docker 20.10.9 dockerd containerd containerd-shim-runc-v2 runc 组件分析
吴欣然
下载地址
https://download.docker.com/linux/static/stable/x86_64/docker-20.10.9.tgz解压到/usr/local/
yeqiang@yeqiang-PC:/usr/local/docker$ ll
总用量 200848
-rwxr-xr-x 1 root staff 33908392 2022-03-14 09:47:07 containerd
-rwxr-xr-x 1 root staff 6508544 2022-03-14 09:47:07 containerd-shim
-rwxr-xr-x 1 root staff 8609792 2022-03-14 09:47:07 containerd-shim-runc-v2
-rwxr-xr-x 1 root staff 21131264 2022-03-14 09:47:07 ctr
-rwxr-xr-x 1 root staff 52883616 2022-03-14 09:47:07 docker
-rwxr-xr-x 1 root staff 64758736 2022-03-14 09:47:07 dockerd
-rwxr-xr-x 1 root staff 708616 2022-03-14 09:47:07 docker-init
-rwxr-xr-x 1 root staff 2784145 2022-03-14 09:47:07 docker-proxy
-rwxr-xr-x 1 root staff 14352296 2022-03-14 09:47:07 runc
组件说明
docker
docker客户端程序,可以执行docker run、docker ps 等指令
通过unix:///var/run/docker.sock与dockerd交互
ctr
不受支持的客户端程序,一般采用docker客户端程序
dockerd
docker服务端程序,监听unix:///var/run/docker.sock
containerd
容器服务端程序,dockerd子进程,被dockerd管理
监听/var/run/docker/containerd/containerd.sock
docker-init 当执行docker run --init 时,docker容器内的init系统,pid=1,如:
yeqiang@yeqiang-PC:/usr/local/docker$ ./docker run --rm --init -it centos /bin/bash
[root@e16029b4e2c4 /]# ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 1000 4 pts/0 Ss 02:50 0:00 /sbin/docker-init -- /bin/bash
root 8 0.0 0.0 12028 3284 pts/0 S 02:50 0:00 /bin/bash
root 17 0.0 0.0 44636 3372 pts/0 R+ 02:50 0:00 ps aux
docker-proxy 当执行docker run -p时,为docker容器代理端口
启动过程
启动dockerd
root@yeqiang-PC:/usr/local/docker# export PATH=/usr/bin:/usr/sbin:/usr/local/docker
root@yeqiang-PC:/usr/local/docker# /usr/local/docker/dockerd
INFO[2022-03-14T11:22:09.361329813+08:00] Starting up
INFO[2022-03-14T11:22:09.361986093+08:00] libcontainerd: started new containerd process pid=14183
INFO[2022-03-14T11:22:09.362012209+08:00] parsed scheme: "unix" module=grpc
INFO[2022-03-14T11:22:09.362017288+08:00] scheme "unix" not registered, fallback to default scheme module=grpc
INFO[2022-03-14T11:22:09.362028076+08:00] ccResolverWrapper: sending update to cc: {[{unix:///var/run/docker/containerd/containerd.sock <nil> 0 <nil>}] <nil> <nil>} module=grpc
INFO[2022-03-14T11:22:09.362034997+08:00] ClientConn switching balancer to "pick_first" module=grpc
INFO[2022-03-14T11:22:09.368465115+08:00] starting containerd revision=5b46e404f6b9f661a205e28d59c982d3634148f8 version=v1.4.11
INFO[2022-03-14T11:22:09.383032428+08:00] loading plugin "io.containerd.content.v1.content"... type=io.containerd.content.v1
INFO[2022-03-14T11:22:09.383074310+08:00] loading plugin "io.containerd.snapshotter.v1.aufs"... type=io.containerd.snapshotter.v1
INFO[2022-03-14T11:22:09.384241398+08:00] skip loading plugin "io.containerd.snapshotter.v1.aufs"... error="aufs is not supported (modprobe aufs failed: exit status 1 \"modprobe: FATAL: Module aufs not found in directory /lib/modules/5.10.60-amd64-desktop\\n\"): skip plugin" type=io.containerd.snapshotter.v1
INFO[2022-03-14T11:22:09.384261668+08:00] loading plugin "io.containerd.snapshotter.v1.btrfs"... type=io.containerd.snapshotter.v1
INFO[2022-03-14T11:22:09.384446349+08:00] skip loading plugin "io.containerd.snapshotter.v1.btrfs"... error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.btrfs (ext4) must be a btrfs filesystem to be used with the btrfs snapshotter: skip plugin" type=io.containerd.snapshotter.v1
INFO[2022-03-14T11:22:09.384458415+08:00] loading plugin "io.containerd.snapshotter.v1.devmapper"... type=io.containerd.snapshotter.v1
WARN[2022-03-14T11:22:09.384475112+08:00] failed to load plugin io.containerd.snapshotter.v1.devmapper error="devmapper not configured"
INFO[2022-03-14T11:22:09.384482237+08:00] loading plugin "io.containerd.snapshotter.v1.native"... type=io.containerd.snapshotter.v1
INFO[2022-03-14T11:22:09.384496303+08:00] loading plugin "io.containerd.snapshotter.v1.overlayfs"... type=io.containerd.snapshotter.v1
INFO[2022-03-14T11:22:09.384551452+08:00] loading plugin "io.containerd.snapshotter.v1.zfs"... type=io.containerd.snapshotter.v1
INFO[2022-03-14T11:22:09.384689600+08:00] skip loading plugin "io.containerd.snapshotter.v1.zfs"... error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.zfs must be a zfs filesystem to be used with the zfs snapshotter: skip plugin" type=io.containerd.snapshotter.v1
INFO[2022-03-14T11:22:09.384700398+08:00] loading plugin "io.containerd.metadata.v1.bolt"... type=io.containerd.metadata.v1
WARN[2022-03-14T11:22:09.384709933+08:00] could not use snapshotter devmapper in metadata plugin error="devmapper not configured"
INFO[2022-03-14T11:22:09.384715523+08:00] metadata content store policy set policy=shared
INFO[2022-03-14T11:22:09.384786605+08:00] loading plugin "io.containerd.differ.v1.walking"... type=io.containerd.differ.v1
INFO[2022-03-14T11:22:09.384799202+08:00] loading plugin "io.containerd.gc.v1.scheduler"... type=io.containerd.gc.v1
INFO[2022-03-14T11:22:09.384818906+08:00] loading plugin "io.containerd.service.v1.introspection-service"... type=io.containerd.service.v1
INFO[2022-03-14T11:22:09.384837431+08:00] loading plugin "io.containerd.service.v1.containers-service"... type=io.containerd.service.v1
INFO[2022-03-14T11:22:09.384845683+08:00] loading plugin "io.containerd.service.v1.content-service"... type=io.containerd.service.v1
INFO[2022-03-14T11:22:09.384852952+08:00] loading plugin "io.containerd.service.v1.diff-service"... type=io.containerd.service.v1
INFO[2022-03-14T11:22:09.384860658+08:00] loading plugin "io.containerd.service.v1.images-service"... type=io.containerd.service.v1
INFO[2022-03-14T11:22:09.384868009+08:00] loading plugin "io.containerd.service.v1.leases-service"... type=io.containerd.service.v1
INFO[2022-03-14T11:22:09.384878755+08:00] loading plugin "io.containerd.service.v1.namespaces-service"... type=io.containerd.service.v1
INFO[2022-03-14T11:22:09.384886981+08:00] loading plugin "io.containerd.service.v1.snapshots-service"... type=io.containerd.service.v1
INFO[2022-03-14T11:22:09.384894231+08:00] loading plugin "io.containerd.runtime.v1.linux"... type=io.containerd.runtime.v1
INFO[2022-03-14T11:22:09.384931727+08:00] loading plugin "io.containerd.runtime.v2.task"... type=io.containerd.runtime.v2
INFO[2022-03-14T11:22:09.384980700+08:00] loading plugin "io.containerd.monitor.v1.cgroups"... type=io.containerd.monitor.v1
INFO[2022-03-14T11:22:09.385167761+08:00] loading plugin "io.containerd.service.v1.tasks-service"... type=io.containerd.service.v1
INFO[2022-03-14T11:22:09.385183045+08:00] loading plugin "io.containerd.internal.v1.restart"... type=io.containerd.internal.v1
INFO[2022-03-14T11:22:09.385208616+08:00] loading plugin "io.containerd.grpc.v1.containers"... type=io.containerd.grpc.v1
INFO[2022-03-14T11:22:09.385217458+08:00] loading plugin "io.containerd.grpc.v1.content"... type=io.containerd.grpc.v1
INFO[2022-03-14T11:22:09.385225722+08:00] loading plugin "io.containerd.grpc.v1.diff"... type=io.containerd.grpc.v1
INFO[2022-03-14T11:22:09.385232905+08:00] loading plugin "io.containerd.grpc.v1.events"... type=io.containerd.grpc.v1
INFO[2022-03-14T11:22:09.385239646+08:00] loading plugin "io.containerd.grpc.v1.healthcheck"... type=io.containerd.grpc.v1
INFO[2022-03-14T11:22:09.385247052+08:00] loading plugin "io.containerd.grpc.v1.images"... type=io.containerd.grpc.v1
INFO[2022-03-14T11:22:09.385255347+08:00] loading plugin "io.containerd.grpc.v1.leases"... type=io.containerd.grpc.v1
INFO[2022-03-14T11:22:09.385262813+08:00] loading plugin "io.containerd.grpc.v1.namespaces"... type=io.containerd.grpc.v1
INFO[2022-03-14T11:22:09.385269819+08:00] loading plugin "io.containerd.internal.v1.opt"... type=io.containerd.internal.v1
INFO[2022-03-14T11:22:09.385288391+08:00] loading plugin "io.containerd.grpc.v1.snapshots"... type=io.containerd.grpc.v1
INFO[2022-03-14T11:22:09.385297577+08:00] loading plugin "io.containerd.grpc.v1.tasks"... type=io.containerd.grpc.v1
INFO[2022-03-14T11:22:09.385304702+08:00] loading plugin "io.containerd.grpc.v1.version"... type=io.containerd.grpc.v1
INFO[2022-03-14T11:22:09.385310903+08:00] loading plugin "io.containerd.grpc.v1.introspection"... type=io.containerd.grpc.v1
INFO[2022-03-14T11:22:09.385408867+08:00] serving... address=/var/run/docker/containerd/containerd-debug.sock
INFO[2022-03-14T11:22:09.385433145+08:00] serving... address=/var/run/docker/containerd/containerd.sock.ttrpc
INFO[2022-03-14T11:22:09.385453305+08:00] serving... address=/var/run/docker/containerd/containerd.sock
INFO[2022-03-14T11:22:09.385461883+08:00] containerd successfully booted in 0.017770s
INFO[2022-03-14T11:22:09.393703420+08:00] parsed scheme: "unix" module=grpc
INFO[2022-03-14T11:22:09.393719603+08:00] scheme "unix" not registered, fallback to default scheme module=grpc
INFO[2022-03-14T11:22:09.393729402+08:00] ccResolverWrapper: sending update to cc: {[{unix:///var/run/docker/containerd/containerd.sock <nil> 0 <nil>}] <nil> <nil>} module=grpc
INFO[2022-03-14T11:22:09.393734471+08:00] ClientConn switching balancer to "pick_first" module=grpc
INFO[2022-03-14T11:22:09.394043297+08:00] parsed scheme: "unix" module=grpc
INFO[2022-03-14T11:22:09.394055881+08:00] scheme "unix" not registered, fallback to default scheme module=grpc
INFO[2022-03-14T11:22:09.394084456+08:00] ccResolverWrapper: sending update to cc: {[{unix:///var/run/docker/containerd/containerd.sock <nil> 0 <nil>}] <nil> <nil>} module=grpc
INFO[2022-03-14T11:22:09.394089932+08:00] ClientConn switching balancer to "pick_first" module=grpc
INFO[2022-03-14T11:22:09.401035002+08:00] [graphdriver] using prior storage driver: overlay2
WARN[2022-03-14T11:22:09.421495481+08:00] Your kernel does not support CPU realtime scheduler
WARN[2022-03-14T11:22:09.421510318+08:00] Your kernel does not support cgroup blkio weight
WARN[2022-03-14T11:22:09.421513472+08:00] Your kernel does not support cgroup blkio weight_device
INFO[2022-03-14T11:22:09.421595446+08:00] Loading containers: start.
INFO[2022-03-14T11:22:09.680914887+08:00] Loading containers: done.
INFO[2022-03-14T11:22:09.689229671+08:00] Docker daemon commit=79ea9d3 graphdriver(s)=overlay2 version=20.10.9
INFO[2022-03-14T11:22:09.689260715+08:00] Daemon has completed initialization
INFO[2022-03-14T11:22:09.800682553+08:00] API listen on /var/run/docker.sock 此时inotifywait监控
yeqiang@yeqiang-PC:/usr/local/docker$ inotifywait -m .
Setting up watches.
Watches established.
./ OPEN dockerd
./ ACCESS dockerd
./ OPEN containerd
./ ACCESS containerd
./ OPEN runc
./ ACCESS runc
./ OPEN runc
./ ACCESS runc
./ ACCESS runc
./ ACCESS runc
./ ACCESS runc
./ CLOSE_NOWRITE,CLOSE runc
./ CLOSE_NOWRITE,CLOSE runc
./ OPEN docker-init
./ ACCESS docker-init
./ CLOSE_NOWRITE,CLOSE docker-init
docker info
root@yeqiang-PC:/usr/local/docker# docker info
Client:
Context: default
Debug Mode: false
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 67
Server Version: 20.10.9
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 5b46e404f6b9f661a205e28d59c982d3634148f8
runc version: v1.0.2-0-g52b36a2d
init version: de40ad0
Security Options:
apparmor
seccomp
Profile: default
Kernel Version: 5.10.60-amd64-desktop
Operating System: Deepin 20.3
OSType: linux
Architecture: x86_64
CPUs: 6
Total Memory: 31.3GiB
Name: yeqiang-PC
ID: XE3K:QWGE:CYKB:XVKD:ZEOQ:F43D:75DF:I7JD:CF2P:XDGC:Q2IO:4XOS
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
http://hub-mirror.c.163.com/
Live Restore Enabled: false
Product License: Community Engine
pstree
yeqiang@yeqiang-PC:/usr/local/docker$ pstree -aps 14173
systemd,1 splash
└─lightdm,2926
└─lightdm,3266 --session-child 12 19 20
└─startdde,5127
└─deepin-terminal,9278
└─bash,13249
└─sudo,14091 su
└─su,14093
└─bash,14094
└─dockerd,14173
├─containerd,14183 --config /var/run/docker/containerd/containerd.toml --log-level info
│ ├─{containerd},14184
│ ├─{containerd},14185
│ ├─{containerd},14186
│ ├─{containerd},14187
│ ├─{containerd},14188
│ ├─{containerd},14189
│ ├─{containerd},14190
│ ├─{containerd},14191
│ ├─{containerd},14192
│ ├─{containerd},14193
│ ├─{containerd},14195
│ └─{containerd},16127
├─{dockerd},14174
├─{dockerd},14175
├─{dockerd},14176
├─{dockerd},14177
├─{dockerd},14178
├─{dockerd},14179
├─{dockerd},14180
├─{dockerd},14181
├─{dockerd},14182
├─{dockerd},14196
└─{dockerd},14197
docker run
root@yeqiang-PC:/usr/local/docker# docker run --rm -it --init centos /bin/bash
[root@8cb9aa7d149f /]#
inotifywait
./ CLOSE_NOWRITE,CLOSE docker-init
./ OPEN runc
./ ACCESS runc
./ OPEN runc
./ ACCESS runc
./ ACCESS runc
./ ACCESS runc
./ CLOSE_NOWRITE,CLOSE runc
./ CLOSE_NOWRITE,CLOSE runc
./ CLOSE_NOWRITE,CLOSE containerd-shim-runc-v2
./ CLOSE_NOWRITE,CLOSE docker
./ OPEN docker
./ ACCESS docker
./ OPEN containerd-shim-runc-v2
./ ACCESS containerd-shim-runc-v2
./ OPEN containerd-shim-runc-v2
./ ACCESS containerd-shim-runc-v2
./ ACCESS containerd-shim-runc-v2
./ CLOSE_NOWRITE,CLOSE containerd-shim-runc-v2
./ OPEN runc
./ ACCESS runc
./ OPEN runc
./ ACCESS runc
./ ACCESS runc
./ ACCESS runc
./ CLOSE_NOWRITE,CLOSE runc
./ OPEN runc
./ ACCESS runc
./ ACCESS runc
./ OPEN runc
./ CLOSE_NOWRITE,CLOSE runc
./ OPEN runc
./ ACCESS runc
./ CLOSE_NOWRITE,CLOSE runc
./ OPEN runc
./ CLOSE_NOWRITE,CLOSE runc
./ OPEN docker-init
./ CLOSE_NOWRITE,CLOSE docker-init
./ OPEN docker-init
./ CLOSE_NOWRITE,CLOSE docker-init
./ OPEN dockerd
./ ACCESS dockerd
./ ACCESS dockerd
./ OPEN dockerd
./ ACCESS dockerd
./ ACCESS dockerd
./ CLOSE_NOWRITE,CLOSE dockerd
./ CLOSE_NOWRITE,CLOSE dockerd
./ CLOSE_NOWRITE,CLOSE runc
./ OPEN runc
./ ACCESS runc
./ OPEN runc
./ ACCESS runc
./ ACCESS runc
./ CLOSE_NOWRITE,CLOSE runc
./ OPEN docker-init
./ ACCESS docker-init
./ ACCESS docker-init
./ CLOSE_NOWRITE,CLOSE runc
./ CLOSE_NOWRITE,CLOSE runc
进程
yeqiang@yeqiang-PC:/usr/local/docker$ ps aux | grep bash
root 29261 0.0 0.1 750612 33456 pts/18 Sl+ 13:38 0:00 docker run --rm -it centos /bin/bash
root 29314 0.1 0.0 12028 3260 pts/0 Ss+ 13:38 0:00 /bin/bash
yeqiang@yeqiang-PC:/usr/local/docker$ pstree -aps 29314
systemd,1 splash
└─containerd-shim,29293 -namespace moby -id 41d2b77b641dc7ffef5e753baab3ada9f0fdbf081772627c79a3d2d81f3ad9db -address /var/run/docker/containerd/containerd.sock
└─bash,29314
docker ps
yeqiang@yeqiang-PC:/usr/local/docker$ ./docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
41d2b77b641d centos "/bin/bash" 6 minutes ago Up 6 minutes charming_moser最终启动容器进程信息
root 29293 0.0 0.0 712848 8436 ? Sl 13:38 0:00 /usr/local/docker/containerd-shim-runc-v2 -namespace moby -id 41d2b77b641dc7ffef5e753baab3ada9f0fdbf081772627c79a3d2d81f3ad9db -address /var/run/docker/containerd/containerd.sock
类似资料: