jiazhizhong/LiteOps
1
0
Fork 0
mirror of https://github.com/opsre/LiteOps.git synced 2026-02-10 00:53:13 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
dev
LiteOps/ci-entrypoint-dind.sh
hukdoesn 1bb6f0b9a8 first commit
2025-06-12 16:48:37 +08:00

140 lines
3.7 KiB
Bash
Raw Permalink Blame History

#!/usr/bin/env bash
set -euo pipefail
# =============================================================================
# Docker in Docker (DinD) 启动脚本 - 轻量级CI/CD版本
# =============================================================================
echo "🐳 启动 Docker in Docker 环境..."
# 检查是否在特权模式下运行
if [ ! -w /sys/fs/cgroup ]; then
echo "❌ 错误: 容器必须在特权模式下运行才能使用 Docker in Docker"
echo "请使用 --privileged 参数启动容器"
exit 1
fi
# 确保必要的内核模块和设备
modprobe overlay 2>/dev/null || true
modprobe br_netfilter 2>/dev/null || true
# 创建必要的设备节点
if [ ! -e /dev/fuse ]; then
mknod /dev/fuse c 10 229 2>/dev/null || true
fi
# 创建必要的目录
mkdir -p /var/lib/docker
mkdir -p /var/run/docker
mkdir -p /etc/docker
# 配置轻量级Docker daemon - 使用vfs存储驱动确保兼容性
cat > /etc/docker/daemon.json << 'EOF'
{
"storage-driver": "vfs",
"log-driver": "json-file",
"log-opts": {
"max-size": "10m",
"max-file": "2"
},
"registry-mirrors": [
"https://mirrors.aliyun.com/docker-hub",
"https://docker.mirrors.ustc.edu.cn",
"https://hub-mirror.c.163.com"
],
"insecure-registries": [],
"exec-opt": ["native.cgroupdriver=cgroupfs"],
"max-concurrent-downloads": 3,
"max-concurrent-uploads": 3
}
EOF
# 启动轻量级Docker daemon
echo "🚀 启动 Docker daemon (轻量级CI/CD模式)..."
# 清理可能存在的旧进程
pkill dockerd 2>/dev/null || true
rm -f /var/run/docker.sock /var/run/docker.pid 2>/dev/null || true
# 启动dockerd
dockerd \
--host=unix:///var/run/docker.sock \
--userland-proxy=false \
--experimental=false \
--live-restore=false \
--iptables=false \
--ip-forward=false \
--pidfile=/var/run/docker.pid \
--tls=false \
--log-level=warn &
# 记录dockerd进程ID
DOCKERD_PID=$!
# 等待Docker daemon启动
echo "⏳ 等待 Docker daemon 启动..."
timeout=60
while [ $timeout -gt 0 ]; do
# 检查socket文件是否存在
if [ -S /var/run/docker.sock ]; then
# 尝试连接Docker daemon
if docker version >/dev/null 2>&1; then
echo "✅ Docker daemon 启动成功"
break
fi
fi
# 检查dockerd进程是否还在运行
if ! kill -0 $DOCKERD_PID 2>/dev/null; then
echo "❌ Docker daemon 进程意外退出"
echo "检查最近的错误日志:"
dmesg | tail -5 2>/dev/null || echo "无法获取系统日志"
exit 1
fi
sleep 1
timeout=$((timeout - 1))
done
if [ $timeout -eq 0 ]; then
echo "❌ Docker daemon 启动超时"
echo "检查dockerd进程状态:"
ps aux | grep dockerd || true
echo "检查socket文件:"
ls -la /var/run/docker.sock 2>/dev/null || echo "socket文件不存在"
exit 1
fi
# 简单验证Docker功能
echo "🔍 验证 Docker 功能..."
DOCKER_VERSION=$(docker version --format '{{.Server.Version}}' 2>/dev/null)
if [ $? -eq 0 ]; then
echo "✅ Docker daemon 版本: $DOCKER_VERSION"
echo "✅ 存储驱动: $(docker info --format '{{.Driver}}' 2>/dev/null || echo 'unknown')"
else
echo "❌ Docker daemon 验证失败"
exit 1
fi
# 设置环境变量
export DOCKER_HOST=unix:///var/run/docker.sock
export DOCKER_BUILDKIT=1
echo "🎉 Docker in Docker 环境启动完成 (轻量级CI/CD模式)"
# 设置清理函数
cleanup() {
echo "🧹 清理 Docker daemon..."
if [ -n "$DOCKERD_PID" ] && kill -0 $DOCKERD_PID 2>/dev/null; then
kill $DOCKERD_PID
wait $DOCKERD_PID 2>/dev/null || true
fi
exit 0
}
# 注册信号处理
trap cleanup SIGTERM SIGINT
# 执行传入的命令
exec "$@"
Reference in New Issue View Git Blame Copy Permalink