Linux(32)Rockchip RK3568 Ubuntu22.04上部署 Docker: 详细配置与功能测试(上)+https://developer.aliyun.com/article/1489672
Docker容器功能测试
1. 运行 Hello World 容器
这是最基本的测试,用于确认 Docker 能够成功运行容器。
docker run hello-world
root@btf:/$ docker run hello-world Unable to find image 'hello-world:latest' locally latest: Pulling from library/hello-world 478afc919002: Pull complete Digest: sha256:53641cd209a4fecfc68e21a99871ce8c6920b2e7502df0a20671c6fccc73a7c6 Status: Downloaded newer image for hello-world:latest Hello from Docker! This message shows that your installation appears to be working correctly. To generate this message, Docker took the following steps: 1. The Docker client contacted the Docker daemon. 2. The Docker daemon pulled the "hello-world" image from the Docker Hub. (arm64v8) 3. The Docker daemon created a new container from that image which runs the executable that produces the output you are currently reading. 4. The Docker daemon streamed that output to the Docker client, which sent it to your terminal. To try something more ambitious, you can run an Ubuntu container with: $ docker run -it ubuntu bash Share images, automate workflows, and more with a free Docker ID: https://hub.docker.com/ For more examples and ideas, visit: https://docs.docker.com/get-started/
执行这个命令会从 Docker Hub 下载一个简单的 hello-world 镜像,并尝试运行它。如果一切设置正确,将看到一条消息Hello from Docker!,说明我们安装的 Docker正常。
2. 运行一个交互式容器
运行一个交互式的容器,允许在容器内部执行命令。这里我使用 ubuntu 镜像作为例子。
docker run -it ubuntu /bin/bash
root@btf:/$ docker run -it ubuntu /bin/bash Unable to find image 'ubuntu:latest' locally latest: Pulling from library/ubuntu f4bb4e8dca02: Pull complete Digest: sha256:77906da86b60585ce12215807090eb327e7386c8fafb5402369e421f44eff17e Status: Downloaded newer image for ubuntu:latest root@02db80f6b85c:/# uname -a Linux 02db80f6b85c 4.19.219 #7 SMP Fri Mar 22 10:46:23 CST 2024 aarch64 aarch64 aarch64 GNU/Linux
这个命令会下载 Ubuntu 镜像(如果本地没有的话),并启动一个新的容器,将获得一个 bash 会话。在这个会话中,可以尝试运行一些命令,比如 ls, cat /etc/os-release 等,以确认基本的 Linux 命令和功能工作正常。
3. 测试 Docker 网络功能
可以运行一个简单的 web 服务器容器,以测试 Docker 的网络功能。
docker run -d -p 8080:80 nginx
这个命令会下载 nginx 镜像,并在后台运行一个容器,将容器的 80 端口映射到宿主机的 8080 端口。使用浏览器或者 curl 访问宿主机的 8080 端口,能看到 Nginx 的欢迎页面。
curl http://localhost:8080
4. 测试 Docker 卷和数据持久化
Docker 卷允许持久化和共享容器数据。尝试创建一个卷并将其挂载到容器内部。
docker run -d --name devtest -v myvol2:/app nginx
root@btf:/opt$ docker run -d --name devtest -v myvol2:/app nginx Unable to find image 'nginx:latest' locally latest: Pulling from library/nginx 59f5764b1f6d: Pull complete f7bd43626fa7: Pull complete 2df415630b2f: Pull complete 059f9f6918db: Pull complete df91ff398a83: Pull complete e75b854d63f1: Pull complete 4b88df8a13cd: Pull complete Digest: sha256:6db391d1c0cfb30588ba0bf72ea999404f2764febf0f1f196acd5867ac7efa7e Status: Downloaded newer image for nginx:latest 3e966bd218238667f29b24886a28ae0146f7f0e062c9dc2ffa1b6f407aa3b354
这个命令会创建一个名为 myvol2 的新卷(如果它还不存在的话),并将这个卷挂载到容器的 /app 目录。可以通过在容器内部写入一些数据到 /app 目录,然后停止并重新启动容器来测试数据是否持久化。
5. 查看 Docker 日志
查看容器的日志是了解容器运行状态。
docker logs [容器ID或名称]
root@btf:/opt$ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 3e966bd21823 nginx "/docker-entrypoint.…" About a minute ago Up About a minute 80/tcp devtest root@btf:/opt$ docker logs devtest /docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/ /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh 10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf 10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf /docker-entrypoint.sh: Sourcing /docker-entrypoint.d/15-local-resolvers.envsh /docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh /docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh /docker-entrypoint.sh: Configuration complete; ready for start up 2024/03/22 09:12:37 [notice] 1#1: using the "epoll" event method 2024/03/22 09:12:37 [notice] 1#1: nginx/1.25.4 2024/03/22 09:12:37 [notice] 1#1: built by gcc 12.2.0 (Debian 12.2.0-14) 2024/03/22 09:12:37 [notice] 1#1: OS: Linux 4.19.219 2024/03/22 09:12:37 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576 2024/03/22 09:12:37 [notice] 1#1: start worker processes 2024/03/22 09:12:37 [notice] 1#1: start worker process 28 2024/03/22 09:12:37 [notice] 1#1: start worker process 29 2024/03/22 09:12:37 [notice] 1#1: start worker process 30 2024/03/22 09:12:37 [notice] 1#1: start worker process 31
使用 docker ps 查找想要查看日志的容器的 ID 或名称,然后用 docker logs 命令来查看它的输出。
6. 清理
在测试完成后,可以清理不再需要的容器和镜像,以释放系统资源。
- 停止并删除所有运行中的容器:
docker stop $(docker ps -a -q) docker rm $(docker ps -a -q)
- 删除所有未使用的镜像和悬挂的卷:
docker system prune -a docker volume prune
通过以上步骤,可以验证 Docker 的基本功能和一些高级特性是否按都正常工作。这些测试覆盖了容器的创建、运行、网络连接、数据持久化和资源清理等方面。
–
Docker CE vs. Docker.io: 区别
Docker CE (docker-ce):
- 来源与更新:Docker CE,即 Docker Community Edition,是由 Docker 官方提供,特点是包含最新的功能和频繁的更新。
- 安装:安装 Docker CE 需要添加 Docker 的官方仓库和 GPG 密钥,保证用户能够下载到最新版本。
Docker.io (docker.io):
- 来源与更新:
docker.io是 Ubuntu 官方仓库提供的 Docker 版本,由 Ubuntu 维护者打包,确保了与 Ubuntu 系统的兼容性。更新频率较 Docker CE 慢,但提供更稳定的体验。 - 安装:直接通过
apt install docker.io命令安装,无需额外添加软件源。
在 Ubuntu 22.04 上的安装测试情况
针对 Rockchip 3568 这类特定硬件平台,docker-ce 可能会遇到兼容性问题,如需要较新的内核特性或存在依赖库版本冲突。而docker.io 由于其与 Ubuntu 系统的紧密集成,通常能够提供更无缝的安装和运行。
Linux SDK Docker 宏支持
docker运行环境检测脚本
Docker 开源团队提供了一个脚本,可以检测 Kernel 配置是否符合 Docker 的运行要求,源
地址:链接: check-config.sh
拷贝检测脚本到源码内核目录下,输入如下命令:
chmod 777 check-config.sh ./check-config.sh kernel/arch/arm64/configs/rockchip_linux_defconfig
结果如下图所示。结果主要是两部分,Generally Necessary: 表示必要的配置,如果有显示
missing 的地方,需要在内核配置中打开,重新编译烧录内核以支持 Docker。Optional Features:
是可选配置,根据需要打开。
docker依赖内核宏开关
以下是我在Linux SDK 额外新增的Docker相关宏, 我也没有完全打开所有的,需要哪些功能打开哪些。
CONFIG_BLK_CGROUP=y CONFIG_BLK_DEV_DM=y CONFIG_BRIDGE=y CONFIG_BTRFS_FS=y CONFIG_CGROUP_NET_CLASSID=y CONFIG_CGROUP_NET_PRIO=y CONFIG_CGROUP_PERF=y CONFIG_CGROUP_PIDS=y CONFIG_CRYPTO_AUTHENC=y CONFIG_CRYPTO_ECHAINIV=y CONFIG_DUMMY=y CONFIG_HUGETLBFS=y CONFIG_INET_ESP=y CONFIG_INET_XFRM_MODE_TRANSPORT=y CONFIG_IP6_NF_IPTABLES=y CONFIG_IPVLAN=y CONFIG_IP_NF_ARPTABLES=y CONFIG_IP_NF_FILTER=y CONFIG_IP_VS=y CONFIG_MACVLAN=y CONFIG_MEMCG=y CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=y CONFIG_NET_L3_MASTER_DEV=y CONFIG_NET_SCHED=y CONFIG_NF_CONNTRACK=y CONFIG_OVERLAY_FS=y CONFIG_POSIX_MQUEUE=y CONFIG_RT_GROUP_SCHED=y CONFIG_VETH=y CONFIG_VXLAN=y # CONFIG_BCM_SBA_RAID is not set # CONFIG_BLK_CGROUP_IOLATENCY is not set CONFIG_BLK_DEV_DM_BUILTIN=y CONFIG_BLK_DEV_THROTTLING=y # CONFIG_BLK_DEV_THROTTLING_LOW is not set # CONFIG_BRIDGE_IGMP_SNOOPING is not set CONFIG_BRIDGE_NETFILTER=y # CONFIG_BRIDGE_NF_EBTABLES is not set # CONFIG_BTRFS_ASSERT is not set # CONFIG_BTRFS_DEBUG is not set # CONFIG_BTRFS_FS_CHECK_INTEGRITY is not set CONFIG_BTRFS_FS_POSIX_ACL=y # CONFIG_BTRFS_FS_REF_VERIFY is not set # CONFIG_BTRFS_FS_RUN_SANITY_TESTS is not set CONFIG_CFQ_GROUP_IOSCHED=y CONFIG_CGROUP_HUGETLB=y CONFIG_CGROUP_WRITEBACK=y # CONFIG_DEBUG_BLK_CGROUP is not set CONFIG_DM_BIO_PRISON=y # CONFIG_DM_BOW is not set CONFIG_DM_BUFIO=y # CONFIG_DM_CACHE is not set # CONFIG_DM_CRYPT is not set # CONFIG_DM_DEBUG is not set # CONFIG_DM_DEBUG_BLOCK_MANAGER_LOCKING is not set # CONFIG_DM_DELAY is not set # CONFIG_DM_ERA is not set # CONFIG_DM_FLAKEY is not set # CONFIG_DM_INTEGRITY is not set # CONFIG_DM_LOG_WRITES is not set # CONFIG_DM_MIRROR is not set # CONFIG_DM_MQ_DEFAULT is not set # CONFIG_DM_MULTIPATH is not set CONFIG_DM_PERSISTENT_DATA=y # CONFIG_DM_RAID is not set # CONFIG_DM_SNAPSHOT is not set # CONFIG_DM_SWITCH is not set CONFIG_DM_THIN_PROVISIONING=y # CONFIG_DM_UEVENT is not set # CONFIG_DM_UNSTRIPED is not set CONFIG_DM_USER=y # CONFIG_DM_VERITY is not set # CONFIG_DM_WRITECACHE is not set # CONFIG_DM_ZERO is not set CONFIG_DST_CACHE=y CONFIG_HUGETLB_PAGE=y # CONFIG_INET_ESP_OFFLOAD is not set # CONFIG_IP6_NF_FILTER is not set # CONFIG_IP6_NF_MANGLE is not set # CONFIG_IP6_NF_MATCH_AH is not set # CONFIG_IP6_NF_MATCH_EUI64 is not set # CONFIG_IP6_NF_MATCH_FRAG is not set # CONFIG_IP6_NF_MATCH_HL is not set # CONFIG_IP6_NF_MATCH_IPV6HEADER is not set # CONFIG_IP6_NF_MATCH_MH is not set # CONFIG_IP6_NF_MATCH_OPTS is not set # CONFIG_IP6_NF_MATCH_RT is not set # CONFIG_IP6_NF_MATCH_SRH is not set # CONFIG_IP6_NF_NAT is not set # CONFIG_IP6_NF_RAW is not set # CONFIG_IP6_NF_TARGET_SYNPROXY is not set # CONFIG_IPVTAP is not set # CONFIG_IP_NF_ARPFILTER is not set # CONFIG_IP_NF_ARP_MANGLE is not set CONFIG_IP_NF_NAT=y # CONFIG_IP_NF_TARGET_CLUSTERIP is not set CONFIG_IP_NF_TARGET_MASQUERADE=y # CONFIG_IP_NF_TARGET_NETMAP is not set CONFIG_IP_NF_TARGET_REDIRECT=y # CONFIG_IP_NF_TARGET_REJECT is not set # CONFIG_IP_NF_TARGET_SYNPROXY is not set # CONFIG_IP_VS_DEBUG is not set # CONFIG_IP_VS_DH is not set # CONFIG_IP_VS_FO is not set # CONFIG_IP_VS_FTP is not set # CONFIG_IP_VS_IPV6 is not set # CONFIG_IP_VS_LBLC is not set # CONFIG_IP_VS_LBLCR is not set # CONFIG_IP_VS_LC is not set # CONFIG_IP_VS_MH is not set CONFIG_IP_VS_MH_TAB_INDEX=12 CONFIG_IP_VS_NFCT=y # CONFIG_IP_VS_NQ is not set # CONFIG_IP_VS_OVF is not set # CONFIG_IP_VS_PROTO_AH is not set # CONFIG_IP_VS_PROTO_ESP is not set # CONFIG_IP_VS_PROTO_SCTP is not set CONFIG_IP_VS_PROTO_TCP=y CONFIG_IP_VS_PROTO_UDP=y CONFIG_IP_VS_RR=y # CONFIG_IP_VS_SED is not set # CONFIG_IP_VS_SH is not set CONFIG_IP_VS_SH_TAB_BITS=8 CONFIG_IP_VS_TAB_BITS=12 # CONFIG_IP_VS_WLC is not set # CONFIG_IP_VS_WRR is not set CONFIG_LLC=y # CONFIG_MACVTAP is not set CONFIG_MEMCG_KMEM=y CONFIG_MEMCG_SWAP=y CONFIG_MEMCG_SWAP_ENABLED=y CONFIG_NETFILTER_FAMILY_ARP=y CONFIG_NETFILTER_FAMILY_BRIDGE=y # CONFIG_NETFILTER_XT_CONNMARK is not set # CONFIG_NETFILTER_XT_MATCH_CLUSTER is not set # CONFIG_NETFILTER_XT_MATCH_CONNBYTES is not set # CONFIG_NETFILTER_XT_MATCH_CONNLABEL is not set # CONFIG_NETFILTER_XT_MATCH_CONNLIMIT is not set # CONFIG_NETFILTER_XT_MATCH_CONNMARK is not set CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y # CONFIG_NETFILTER_XT_MATCH_HELPER is not set CONFIG_NETFILTER_XT_MATCH_IPVS=y # CONFIG_NETFILTER_XT_MATCH_PHYSDEV is not set # CONFIG_NETFILTER_XT_MATCH_STATE is not set CONFIG_NETFILTER_XT_NAT=y # CONFIG_NETFILTER_XT_TARGET_CONNMARK is not set # CONFIG_NETFILTER_XT_TARGET_NETMAP is not set CONFIG_NETFILTER_XT_TARGET_REDIRECT=y CONFIG_NET_CLS=y # CONFIG_NET_CLS_ACT is not set # CONFIG_NET_CLS_BASIC is not set # CONFIG_NET_CLS_BPF is not set CONFIG_NET_CLS_CGROUP=y # CONFIG_NET_CLS_FLOW is not set # CONFIG_NET_CLS_FLOWER is not set # CONFIG_NET_CLS_FW is not set # CONFIG_NET_CLS_MATCHALL is not set # CONFIG_NET_CLS_ROUTE4 is not set # CONFIG_NET_CLS_RSVP is not set # CONFIG_NET_CLS_RSVP6 is not set # CONFIG_NET_CLS_TCINDEX is not set # CONFIG_NET_CLS_U32 is not set # CONFIG_NET_EMATCH is not set CONFIG_NET_IP_TUNNEL=y # CONFIG_NET_SCH_CAKE is not set # CONFIG_NET_SCH_CBQ is not set # CONFIG_NET_SCH_CBS is not set # CONFIG_NET_SCH_CHOKE is not set # CONFIG_NET_SCH_CODEL is not set # CONFIG_NET_SCH_DEFAULT is not set # CONFIG_NET_SCH_DRR is not set # CONFIG_NET_SCH_DSMARK is not set # CONFIG_NET_SCH_ETF is not set CONFIG_NET_SCH_FIFO=y # CONFIG_NET_SCH_FQ is not set # CONFIG_NET_SCH_FQ_CODEL is not set # CONFIG_NET_SCH_GRED is not set # CONFIG_NET_SCH_HFSC is not set # CONFIG_NET_SCH_HHF is not set # CONFIG_NET_SCH_HTB is not set # CONFIG_NET_SCH_MQPRIO is not set # CONFIG_NET_SCH_MULTIQ is not set # CONFIG_NET_SCH_NETEM is not set # CONFIG_NET_SCH_PIE is not set # CONFIG_NET_SCH_PLUG is not set # CONFIG_NET_SCH_PRIO is not set # CONFIG_NET_SCH_QFQ is not set # CONFIG_NET_SCH_RED is not set # CONFIG_NET_SCH_SFB is not set # CONFIG_NET_SCH_SFQ is not set # CONFIG_NET_SCH_SKBPRIO is not set # CONFIG_NET_SCH_TBF is not set # CONFIG_NET_SCH_TEQL is not set CONFIG_NET_UDP_TUNNEL=y # CONFIG_NF_CONNTRACK_AMANDA is not set # CONFIG_NF_CONNTRACK_EVENTS is not set CONFIG_NF_CONNTRACK_FTP=y # CONFIG_NF_CONNTRACK_H323 is not set # CONFIG_NF_CONNTRACK_IRC is not set # CONFIG_NF_CONNTRACK_LABELS is not set # CONFIG_NF_CONNTRACK_MARK is not set # CONFIG_NF_CONNTRACK_NETBIOS_NS is not set # CONFIG_NF_CONNTRACK_PPTP is not set CONFIG_NF_CONNTRACK_PROCFS=y # CONFIG_NF_CONNTRACK_SANE is not set # CONFIG_NF_CONNTRACK_SIP is not set # CONFIG_NF_CONNTRACK_SNMP is not set CONFIG_NF_CONNTRACK_TFTP=y # CONFIG_NF_CONNTRACK_TIMEOUT is not set # CONFIG_NF_CONNTRACK_TIMESTAMP is not set # CONFIG_NF_CONNTRACK_ZONES is not set # CONFIG_NF_CT_NETLINK is not set CONFIG_NF_CT_PROTO_DCCP=y CONFIG_NF_CT_PROTO_SCTP=y CONFIG_NF_CT_PROTO_UDPLITE=y CONFIG_NF_DEFRAG_IPV4=y CONFIG_NF_DEFRAG_IPV6=y CONFIG_NF_NAT=y CONFIG_NF_NAT_FTP=y CONFIG_NF_NAT_IPV4=y # CONFIG_NF_NAT_IPV6 is not set CONFIG_NF_NAT_MASQUERADE_IPV4=y CONFIG_NF_NAT_NEEDED=y CONFIG_NF_NAT_PROTO_DCCP=y CONFIG_NF_NAT_PROTO_SCTP=y CONFIG_NF_NAT_PROTO_UDPLITE=y CONFIG_NF_NAT_REDIRECT=y CONFIG_NF_NAT_TFTP=y # CONFIG_OVERLAY_FS_INDEX is not set # CONFIG_OVERLAY_FS_METACOPY is not set CONFIG_OVERLAY_FS_REDIRECT_ALWAYS_FOLLOW=y # CONFIG_OVERLAY_FS_REDIRECT_DIR is not set # CONFIG_OVERLAY_FS_XINO_AUTO is not set CONFIG_PAGE_COUNTER=y CONFIG_POSIX_MQUEUE_SYSCTL=y CONFIG_RAID6_PQ=y # CONFIG_SLUB_MEMCG_SYSFS_ON is not set CONFIG_SOCK_CGROUP_DATA=y CONFIG_STP=y CONFIG_XOR_BLOCKS=y CONFIG_XXHASH=y CONFIG_ZSTD_COMPRESS=y CONFIG_ZSTD_DECOMPRESS=y
–
Docker 状态运行调试命令
Docker 安装和运行中遇到的问题时,一系列的调试命令可以帮助我们诊断和解决问题。以下是一些常用的 Docker 相关的安装和调试命令
停止 Docker 服务
在进行调试之前,通常需要停止 Docker 服务,以避免当前运行的服务干扰调试过程。
sudo systemctl stop docker
以调试模式启动 Docker
手动以调试模式启动 Docker 守护进程,可以提供更详细的日志输出,有助于诊断问题。
sudo dockerd --debug
在调试模式下,dockerd 会在终端中直接输出日志信息,可以实时看到更详细的运行日志。
查看 Docker 服务的日志
使用 journalctl 命令查看 Docker 服务的系统日志,这对于诊断 Docker 服务启动失败或运行时错误特别有用。
journalctl -u docker.service
这个命令会显示 Docker 服务的日志,包括启动过程中的信息和运行时的错误。
检查 Docker 服务的状态
要获取 Docker 服务当前的状态,包括它是否正在运行,可以使用以下命令:
systemctl status docker
这个命令提供了 Docker 服务的概览,包括它的活动状态(如 active, inactive, failed 等),以及最近的日志条目。
重新启动 Docker 服务
一旦调试完成,可能需要重新启动 Docker 服务,以恢复正常的 Docker 功能。
sudo systemctl start docker
查看 Docker 版本信息
了解正在运行的 Docker 版本对于调试也是很有帮助的,特别是当需要确定是否存在与特定版本相关的已知问题时。
docker version
这个命令会显示客户端和服务器(即 Docker 守护进程)的版本信息。
总结
通过本文的介绍,成功地在 设备上安装了 Docker,并对 Docker CE 与 Docker.io 进行了对比。结果显示,尽管 Docker CE 提供了最新功能,但 Docker.io 在特定系统上展现出更好的兼容性。还提供了一系列 Docker 容器功能测试和问题解决策略,帮助大家有效地验证安装并解决可能遇到的问题。
