监控docker
下载sysdig/sysdig
docker pull sysdig/sysdig
[root@localhost ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE sysdig/sysdig latest 150a67cf5648 5 weeks ago 740MB
运行sysdig
[root@localhost ~]# docker container run -dit --rm --name=sysdig --privileged=true --volume=/var/run/docker.sock:/host/var/run/docker.sock --volume=/dev:/host/dev --volume=/proc:/host/proc:ro --volume=/boot:/host/boot:ro --volume=/lib/modules:/host/lib/modules:ro --volume=/usr:/host/usr:ro sysdig/sysdig WARNING: IPv4 forwarding is disabled. Networking will not work. 56b65a31fa5512eaeab022ff20d39e4fac155d22438ce255930967d6fe7a8eef
随意的跑几个容器
[root@localhost ~]# docker run -dit --name=nginx1 nginx:latest WARNING: IPv4 forwarding is disabled. Networking will not work. 9bef7d9af89d25dc3722b429982f8623bc175ec8c7fb963cccef5685ef4bb7e3 [root@localhost ~]# docker run -dit --name=nginx2 nginx:latest WARNING: IPv4 forwarding is disabled. Networking will not work. f6e28f285453ca30cc74c9c190072624354b97f5fd584da96ac3ca917dd55f42 [root@localhost ~]# docker run -dit --name=busybox1 busybox:latest WARNING: IPv4 forwarding is disabled. Networking will not work. 3b24037d4e9f10519f501ceefd2a50510f50801ce62e1052f87c675a13a6fdc9 [root@localhost ~]# docker run -dit --name=busybox2 busybox:latest WARNING: IPv4 forwarding is disabled. Networking will not work. 2960d028dff6a42eb4edb05fd353549d745b4c4e68c7552294b1a00d5dbb5948
解决报错WARNING: IPv4 forwarding is disabled. Networking will not work.
解决方式:
第一步:在宿主机上执行echo "net.ipv4.ip_forward=1" >>/usr/lib/sysctl.d/00-system.conf
第二步:重启network和docker服务
[root@localhost /]# systemctl restart network && systemctl restart docker
进入容器
[root@localhost ~]# docker container exec -it sysdig bash
root@d9ce26773f7b:/# csysdig ##将以交互方式启动sysdig
可以看到我们刚才跑的所有的容器
按F2进入菜单F10退出或者是ctrl+c
Weave Scope
Weave Scope最大的特点是会自动生成docker容器的地图,让我们能够更直观理解,监控和控制容器
执行以下脚本安装运行weave scope
[root@localhost ~]# curl -L git.io/scope -o /usr/local/bin/scope % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 0 0 0 0 0 0 0 0 --:--:-- 0:00:06 --:--:-- 0 0 0 0 0 0 0 0 0 --:--:-- 0:00:09 --:--:-- 0 100 616 100 616 0 0 56 0 0:00:11 0:00:10 0:00:01 443 100 11664 100 11664 0 0 755 0 0:00:15 0:00:15 --:--:-- 3400
给予执行权限
[root@localhost ~]# chmod a+x /usr/local/bin/scope
运行weave scope
[root@localhost ~]# scope launch
Unable to find image 'weaveworks/scope:1.13.1' locally
1.13.1: Pulling from weaveworks/scope
c9b1b535fdd9: Pull complete
550073704c23: Pull complete
8738e5bbaf1d: Pull complete
0a8826d26027: Pull complete
387c1aa951b4: Pull complete
e72d45461bb9: Pull complete
75cc44b65e98: Pull complete
11f7584a6ade: Pull complete
a5aa3ebbe1c2: Pull complete
7cdbc028c8d2: Pull complete
Digest: sha256:4342f1c799aba244b975dcf12317eb11858f9879a3699818e2bf4c37887584dc
Status: Downloaded newer image for weaveworks/scope:1.13.1
b04ae2b0782adabdeb7c2c438f6b9f3b14778f1b3aa02659a1ee8e40bba46896
Scope probe started
Weave Scope is listening at the following URL(s):
* http://192.168.172.130:4040/
访问http://192.168.172.130:4040/
可以看到我刚才运行的所有容器
