docker cloud agent 所使用镜像和容器技术剖析

以下8个镜像 dockercloud/events latest 60409f79c5be 6 days ago 11.21 MB dockercloud/network-daemon 1.9.1-cs2 45378ec0f939 3 weeks ago 34.63 MB dockercloud/logrotate latest 2a7a09774f07 8 weeks ago 5.665 MB dockercloud/ntpd latest 6124347b2c07 8 weeks ago 4.794 MB weaveworks/weave 1.4.1 ba2ba7a02d38 12 weeks ago 19.09 MB weaveworks/plugin 1.4.1 66fe97101ced 3 months ago 68.52 MB weaveworks/weaveexec 1.4.1 dd0663a54153 3 months ago 58.78 MB dockercloud/cleanup latest b5e62e29733e 3 months ago 11.26 MB

镜像描述

  • dockercloud/events

empty

[email protected]:/usr/bin# docker history dockercloud/events
IMAGE               CREATED             CREATED BY                                      SIZE                COMMENT
60409f79c5be        6 days ago          /bin/sh -c #(nop) ENTRYPOINT &{["/events"]}     0 B
9b3be9e5d72e        6 days ago          /bin/sh -c #(nop) ENV REPORT_INTERVAL=30 DOCK   0 B
ab3b424389f8        6 days ago          /bin/sh -c #(nop) ADD tarsum.v1+sha256:1f903a   273.8 kB
8c2fcc8000c9        6 days ago          /bin/sh -c #(nop) ADD file:57c0b40f1748dbbf86   6.136 MB
f50e0b57e730        6 days ago          /bin/sh -c #(nop) MAINTAINER Feng Honglin   0 B
a4406dabfa7c        2 weeks ago         /bin/sh -c #(nop) ADD file:81ba6f20bdb99e6c13   4.798 MB


* dockercloud/network-daemon

empty


* dockercloud/logrotate

empty

[email protected]:/usr/bin# docker history dockercloud/logrotate
IMAGE               CREATED             CREATED BY                                      SIZE                COMMENT
2a7a09774f07        8 weeks ago         /bin/sh -c #(nop) CMD ["crond" "-f"]            0 B
ce19fe82fe9f        8 weeks ago         /bin/sh -c #(nop) ADD file:d9ee56a33941943793   166 B
cd07f076df59        8 weeks ago         /bin/sh -c echo "*/5 * * * * /usr/sbin/logrot   335 B
156d64f6af38        8 weeks ago         /bin/sh -c apk --update add logrotate           870.1 kB
64418d750afe        8 weeks ago         /bin/sh -c #(nop) MAINTAINER [email protected]   0 B
463737dfe56d        9 weeks ago         /bin/sh -c #(nop) ADD file:0fc0a5ec098241ab15   4.794 MB

* dockercloud/ntpd

[email protected]:/usr/bin# docker history dockercloud/ntpd
IMAGE               CREATED             CREATED BY                                      SIZE                COMMENT
6124347b2c07        8 weeks ago         /bin/sh -c #(nop) CMD ["/run.sh"]               0 B
3cc03e47b112        8 weeks ago         /bin/sh -c #(nop) ADD file:979ebd1823bd1409bc   49 B
61bc802c8939        8 weeks ago         /bin/sh -c #(nop) ADD file:3c6b3134ff4a37e34d   87 B
9d95bb3fbbae        8 weeks ago         /bin/sh -c #(nop) MAINTAINER [email protected]   0 B
463737dfe56d        9 weeks ago         /bin/sh -c #(nop) ADD file:0fc0a5ec098241ab15   4.794 MB

* weaveworks/weave

Weave Net creates a virtual network that connects Docker containers deployed across multiple hosts and enables their automatic discovery.

See http://weave.works for further info and docs.

Weaveworks provides developer-friendly tools to quickly and simply network and visualize your containerized applications.

[email protected]:/usr/bin# docker history weaveworks/weave:1.4.1 IMAGE CREATED CREATED BY SIZE COMMENT ba2ba7a02d38 3 months ago /bin/sh -c #(nop) ENTRYPOINT &{["/home/weave/ 0 B 8b05dbda47f6 3 months ago /bin/sh -c #(nop) ADD file:941e88586f35027e0a 19.09 MB 6cb65287d390 3 months ago /bin/sh -c #(nop) WORKDIR /home/weave 0 B 125d612ff28d 3 months ago /bin/sh -c #(nop) LABEL works.weave.role=syst 0 B 9169fcce814f 3 months ago /bin/sh -c #(nop) MAINTAINER Weaveworks Inc < 0 B

  • weaveworks/plugin

This is a plugin to let you use the Docker Networking interface together with Weave Net. Weave Net creates a virtual network that connects Docker containers deployed across multiple hosts.

See http://weave.works for further info and docs.

Weaveworks provides developer-friendly tools to quickly and simply network and visualize your containerized applications.

  • weaveworks/weaveexec

Weaving Containers Into Applications

  • dockercloud/cleanup

empty

[email protected]:/usr/bin# docker history dockercloud/cleanup IMAGE CREATED CREATED BY SIZE COMMENT b5e62e29733e 3 months ago /bin/sh -c #(nop) CMD ["/run.sh"] 0 B 4664fa314b07 3 months ago /bin/sh -c #(nop) ADD file:542f370a7d3b4b7b06 678 B 13ae5d7b144e 3 months ago /bin/sh -c #(nop) ADD file:13a482106818d8daed 6.007 MB 1da777f1283f 3 months ago /bin/sh -c #(nop) ENV IMAGE_LOCKED=None 0 B 21c611974f8c 3 months ago /bin/sh -c #(nop) ENV VOLUME_CLEAN_INTERVAL=1 0 B ac4faed39e9c 3 months ago /bin/sh -c #(nop) ENV IMAGE_CLEAN_DELAYED=180 0 B 1c761d69188a 3 months ago /bin/sh -c #(nop) ENV IMAGE_CLEAN_INTERVAL=1 0 B c244301b0f7d 3 months ago /bin/sh -c #(nop) ENV DOCKER_ROOT_DIR=/var/li 0 B 459999e9f0fb 3 months ago /bin/sh -c #(nop) MAINTAINER Feng Honglin 0 B 32653661039d 3 months ago /bin/sh -c #(nop) ADD file:699a96d49cb5954591 5.253 MB

以下6个容器 bb612870abda weaveworks/weave:1.4.1 "/home/weave/weaver -" 19 minutes ago Up 19 minutes weave 17a9f471e2af dockercloud/cleanup:latest "/run.sh" 36 minutes ago Up 32 minutes cleanup-36497.67758b38 df70acc2b092 dockercloud/logrotate:latest "crond -f" 46 minutes ago Up 32 minutes logrotate-19740.2d657c46 dbe43e78b487 dockercloud/events:latest "/events" 54 minutes ago Up 32 minutes events-95851.d4573ae0 264e7fc3f8b9 dockercloud/ntpd:latest "/run.sh" 56 minutes ago Up 32 minutes ntpd-24478.656ffdf4 5891a5325ba5 dockercloud/network-daemon:1.9.1-cs2 "/run.sh" 58 minutes ago Up 32 minutes weave-56672.b473e73d

容器描述

weave

cleaner

run.sh

#!/bin/sh

if [ ! -e "/var/run/docker.sock" ]; then
    echo "=> Cannot find docker socket(/var/run/docker.sock), please check the command!"
    exit 1
fi

if [ "${IMAGE_LOCKED}" == "**None**" ]; then
    exec /cleanup -imageCleanInterval ${IMAGE_CLEAN_INTERVAL} \
        -imageCleanDelayed ${IMAGE_CLEAN_DELAYED} \
        -volumeCleanInterval ${VOLUME_CLEAN_INTERVAL} \
        -dockerRootDir ${DOCKER_ROOT_DIR}
else
    exec /cleanup -imageCleanInterval ${IMAGE_CLEAN_INTERVAL} \
        -imageCleanDelayed ${IMAGE_CLEAN_DELAYED} \
        -volumeCleanInterval ${VOLUME_CLEAN_INTERVAL} \
        -imageLocked "${IMAGE_LOCKED}" \
        -dockerRootDir ${DOCKER_ROOT_DIR}
fi

### events

/events程序


### NTPD

docker exec -t -i 264e7fc3f8b9 /bin/sh ntpd时钟同步服务吗?  5Mb

[email protected]:/home/hjb# docker history dockercloud/ntpd
IMAGE               CREATED             CREATED BY                                      SIZE                COMMENT
6124347b2c07        8 weeks ago         /bin/sh -c #(nop) CMD ["/run.sh"]               0 B
3cc03e47b112        8 weeks ago         /bin/sh -c #(nop) ADD file:979ebd1823bd1409bc   49 B
61bc802c8939        8 weeks ago         /bin/sh -c #(nop) ADD file:3c6b3134ff4a37e34d   87 B
9d95bb3fbbae        8 weeks ago         /bin/sh -c #(nop) MAINTAINER [email protected]   0 B
463737dfe56d        9 weeks ago         /bin/sh -c #(nop) ADD file:0fc0a5ec098241ab15   4.794 MB

tutum/ntpd
Keeps the host datetime in sync

Usage
docker run -d --privileged tutum/ntpdate

* Dockerfile

最简单的Linux内核吗,只要2M

FROM alpine:latest MAINTAINER [email protected]

ADD ntpd /etc/periodic/daily/ntpd ADD run.sh /run.sh CMD ["/run.sh"]

run.sh

#!/bin/sh
/etc/periodic/daily/ntpd
exec crond -f

### network-daemon

docker inspect 5891a5325ba5

"Env": [
            "DOCKERCLOUD_SERVICE_FQDN=weave.08586b72.svc.dockerapp.io",
            "DOCKERCLOUD_NODE_HOSTNAME=ff49d6d6-d2ff-4f83-8d28-eeeeafb0d9f4",
            "DOCKERCLOUD_NODE_API_URI=/api/infra/v1/node/ff49d6d6-d2ff-4f83-8d28-eeeeafb0d9f4/",
            "DOCKERCLOUD_NODE_API_URL=https://cloud.docker.com/api/infra/v1/node/ff49d6d6-d2ff-4f83-8d28-eeeeafb0d9f4/",
            "DOCKERCLOUD_CONTAINER_HOSTNAME=weave-56672",
            "WEAVE_PASSWORD=6fcf2e51f3e50d156b49a994f6e392986ba5cc52ee0f56e4a519e3911f3b65c2301d37c08fab997788ca454c8bf3b1032b903f0edf662911df045e13a6e160e4",
            "DOCKERCLOUD_SERVICE_API_URL=https://cloud.docker.com/api/app/v1/service/08586b72-4fe8-4a9e-b2f2-90d000c417f9/",
            "DOCKERCLOUD_SERVICE_API_URI=/api/app/v1/service/08586b72-4fe8-4a9e-b2f2-90d000c417f9/",
            "DOCKERCLOUD_STREAM_HOST=wss://ws.cloud.docker.com",
            "LOGSPOUT=ignore",
            "DOCKERCLOUD_CONTAINER_API_URI=/api/app/v1/container/b473e73d-f193-4c10-8378-550101570fed/",
            "DOCKERCLOUD_CONTAINER_API_URL=https://cloud.docker.com/api/app/v1/container/b473e73d-f193-4c10-8378-550101570fed/",
            "DOCKERCLOUD_REST_HOST=https://cloud.docker.com",
            "DOCKERCLOUD_SERVICE_HOSTNAME=weave",
            "DOCKERCLOUD_STREAM_URL=wss://ws.cloud.docker.com/api/",
            "DOCKERCLOUD_PEER_COUNT=1",
            "PROCFS=/hostproc",
            "DOCKERCLOUD_BASE_URL=https://cloud.docker.com/api/",
            "DOCKERCLOUD_AUTH=Basic aHVqYjIwMDA6YjJmNDgxYmMtM2FlMy00ZjFiLWE4MzUtYjEyNGI5NTRlZGY5",
            "WEAVE_LAUNCH=",
            "DOCKERCLOUD_CONTAINER_FQDN=weave-56672.b473e73d.cont.dockerapp.io",
            "DOCKERCLOUD_NODE_FQDN=ff49d6d6-d2ff-4f83-8d28-eeeeafb0d9f4.node.dockerapp.io",
            "DOCKERCLOUD_PRIVATE_CIDR=",
            "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
            "VERSION=1.4.1",
            "WEAVE_DOCKER_ARGS=-e LOGSPOUT=ignore"
        ],


run.sh

!/bin/sh

set -e

echo "=> Using weave version: $VERSION"

echo "=> Using docker binary:" docker version

if [ "${WEAVE_LAUNCH}" = "None" ]; then echo "WEAVE_LAUNCH is None. Not running 'weave launch'" else ROUTER_PRESENT=docker ps -a | grep -c "weave:${VERSION}" || true if [ "${ROUTER_PRESENT}" = "0" ]; then echo "=> No weave router version ${VERSION} found" WEAVE_IMAGES=docker images | grep -c "weaveworks/weave:${VERSION}" || true if [ "${WEAVE_IMAGES}" = "0" ]; then echo "=> Setting up weave images" /weave --local setup fi

    echo "=> Resetting weave on the node"
    /weave --local reset
else
    echo "=> Weave router version ${VERSION} found"
fi

PRIVATE_SUBNETS=$(ip addr show | grep "eth[0-9]" | grep -oE "(10.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}/[0-9]+|172.(16|17|18|19|2[0-9]|30|31).[0-9]{1,3}.[0-9]{1,3}/[0-9]+|192.168.[0-9]{1,3}.[

0-9]{1,3}/[0-9]+)" | tr '\n' ',' | head -c -1) if [ ! -z "${DOCKERCLOUD_PRIVATE_CIDR}" ]; then

    # TODO: check which private subnets detected can be trusted
    # TRUSTED_SUBNETS="${PRIVATE_SUBNETS},${DOCKERCLOUD_PRIVATE_CIDR}"
    TRUSTED_SUBNETS="${DOCKERCLOUD_PRIVATE_CIDR}"
fi
echo "=> Marking the following private subnets as trusted (unencrypted): ${TRUSTED_SUBNETS:-none}"

if [ ! -z "${WEAVE_PASSWORD}" ]; then
    echo "=> Running: weave launch -password XXXXXX ${WEAVE_LAUNCH}"
    echo "=> Peer count: ${DOCKERCLOUD_PEER_COUNT}"
    WEAVE_EXTRA_ARGS="--password=${WEAVE_PASSWORD}"
else
    echo "!! WARNING: No \$WEAVE_PASSWORD set!"
    echo "=> Running: weave launch ${WEAVE_LAUNCH}"
    echo "=> Peer count: ${DOCKERCLOUD_PEER_COUNT}"
fi
/weave --local launch-router --conn-limit=0 --ipalloc-range=10.128.0.0/10 --trusted-subnets=${TRUSTED_SUBNETS} --no-dns --no-discovery --init-peer-count=${DOCKERCLOUD_PEER_COUNT} ${WEAVE_EXTRA_ARGS} ${WEAVE_LAUNCH} || true
sleep 2

fi

"run.sh" [readonly] 59L, 2279C