【工程师分享】在MPSoC ZCU106单板上运行Docker

作者:Hank FU 付汉杰 hankf@xilinx.com,来源: 赛灵思中文社区论坛

测试环境

Xilinx ZCU106 单板
Xilinx VCU TRD2020.1

Linux 内核配置

根据文档Docker on Zynq Ultrascale+ (Xilinx Yocto Flow),在PetaLinux工程的文件project-spec/meta-user/recipes-kernel/linux/linux-xlnx/user.cfg里添加下列配置项。

CONFIG_NAMESPACES=y
CONFIG_NET_NS=y
CONFIG_PID_NS=y
CONFIG_IPC_NS=y
CONFIG_UTS_NS=y
CONFIG_CGROUP_CPUACCT=y
CONFIG_CGROUP_DEVICE=y
CONFIG_CGROUP_FREEZER=y
CONFIG_CGROUP_SCHED=y
CONFIG_CPUSETS=y
CONFIG_MEMCG=y
CONFIG_VETH=y
CONFIG_IP_NF_TARGET_MASQUERADE=y
CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=y
CONFIG_NETFILTER_XT_MATCH_IPVS=y
CONFIG_IP_NF_NAT=y
 
CONFIG_USER_NS=y
CONFIG_SECCOMP=y
CONFIG_CGROUP_PIDS=y
CONFIG_MEMCG_SWAP=y
CONFIG_MEMCG_SWAP_ENABLED=y
CONFIG_BLK_CGROUP=y
CONFIG_BLK_DEV_THROTTLING=y
CONFIG_CFQ_GROUP_IOSCHED=y
CONFIG_CGROUP_PERF=y
CONFIG_CGROUP_HUGETLB=y
CONFIG_NET_CLS_CGROUP=y
CONFIG_CGROUP_NET_PRIO=y
CONFIG_CFS_BANDWIDTH=y
CONFIG_FAIR_GROUP_SCHED=y
CONFIG_RT_GROUP_SCHED=y
CONFIG_IP_NF_TARGET_REDIRECT=y
CONFIG_IP_VS=y
CONFIG_IP_VS_NFCT=y
CONFIG_IP_VS_PROTO_TCP=y
CONFIG_IP_VS_PROTO_UDP=y
CONFIG_IP_VS_RR=y
CONFIG_EXT3_FS_XATTR=y
CONFIG_EXT3_FS_POSIX_ACL=y
CONFIG_EXT3_FS_SECURITY=y
CONFIG_VXLAN=y
CONFIG_INET_ESP=y
CONFIG_IPVLAN=y
CONFIG_MACVLAN=y
CONFIG_DUMMY=y
CONFIG_NF_NAT_FTP=y
CONFIG_NF_CONNTRACK_FTP=y
CONFIG_NF_NAT_TFTP=y
CONFIG_NF_CONNTRACK_TFTP=y
CONFIG_AUFS_FS=y
CONFIG_BTRFS_FS_POSIX_ACL=y
CONFIG_BLK_DEV_DM=y
CONFIG_DM_THIN_PROVISIONING=y
CONFIG_OVERLAY_FS=y
 
CONFIG_MD=y
CONFIG_NET_SCHED=y
CONFIG_NET_L3_MASTER_DEV=y
CONFIG_BRIDGE=m
 
# CONFIG_EXT2_FS is not set
CONFIG_EXT4_USE_FOR_EXT2=y

Linux 文件系统配置

在PetaLinux工程里选择Packagegroup-petalinux-ocicontainers。

启动命令

使用命令“dockerd &”可以启动Docker。运行之前,要先导出变量DOCKER_RAMDISK。

export DOCKER_RAMDISK=true

测试命令

使用命令“docker run --rm hello-world”可以运行一个简单容器。

常见问题 网络权限

单板要有访问网络权限,要能下载Docker的镜像。

root@vcu_trd:~# docker run --rm hello-world
Unable to find image 'hello-world:latest' locally
WARN[2020-11-11T09:47:14.257031091Z] Could not get operating system name: Error opening /usr/lib/os-release: open /usr/lib/os-release: no such file or directory
WARN[2020-11-11T09:47:14.286697565Z] Error getting v2 registry: Get https://registry-1.docker.io/v2/: dial tcp: lookup registry-1.docker.io on [::1]:53: read udp [::1]:41143->[::1]:53: read: connection refused
INFO[2020-11-11T09:47:14.286851881Z] Attempting next endpoint for pull after error: Get https://registry-1.docker.io/v2/: dial tcp: lookup registry-1.docker.io on [::1]:53: read udp [::1]:41143->[::1]:53: read: connection refused
ERRO[2020-11-11T09:47:14.287032029Z] Handler for POST /v1.40/images/create returned error: Get https://registry-1.docker.io/v2/: dial tcp: lookup registry-1.docker.io on [::1]:53: read udp [::1]:41143->[::1]:53: read: connection refused
docker: Error response from daemon: Get https://registry-1.docker.io/v2/: dial tcp: lookup registry-1.docker.io on [::1]:53: read udp [::1]:41143->[::1]:53: read: connection refused.
See 'docker run --help'.

存储空间

单板上可能缺乏足够存储空间。可以使用dockerd的选项data-root指定一个有足够空间的目录给dockerd使用。

#ERROR Download failed: write /var/lib/docker/tmp/GetImageBlob091922966: no space left on device

docker启动失败

另外,docker启动过程中,可能没能启动containerd,出现下列错误。

root@vcu_trd:/run/test# docker run --rm hello-world
docker: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?.
See 'docker run --help'.
root@vcu_trd:/run/test# docker-compose pull
ERROR: Couldn't connect to Docker daemon at http+docker://localhost - is it running?
If it's at a non-standard location, specify the URL with the DOCKER_HOST environment variable.

这时候可以杀死dockerd进程,再次启动dockerd。可以借助下列命令来快速杀死dockerd进程和启动dockerd。

CONTAINERD_PID=$(ps -A | grep -v grep | grep containerd | grep -v .sh |awk '{printf $1}') 
	DOCKERD_PID=$(ps -A | grep -v grep | grep dockerd | grep -v .sh |awk '{printf $1}') 
	echo -e "containerd PID: $CONTAINERD_PID\n"   | tee -a  $docker_log_file
	echo -e "dockerd PID: $DOCKERD_PID\n"   | tee -a  $docker_log_file

	if [ ! "$CONTAINERD_PID" = "" ]; then
		echo -e "kill containerd PID: $CONTAINERD_PID\n"   | tee -a  $docker_log_file
		kill $CONTAINERD_PID
	fi

	if [ ! "$DOCKERD_PID" = "" ]; then
		echo -e "kill dockerd PID: $DOCKERD_PID\n"   | tee -a  $docker_log_file
		kill $DOCKERD_PID
		# Error starting daemon: pid file found, ensure docker is not running or delete /var/run/docker.pid
		rm -f /var/run/docker.pid   | tee -a  $docker_log_file
	fi

	sleep 1
	echo -e "\nStart Docker...\n"   | tee -a  $docker_log_file
	ls -l /run/docker  | tee -a  $docker_log_file
	mkdir -p /run/docker/data  | tee -a  $docker_log_file
	dockerd --data-root /run/docker/data  | tee -a  $docker_log_file & 
	sleep 12
	ps -A | grep docker      | tee -a  $docker_log_file
	ps -A | grep containerd   | tee -a  $docker_log_file

	ls -l /var/run/docker.sock  | tee -a  $docker_log_file

	#docker: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?.
	echo -e "\nRun Docker hello-world...\n"   | tee -a  $docker_log_file
	docker run --rm hello-world   | tee -a  $docker_log_file

文件/var/run/docker.pid已经存在

启动启动dockerd时,可能报错,说文件/var/run/docker.pid已经存在。重启动dockerd时,需要先删除文件/var/run/docker.pid。

# Error starting daemon: pid file found, ensure docker is not running or delete /var/run/docker.pid

参考文档

https://xilinx-wiki.atlassian.net/wiki/spaces/A/pages/84508673/Docker+on...

最新文章