warden -- 资源隔离和管理。下面我将简单说一下,如何从头开始安装。
本文假设你对 Ruby 不熟悉!
首先请安装 ruby, 推荐使用 rvm ...
建议安装教程:https://rvm.io/rvm/install/ 请耐心点自己阅读,并安装。(因为种种原因,不保证能成功) -- PS: 你也可以网上找中文教程,能成功就行。ruby 1.9.2 & 1.9.3 差别不大,都可安装。
安装 bundle, 运行 gem install bundler
=== ==== ====
好了,刚才是准备工作,现在开始安装 warden
1. git clone git://github.com/cloudfoundry/warden.git
2. 进入 warden 的子目录 warden (名字相同,别奇怪,有 Gemfile 文件的这目录)
3. 执行 bundle
4. 按照README, 执行 sudo apt-get install -y linux-image-generic-lts-backport-natty
sudo apt-get install -y build-essential debootstrap
5. 设置 warden, 执行(这一步可简写 rake setup[config/linux.yml] ,不成功再用下面的)sudo bundle exec rake setup[config/linux.yml]
这一步,请特别注意最后的输出应该和这差不多。
Setting up build-essential (11.4build1) ...
Processing triggers for libc-bin ...
ldconfig deferred processing now taking place
在这之后,你可以在 /tmp/warden 目录下找到 [containers 和 rootfs],前者为空,后者为刚才安装过程中生成的虚拟机
6. 执行(这一步可简写 rake warden:start[config/linux.yml] ,不成功再用下面的)sudo bundle exec rake warden:start[config/linux.yml]
b/warden/container/spawn.rb","lineno":121,"method":"set_deferred_success"}
{"timestamp":1350281577.2832768,"message":"Listening on /tmp/warden.sock, and ready for action.","log_level":"info","source":"Warden::Server","data":{},"thread_id":15005340,"fiber_id":23490560,"process_id":23434,"file":"/root/warden/warden/lib/warden/server.rb","lineno":277,"method":"block (2 levels) in run!"} 结果,这不是错误!
但这里有个坑,普遍存在,请看:
root@ubuntu-03:/home/wardener/warden/warden# rake warden:start[config/linux.yml]
{"timestamp":1349851024.4173303,"message":"rlimit_nofile: 1024 => 32768","log_level":"debug","source":"Warden::Server","data":{},"thread_id":14814280,"fiber_id":24325740,"process_id":12823,"file":"/home/wardener/warden/warden/lib/warden/server.rb","lineno":238,"method":"run!"}
{"timestamp":1349851024.4284155,"message":"Exited with status 1 (0.007s): [[\"/home/wardener/warden/warden/root/linux/setup.sh\", \"/home/wardener/warden/warden/root/linux/setup.sh\"]]","log_level":"warn","source":"Warden::Container::Spawn::DeferredChild","data":{},"thread_id":14814280,"fiber_id":24325740,"process_id":12823,"file":"/home/wardener/warden/warden/lib/warden/container/spawn.rb","lineno":117,"method":"set_deferred_success"}
{"timestamp":1349851024.4286866,"message":"Stdout: /sys/fs/cgroup does not exist...\n","log_level":"warn","source":"Warden::Container::Spawn::DeferredChild","data":{},"thread_id":14814280,"fiber_id":24325740,"process_id":12823,"file":"/home/wardener/warden/warden/lib/warden/container/spawn.rb","lineno":118,"method":"set_deferred_success"}
{"timestamp":1349851024.4290073,"message":"Stderr: ","log_level":"warn","source":"Warden::Container::Spawn::DeferredChild","data":{},"thread_id":14814280,"fiber_id":24325740,"process_id":12823,"file":"/home/wardener/warden/warden/lib/warden/container/spawn.rb","lineno":119,"method":"set_deferred_success"}
rake aborted!
command exited with failure
出错! .. .. 运行到这:https://github.com/cloudfoundry/warden/blob/master/warden/root/linux/setup.sh#L25
错误是: /sys/fs/cgroup: No such file or directory (在virtualBox创建的ubuntu 10.04同样没有此目录)
我的物理主机上cgroup目录有:
blkio cpu cpuacct cpuset devices freezer memory perf_event
在我用virtualBox创建的ubuntu 12.04机子上,有该目录,但为空目录。
---- --- ---
阅读源代码 -- 该 setup.sh 文件主要是设置 cgroup, 还有就是挂载 mount
再就是运行同目录下的 net.sh -- 主要用 iptables 设置网络
--- --- ----
我们已经知道报错在哪了,但现在问题还没能解决。
先看看源代码,了解下一步将要做的事情是???
if drained # 目前已知为 false
recover_containers
end
FileUtils.rm_f(unix_domain_path) # 删除 /tmp/warden.sock
server = ::EM.start_unix_domain_server(unix_domain_path, ClientConnection) # 重建服务对象
@drainer = Drainer.new(server) #@server, @connection, @state, on_complete_callbacks = server, Set.new, State::INACTIVE, []
@drainer.on_complete do # @on_complete_callbacks << blk; run_machine
Fiber.new do
logger.info("Drain complete")
# Serialize container state
container_klass.registry.each { |_, c| c.write_snapshot }
# Write out sentinel so we know to recover on next startup
write_drained_sentinel
EM.stop
end.resume
end
Signal.trap("USR2") { @drainer.drain }
# 除非有权限,否则阻塞。This is intentionally blocking. We do not want to start accepting
# connections before permissions have been set on the socket.
FileUtils.chmod(unix_domain_permissions, unix_domain_path)
# Let the world know Warden is ready for action.
logger.info("Listening on #{unix_domain_path}, and ready for action.")
解决办法:
1. 将container/features/cgroup.rb下的"/sys/fs/cgroup"改为"/mnt/cgroup" # 该文件在 这里
2. 同理,将root/linux/setup.sh下的"sys/fs/cgroup"改为"/mnt/cgroup" # 该文件在 这里
若是没有 "/mnt/cgroup" 这个目录,你可以自己创建。(这和cgroup有关,路径不对而矣,别大惊小怪)
再跑一遍配置及启动~~~~(如果你比较倒霉,还是报错。请先执行 :sudo apt-get install cgroup-bin 然后重启,再进行!
8. 打开另一终端,执行 bundle exec bin/warden-repl
root@ubuntu-03:/home/wardener/warden/warden# bin/warden-repl
warden> help
ping - ping warden
create [OPTION OPTION ...] - create container, optionally pass options.
destroy <handle> - shutdown container <handle>
stop <handle> - stop all processes in <handle>
spawn <handle> cmd - spawns cmd inside container <handle>, returns #jobid
link <handle> #jobid - do blocking read on results from #jobid
stream <handle> #jobid - do blocking stream on results from #jobid
run <handle> cmd - short hand for stream(spawn(cmd)) i.e. spawns cmd, streams the result
list - list containers
info <handle> - show metadata for container <handle>
limit <handle> mem [<value>] - set or get the memory limit for the container (in bytes)
limit <handle> bandwidth <rate> <bandwidth> - set the bandwidth limit for the container <rate> is the maxium transfer rate for both outbound and inbound(in bytes/sec) <burst> is the burst size(in bytes)
net <handle> #in - forward port #in on external interface to container <handle>
net <handle> #out <address[/mask][:port]> - allow traffic from the container <handle> to address <address>
copy <handle> <in|out> <src path> <dst path> [ownership opts] - Copy files/directories in and out of the container
help - show help message
---
The OPTION argument for `create` can be one of:
* bind_mount:HOST_PATH,CONTAINER_PATH,ro|rw
e.g. create bind_mount:/tmp/,/home/vcap/tmp,ro
* grace_time:SECONDS
e.g. create grace_time:300
Please see README.md for more details.
warden>
本文到此,结束.
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
