docker 出现的问题

docker导出和导入

对于安装带有nvidia驱动的docker，先按照官方的要求执行，

sudo nvidia-docker save -o ../nvidia.tar   nvidia/cuda:10.0-base

nvidia-docker load  nvidia.tar

sudo docker run -it --publish 9989:9989 --ipc=host --name cxg --gpus all  nvidia/cuda:10.0-base bash

exit
docker start  cxg

sudo docker exec -it cxg  bash

避免启动container发生闪退，无法exec的方法：

docker run -it --name <container> <image> bash

接着

docker run <container>
docker exec -it <container> bash

使用docker volume

container很脆，container里的数据不是consistent的，很容易被销毁和创建，此外，导出container时候，会导出里面所有内容，有时太大。因此使用docker volume挂载数据。这样导出的时候，只有挂载点，没有数据

docker create volume <volume-name>
docker inspect volume #查看信息
#挂载
sudo docker run -it -v <volume-name:docker-internal-path>--publish 9989:9989  --name cxg --gpus all  nvidia/cuda:10.0-base bash

其中，docker-internal-path是你想挂载的path

注意

docker导出image是使用save命令，导出container是export，如果你导出的是image，却使用export导入，就会报“can not find bash command"

新建docker container：

首先，根据现有的或者重新建立一个image，于此同时可以执行一些
docker run -it --name xiaoguang_test cxgv2:latest bash
docker start xiaoguang_test
docker exec -it xiaoguang_test bash

还需要对应端口，需要设置一下密码，修改config/sshd,添加本地秘钥

docker run
-it
–publish 5001:5000
–publish 10001:10001
–publish 9989:9989
–name cxg-continer
cxg
elif [ “$1” = “start” ]; then
echo “start container…”
docker container start $CONAINER_NAME
docker exec -it $CONAINER_NAME /bin/bash

docker的脚本

demobox.dockerfile：这个文件定义是在一个现有的docker image复制到自己的image中，同时也可以拷贝上一级文件夹内容到本文件夹

# demobox.dockerfile
## 以前面创建的 runner image 为基础
FROM zyz/demobox_runner:v1.0
LABEL name="demobox"
#  1. COPY File 
WORKDIR /demobox
# 第一个 . 表示执行docker build 命令时的路径, 第二个 . 表示image 内的 /demobox , 由上一行的 WORKDIR 定义. 这样就实现了从外部的工程拷贝内容到 image 中的指定路径下.
COPY . .
#  2. Pip install 安装第三方依赖
RUN python3.7 -m pip install -r requirements.txt
#  3. Make tmp folder 创建临时文件夹
RUN mkdir tmp
#  4.expose port 对外暴露端口. 注意这是软约束,实际暴露的端口要在 docker run 命令中声明
## 4.1 http server & socket.io
EXPOSE 5000 
## 4.2 websocket
EXPOSE 10001
## 4.3 msg thread
EXPOSE 9989
# 5 START  image 启动时执行
ENTRYPOINT ["python3.7", "server.py"]

和 docker 相关的有许多命令,为了防止出错,也为了减少开发人员的记忆负担,我们可以用一个脚本来实现相关命令的集成.

docker-tool.sh

#!/bin/bash
CONAINER_NAME="bala"
FOLDER_DIR="$(
  cd "$(dirname "$0")"
  realpath .
)"
PARENT_DIR="$(
  cd "$(dirname "$0")"
  realpath ../
)"

if [ "$1" = "init" ]; then
  echo "start init ..."
  docker load <$FOLDER_DIR/demobox-runner.tar
elif [ "$1" = "build" ]; then
  echo "start build ..."
  cd $PARENT_DIR
  # build image
  docker build -f docker/demobox.dockerfile . --tag cxgv2
  # update container
  docker container stop $CONAINER_NAME
  docker container rm $CONAINER_NAME
  docker run -it   --publish 5001:5000  --publish 10001:10001 --publish 9989:9989 --name $CONAINER_NAME  cxgv2 bash
elif [ "$1" = "start" ]; then
  echo "start container..."
  docker container start $CONAINER_NAME
  exit
  docker exec -it $CONAINER_NAME /bin/bash
elif [ "$1" = "stop" ]; then
  echo "start container..."
  docker container stop $CONAINER_NAME
else
  echo "please specify instruction:"
  echo "  sh docker-tool init   : init docker deployment by loading demobox-runner docker image "
  echo "  sh docker-tool build  : rebuild demobox docker image and container based on demobox-runner image"
  echo "  sh docker-tool start  : start docker container generated from \"docker-tool build\""
  echo "  sh docker-tool stop   : stop docker container generated from \"docker-tool build\""
  echo "======="
  echo "[INFO]: the docker-tool rely on the docker installed on this machine, please make sure you have access to docker command, or it may failed"


fi
~                  

pycharm远程调试docker

首先确保有端口的remap，
之后需修改docker里面的vim /etc/ssh/sshd_config
修改port 9989
# PermitRootLogin prohibit-password # 默认打开 禁止root用户使用密码登陆，需要将其注释
RSAAuthentication yes #启用 RSA 认证
PubkeyAuthentication yes #启用公钥私钥配对认证方式
PermitRootLogin yes #允许root用户使用ssh登录
/etc/init.d/ssh restart

ssh_config内容节选:

RSAAuthentication yes    # 这行一定要取消注释的（删掉#号）
PubkeyAuthentication yes    # 我的服务器没这行，不添加似乎也能用
AuthorizedKeysFile .ssh/authorized_keys    # 我的服务器没这行，不添加似乎也能用
Port 9989
PermitRootLogin yes
StrictModes no

#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key

# Ciphers and keying
#RekeyLimit default none

# Logging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
#PermitRootLogin prohibit-password
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

#PubkeyAuthentication yes

# Expect .ssh/authorized_keys2 to be disregarded by default in future.
#AuthorizedKeysFile     .ssh/authorized_keys .ssh/authorized_keys2

#AuthorizedPrincipalsFile none

#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
#PermitEmptyPasswords yes

# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no
# PermitRootLogin prohibit-password # 默认打开 禁止root用户使用密码登陆，需要将其注释
RSAAuthentication yes #启用 RSA 认证
PubkeyAuthentication yes #启用公钥私钥配对认证方式
PermitRootLogin yes #允许root用户使用ssh登录
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange no

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
PasswordAuthentication yes
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
PasswordAuthentication yes
# and ChallengeResponseAuthentication to 'no'.
UsePAM no

#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes
#X11DisplayOffset 10
X11UseLocalhost no
#PermitTTY yes
PrintMotd no
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS no
#PidFile /var/run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none

安装完dockers有时需要安装python,这个时候可以用apt install安装，但pip不能直接apt,否则版本不对应，apt install python3.8-distutils的结果似乎还是要安装python3.6，但不影响

wget https://bootstrap.pypa.io/get-pip.py --no-check-certificate
sudo python get-pip.py
r如果登录就闪退，把sshd_config最后一行的use pam设置为no