예배 규칙서 찾다
Compose About versions and upgrading (Compose) ASP.NET Core + SQL Server on Linux (Compose) CLI environment variables (Compose) Command-line completion (Compose) Compose(组成) Compose command-line reference(组合命令行参考) Control startup order (Compose) Django and PostgreSQL (Compose) Docker stacks and distributed application bundles (Compose) docker-compose build(docker-compose构建) docker-compose bundle docker-compose config docker-compose create docker-compose down docker-compose events docker-compose exec docker-compose help docker-compose images docker-compose kill docker-compose logs docker-compose pause docker-compose port docker-compose ps docker-compose pull docker-compose push docker-compose restart docker-compose rm docker-compose run docker-compose scale docker-compose start docker-compose stop docker-compose top docker-compose unpause docker-compose up Environment file (Compose) Environment variables in Compose Extend services in Compose Frequently asked questions (Compose) Getting started (Compose) Install Compose Link environment variables (deprecated) (Compose) Networking in Compose Overview of Docker Compose Overview of docker-compose CLI Quickstart: Compose and WordPress Rails and PostgreSQL (Compose) Sample apps with Compose Using Compose in production Using Compose with Swarm Engine .NET Core application (Engine) About images, containers, and storage drivers (Engine) Add nodes to the swarm (Engine) Apply custom metadata (Engine) Apply rolling updates (Engine) apt-cacher-ng Best practices for writing Dockerfiles (Engine) Binaries (Engine) Bind container ports to the host (Engine) Breaking changes (Engine) Build your own bridge (Engine) Configure container DNS (Engine) Configure container DNS in user-defined networks (Engine) CouchDB (Engine) Create a base image (Engine) Create a swarm (Engine) Customize the docker0 bridge (Engine) Debian (Engine) Default bridge network Delete the service (Engine) Deploy a service (Engine) Deploy services to a swarm (Engine) Deprecated Engine features Docker container networking (Engine) Docker overview (Engine) Docker run reference (Engine) Dockerfile reference (Engine) Dockerize an application Drain a node (Engine) Engine FAQ (Engine) Fedora (Engine) Get started (Engine) Get started with macvlan network driver (Engine) Get started with multi-host networking (Engine) How nodes work (Engine) How services work (Engine) Image management (Engine) Inspect the service (Engine) Install Docker (Engine) IPv6 with Docker (Engine) Join nodes to a swarm (Engine) Legacy container links (Engine) Lock your swarm (Engine) Manage nodes in a swarm (Engine) Manage sensitive data with Docker secrets (Engine) Manage swarm security with PKI (Engine) Manage swarm service networks (Engine) Migrate to Engine 1.10 Optional Linux post-installation steps (Engine) Overview (Engine) PostgreSQL (Engine) Raft consensus in swarm mode (Engine) Riak (Engine) Run Docker Engine in swarm mode Scale the service (Engine) SDKs (Engine) Select a storage driver (Engine) Set up for the tutorial (Engine) SSHd (Engine) Storage driver overview (Engine) Store service configuration data (Engine) Swarm administration guide (Engine) Swarm mode key concepts (Engine) Swarm mode overlay network security model (Engine) Swarm mode overview (Engine) Understand container communication (Engine) Use multi-stage builds (Engine) Use swarm mode routing mesh (Engine) Use the AUFS storage driver (Engine) Use the Btrfs storage driver (Engine) Use the Device mapper storage driver (Engine) Use the OverlayFS storage driver (Engine) Use the VFS storage driver (Engine) Use the ZFS storage driver (Engine) Engine: Admin Guide Amazon CloudWatch logs logging driver (Engine) Bind mounts (Engine) Collect Docker metrics with Prometheus (Engine) Configuring and running Docker (Engine) Configuring logging drivers (Engine) Control and configure Docker with systemd (Engine) ETW logging driver (Engine) Fluentd logging driver (Engine) Format command and log output (Engine) Google Cloud logging driver (Engine) Graylog Extended Format (GELF) logging driver (Engine) Journald logging driver (Engine) JSON File logging driver (Engine) Keep containers alive during daemon downtime (Engine) Limit a container's resources (Engine) Link via an ambassador container (Engine) Log tags for logging driver (Engine) Logentries logging driver (Engine) PowerShell DSC usage (Engine) Prune unused Docker objects (Engine) Run multiple services in a container (Engine) Runtime metrics (Engine) Splunk logging driver (Engine) Start containers automatically (Engine) Storage overview (Engine) Syslog logging driver (Engine) tmpfs mounts Troubleshoot volume problems (Engine) Use a logging driver plugin (Engine) Using Ansible (Engine) Using Chef (Engine) Using Puppet (Engine) View a container's logs (Engine) Volumes (Engine) Engine: CLI Daemon CLI reference (dockerd) (Engine) docker docker attach docker build docker checkpoint docker checkpoint create docker checkpoint ls docker checkpoint rm docker commit docker config docker config create docker config inspect docker config ls docker config rm docker container docker container attach docker container commit docker container cp docker container create docker container diff docker container exec docker container export docker container inspect docker container kill docker container logs docker container ls docker container pause docker container port docker container prune docker container rename docker container restart docker container rm docker container run docker container start docker container stats docker container stop docker container top docker container unpause docker container update docker container wait docker cp docker create docker deploy docker diff docker events docker exec docker export docker history docker image docker image build docker image history docker image import docker image inspect docker image load docker image ls docker image prune docker image pull docker image push docker image rm docker image save docker image tag docker images docker import docker info docker inspect docker kill docker load docker login docker logout docker logs docker network docker network connect docker network create docker network disconnect docker network inspect docker network ls docker network prune docker network rm docker node docker node demote docker node inspect docker node ls docker node promote docker node ps docker node rm docker node update docker pause docker plugin docker plugin create docker plugin disable docker plugin enable docker plugin inspect docker plugin install docker plugin ls docker plugin push docker plugin rm docker plugin set docker plugin upgrade docker port docker ps docker pull docker push docker rename docker restart docker rm docker rmi docker run docker save docker search docker secret docker secret create docker secret inspect docker secret ls docker secret rm docker service docker service create docker service inspect docker service logs docker service ls docker service ps docker service rm docker service scale docker service update docker stack docker stack deploy docker stack ls docker stack ps docker stack rm docker stack services docker start docker stats docker stop docker swarm docker swarm ca docker swarm init docker swarm join docker swarm join-token docker swarm leave docker swarm unlock docker swarm unlock-key docker swarm update docker system docker system df docker system events docker system info docker system prune docker tag docker top docker unpause docker update docker version docker volume docker volume create docker volume inspect docker volume ls docker volume prune docker volume rm docker wait Use the Docker command line (Engine) Engine: Extend Access authorization plugin (Engine) Docker log driver plugins Docker network driver plugins (Engine) Extending Engine with plugins Managed plugin system (Engine) Plugin configuration (Engine) Plugins API (Engine) Volume plugins (Engine) Engine: Security AppArmor security profiles for Docker (Engine) Automation with content trust (Engine) Content trust in Docker (Engine) Delegations for content trust (Engine) Deploying Notary (Engine) Docker security (Engine) Docker security non-events (Engine) Isolate containers with a user namespace (Engine) Manage keys for content trust (Engine) Play in a content trust sandbox (Engine) Protect the Docker daemon socket (Engine) Seccomp security profiles for Docker (Engine) Secure Engine Use trusted images Using certificates for repository client verification (Engine) Engine: Tutorials Engine tutorials Network containers (Engine) Get Started Part 1: Orientation Part 2: Containers Part 3: Services Part 4: Swarms Part 5: Stacks Part 6: Deploy your app Machine Amazon Web Services (Machine) Digital Ocean (Machine) docker-machine active docker-machine config docker-machine create docker-machine env docker-machine help docker-machine inspect docker-machine ip docker-machine kill docker-machine ls docker-machine provision docker-machine regenerate-certs docker-machine restart docker-machine rm docker-machine scp docker-machine ssh docker-machine start docker-machine status docker-machine stop docker-machine upgrade docker-machine url Driver options and operating system defaults (Machine) Drivers overview (Machine) Exoscale (Machine) Generic (Machine) Get started with a local VM (Machine) Google Compute Engine (Machine) IBM Softlayer (Machine) Install Machine Machine Machine CLI overview Machine command-line completion Machine concepts and help Machine overview Microsoft Azure (Machine) Microsoft Hyper-V (Machine) Migrate from Boot2Docker to Machine OpenStack (Machine) Oracle VirtualBox (Machine) Provision AWS EC2 instances (Machine) Provision Digital Ocean Droplets (Machine) Provision hosts in the cloud (Machine) Rackspace (Machine) VMware Fusion (Machine) VMware vCloud Air (Machine) VMware vSphere (Machine) Notary Client configuration (Notary) Common Server and signer configurations (Notary) Getting started with Notary Notary changelog Notary configuration files Running a Notary service Server configuration (Notary) Signer configuration (Notary) Understand the service architecture (Notary) Use the Notary client
문자

理想情况下,只有很少的数据写入容器的可写层,并且您使用Docker卷来写入数据。但是,有些工作负载要求您能够写入容器的可写层。这是存储驱动程序进来的地方。

Docker支持多种不同的存储驱动程序,使用可插拔的架构。存储驱动程序控制图像和容器在Docker主机上的存储和管理方式。

读完存储驱动程序概述后,下一步是为工作负载选择最佳的存储驱动程序。在作出这一决定时,需要考虑三个高层次因素:

  • 如果您的内核支持多个存储驱动程序,那么假定满足该存储驱动程序的先决条件,则在没有明确配置存储驱动程序的情况下,Docker会列出要使用哪个存储驱动程序的优先级列表:

-  If `aufs` is available, default to it, because it is the oldest storage driver. However, it is not universally available.
-  If possible, the storage driver with the least amount of configuration is used, such as `btrfs` or `zfs`. Each of these relies on the backing filesystem being configured correctly.
-  Otherwise, try to use the storage driver with the best overall performance and stability in the most usual scenarios.
    -  `overlay2` is preferred, followed by `overlay`. Neither of these requires extra configuration.
    -  `devicemapper` is next, but requires `direct-lvm` for production environments, because `loopback-lvm`, while zero-configuration, has very poor performance.

选择顺序在Docker的源代码中定义。通过查看源代码,您可以看到Docker 17.03的订单。对于不同的Docker版本,请将URL更改为该版本。

  • 您的选择可能会受到Docker版本,操作系统和分发版的限制。例如,aufs仅在Ubuntu和Debian上受支持,而btrfs仅在仅支持Docker EE的SLES上受支持。请参阅每个Linux分发支持存储驱动程序

  • 某些存储驱动程序要求您为支持文件系统使用特定格式。如果您有使用特定支持文件系统的外部要求,这可能会限制您的选择。请参阅支持的支持文件系统

  • 在缩小了哪些存储驱动程序供您选择之后,您的选择将取决于您的工作负载特征和所需的稳定级别。请参阅其他注意事项以帮助作出最终决定。

每个Linux发行版支持的存储驱动

在较高级别上,您可以使用的存储驱动程序部分取决于您使用的Docker版本。

此外,Docker不建议任何需要禁用操作系统安全功能的配置,例如在CentOS上selinux使用overlayoverlay2驱动程序时需要禁用该功能。

Docker EE and CS-Engine

对于Docker EE和CS-Engine,支持存储驱动程序的权威资源是产品兼容性矩阵。为了从Docker获得商业支持,您必须使用受支持的配置。

Docker CE

对于Docker CE,只测试一些配置,并且操作系统的内核可能不支持每个存储驱动程序。通常,以下配置适用于最新版本的Linux发行版:

Linux distribution

Recommended storage drivers

Docker CE on Ubuntu

aufs, devicemapper, overlay2 (Ubuntu 14.04.4 or later, 16.04 or later), overlay, zfs, vfs

Docker CE on Debian

aufs, devicemapper, overlay2 (Debian Stretch), overlay, vfs

Docker CE on CentOS

devicemapper, vfs

Docker CE on Fedora

devicemapper, overlay2 (Fedora 26 or later, experimental), overlay (experimental), vfs

如果有疑问,最好的全面配置是使用带有支持overlay2存储驱动程序的内核的现代Linux发行版,并将Docker卷用于写入繁重的工作负载,而不是依赖将数据写入容器的可写层。

vfs存储驱动程序通常不是最好的选择。在使用vfs存储驱动程序之前,请务必阅读其性能和存储特性和限制。

非推荐存储驱动程序的预期:商业支持不适用于Docker CE,您可以在技术上使用可用于您的平台的任何存储驱动程序。例如,你可以使用btrfs使用Docker CE,尽管在任何Docker CE平台上都不推荐使用Docker CE,而且您自行承担风险。上表中的建议基于自动回归测试以及已知可用于大量用户的配置。如果您使用推荐的配置并发现可重现的问题,则可能会很快修复。如果根据此表不推荐您想使用的驱动程序,则可以自行承担风险。您可以也应该报告您遇到的任何问题。但是,这些问题的优先级低于使用推荐配置时遇到的问题。

Docker for Mac和Docker for Windows

适用于Mac的Docker和适用于Windows的Docker适用于开发而非生产。不支持在这些平台上修改存储驱动程序。

支持的备份文件系统

关于Docker,后备文件系统就是所在的文件系统/var/lib/docker/。某些存储驱动程序仅适用于特定的后备文件系统。

Storage driver

Supported backing filesystems

overlay, overlay2

ext4, xfs

aufs

ext4, xfs

devicemapper

direct-lvm

btrfs

btrfs

zfs

zfs

其他考虑

适合您的工作负载

除此之外,每个存储驱动程序都有其自身的性能特征,使其或多或少地适用于不同的工作负载。考虑下面的概括:

  • aufsoverlay并且overlay2全部在文件级而不是块级操作。这更有效地使用内存,但容器的可写层可能在写入繁重的工作负载中增长得相当大。

  • 块级存储驱动程序(如devicemapperbtrfs)和zfs更适合写入繁重的工作负载(虽然不如Docker卷)。

  • 对于许多具有许多图层或深层文件系统的小型写入或容器,overlay可能会比overlay2

  • btrfszfs需要大量的内存。

  • zfs 对于PaaS等高密度工作负载来说是一个不错的选择。

有关性能,适用性和最佳做法的更多信息,请参阅每个存储驱动程序的文档。

共享存储系统和存储驱动程序

如果您的企业使用SAN,NAS,硬件RAID或其他共享存储系统,它们可能会提供高可用性,增强的性能,精简配置,重复数据删除和压缩。在很多情况下,Docker可以在这些存储系统之上工作,但Docker并没有与它们紧密集成。

每个Docker存储驱动程序都基于Linux文件系统或卷管理器。请务必遵循现有的最佳实践,以便在共享存储系统之上操作存储驱动程序(文件系统或卷管理器)。例如,如果在共享存储系统上使用ZFS存储驱动程序,请务必遵循在特定共享存储系统之上操作ZFS文件系统的最佳实践。

稳定性

对于一些用户来说,稳定性比性能更重要。尽管Docker认为这里提到的所有存储驱动都是稳定的,但有些更新,并且仍在积极开发中。在一般情况下,aufsoverlay,和devicemapper与稳定性最高的选择。

经验和专业知识

选择一个您的组织很容易维护的存储驱动程序。例如,如果您使用RHEL或其下游分支,您可能已经有LVM和设备映射器的使用经验。如果是这样,devicemapper司机可能是最好的选择。

测试你自己的工作量

在不同的存储驱动程序上运行自己的工作负载时,您可以测试Docker的性能。确保使用等效的硬件和工作负载来匹配生产条件,以便您可以看到哪个存储驱动程序提供了最佳的整体性能。

检查并设置当前的存储驱动程序

每个单独存储驱动程序的详细文档详细介绍了使用给定存储驱动程序的所有设置步骤。这是如何更改存储驱动程序的非常高级的摘要。

重要提示:一些存储驱动器类型,如devicemapperbtrfszfs,需要额外的设定,在操作系统级别,然后才能与Docker使用它们。

要查看Docker当前使用的存储驱动程序,请使用docker info以下Storage Driver行:

$ docker info

Containers: 0Images: 0Storage Driver: overlay
 Backing Filesystem: extfs<output truncated>

要设置存储驱动程序,请在daemon.json位于/etc/docker/Linux和C:\ProgramData\docker\config\Windows Server 上的文件中设置该选项。不支持更改Docker for Mac或Docker for Windows上的存储驱动程序。

如果该daemon.json文件不存在,请创建它。假设文件中没有其他设置,它应该具有以下内容:

{  "storage-driver": "devicemapper"}

您可以指定任何有效的存储驱动程序来代替devicemapper

重新启动Docker以使更改生效。重新启动后,docker info再次运行以验证是否正在使用新的存储驱动程序。

相关信息

  • 关于图像,容器和存储驱动程序

  • aufs 存储驱动程序的实践

  • devicemapper 存储驱动程序的实践

  • overlayoverlay2实践中的存储驱动程序

  • btrfs 存储驱动程序的实践

  • zfs 存储驱动程序的实践

이전 기사: 다음 기사: