docker daemon
在容器管理的链路中,Docker Engine的实现就是dockerd daemon,它在linux中需要以root运行,dockerd调用containerd,containerd调用containerd-shim,然后才能调用runC。
- containerd-shim: shim起的作用也就是“垫片”,避免父进程退出影响容器的运行
- convention: port 2375 for raw communication
- convention: port 2376 for TLS communication
- No multiple dockerd in same machine simutaneously
failed to start daemon, ensure docker is not running or delete /var/run/docker.pid: process with PID 131867 is still running
- Docker Desktop: Settings -> General -> check [Expose daemon on tcp://localhost:2375 without TLS]
- Click [Apply & Restart]
- [Workaround for Docker Desktop bug]:
Quit Docker Desktopand then run it again.
Ref: https://blog.bartekr.net/2020/09/01/have-problems-with-docker-desktop-for-windows-home-yeah-me-too/
inline config and daemon.json config are mutual exclusive
/usr/bin/dockerd -H unix:///var/run/docker.sock -H tcp://127.0.0.1:2375
-
sudo vi /etc/docker/daemon.jsonor~/.config/docker/daemon.json(for rootless) and edit like{ ... "hosts": ["unix:///var/run/docker.sock", "tcp://0.0.0.0:2375"] }
-
configure service
sudo systemctl edit docker.serviceto add or modify the following lines, substituting your own values.[Service] ExecStart= ExecStart=/usr/bin/dockerd -H unix:///var/run/docker.sock -H tcp://0.0.0.0:2375or create a
docker.confsudo curl https://raw.githubusercontent.com/davidkhala/linux-utils/main/apps/docker/docker.conf --create-dirs -o /etc/systemd/system/docker.service.d/docker.conf -
restart service
sudo systemctl daemon-reload sudo systemctl restart docker.service
sudo /usr/bin/dockerd- check result by
sudo netstat -lntp | grep dockerd
Ping the docker socket
sudo curl --unix-socket /var/run/docker.sock http://localhost/_ping
Or Ping the API endpoint
curl http://localhost:2375/_ping
Or use another docker host by specifying global flag -H
docker -H tcp://127.0.0.1:2375 ps