月度归档 2021-02-23

非root用戶沒有權限運行docker命令

問題描述

[[email protected] ~]$ docker ps
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.26/containers/json: dial unix /var/run/docker.sock: connect: permission denied

問題分析

Manage Docker as a non-root user

The docker daemon binds to a Unix socket instead of a TCP port. By
default that Unix socket is owned by the user root and other users can
only access it using sudo. The docker daemon always runs as the root
user.

If you don’t want to use sudo when you use the docker command, create
a Unix group called docker and add users to it. When the docker daemon
starts, it makes the ownership of the Unix socket read/writable by the
docker group.

解決辦法

# 添加docker用户组
[[email protected] ~]$ sudo groupadd docker

# 将登陆用户加入到docker用户组中
[[email protected] ~]$ sudo gpasswd -a $USER docker

# 更新用户组
[[email protected] ~]$ sudo newgrp docker

# 重啓 docker 服務
[[email protected] ~]$ sudo systemctl restart docker.service

# 授權 docker.sock 
[[email protected] ~]$ sudo chmod a+rw /var/run/docker.sock

批量新增用戶至docker用戶組脚本

#!/bin/bash
#author by Michael Ho

# 用戶列表
user_array=(
    zhouj
    zhangmy
    caimz
    yuy
)

# 新增用戶到docker群組中
add_user() {

    if [[ $EUID -ne 0 ]]; then
        echo -ne "\033[31mThis scripts must be run as root ..\033[0m"
        exit 1
    fi

    groupadd docker

    for i in ${user_array[*]}; do
        gpasswd -a $i docker
        echo -ne "\033[32m 已將 $i 加入到 docker 用戶組! \033[0m"
    done

    newgrp docker
}

# main函式
main() {
    add_user

    # 重啓 docker 服務
    systemctl restart docker.service

    # 授權 docker.sock 
    chmod a+rw /var/run/docker.sock
}

# 程式入口
main

windows安裝pip報錯問題

安裝pip時報錯現象如下

D:\>python get-pip.py
C:\Python38\lib\site-packages\setuptools\distutils_patch.py:25: UserWarning: Distutils was imported before Setuptools. This usage is discouraged and may exhibit undesirable behaviors or errors. Please use Setuptools' objects directly or at least import Setuptools first.
  warnings.warn(
Looking in indexes: http://pypi.douban.com/simple
WARNING: The repository located at pypi.douban.com is not a trusted or secure host and is being ignored. If this repository is available via HTTPS we recommend you use HTTPS instead, otherwise you may silence this warning and allow it anyway with '--trusted-host pypi.douban.com'.
ERROR: Could not find a version that satisfies the requirement pip
ERROR: No matching distribution found for pip
WARNING: The repository located at pypi.douban.com is not a trusted or secure host and is being ignored. If this repository is available via HTTPS we recommend you use HTTPS instead, otherwise you may silence this warning and allow it anyway with '--trusted-host pypi.douban.com'.

D:\>curl https://bootstrap.pypa.io/get-pip.py | python3。
'python3。' 不是内部或外部命令,也不是可运行的程序
或批处理文件。

D:\>
D:\>curl https://bootstrap.pypa.io/get-pip.py | python
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 1882k  100 1882k    0     0   171k      0  0:00:11  0:00:11 --:--:--  152k
C:\Python38\lib\site-packages\setuptools\distutils_patch.py:25: UserWarning: Distutils was imported before Setuptools. This usage is discouraged and may exhibit undesirable behaviors or errors. Please use Setuptools' objects directly or at least import Setuptools first.
  warnings.warn(
Looking in indexes: http://pypi.douban.com/simple
WARNING: The repository located at pypi.douban.com is not a trusted or secure host and is being ignored. If this repository is available via HTTPS we recommend you use HTTPS instead, otherwise you may silence this warning and allow it anyway with '--trusted-host pypi.douban.com'.
ERROR: Could not find a version that satisfies the requirement pip
ERROR: No matching distribution found for pip
WARNING: The repository located at pypi.douban.com is not a trusted or secure host and is being ignored. If this repository is available via HTTPS we recommend you use HTTPS instead, otherwise you may silence this warning and allow it anyway with '--trusted-host pypi.douban.com'.

解決辦法

  • 在系统目录C:\Users\用户\AppData\Roaming新建pip文件夹
  • 在pip文件夹下新建pip.ini文件,并写入如下配置:
[global]
index-url = http://mirrors.aliyun.com/pypi/simple/
[install]
trusted-host = mirrors.aliyun.com

注意

  • 安裝Windows版python.exe時,一定要以管理員模式打開並安裝,否則pip要人肉安裝,比如我
  • curl get-pip.py 時,可以在任意盤符目錄,但當前用戶一定能可以訪問到該目錄
  • 這個報錯是 pip 版本 >=7 時,使用鏡像源時,會提示源地址不受信任或不安全,需要ssl安全認證

CentOS7根目录磁盘扩容(/dev/mapper/centos-root 空间不足)

0.查看根分区大小

[[email protected] ~]# df -h
Filesystem                      Size  Used Avail Use% Mounted on
devtmpfs                         63G     0   63G   0% /dev
tmpfs                            63G     0   63G   0% /dev/shm
tmpfs                            63G  1.3G   62G   2% /run
tmpfs                            63G     0   63G   0% /sys/fs/cgroup
/dev/mapper/cl_geekthings-root   50G   38G   13G  76% /
/dev/sda1                      1014M  311M  704M  31% /boot
/dev/mapper/cl_geekthings-home  918G   12G  906G   2% /home
tmpfs                            13G   12K   13G   1% /run/user/42
tmpfs                            13G     0   13G   0% /run/user/0
overlay                          50G   38G   13G  76% /var/lib/docker/overlay2/70dffe831895bb55d79b4a8f483364a4f736637ccb2f6694f1cf82ba7ff1743d/merged

1.查看磁盘编号

[[email protected] ~]# ls /dev/sd*
/dev/sda  /dev/sda1  /dev/sda2

2.这里在vMware vCenter中新增一块硬盘(编辑->新增设备) 再次查看磁盘

[[email protected] ~]# ls /dev/sd*
/dev/sda  /dev/sda1  /dev/sda2  /dev/sdb

3.对新增硬盘进行分区, 这里新增的磁盘名称叫 /dev/sdb

[[email protected] ~]# fdisk /dev/sdb

# 输入 m, 得到帮助,可以按照提示操作进行分区了
# 因为这块硬盘只有 100G,所以我只打算分一个区,这里是需要输入 n,然后接下来都按 Enter 键,默认即可,最后输入 w 保存退出
[[email protected] ~]# fdisk /dev/sdb
Welcome to fdisk (util-linux 2.23.2).

Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.

Command (m for help): m
Command action
   a   toggle a bootable flag
   b   edit bsd disklabel
   c   toggle the dos compatibility flag
   d   delete a partition
   g   create a new empty GPT partition table
   G   create an IRIX (SGI) partition table
   l   list known partition types
   m   print this menu
   n   add a new partition
   o   create a new empty DOS partition table
   p   print the partition table
   q   quit without saving changes
   s   create a new empty Sun disklabel
   t   change a partition's system id
   u   change display/entry units
   v   verify the partition table
   w   write table to disk and exit
   x   extra functionality (experts only)

4.将分区后的磁盘格式化成xfs类型

[[email protected] ~]# mkfs.xfs /dev/sdb1

5.创建pv

[[email protected] ~]# pvcreate /dev/sdb1
  Physical volume "/dev/sdb1" successfully created.

6.查看vg组

[[email protected] ~]# vgs
  VG            #PV #LV #SN Attr   VSize    VFree
  cl_geekthings   1   3   0 wz--n- <999.00g 4.00m

7.扩展vg

[[email protected] ~]# vgextend cl_geekthings /dev/sdb1
  Volume group "cl_geekthings" successfully extended

[[email protected] ~]# vgs
  VG            #PV #LV #SN Attr   VSize VFree  
  cl_geekthings   2   3   0 wz--n- 1.17t 200.00g

8.扩展lv

[[email protected] ~]# lvextend -L +200G /dev/mapper/cl_geekthings-root
  Size of logical volume cl_geekthings/root changed from 50.00 GiB (12800 extents) to 250.00 GiB (64000 extents).
  Logical volume cl_geekthings/root successfully resized.

9.系统重新读取大小

[[email protected] ~]# xfs_growfs /dev/mapper/cl_geekthings-root
meta-data=/dev/mapper/cl_geekthings-root isize=512    agcount=4, agsize=3276800 blks
         =                       sectsz=512   attr=2, projid32bit=1
         =                       crc=1        finobt=0 spinodes=0
data     =                       bsize=4096   blocks=13107200, imaxpct=25
         =                       sunit=0      swidth=0 blks
naming   =version 2              bsize=4096   ascii-ci=0 ftype=1
log      =internal               bsize=4096   blocks=6400, version=2
         =                       sectsz=512   sunit=0 blks, lazy-count=1
realtime =none                   extsz=4096   blocks=0, rtextents=0
data blocks changed from 13107200 to 65536000

10.查看扩容是否成功

[[email protected] ~]# df -h
Filesystem                      Size  Used Avail Use% Mounted on
devtmpfs                         63G     0   63G   0% /dev
tmpfs                            63G     0   63G   0% /dev/shm
tmpfs                            63G  1.3G   62G   2% /run
tmpfs                            63G     0   63G   0% /sys/fs/cgroup
/dev/mapper/cl_geekthings-root  250G   38G  213G  16% /
/dev/sda1                      1014M  311M  704M  31% /boot
/dev/mapper/cl_geekthings-home  918G   12G  906G   2% /home
tmpfs                            13G   12K   13G   1% /run/user/42
tmpfs                            13G     0   13G   0% /run/user/0
overlay                         250G   38G  213G  16% /var/lib/docker/overlay2/70dffe831895bb55d79b4a8f483364a4f736637ccb2f6694f1cf82ba7ff1743d/merged
[[email protected] ~]# lsblk
NAME                   MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
sda                      8:0    0  1000G  0 disk 
├─sda1                   8:1    0     1G  0 part /boot
└─sda2                   8:2    0   999G  0 part 
  ├─cl_geekthings-root 253:0    0   250G  0 lvm  /
  ├─cl_geekthings-swap 253:1    0  31.5G  0 lvm  
  └─cl_geekthings-home 253:2    0 917.5G  0 lvm  /home
sdb                      8:16   0   200G  0 disk 
└─cl_geekthings-root   253:0    0   250G  0 lvm  /
sr0                     11:0    1   4.1G  0 rom