1.解决镜像字符集问题
在dockerfile中加入以下配置
RUN yum -y install kde-l10n-Chinese && yum -y reinstall glibc-common
ENV LC_ALL zh_CN.UTF-8
ENV LANG zh_CN.UTF-8
宿主机中所有字符集安装包都在/usr/share/i18n/charmaps下,可以把中文相关的安装包docker cp到容器中
在容器里面执行下面
#查看语言支持列表
localedef --list-archive
#精简locale
cd /usr/lib/locale/
mv locale-archive locale-archive.old
localedef -i en_US -f UTF-8 en_US.UTF-8
# 添加中文支持(可选)
localedef -i zh_CN -f UTF-8 zh_CN.UTF-8
localedef -i zh_CN -f GB2312 zh_CN
localedef -i zh_CN -f GB2312 zh_CN.GB2312
localedef -i zh_CN -f GBK zh_CN.GBK
2.解决容器时间同步宿主机
在dockerfile中加入以下配置
RUN /usr/bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && echo 'Asia/Shanghai' >/etc/timezone
3.docker宿主机两台容器间无法通信问题
首先通过docker info查看
[root@gx-hps-01 mesos-slave]# docker info
Containers: 9
Images: 36
Server Version: 1.9.1
Storage Driver: devicemapper
Pool Name: docker-thinpool
Pool Blocksize: 524.3 kB
Base Device Size: 107.4 GB
Backing Filesystem: xfs
Data file:
Metadata file:
Data Space Used: 5.967 GB
Data Space Total: 510 GB
Data Space Available: 504.1 GB
Metadata Space Used: 2.4 MB
Metadata Space Total: 5.365 GB
Metadata Space Available: 5.362 GB
Udev Sync Supported: true
Deferred Removal Enabled: true
Deferred Deletion Enabled: false
Deferred Deleted Device Count: 0
Library Version: 1.02.146-RHEL7 (2018-01-22)
Execution Driver: native-0.2
Logging Driver: json-file
Kernel Version: 3.10.0-862.el7.x86_64
Operating System: Red Hat Enterprise Linux Server 7.5 (Maipo)
CPUs: 64
Total Memory: 503.6 GiB
Name: gx-hps-01
ID: P6IF:SBLW:6KNA:R3DK:ZHK5:4L5V:YQDW:EE5R:RX4Q:34FR:RRGO:3LNS
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
注意上面两个告警
这个告警会导致docker宿主机两台容器间无法通信问题
1.首先用docker exec 进入到同一台宿主机的A容器
2.在容器A中telnet 宿主机IP:B容器在宿主机的映射端口,发现不通
解决办法:
查看bridge-nf-call-iptables当前值
cat /proc/sys/net/bridge/bridge-nf-call-iptables (默认为0)
修改bridge-nf-call-iptables值 (永久生效)
1. 修改 kernel参数
vi /etc/sysctl.conf
2. 加入下面三个参数,实际只要配置加粗那条就行了
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-arptables = 1
3. 使生效內核参数立即生效
sudo sysctl -p
如果net.bridge.bridge-nf-call-iptables=1,iptables会对bridge的数据进行处理。也就意味着二层的网桥在转发包时也会被iptables的FORWARD规则所过滤,这样就会出现L3层的iptables rules去过滤L2的帧的问题。涉及一些dnat, snat就不生效了,举个例子,具体表现在openstack中就是metadata服务不好使了。
4.启动容器是报错:
Error response from daemon: Error running deviceCreate (createSnapDevice) dm_task_run failed
当你docker run -itd xxxxx /bin/bash 报以上的错误时root用户运行一下命令
# systemctl stop docker.service
# thin_check /data/hps/hps_install/data/docker/devicemapper/devicemapper/metadata
# thin_check --clear-needs-check-flag /data/hps/hps_install/data/docker/devicemapper/devicemapper/metadata
# systemctl start docker.service