设定对/dev/sda盘的写入速度为10M/s左右
[root@foundation17 ~]# docker run --rm -it --device-write-bps /dev/sda:10M ubuntu #设定
root@2f8dadc17d9a:/# dd if=/dev/zero of=testfile bs=1M count=100 oflag=direct #测试
100+0 records in
100+0 records out
104857600 bytes (105 MB) copied, 9.95449 s, 10.5 MB/s #写入速度为10M/s左右
root@2f8dadc17d9a:/#
新建一个容器并后台运行:
[root@foundation17 ~]# docker run -d --name vm1 nginx
326dda95694ec3177c76704e5d0ec627674609253adcc8072701888280069127
pause:将服务暂停:
[root@foundation17 ~]# docker container pause vm1
vm1
[root@foundation17 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
326dda95694e nginx "nginx -g 'daemon ..." 2 minutes ago Up 2 minutes (Paused) 80/tcp vm1
关于容器的信息还在:
[root@foundation17 ~]# docker inspect vm1 |grep IPA
"SecondaryIPAddresses": null,
"IPAddress": "172.17.0.2",
"IPAMConfig": null,
"IPAddress": "172.17.0.2",
在网络里还能看到vm所使用的网卡设备:
[root@foundation17 ~]# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.0021ccc0dde7 no enp0s25
vnet0
docker0 8000.0242d0ace07f no vethe36f908
virbr0 8000.525400e4b96a yes virbr0-nic
virbr1 8000.5254009c941e yes virbr1-nic
stop:将服务停掉:
先解除暂停然后停掉服务:
[root@foundation17 ~]# docker container unpause vm1
vm1
[root@foundation17 ~]# docker stop vm1
vm1
[root@foundation17 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
326dda95694e nginx "nginx -g 'daemon ..." 6 minutes ago Exited (0) 5 seconds ago vm1
可以看到容器stop后,ps -a查看到的状态是exited表示退出,所以也就无法查看出关于这个容器的信息了(null表示没有信息):
[root@foundation17 ~]# docker inspect vm1 |grep IPA
"SecondaryIPAddresses": null,
"IPAddress": "",
"IPAMConfig": null,
"IPAddress": "",
同样也无法看到网卡设备:
[root@foundation17 ~]# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.0021ccc0dde7 no enp0s25
vnet0
docker0 8000.0242d0ace07f no
virbr0 8000.525400e4b96a yes virbr0-nic
virbr1 8000.5254009c941e yes virbr1-nic
同样也可以重新开启:
[root@foundation17 ~]# docker start vm1
vm1
[root@foundation17 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
326dda95694e nginx "nginx -g 'daemon ..." 13 minutes ago Up 4 seconds 80/tcp vm1
[root@foundation17 ~]# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.0021ccc0dde7 no enp0s25
vnet0
docker0 8000.0242d0ace07f no vethd8c6f03
virbr0 8000.525400e4b96a yes virbr0-nic
virbr1 8000.5254009c941e yes virbr1-nic
总结:
pause是服务的暂停,同时保留服务的信息和网卡设备,stop是停掉服务,不保留服务信息和网卡设备。
开启一个虚拟机并安装libcgroup并开启服务:
安装后会在根目录下生成一个目录cgroup,但是是空的。开启服务之后会建立相关的目录
[root@server4 ~]# yum install libcgroup -y
[root@server4 ~]# cd /cgroup/
[root@server4 cgroup]# /etc/init.d/cgconfig start
Starting cgconfig service: [ OK ]
[root@server4 cgroup]# ls
blkio cpu cpuacct cpuset devices freezer memory net_cls
在memory目录下会有限定内存的参数:
和限定swap缓冲区的参数:
编辑配置文件写入对两个参数的限定为200M:
[root@server4 memory]# vim /etc/cgconfig.conf
设定:
28 group x1 {
29 memory {
30 memory.limit_in_bytes = 209715200;
31 memory.memsw.limit_in_bytes = 209715200;
32 }
33
34 }
之后重启服务:需要注意的是重启服务的时候不要处在/cgroup/memory目录下,否则会重启失败。
[root@server4 shm]# /etc/init.d/cgconfig restart
Stopping cgconfig service: [ OK ]
Starting cgconfig service: [ OK ]
测试:
当前系统内存情况:
[root@server4 shm]# free -m
total used free shared buffers cached
Mem: 996 284 712 0 38 164
-/+ buffers/cache: 80 915
Swap: 991 0 991
写入大于200M的文件,进程将会被直接kill掉:
[root@server4 cgroup]# cd /dev/shm/
[root@server4 shm]# cgexec -g memory:x1 dd if=/dev/zero of=file1 bs=1M count=300
Killed
[root@server4 shm]# rm -f file1
[root@server4 shm]# cgexec -g memory:x1 dd if=/dev/zero of=file1 bs=1M count=200
Killed
小于200M会成功写入:
[root@server4 shm]# rm -f file1
[root@server4 shm]# ls
[root@server4 shm]# cgexec -g memory:x1 dd if=/dev/zero of=file1 bs=1M count=190
190+0 records in
190+0 records out
199229440 bytes (199 MB) copied, 0.0752932 s, 2.6 GB/s