我想从 systemd 在 docker 中启动 etcd(单节点),但似乎出了点问题 - 它在启动后大约 30 秒被终止。
看起来服务以"activating"状态启动,但在大约 30 秒后终止,但未达到"active"状态。也许 docker 容器和 systemd 之间缺少任何信号?
更新(见帖子底部):systemd 服务状态达到failed (Result: timeout)- 当我删除Restart=on-failure指令时。
当我在启动后检查 etcd 服务的状态时,我得到了这个结果:
$ sudo systemctl status etcd● etcd.service - etcd Loaded: loaded (/etc/systemd/system/etcd.service; enabled; vendor preset: disabled)
Active: activating (auto-restart) (Result: exit-code) since Wed 2021-08-18 20:13:30 UTC; 4s ago
Process: 2971 ExecStart=/usr/bin/docker run -p 2380:2380 -p 2379:2379 --volume=etcd-data:/etcd-data --name etcd my-aws-account.dkr.ecr.eu-north-1.amazonaws.com/etcd:v3.5.0 /usr/local/bin/etcd --data-dir=/etcd-data --name etcd0 --advertise-client-urls http://10.0.0.11:2379 --listen-client-urls http://0.0.0.0:2379 --initial-advertise-peer-urls http://10.0.0.11:2380 --listen-peer-urls http://0.0.0.0:2380 --initial-cluster etcd0=http://10.0.0.11:2380 (code=exited, status=125)
Main PID: 2971 (code=exited, status=125)
我在 Amazon Linux 2 机器上运行它,并在启动时运行用户数据脚本。我已经确认docker.service并docker_ecr_login.service成功运行。
机器启动后不久,我可以看到 etcd 正在运行:
sudo systemctl status etcd
● etcd.service - etcd
Loaded: loaded (/etc/systemd/system/etcd.service; enabled; vendor preset: disabled)
Active: activating (start) since Wed 2021-08-18 20:30:07 UTC; 1min 20s ago
Main PID: 1573 (docker)
Tasks: 9
Memory: 24.3M
CGroup: /system.slice/etcd.service
└─1573 /usr/bin/docker run -p 2380:2380 -p 2379:2379 --volume=etcd-data:/etcd-data --name etcd my-aws-account.dkr.ecr.eu-north-1.amazonaws.com...
Aug 18 20:30:17 ip-10-0-0-11.eu-north-1.compute.internal docker[1573]: {"level":"info","ts":"2021-08-18T20:30:17.690Z","logger":"raft","caller":"...rm 2"}
Aug 18 20:30:17 ip-10-0-0-11.eu-north-1.compute.internal docker[1573]: {"level":"info","ts":"2021-08-18T20:30:17.691Z","caller":"etcdserver/serve..."3.5"}
Aug 18 20:30:17 ip-10-0-0-11.eu-north-1.compute.internal docker[1573]: {"level":"info","ts":"2021-08-18T20:30:17.693Z","caller":"membership/clust..."3.5"}
Aug 18 20:30:17 ip-10-0-0-11.eu-north-1.compute.internal docker[1573]: {"level":"info","ts":"2021-08-18T20:30:17.693Z","caller":"etcdserver/server.go:2...
Aug 18 20:30:17 ip-10-0-0-11.eu-north-1.compute.internal docker[1573]: {"level":"info","ts":"2021-08-18T20:30:17.693Z","caller":"api/capability.g..."3.5"}
Aug 18 20:30:17 ip-10-0-0-11.eu-north-1.compute.internal docker[1573]: {"level":"info","ts":"2021-08-18T20:30:17.693Z","caller":"etcdserver/serve..."3.5"}
Aug 18 20:30:17 ip-10-0-0-11.eu-north-1.compute.internal docker[1573]: {"level":"info","ts":"2021-08-18T20:30:17.693Z","caller":"embed/serve.go:9...ests"}
Aug 18 20:30:17 ip-10-0-0-11.eu-north-1.compute.internal docker[1573]: {"level":"info","ts":"2021-08-18T20:30:17.695Z","caller":"etcdmain/main.go...emon"}
Aug 18 20:30:17 ip-10-0-0-11.eu-north-1.compute.internal docker[1573]: {"level":"info","ts":"2021-08-18T20:30:17.695Z","caller":"etcdmain/main.go...emon"}
Aug 18 20:30:17 ip-10-0-0-11.eu-north-1.compute.internal docker[1573]: {"level":"info","ts":"2021-08-18T20:30:17.702Z","caller":"embed/serve.go:1...2379"}
Hint: Some lines were ellipsized, use -l to show in full.
无论 etcd 监听节点 IP (10.0.0.11) 还是 127.0.0.1,我都会得到相同的行为。
我可以在本地运行 etcd,从命令行开始(它不会在 30 秒后终止),使用:
sudo docker run -p 2380:2380 -p 2379:2379 --volume=etcd-data:/etcd-data --name etcd-local \
my-aws-account.dkr.ecr.eu-north-1.amazonaws.com/etcd:v3.5.0 \
/usr/local/bin/etcd --data-dir=/etcd-data \
--name etcd0 \
--advertise-client-urls http://127.0.0.1:2379 \
--listen-client-urls http://0.0.0.0:2379 \
--initial-advertise-peer-urls http://127.0.0.1:2380 \
--listen-peer-urls http://0.0.0.0:2380 \
--initial-cluster etcd0=http://127.0.0.1:2380
etcd 的参数类似于运行单节点 etcd-ectd 3.5 文档。
这是用于启动 etcd 的启动脚本的相关部分:
sudo docker volume create --name etcd-data
cat <<EOF | sudo tee /etc/systemd/system/etcd.service
[Unit]
Description=etcd
After=docker_ecr_login.service
[Service]
Type=notify
ExecStart=/usr/bin/docker run -p 2380:2380 -p 2379:2379 --volume=etcd-data:/etcd-data \
--name etcd my-aws-account.dkr.ecr.eu-north-1.amazonaws.com/etcd:v3.5.0 \
/usr/local/bin/etcd --data-dir=/etcd-data \
--name etcd0 \
--advertise-client-urls http://10.0.0.11:2379 \
--listen-client-urls http://0.0.0.0:2379 \
--initial-advertise-peer-urls http://10.0.0.11:2380 \
--listen-peer-urls http://0.0.0.0:2380 \
--initial-cluster etcd0=http://10.0.0.11:2380
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target
EOF
sudo systemctl enable etcd
sudo systemctl start etcd
列出机器上的所有容器时,我可以看到它一直在运行:
sudo docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a744aed0beb1 my-aws-account.dkr.ecr.eu-north-1.amazonaws.com/etcd:v3.5.0 "/usr/local/bin/etcd…" 25 minutes ago Exited (0) 24 minutes ago etcd
但我怀疑它无法重新启动,因为容器名称已经存在。
从 systemd 启动时,为什么 etcd 容器会在大约 30 秒后终止?看起来它成功启动了,但 systemd 只显示它处于“激活”状态,但从未处于“激活”状态,并且它似乎在大约 30 秒后终止。从 etcd docker 容器到 systemd 是否缺少一些信号?如果是这样,我怎样才能让那个信号正确?
更新:
删除Restart=on-failure服务单元文件中的指令后,我现在得到 status: failed (Result: timeout):
$ sudo systemctl status etcd
● etcd.service - etcd
Loaded: loaded (/etc/systemd/system/etcd.service; enabled; vendor preset: disabled)
Active: failed (Result: timeout) since Wed 2021-08-18 21:35:54 UTC; 5min ago
Process: 1567 ExecStart=/usr/bin/docker run -p 2380:2380 -p 2379:2379 --volume=etcd-data:/etcd-data --name etcd my-aws-account.dkr.ecr.eu-north-1.amazonaws.com/etcd:v3.5.0 /usr/local/bin/etcd --data-dir=/etcd-data --name etcd0 --advertise-client-urls http://127.0.0.1:2379 --listen-client-urls http://0.0.0.0:2379 --initial-advertise-peer-urls http://127.0.0.1:2380 --listen-peer-urls http://0.0.0.0:2380 --initial-cluster etcd0=http://127.0.0.1:2380 (code=exited, status=0/SUCCESS)
Main PID: 1567 (code=exited, status=0/SUCCESS)
Aug 18 21:35:54 ip-10-0-0-11.eu-north-1.compute.internal docker[1567]: {"level":"info","ts":"2021-08-18T21:35:54.332Z","caller":"osutil/interrupt...ated"}
Aug 18 21:35:54 ip-10-0-0-11.eu-north-1.compute.internal docker[1567]: {"level":"info","ts":"2021-08-18T21:35:54.333Z","caller":"embed/etcd.go:36...379"]}
Aug 18 21:35:54 ip-10-0-0-11.eu-north-1.compute.internal docker[1567]: WARNING: 2021/08/18 21:35:54 [core] grpc: addrConn.createTransport failed ...ing...
Aug 18 21:35:54 ip-10-0-0-11.eu-north-1.compute.internal docker[1567]: {"level":"info","ts":"2021-08-18T21:35:54.335Z","caller":"etcdserver/serve...6a6c"}
Aug 18 21:35:54 ip-10-0-0-11.eu-north-1.compute.internal docker[1567]: {"level":"info","ts":"2021-08-18T21:35:54.337Z","caller":"embed/etcd.go:56...2380"}
Aug 18 21:35:54 ip-10-0-0-11.eu-north-1.compute.internal docker[1567]: {"level":"info","ts":"2021-08-18T21:35:54.338Z","caller":"embed/etcd.go:56...2380"}
Aug 18 21:35:54 ip-10-0-0-11.eu-north-1.compute.internal docker[1567]: {"level":"info","ts":"2021-08-18T21:35:54.339Z","caller":"embed/etcd.go:36...379"]}
Aug 18 21:35:54 ip-10-0-0-11.eu-north-1.compute.internal systemd[1]: Failed to start etcd.
Aug 18 21:35:54 ip-10-0-0-11.eu-north-1.compute.internal systemd[1]: Unit etcd.service entered failed state.
Aug 18 21:35:54 ip-10-0-0-11.eu-north-1.compute.internal systemd[1]: etcd.service failed.
Hint: Some lines were ellipsized, use -l to show in full.
更新:发布测试数据并根据收到的评论整合更新。正如最初所想的那样,systemd 集成不需要 docker -d 。根据我的经验,Michael 指出的 Type= 设置似乎比将服务的守护程序状态卸载到 docker 更重要。正如我最初解释的那样,OP 问题乍一看似乎是没有背景的副作用。在进一步测试后,这个背景似乎无关紧要。
请注意,OP 中使用的 Amazon AWS 映像不是我可以测试或直接排除故障的。此处显示了 etcd 和 systemd 的对比示例,以帮助配置类似于我的端点系统。系统详情:
系统配置
我最终得到了以下 systemd 服务文件。请注意 Type=simple,因为 Michael 建议在回复中澄清这一点(显然,我自己对这块拼图的理解)。您可以在此处了解有关 systemd 类型的更多信息:
https://www.freedesktop.org/software/systemd/man/systemd.service.html
类型很重要;更重要的是,我最初对 simple as type 的理解是短视地关注缺乏与 systemd 的通信,这导致我忽略了类型设置对来自被调用应用程序的响应所做的适用行为(在这种情况下码头工人)。
删除类型或将类型添加到简单类型,无论如何都会导致相同的行为。我的测试中的以下配置工作可靠,在 docker run 命令中是否存在 -d 也是如此:
笔记
docker ps显示容器正在运行,但systemctl status container-etcd显示为已退出且处于非活动状态。确认
在更新 systemd 服务文件、执行 daemon-reload 等之后,我执行到容器中并针对 etcd 运行测试命令:
docker exec -it etcd shetcdctl --endpoints=http://10.4.4.132:2379 member list结果