记一次docker启动nginx失败问题排查(被挖矿)

塔哥哥要学习
612 阅读3分钟

生产环境使用docker部署的Nginx突然不好用,80端口访问不了,而且使用docker重启也启动不了,故记录一下此次问题排查思路。

先贴一下重启失败日志

[root@VM_32_49_centos ~]# docker start nginx
Error response from daemon: containerd: container not started
Error: failed to start containers: nginx

不管如何启动,都会提示这个错误

  1. 重新安装镜像

  2. 安装完成之后,重新启动还是报上面的错误

  3. 重新安装docker

  4. 还是不行,重新启动还不行

  5. 察觉到不一定是docker的事,所以从系统层面查看一下。使用systemctl status docker命令运行情况

  6. [root@VM_32_49_centos ~]# systemctl status docker ● docker.service - Docker Application Container Engine Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled) Active: active (running) since Fri 2020-10-30 10:47:23 CST; 32min ago Docs: docs.docker.com Main PID: 27852 (dockerd-current) CGroup: /system.slice/docker.service ├─27852 /usr/bin/dockerd-current --add-runtime docker-runc=/usr/libexec/docker/docker-runc-current --default-runtime=docker-runc --exec-opt nativ... └─27860 /usr/bin/docker-containerd-current -l unix:///var/run/docker/libcontainerd/docker-containerd.sock --metrics-interval=0 --start-timeout 2m...

    Oct 30 10:47:23 VM_32_49_centos dockerd-current[27852]: time="2020-10-30T10:47:23.653344611+08:00" level=warning msg="failed to retrieve docker-runc...dumped)"
Oct 30 10:47:23 VM_32_49_centos dockerd-current[27852]: time="2020-10-30T10:47:23.665870748+08:00" level=info msg="Daemon has completed initialization"
Oct 30 10:47:23 VM_32_49_centos dockerd-current[27852]: time="2020-10-30T10:47:23.665921989+08:00" level=info msg="Docker daemon" commit="cccb291/1....n=1.13.1
Oct 30 10:47:23 VM_32_49_centos dockerd-current[27852]: time="2020-10-30T10:47:23.675393959+08:00" level=info msg="API listen on /var/run/docker.sock"
Oct 30 10:47:23 VM_32_49_centos systemd[1]: Started Docker Application Container Engine.
Oct 30 11:14:55 VM_32_49_centos dockerd-current[27852]: time="2020-10-30T11:14:55.104116871+08:00" level=error msg="containerd: start container" err...185a0979
Oct 30 11:14:55 VM_32_49_centos dockerd-current[27852]: time="2020-10-30T11:14:55.105097872+08:00" level=error msg="Create container failed with err...started"
Oct 30 11:14:55 VM_32_49_centos dockerd-current[27852]: time="2020-10-30T11:14:55.115406992+08:00" level=error msg="containerd: deleting container" ...): \"\""
Oct 30 11:14:55 VM_32_49_centos dockerd-current[27852]: time="2020-10-30T11:14:55.344969246+08:00" level=warning msg="ef3fbebbcd5fa945e6da16e495b8a9...rgument"
Oct 30 11:14:55 VM_32_49_centos dockerd-current[27852]: time="2020-10-30T11:14:55.345016518+08:00" level=error msg="Handler for POST /v1.26/containe...started"
Hint: Some lines were ellipsized, use -l to show in full.

发现运行状况也一直出现error。那么是否是cpu或者内存过高导致的呢?

6.使用命令:top查看cpu和内存使用状况

发现%Cpu(s): 99.4 us已经快高达100%了。ok问题找到了,现在就想办法降低cpu使用率就好了。

因为直接使用top命令并没有显示哪块占有cpu。所以基本可以确定被入侵了。

在网上查资料发现是被挖矿了。

最后通过这位大神的方法,终于是把恶心的木马干掉了

链接地址:www.cnblogs.com/guigujun/p/…

avatar
文章
阅读
粉丝