "" "" "" "" "" "" \ ___ / = = =
~~~ {
~~~~~~~~~~~~~~~~~ / === --~~~
\ ______ o __ /
\ \ __ /
\ ____ \ _______ /
/ # [2.449400] IPVS : Creating Netns Size = 2104 Id = 1
[2.449828] IPVS: Ftp: Loaded Support On Port [0] = 21
[2.699956] IPVS: Creating Netns Size = 2104 Id = 2
[2.700419] IPVS: Ftp: Loaded Support On Port [ 0] = 21
[3.408548] clocksource: Switched to clocksource tsc查看进程情况如下:
/ # pstree
init-+-containerd-+-containerd-shim---nginx---nginx
| `-containerd-shim---tini---rngd
|-containers---2*[ctr]
|-sh---pstree
`-sh可以查看到系统启动后启动的容器
/ # runc list
ID PID STATUS BUNDLE CREATED OWNER
nginx 544 running /run/containerd/linux/nginx 2017-04-19T16:03:50.2015541Z root
rngd 598 running /run/containerd/linux/rngd 2017-04-19T16:03:50.3057929Z root访问容器
首先确认nginx容器运行在主机网络上,尝试发送http请求到主机网络进行访问
/ # wget -qO- 127.0.0.1
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>可以通过runc检查配置
/ # runc exec nginx cat /etc/nginx/conf.d/default.conf
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}在linuxkit上运行docker
因为linuxkit设置为只读,你不能在上面做任何编辑或者写文件的事情。下面将启动linuxkit,在其中运行docker来替代上一个步骤中的nginx
编译与启动
docker.yml文件位于example目录下
$ moby build docker.yml
$ moby run docker连接到启动的Docker服务容器
# 查看启动的容器服务
/ # runc list
ID PID STATUS BUNDLE CREATED OWNER
dhcpcd 625 running /containers/services/dhcpcd 2017-04-19T16:14:49.7139173Z root
docker 638 running /containers/services/docker 2017-04-19T16:14:49.653635Z root
ntpd 650 running /containers/services/ntpd 2017-04-19T16:14:49.7246421Z root
rngd 750 running /containers/services/rngd 2017-04-19T16:14:49.8057626Z root进入到docker服务容器
/ # runc exec -t docker sh查看docker信息
/ # docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 17.04.0-ce
Storage Driver: overlay2
Backing Filesystem: tmpfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary:
containerd version: 422e31ce907fd9c3833a38d7b8fdd023e5a76e73
runc version: 9c2d8d184e5da67c95d601382adf14862e4f2228
init version: 949e6fa
Security Options:
seccomp
Profile: default
Kernel Version: 4.9.22-moby
Operating System: Alpine Linux v3.5 (containerized)
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 992.5MiB
Name: moby-c0ffeec0ffee
ID: CPFG:OSX6:E5U7:AS3S:GSGG:NXPU:I4HX:XLCX:7KWN:7SWF:NE3G:RJGR
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false启动docker容器
使用df -h查看,可以看到系统可用空间很小,以至于我们不能做其他的事情(可以通过moby run参数修改),这是这里为什么选择一个node.js的原因。
/ # docker run --rm -it node:7.9-alpine sh
Unable to find image 'node:7.9-alpine' locally
7.9-alpine: Pulling from library/node
709515475419: Pull complete
278538de9ce7: Pull complete
3e4c7b7d4426: Pull complete
Digest: sha256:a85ea008c8ea08799b8c60ecd3003becd332d5067ed3f238bf61085ce4368c88
Status: Downloaded newer image for node:7.9-alpine
[ 377.941800] docker0: port 1(vetha204c60) entered blocking state
[ 377.942279] docker0: port 1(vetha204c60) entered disabled state
[ 377.942743] device vetha204c60 entered promiscuous mode
[ 377.943191] IPv6: ADDRCONF(NETDEV_UP): vetha204c60: link is not ready
[ 377.963661] IPVS: Creating netns size=2104 id=6
[ 377.963984] IPVS: ftp: loaded support on port[0] = 21
[ 378.057793] eth0: renamed from vethd083636
[ 378.058417] IPv6: ADDRCONF(NETDEV_CHANGE): vetha204c60: link becomes ready
[ 378.058951] docker0: port 1(vetha204c60) entered blocking state
[ 378.059368] docker0: port 1(vetha204c60) entered forwarding state
[ 378.059860] IPv6: ADDRCONF(NETDEV_CHANGE): docker0: link becomes ready
/ #可以像使用正常的容器一样使用它:
/ # node -v
v7.9.0
/ # node
> 2 + 3
5
>简单试玩到此结束
类似资料: