docker: invalid reference format.

// 原因是 -d后的参数有问题,bitnami/etcd:3:3.13 3后面的冒号(:)应该为(.)

  1. [root@test-oraymsgd cronsun]# docker run \
  2. >     --name cronsun-etcd \
  3. >     --restart always \
  4. >     -e ETCD_ROOT_PASSWORD=123456 \
  5. >     -p 2379:2379 -p 2380:2380 \
  6. >     -d bitnami/etcd:3:3.13
  7. docker: invalid reference format.
  8. See 'docker run --help'.
  9. [root@test-oraymsgd cronsun]#

root没有权限删除docker容器

提示错误 “desc = permission denied”

  1. root@ywh:~# docker rm tomcat -f 
  2. Error response from daemon: Could not kill running container 05be338112e5035b8d28d710466bd7790a5a194803e51728b76af1d77c275a4e, cannot remove - Cannot kill container 05be338112e5035b8d28d710466bd7790a5a194803e51728b76af1d77c275a4e: rpc error: code = 7 desc = permission denied
  3. root@ywh:~# sudo systemctl disable apparmor.service --now
  4. Synchronizing state of apparmor.service with SysV service script with /lib/systemd/systemd-sysv-install.
  5. Executing: /lib/systemd/systemd-sysv-install disable apparmor
  6. root@ywh:~# 
  7. root@ywh:~#

dmesg

  1. [96065.346367] audit: type=1400 audit(1631629295.506:38): apparmor="DENIED" operation="signal" profile="docker-default" pid=15626 comm="docker-containe" requested_mask="receive" denied_mask="receive" signal=kill peer="snap.docker.dockerd"
  2. [96072.385972] audit: type=1400 audit(1631629302.546:39): apparmor="DENIED" operation="signal" profile="docker-default" pid=15626 comm="docker-containe" requested_mask="receive" denied_mask="receive" signal=kill peer="snap.docker.dockerd"

解决

参考:https://forums.docker.com/t/can-not-stop-docker-container-permission-denied-error/41142/6

https://stackoverflow.com/questions/47223280/docker-containers-can-not-be-stopped-or-removed-permission-denied-error

  1. 检查状态:sudo aa-status
  2. 关闭并阻止它重新启动:sudo systemctl disable apparmor.service --now
  3. 卸载 AppArmor 配置文件:sudo service apparmor teardown
  4. 检查状态:sudo aa-status
  6. root@ywh:~# sudo service apparmor teardown
  7.  * Unloading AppArmor profiles                                                                    [ OK ] 
  8. root@ywh:~# 
  9. root@ywh:~# sudo aa-status
  10. apparmor module is loaded.
  11. 0 profiles are loaded.
  12. 0 profiles are in enforce mode.
  13. 0 profiles are in complain mode.
  14. 0 processes have profiles defined.
  15. 0 processes are in enforce mode.
  16. 0 processes are in complain mode.
  17. 0 processes are unconfined but have a profile defined.
  18. root@ywh:~# 
  19. root@ywh:~# docker ps 
  20. CONTAINER ID   IMAGE             COMMAND             CREATED          STATUS          PORTS                    NAMES
  21. 05be338112e5   feisky/tomcat:8   "catalina.sh run"   33 minutes ago   Up 33 minutes   0.0.0.0:8080->8080/tcp   tomcat
  22. root@ywh:~# docker rm -f tomcat
  23. tomcat

dmesg

  1. [97087.618497] docker0: port 1(veth80cbdfa) entered disabled state
  2. [97087.620260] veth5a16874: renamed from eth0
  3. [97087.667928] docker0: port 1(veth80cbdfa) entered disabled state
  4. [97087.672681] device veth80cbdfa left promiscuous mode
  5. [97087.672689] docker0: port 1(veth80cbdfa) entered disabled state

iptables failed

  1. ERROR: Failed to Setup IP tables: Unable to enable SKIP DNAT rule:  (iptables failed: iptables --wait -t nat -I DOCKER -i br-2add1a39bc5d -j RETURN: iptables: No chain/target/match by that name.

解决:
原因是关闭防火墙之后docker需要重启,执行以下命令重启docker即可:service docker restart

docker panic

docker panic: standard_init_linux.go:178: exec user process caused “exec format error”

解决:
运行脚本中指定解释器,添加 #!/bin/bash

docker启动失败

  1. [root@centos7 ~]# systemctl status docker.service
  2.  docker.service - Docker Application Container Engine
  3.    Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
  4.    Active: inactive (dead) since  2020-06-30 10:10:29 CST; 1min 0s ago
  5.      Docs: https://docs.docker.com
  6.   Process: 1643 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock (code=exited, status=1/FAILURE)
  7.  Main PID: 1643 (code=exited, status=1/FAILURE)
  9. 6 30 10:10:29 centos7 systemd[1]: start request repeated too quickly for docker.service
  10. 6 30 10:10:29 centos7 systemd[1]: Failed to start Docker Application Container Engine.
  11. 6 30 10:10:29 centos7 systemd[1]: Unit docker.service entered failed state.
  12. 6 30 10:10:29 centos7 systemd[1]: docker.service failed.
  13. 6 30 10:11:15 centos7 systemd[1]: start request repeated too quickly for docker.service
  14. 6 30 10:11:15 centos7 systemd[1]: Failed to start Docker Application Container Engine.
  15. 6 30 10:11:15 centos7 systemd[1]: docker.service failed.
  16. 6 30 10:11:18 centos7 systemd[1]: start request repeated too quickly for docker.service
  17. 6 30 10:11:18 centos7 systemd[1]: Failed to start Docker Application Container Engine.
  18. 6 30 10:11:18 centos7 systemd[1]: docker.service failed.

排查步骤:
可能是编辑daemon.json文件中的内容有错才导致启动失败,我检查了好几次该文件的内容,因为是复制的内容,所以符号是中文的,单词也拼写错误,需要注意的几点如下:
1、注意符号是否是英文符号
2、单词是否拼写正确
3、json文件格式是否正确

timeout

docker pull harbor.xxx.com/xxx/apisvr:1.3.6
Error response from daemon: Get https://harbor.xxx.com/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)

排查步骤:
1、nc -vz harbor.xxx.com port看是否通

主要就是排查是否通

资源不足

image.png