mkdir: cannot create directory 'cpuset': Read-only file system (docker容器中无法使用service启动ubuntu)
发生的经过:我在docker中运行了ubuntu,然后在这个ubuntu中想要运行docker,虽然安装成功了,但是运行失败,
如下为结果,其中前提是docker中的ubuntu容器默认用户是root,所以该权限已经拿到了可支持的最高。
root@83bae805ed89:/home# service docker start
mkdir: cannot create directory 'cpuset': Read-only file system
原因:两中错误可能,一是系统挂载失败,二是权限不足。
- 对于问题一:可以重新挂载
先通过mount查看那些变成了ro(只读),这边建议过滤一下使用 mount | grep -w ro
root@83bae805ed89:/home# mount | grep -w ro
sysfs on /sys type sysfs (ro,nosuid,nodev,noexec,relatime)
cgroup on /sys/fs/cgroup type cgroup2 (ro,nosuid,nodev,noexec,relatime,nsdelegate,memory_recursiveprot)
/dev/nvme0n1p2 on /etc/resolv.conf type ext4 (rw,relatime,errors=remount-ro)
/dev/nvme0n1p2 on /etc/hostname type ext4 (rw,relatime,errors=remount-ro)
/dev/nvme0n1p2 on /etc/hosts type ext4 (rw,relatime,errors=remount-ro)
proc on /proc/bus type proc (ro,nosuid,nodev,noexec,relatime)
proc on /proc/fs type proc (ro,nosuid,nodev,noexec,relatime)
proc on /proc/irq type proc (ro,nosuid,nodev,noexec,relatime)
proc on /proc/sys type proc (ro,nosuid,nodev,noexec,relatime)
proc on /proc/sysrq-trigger type proc (ro,nosuid,nodev,noexec,relatime)
tmpfs on /proc/asound type tmpfs (ro,relatime,inode64)
tmpfs on /proc/acpi type tmpfs (ro,relatime,inode64)
tmpfs on /proc/scsi type tmpfs (ro,relatime,inode64)
tmpfs on /sys/firmware type tmpfs (ro,relatime,inode64)
对比我之间可以启动的容器,proc开始为失败的挂载
然后重新挂载
使用 # mount -o remount,rw /proc/bus 或者 # fuser -m /proc/bus
但是我都失败了,所以使用方式二
- 对于问题二,就使用root,如果是本身就是最高权限,然就是在docker run容器时候提高权限,使用 --privileged=true 或者 --privileged
eg:
root@t17257:/# docker run -itd --name node01 --privileged=true ubuntu
或者
root@t17257:/# docker run -itd --name node01 --privileged ubuntu
结果,这其就是service创建文件失败
root@1c4ddefadaef:~# service docker start
mount: /sys/fs/cgroup/cpuset: permission denied.
mount: /sys/fs/cgroup/cpu: permission denied.
mount: /sys/fs/cgroup/cpuacct: permission denied.
mount: /sys/fs/cgroup/blkio: permission denied.
mount: /sys/fs/cgroup/memory: permission denied.
mount: /sys/fs/cgroup/devices: permission denied.
mount: /sys/fs/cgroup/freezer: permission denied.
mount: /sys/fs/cgroup/net_cls: permission denied.
mount: /sys/fs/cgroup/perf_event: permission denied.
mount: /sys/fs/cgroup/net_prio: permission denied.
mount: /sys/fs/cgroup/hugetlb: permission denied.
mount: /sys/fs/cgroup/pids: permission denied.
mount: /sys/fs/cgroup/rdma: permission denied.
mount: /sys/fs/cgroup/misc: permission denied.
* Starting Docker: docker
root@1c4ddefadaef:~#
- 虽然还有一些sys的挂载失败,但是docker已经运行成功了:
root@1c4ddefadaef:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
root@1c4ddefadaef:~#
浙公网安备 33010602011771号