Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Docker使ってたらサーバがゴミ捨て場みたいになってた話

Yuuki Tsubouchi (yuuk1)
March 25, 2014
Technology
5
24k

 Docker使ってたらサーバがゴミ捨て場みたいになってた話

Immutable Infrastructure Conference #1

Yuuki Tsubouchi (yuuk1)

March 25, 2014
Tweet

More Decks by Yuuki Tsubouchi (yuuk1)

See All by Yuuki Tsubouchi (yuuk1)
AI時代に向けたクラウドにおける信頼性エンジニアリングの未来構想 / DICOMO2022 6A-1
yuukit
6
1.6k
AIOps研究録―SREのための
システム障害の自動原因診断 / SRE NEXT 2022
yuukit
7
8.9k
Interactive AIOps
yuukit
0
1.3k
Meltria: マイクロサービスにおける
異常検知・原因分析のための
データセットの動的生成システム / Meltria in IOTS2021
yuukit
1
1k
AIOpsの研究動向と
AIOps向けデータセットの動的生成の研究 / Introducing AIOps and A Dynamic Datasets Generating System
yuukit
1
430
分散アプリケーションの高信頼化のための
運用技術に関する研究 / A Study on Operation Technology for High Reliability of Distributed Applications
yuukit
1
560
ネットワークサービスの依存発見に向いた
TCP/UDP通信の低負荷なトレース手法 / Low Overhead TCP-UDP Tracing in Kernel
yuukit
5
3.2k
クラウドのシステム運用技術に機械学習を応用する研究 / CLOUD AI
yuukit
4
2.6k
TSifter: マイクロサービスにおける性能異常の迅速な診断に向いた時系列データの次元削減手法 / TSifter in proceedings of IOTS2020
yuukit
1
1.8k

Other Decks in Technology

See All in Technology
NGINXENG JP#2 - 3-NGINX Plus・プロダクトのアップデート
hiropo20
0
260
組織に対してSREを適用するとどうなるか
kuniim
9
3.1k
Bill One 開発エンジニア 紹介資料
sansantech
PRO
0
140
re:Inventで発表があったIoT事例の紹介と考察
kizawa2020
0
200
💰年度末予算消化祭💰 Large Memory Instance で 画像分類してみた
__allllllllez__
0
120
PCI DSS に準拠したシステム開発
yutadayo
0
320
MLOps Workshopでの学びと弥生の研究開発基盤 / takeaways from MLOps workshop and YAYOI's research and development infrastructure
yayoi_dd
0
250
cdk deployに必要な権限ってなんだ?
kinyok
1
230
地方自治体業務あるある ーアナログ最適化編-
y150saya
1
300
OpenShiftのリリースノートを整理してみた
loftkun
2
460
FlexScan HD2452Wの 後継を探して
tring
0
6.6k
AWS re:Invent 2022で発表された新機能を試してみた ~Cloud OperationとSecurity~ / New Cloud Operation and Security Features Announced at AWS reInvent 2022
yuj1osm
1
230

Featured

See All Featured
A Philosophy of Restraint
colly
193
15k
VelocityConf: Rendering Performance Case Studies
addyosmani
317
22k
Art, The Web, and Tiny UX
lynnandtonic
284
18k
4 Signs Your Business is Dying
shpigford
171
20k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
657
120k
KATA
mclloyd
12
9.7k
Designing for Performance
lara
600
65k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
152
13k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
22
1.7k
Faster Mobile Websites
deanohume
295
29k
Testing 201, or: Great Expectations
jmmastey
25
5.7k
Building Applications with DynamoDB
mza
85
5k

Transcript

  1. id:y_uuki / @y_uuk1

  2. None

  3. %PDLFS࢖ͬͯͨΒαʔό͕ ΰϛࣺͯ৔Έ͍ͨʹͳͬͯͨ࿩ *NNVUBCMF*OGSBTUSVDUVSF$POGFSFODF

  4. None

  6. MPBEBWH͕௒͑ͨ

  7. • curl http://<jenkins>:8000/job/project • timeout • ssh <jenkins> • timeout

    • Dom0 ͔Β ήετOSʹϩάΠϯͯ͠ top

  8. UPQVQEBZT  VTFST MPBEBWFSBHF   5BTLTUPUBM SVOOJOH TMFFQJOH TUPQQFE

    [PNCJF $QVVT TZ OJ JE XB IJ TJ TU $QVVT TZ OJ JE XB IJ TJ TU $QVVT TZ OJ JE XB IJ TJ TU $QVVT TZ OJ JE XB IJ TJ TU $QVVT TZ OJ JE XB IJ TJ TU $QVVT TZ OJ JE XB IJ TJ TU $QVVT TZ OJ JE XB IJ TJ TU $QVVT TZ OJ JE XB IJ TJ TU $QVVT TZ OJ JE XB IJ TJ TU $QVVT TZ OJ JE XB IJ TJ TU $QVVT TZ OJ JE XB IJ TJ TU $QVVT TZ OJ JE XB IJ TJ TU $QVVT TZ OJ JE XB IJ TJ TU $QVVT TZ OJ JE XB IJ TJ TU $QVVT TZ OJ JE XB IJ TJ TU $QVVT TZ OJ JE XB IJ TJ TU ,J#.FNUPUBM VTFE GSFF CV⒎FST ,J#4XBQUPUBM VTFE GSFF DBDIFE

  9. w QSPDFTTFT w -9$ͷϓϩηε͕͏Α͏Αͯ͠ɺϝϞϦ৯͍ͭ Ϳͯ͠TXBQ |-docker -d -p /var/run/docker.pid -H

    tcp://0.0.0.0:5555 -H unix:///var/run/docker.sock | |-lxc-start -n 718e7f86d172fc7af7599e0f6472205c986fcc8bf51336ed1a5030900652abfs -f… | |-lxc-start -n 542e7f86d172fc7af7599e0f6472205c986fcc8bf51336ed1a5030900652a2b3 -f… | |-lxc-start -n 983e7f86d172fc7af7599e0f6472205c986fcc8bf51336ed1a5030900652ad00 -f… | |-lxc-start -n 271e7f86d172fc7af7599e0f6472205c986fcc8bf51336ed1a5030900652a111 -f… | |-lxc-start -n 323e7f86d172fc7af7599e0f6472205c986fcc8bf51336ed1a5030900652a1f2 -f… | |-lxc-start -n 789e7f86d172fc7af7599e0f6472205c986fcc8bf51336ed1a5030900652a1f2 -f... w EPDLFSTUPQLJMM[email protected]͚ͩͩͱϓϩ ηε͸ࢮΜͰ͘Εͳ͍

  10. 0 * * * * root docker rm $(docker ps

    -a -q)

  11. σΟεΫϦϓλ਺͕ ௒͑ͨ

  12. 2014/02/13 18:18:46 Error: start: Cannot start container d42e47e9e6bce9770f1d6d940944fc9e3f9a50a00baceaf21bfa9b1bbfced6d6: pipe2: too

    many open files

  13. # lsof -p <docker pid> | wc -l 1021 !

    # cat /proc/<docker pid>/limits | grep files Max open files 1024 4096 files

  14. root 31084 0.0 0.0 0 0 ? S< 2013 0:00

    [ext4-dio-unwrit] root 31105 0.0 0.0 0 0 ? S< 2013 0:00 [kdmflush] root 31107 0.0 0.0 0 0 ? S< 2013 0:00 [bioset] root 31109 0.0 0.0 0 0 ? S 2013 0:00 [jbd2/dm-1793-8] root 31110 0.0 0.0 0 0 ? S< 2013 0:00 [ext4-dio-unwrit] root 31126 0.0 0.0 0 0 ? S< 2013 0:00 [kdmflush] root 31128 0.0 0.0 0 0 ? S< 2013 0:00 [bioset] root 31131 0.0 0.0 0 0 ? S 2013 0:00 [jbd2/dm-1794-8] root 31132 0.0 0.0 0 0 ? S< 2013 0:00 [ext4-dio-unwrit] root 31153 0.0 0.0 0 0 ? S< 2013 0:00 [kdmflush] root 31155 0.0 0.0 0 0 ? S< 2013 0:00 [bioset] root 31157 0.0 0.0 0 0 ? S 2013 0:00 [jbd2/dm-1795-8] root 31159 0.0 0.0 0 0 ? S< 2013 0:00 [ext4-dio-unwrit] root 31176 0.0 0.0 0 0 ? S< 2013 0:00 [kdmflush] root 31178 0.0 0.0 0 0 ? S< 2013 0:00 [bioset] root 31180 0.0 0.0 0 0 ? S 2013 0:00 [jbd2/dm-1796-8] root 31181 0.0 0.0 0 0 ? S< 2013 0:00 [ext4-dio-unwrit] root 31203 0.0 0.0 0 0 ? S< 2013 0:00 [kdmflush] root 31204 0.0 0.0 0 0 ? S< 2013 0:00 [bioset] root 31206 0.0 0.0 0 0 ? S 2013 0:00 [jbd2/dm-1797-8] root 31207 0.0 0.0 0 0 ? S< 2013 0:00 [ext4-dio-unwrit] root 31229 0.0 0.0 0 0 ? S< 2013 0:00 [kdmflush] root 31231 0.0 0.0 0 0 ? S< 2013 0:00 [bioset] root 31234 0.0 0.0 0 0 ? S 2013 0:00 [jbd2/dm-1798-8] root 31235 0.0 0.0 0 0 ? S< 2013 0:00 [ext4-dio-unwrit] root 31247 0.0 0.0 0 0 ? S< 2013 0:00 [kdmflush] root 31249 0.0 0.0 0 0 ? S< 2013 0:00 [bioset] root 31251 0.0 0.0 0 0 ? S 2013 0:00 [jbd2/dm-1799-8] root 31252 0.0 0.0 0 0 ? S< 2013 0:00 [ext4-dio-unwrit]

  15. • lsof -p <docker pid> • /dev/mapper/docker-xxx … Έ͍ͨͳΛ΍ͨΒ ͱั·͑ͯΔ

    • mount /dev/mapper/docker-202:1-3019790-<sha1> on /var/lib/docker/devicemapper/mnt/ <sha1> type ext4 (rw,relatime,discard,stripe=16,data=ordered) /dev/mapper/docker-202:1-3019790-<sha1> on /var/lib/docker/devicemapper/mnt/ <sha1> type ext4 (rw,relatime,discard,stripe=16,data=ordered) /dev/mapper/docker-202:1-3019790-<sha1> on /var/lib/docker/devicemapper/mnt/ <sha1> type ext4 (rw,relatime,discard,stripe=16,data=ordered) ……..

  16. docker lxc-start … lxc-start … lxc-start … lxc-start … /dev/mapper/docker-xxx:…

    ɾ ɾ ɾ /dev/mapper/docker-xxx:… /dev/mapper/docker-xxx:… /dev/mapper/docker-xxx:… /dev/mapper/docker-xxx:… /dev/mapper/docker-xxx:… /dev/mapper/docker-xxx:… /dev/mapper/docker-xxx:… /dev/mapper/docker-xxx:… /dev/mapper/docker-xxx:… /dev/mapper/docker-xxx:… /dev/mapper/docker-xxx:… fork open open open open

  17. Device mapper • Docker ͷΠϝʔδࠩ෼؅ཧΛࢧ͑Δٕज़ͷ1ͭ • aufs, btrfs ͳͲͰ୅ସՄೳ •

    Ծ૝తͳϒϩοΫσόΠεΛͭ͘ΕΔ • Ծ૝తͳϒϩοΫσόΠεΛελοΫͰ͖Δ • ࠩ෼؅ཧ • ࠩ෼͋ͨΓɺ1 mount -> 1 open ??

  18. 0 * * * * root docker rm -v $(docker

    ps -a -q) 1 * * * * root df | cut -d" " -f1 | grep docker | xargs umount /FX

  19. κϯϏϓϩηε਺͕ ௒͑ͨ

  20. ! Tasks: 3020 total, 5 running, 2700 sleeping, 0 stopped,

    315 zombie

  21. • κϯϏʹͳͬͨLXCϓϩηε͕௫ΜͰΔ /dev/ mapper-xxx ͕ Resource Busy ʹͳͬͯͯ umount Ͱ͖ͳ͍

    • ଟ෼ɺdocker rm ͰLXCϓϩηεΛ͏·͘ࡴͤͯ ͳͯ͘κϯϏʹͳͬͯΔ

  22. 0 * * * * root docker rm -v $(docker

    ps -a -q) 1 * * * * root df | cut -d" " -f1 | grep docker | xargs umount 0 10 * * * root service docker restart /FX

  23. 0 * * * * root docker rm -v $(docker

    ps -a -q) 1 * * * * root df | cut -d" " -f1 | grep docker | xargs umount 0 10 * * * root service docker restart 59 * * * * root docker ps | grep Ghost | cut -d" " -f1 | xargs docker kill 2 * * * * root docker rmi $(docker images | awk '/^<none>/ { print $3 }') /FX /FX

  24. %JTQPTBCMF

  25.  ͜͜·Ͱ

  26.  https://github.com/dotcloud/docker/blob/master/CHANGELOG.md#080-2014-02-04 https://github.com/dotcloud/docker/blob/master/CHANGELOG.md#081-2014-02-18

  27. • Refactor the devicemapper code to avoid many mount/unmount race

    conditions and failures! • Remove directory when removing devicemapper device. This cleans up leftover mount directories! • Avoid extra mount/unmount during container registration. This removes an unneeded mount/unmount operation which was causing problems with devicemapper! • Clean up archive closing. This fixes and improves archive handling! • Avoid temporarily unmounting the container when restarting it. This fixes a race for devicemapper during restart

  28.  https://github.com/dotcloud/docker/blob/master/CHANGELOG.md#090-2014-03-10

  29. • Avoid extra mount/unmount during build. This fixes mount/unmount related

    errors during build.! • Make --rm the default for docker build.! • Devicemapper: cleanups and fix for unmount. Fixes two problems which were causing unmount to fail intermittently.! • Devicemapper: remove directory when removing device. Directories don't get left behind when removing the device.! • Add -f flag to docker rm to force removal of running containers.! • Kill ghost containers and restart all ghost containers when the docker daemon restarts.

  30. Clean Infrastructure