Explain the function of static keyword and final keyword in Java in detail>>> 
When the client version of docker is higher than the server version, an error will be reported:
Error response from daemon: client is newer than server (client API version: 1.24, server API version: 1.22)
At this point, just execute the following command to solve the problem:
$ docker-machine upgrade
Explain the function of static keyword and final keyword in Java in detail>>> 
docker: published image problem solved: requested access to the resource is denied
Reference article:
(1) Docker: Publishing image problem solved: requested access to the resource is denied
(2) https://www.cnblogs.com/shen-qiang/p/11879320.html
Let’s make a note.
Explain the function of static keyword and final keyword in Java in detail>>> 
Problem phenomenon:
Export container snapshot through docker export:
1 docker export nginxDockerfileCopy > nginxDockerfileCopy.tarView under current operation path: generated:
Then, the exported compressed package is imported as an image through docker import
1 cat exportContainerSnapshot/nginxDockerfileCopy.tar | docker import - username/nginx-importsnapshotThe query shows that the image has been generated
Next, docker run runs the image generation container
1 docker run --name testImportSnapshot -p 8084:80 -d username/nginx-importsnapshotError:
Solution:————————
According to the prompt, you need to specify the command. So, try adding the command after docker run:
1 docker run --name nginxDockerfileCopy -p 8093:80 -d username/nginx-dockerfilecopy /bin/bashThe execution is successful and no error is reported. However, access to nginx is not available
Query the status of the container and find that it has stopped. Although the – D background execution parameter is added in the execution, it stops automatically. It seems that the/bin/bash command is not enough to start nginx
Because this is a snapshot exported from the container “nginxdockerfilecopy”, I checked the command parameter of “nginxdockerfilecopy”:
Refer to the above command and change the run command to:
docker run --name testImportSnapshot -p 8094:80 -d username/nginx-importsnapshot nginx -g 'daemon off;'At this point, view the container status:
The container is in the start state
Browser access: http://localhost : 8094/index.html to see the nginx page
Visit: http://localhost : 8094/haha.html this is the existing accessible page when exporting from the container “nginxdockerfilecopy”. It can also be accessed normally
It shows that the container snapshot is exported and imported to generate a new image, and the new image is executed to generate a container. The container has the same function as before export
What are the eight life cycle hook functions of Vue>>> 
When we want to execute Eval $(docker machine Env) to load the environment variables of the docker server, the following error appears:
Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "192.168.99.100:2376": dial tcp 192.168.99.100:2376: i/o timeout
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which will stop running containers.
According to the prompt, we execute docker machine regional certs , this prompt:
Regenerate TLS machine certs? Warning: this is irreversible. (y/n): y
Regenerating TLS certificates
Waiting for SSH to be available...
Detecting the provisioner...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...
This machine has been allocated an IP address, but Docker Machine could not
reach it successfully.
SSH for the machine should still work, but connecting to exposed ports, such as
the Docker daemon port (usually <ip>:2376), may not work properly.
You may need to add the route manually, or use another related workaround.
This could be due to a VPN, proxy, or host file configuration issue.
You also might want to clear any VirtualBox host only interfaces you are not using.
It still doesn’t seem to work. It still can’t connect to the server. Can the server be connected?You can use docker machine SSH ! Let’s restart docker machine restart to try. Still not
What should we do?After a search, many people have had this problem, and the situation is basically the same as mine – the network segment of the docker server (virtual machine) overlaps with that of other network cards, resulting in the failure to connect
In my case, the network segment of the home router overlaps with the default network segment used in docker machine create , so every time I go home and return to the company, I will find that the docker is useless. At first, I can only delete and rebuild the virtual machine. Later, I found the following three solutions:
Turn off TLS check. Not recommended
Specify other network segments when creating virtual machine: docker machine create - D VirtualBox -- VirtualBox hostonly CIDR "192.168.90.1/24" default
Modify the network segments of other network cards, delete the network card used by docker virtual machine, and then execute docker machine start , which will rebuild the network card
What are the eight life cycle hook functions of Vue>>> 
1. The installed docker CE could not be started with the following error:
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
Active: failed (Result: start-limit) since Thu 2019-11-14 16:43:57 CST; 3min 56s ago
Docs: https://docs.docker.com
Process: 13443 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock (code=exited, status=1/FAILURE)
Main PID: 13443 (code=exited, status=1/FAILURE)
Nov 14 16:43:55 -prometheus systemd[1]: Failed to start Docker Application Container Engine.
Nov 14 16:43:55 -prometheus systemd[1]: Unit docker.service entered failed state.
Nov 14 16:43:55 -prometheus systemd[1]: docker.service failed.
Nov 14 16:43:57 -prometheus systemd[1]: docker.service holdoff time over, scheduling restart.
Nov 14 16:43:57 -prometheus systemd[1]: Stopped Docker Application Container Engine.
Nov 14 16:43:57 -prometheus systemd[1]: start request repeated too quickly for docker.service
Nov 14 16:43:57 -prometheus systemd[1]: Failed to start Docker Application Container Engine.
Nov 14 16:43:57 -prometheus systemd[1]: Unit docker.service entered failed state.
Nov 14 16:43:57 -prometheus systemd[1]: docker.service failed.
$ journalctl -u docker
-- Logs begin at Fri 2019-11-01 16:28:57 CST, end at Thu 2019-11-14 16:41:19 CST. --
Nov 01 17:00:01 -prometheus systemd[1]: Starting Docker Application Container Engine...
Nov 01 17:00:01 -prometheus dockerd-current[29502]: time="2019-11-01T17:00:01.699229572+08:00" level=warning msg="could not change group /var/run/docker.sock to docker: group docker not found"
Nov 01 17:00:01 -prometheus dockerd-current[29502]: time="2019-11-01T17:00:01.700052946+08:00" level=info msg="libcontainerd: new containerd process, pid: 29518"
Nov 01 17:00:02 -prometheus dockerd-current[29502]: time="2019-11-01T17:00:02.715734090+08:00" level=warning msg="Docker could not enable SELinux on the host system"
Nov 01 17:00:02 -prometheus dockerd-current[29502]: time="2019-11-01T17:00:02.719846089+08:00" level=info msg="Graph migration to content-addressability took 0.00 seconds"
Nov 01 17:00:02 -prometheus dockerd-current[29502]: time="2019-11-01T17:00:02.720276520+08:00" level=warning msg="Your kernel does not support cgroup memory limit"
Nov 01 17:00:02 -prometheus dockerd-current[29502]: time="2019-11-01T17:00:02.720295761+08:00" level=warning msg="Unable to find cpu cgroup in mounts"
Nov 01 17:00:02 -prometheus dockerd-current[29502]: time="2019-11-01T17:00:02.720306020+08:00" level=warning msg="Unable to find blkio cgroup in mounts"
Nov 01 17:00:02 -prometheus dockerd-current[29502]: time="2019-11-01T17:00:02.720315836+08:00" level=warning msg="Unable to find cpuset cgroup in mounts"
Nov 01 17:00:02 -prometheus dockerd-current[29502]: time="2019-11-01T17:00:02.720481288+08:00" level=warning msg="mountpoint for pids not found"
Nov 01 17:00:02 -prometheus dockerd-current[29502]: Error starting daemon: Devices cgroup isn't mounted
Nov 01 17:00:02 -prometheus systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE
Nov 01 17:00:02 -prometheus systemd[1]: Failed to start Docker Application Container Engine.
Nov 01 17:00:02 -prometheus systemd[1]: Unit docker.service entered failed state.
Nov 01 17:00:02 -prometheus systemd[1]: docker.service failed.
Through the log, it is found that: error starting daemon: devices CGroup isn’t mounted, that is to say, CGroup is not mounted and can’t work
2. Solutions:
Just execute the script found in GitHub
#!/bin/sh
# Copyright 2011 Canonical, Inc
# 2014 Tianon Gravi
# Author: Serge Hallyn <[email protected]>
# Tianon Gravi <[email protected]>
set -e
# for simplicity this script provides no flexibility
# if cgroup is mounted by fstab, don't run
# don't get too smart - bail on any uncommented entry with 'cgroup' in it
if grep -v '^#' /etc/fstab | grep -q cgroup; then
echo 'cgroups mounted from fstab, not mounting /sys/fs/cgroup'
exit 0
fi
# kernel provides cgroups?
if [ ! -e /proc/cgroups ]; then
exit 0
fi
# if we don't even have the directory we need, something else must be wrong
if [ ! -d /sys/fs/cgroup ]; then
exit 0
fi
# mount /sys/fs/cgroup if not already done
if ! mountpoint -q /sys/fs/cgroup; then
mount -t tmpfs -o uid=0,gid=0,mode=0755 cgroup /sys/fs/cgroup
fi
cd /sys/fs/cgroup
# get/mount list of enabled cgroup controllers
for sys in $(awk '!/^#/ { if ($4 == 1) print $1 }' /proc/cgroups); do
mkdir -p $sys
if ! mountpoint -q $sys; then
if ! mount -n -t cgroup -o $sys cgroup $sys; then
rmdir $sys || true
fi
fi
done
# example /proc/cgroups:
# #subsys_name hierarchy num_cgroups enabled
# cpuset 2 3 1
# cpu 3 3 1
# cpuacct 4 3 1
# memory 5 3 0
# devices 6 3 1
# freezer 7 3 1
# blkio 8 3 1
exit 0error:
[root@localhost localdisk]# systemctl restart docker
Job for docker.service failed because the control process exited with error code. See “systemctl status docker.service” and “journalctl -xe” for details.
[root@localhost localdisk]# systemctl status docker
docker.service – Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since 日 2019-05-19 17:15:19 CST; 6s ago
Docs: http://docs.docker.com
Process: 13393 ExecStart=/usr/bin/dockerd-current –add-runtime docker-runc=/usr/libexec/docker/docker-runc-current –default-runtime=docker-runc –exec-opt native.cgroupdriver=systemd –userland-proxy-path=/usr/libexec/docker/docker-proxy-current –init-path=/usr/libexec/docker/docker-init-current –seccomp-profile=/etc/docker/seccomp.json –graph=/localdisk/docker –storage-driver=overlay –registry-mirror=https://docker.mirrors.ustc.edu.cn $OPTIONS $DOCKER_STORAGE_OPTIONS $DOCKER_NETWORK_OPTIONS $ADD_REGISTRY $BLOCK_REGISTRY $INSECURE_REGISTRY $REGISTRIES (code=exited, status=1/FAILURE)
Main PID: 13393 (code=exited, status=1/FAILURE)
May 19 17:15:19 localhost.localdomain systemd[1]: Starting Docker Application Container Engine…
May 19 17:15:19 localhost.localdomain dockerd-current[13393]: unable to configure the Docker daemon with file /etc/docker/daemon.json: the following direc…edu.cn])
May 19 17:15:19 localhost.localdomain systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE
May 19 17:15:19 localhost.localdomain systemd[1]: Failed to start Docker Application Container Engine.
May 19 17:15:19 localhost.localdomain systemd[1]: Unit docker.service entered failed state.
May 19 17:15:19 localhost.localdomain systemd[1]: docker.service failed.
Hint: Some lines were ellipsized, use -l to show in full.
{
“registry-mirrors”: [“https://docker.mirrors.ustc.edu.cn“]
}
systemctl daemon-reload
systemctl restart docker
The effect is as follows.
Friends who have just contacted docker may encounter such a problem. After creating a container with centos7 image, they use systemctl to start the service and report an error. For this error report, we will analyze it next
Failed to get D-Bus connection: Operation not permitted
Can’t start the service, what’s the situation
Can’t the container run the service
A:
The design concept of docker is that there is no background service running in the container. The container itself is an independent main process on the host, which can also be indirectly understood as the application process running the service in the container. The life cycle of a container exists around the main process, so the correct way to use the container is to run the service in the foreground
As for SYSTEMd, this suite has become the default service management of mainstream Linux distributions (such as centos7 and Ubuntu 14 +), replacing the traditional system V style service management. SYSTEMd maintains system services, which require privileges to access the Linux kernel. And the container is not a complete operating system, only a file system, and the default boot is only ordinary users such permissions to access the Linux kernel, that is, there is no privilege, so naturally it can not be used
Therefore, please follow the container design principles, a container to run a front desk service
I just want to run like this, can’t I solve it
A: Yes, run the container in privileged mode
Create container:
Enter the container:
In this way, you can use systemctl to start the service
After chopping hands, the fraud call came before the express delivery was received. How to improve the privacy and security of e-commerce>>> 
The reason for the problem is that DBUS daemon failed to start
Solution: start docker with the following command
docker run –cap-add=SYS_ ADMIN -ti -e “container=docker” -v /sys/fs/cgroup:/sys/fs/cgroup fedora21 /usr/sbin/init
docker exec -it [ContainerID] /bin/bash
System environment: Windows 10 education 64 bit
Docker version: 17.12.0-ce
The installation of docker for windows.exe is successful. When the docker is started again, the following error message will pop up:
Hardware assisted virtualization and data execution protection must be enabled in the BIOS.
See https://docs.docker.com/docker-for-windows/troubleshoot/#virtualization -must-be-enable
The following error is reported by using the docker login command:
Docker in win10 is based on win10’s own virtual machine Hyper-V operation. Before installation, make sure that CPU virtualization has been turned on in BIOS, otherwise the above error will be reported at the initial startup after installation
Click “task manager” – & gt“ Performance “to see if virtualization is turned on. The following figure shows that native virtualization is disabled and needs to be enabled
Enter BIOS & gt> Intel Virtual Technology> Enabled, press F10 to save the settings. After entering the system, check again that virtualization is on
Docker started successfully
background
Accidentally found that there are many images on the server, taking up a lot of space, want to clean it up
results delete directly and report an error
docker rmi 8f5116cbc201
Error response from daemon: conflict: unable to delete 8f5116cbc201 (cannot be forced) - image has dependent child imagesThen, there are two main methods of online demand
Method 1: forcibly delete the image
docker rmi -f 8f5116cbc201
Error response from daemon: conflict: unable to delete 8f5116cbc201 (cannot be forced) - image has dependent child imagesEnd in failure
Method 2: Bulk delete containers, then delete the image
# Stop all containers
docker ps -a | grep "Exited" | awk '{print $1 }'|xargs docker stop
# Delete all containers
docker ps -a | grep "Exited" | awk '{print $1 }'|xargs docker rm
# Delete all none images
docker images|grep none|awk '{print $3 }'|xargs docker rmiOr end in failure
after searching for a long time, it is found that the problem is due to tag, that is, there are other images from this image. You can use the following command to list the parent images of all images created after the specified image
query dependency first
docker image inspect — format = ‘{. Repotags} {. ID} {. Parent}’ $(docker image LS – Q — filter since = XXX) # XXX refers to the image ID
and then delete the container according to tag
docker rm REPOSITORY:TAG
Docker none image
Effective none image
the composition of docker file system, docker image is composed of many layers, each layer has a parent-child relationship, all docker file system layers are stored in/var/lib/docker/graph directory by default, docker is called layer database
Finally, make a summary < none>:< none> Image is a kind of intermediate image. We can use docker images – A to see that they will not cause the problem of hard disk space occupation (because this is the parent layer of the image and must exist), but it will confuse our judgment
Invalid none image
Another type of < none>:< none> Images are dangling images, which can cause disk space occupation problems
Programming languages like Java and golang have a memory area that is not associated with any code. The garbage collection system of these languages first reclaims the space of this area and returns it to the heap memory, so this memory area is useful for later memory allocation
Docker’s dangling file system is similar to the above principle. It is not used and will not be associated with any images. Therefore, we need a mechanism to clean up these dangling images
We have mentioned effective < none> Mirror image, they are a kind of middle layer, which is invalid < none> How does the mirror image appear? These dangling images are mainly generated by triggering the docker build and docker pull commands
Use the following command to clean up
docker RMI $(docker images – F “dangling = true” – Q)
docker does not have an automatic garbage collection mechanism, which may be improved in the future, but at present we can only clean it manually (just write a script)