Ba fiye da 'yan kwanaki da suka gabata ba, an yanke shawarar akan ɗaya daga cikin sabobin don matsar da ma'ajin docker (littafin da docker ke adana duk akwati da fayilolin hoto) zuwa wani sashe daban, wanda
yana da iko mafi girma. Aikin ya zama kamar maras muhimmanci kuma bai annabta matsala ba...
Farawa:
1. Dakatar da kashe duk kwantena na aikace-aikacen mu:
docker-compose downidan akwai kwantena da yawa kuma sun kasance cikin nau'ikan daban-daban, zaku iya yin haka:
docker rm -f $(docker ps -q)2. Dakatar da docker daemon:
systemctl stop docker3. Matsar da littafin zuwa wurin da ake so:
cp -r /var/lib/docker /docker/data/storage4. Muna gaya wa docker daemon don duba cikin sabon kundin adireshi. Akwai zaɓuɓɓuka da yawa: ko dai yi amfani da tutar -g don nuna daemon zuwa sabuwar hanya, ko tsarin daidaitawa, waɗanda muka yi amfani da su. Ko alama. Ba zan yi cikakken bayani game da wannan ba, yana kan Intanet. Littattafai akan motsi tushen docker zuwa sabon wuri.
5. Fara docker daemon kuma tabbatar ya yi kama da inda ya dace:
systemctl status dockerA cikin ɗayan layin fitarwa ya kamata mu ga:
├─19493 /usr/bin/dockerd --data-root=/docker/data/storageMun tabbatar da cewa an wuce zaɓin zuwa daemon, yanzu bari mu bincika ko ya yi amfani da shi (na gode )!
docker info | awk '/Root Dir/ {print $NF}' 6. Bari mu fara aikace-aikacen mu:
docker-compose up -d7. Duba
Kuma a nan jin daɗi ya fara, DBMS, MQ, komai yana da kyau! Database yana nan cikakke, komai yana aiki...sai nginx. Muna da namu nginx ginawa tare da Kerberos da courtesans. Kuma duba rajistan ayyukan kwantena ya nuna cewa ba zai iya rubutawa zuwa /var/tmp - An ƙi izini. Na durƙusa haikalina da yatsana kuma na yi ƙoƙarin nazarin halin da ake ciki ... Ta yaya hakan zai yiwu? Hoton Docker bai canza ba. Mun kawai matsar da directory. Koyaushe yana aiki, kuma ga ku ... Don gwaji, na shiga cikin akwati da hannuna kuma na canza haƙƙin wannan kundin adireshi, akwai. tushen, tushen 755, ba tushen, tushen 777. Kuma komai ya fara ... Wani tunani ya fara busa a kaina - wani nau'i na banza ... Na yi tunani, da kyau, watakila ban yi la'akari da wani abu ba ...
Na yanke shawarar cewa mun ƙaunaci haƙƙin samun dama ga fayiloli yayin canja wuri. Mun dakatar da aikace-aikacen, docker daemon, share sabon kundin adireshi kuma muka kwafi /var/lib/docker directory ta amfani da rsync -a.
Ina tsammanin komai yana da kyau yanzu, bari mu ɗaga aikace-aikacen Docker.
Aaand...matsalar ta rage... Idona ya lumshe. Na garzaya zuwa na'ura mai kwakwalwa ta na'ura mai mahimmanci, inda nake gudanar da gwaje-gwaje daban-daban, Ina da wannan hoton nginx, kuma na hau cikin akwati, kuma a nan haƙƙoƙin / var / tmp directory shine tushen, tushen 777. Wato, kamar yadda na saita da hannu. Amma Hotuna iri ɗaya ne!
An yi amfani da tsarin fayil na xfs a ko'ina.
Na kwatanta ta amfani da umarnin
docker inspect my-nginx:12345Duk hashes iri ɗaya ne, duk ɗaya zuwa ɗaya. Duka akan uwar garken da kuma akan injina na kama-da-wane. Na goge hoton nginx na gida kuma na sake janye shi daga wurin yin rajista, wanda saboda dalilai da yawa yana kan injin guda ɗaya. Kuma matsalar daya ce... Yanzu idona na biyu yana kirfa.
Ban ƙara tunawa da tunanin da ke cikin kaina ba, ban da ihun "AAAAAAAAAA" da sauran abubuwa. Karfe 4 na safe ne, kuma an yi amfani da lambar tushe ta Docker don fahimtar ƙa'idar hashing Layers hoto. An buɗe gwangwani na uku na abin sha mai ƙarfi. Kuma a ƙarshe ya zo gare ni cewa hashing kawai yana la'akari da fayil ɗin, abubuwan da ke cikinsa, amma RASHIN SAMUN HAKKIN! Wato, ta wata hanya mai ban mamaki an rasa haƙƙoƙinmu, selinux ba shi da nakasa, ba a amfani da acl, kuma babu ɗan ɗanɗano.
Na goge hoton gida, na kuma goge hoton daga wurin rajistar docker na sake tura shi. Kuma komai yayi aiki. Ya bayyana cewa a lokacin canja wurin haƙƙoƙin sun ɓace, duka a cikin hoton gida da kuma cikin hoton da ke kwance a cikin rajista. Kamar yadda na fada a baya, saboda wasu dalilai da yawa an samo shi akan mota daya. Kuma a sakamakon haka, a cikin shugabanci ɗaya /var/lib/docker.
Kuma tsammanin tambayar ko sun yi ƙoƙarin mayar da kallon docker zuwa tsohon kundin adireshi - a'a, ba su yi ƙoƙari ba, alas, yanayi bai yarda da shi ba. Ee, kuma ina so in gano shi.
Bayan rubuta wannan labarin, maganin matsalar ya zama kamar a bayyane a gare ni, amma a lokacin bincike ba haka ba ne. Gaskiya, Na Googled kuma ban sami irin wannan yanayi ba.
Sakamako: Na magance matsalar, har yanzu ban gane dalilin ba =(
Idan kowa ya sani, hasashe, yana da hangen nesa game da abubuwan da zasu iya haifar da wannan matsalar, zan yi matukar farin cikin ji daga gare ku a cikin sharhin!
source: www.habr.com