Docker容器持续构建过程中遇到的问题

问题:docker build过程中执行apt update的时候出现"At least one invalid signature was encountered."

10:39:04  Reading package lists...
10:39:04  Building dependency tree...
10:39:04  Reading state information...
10:39:04  apt is already the newest version (1.8.2.3).
10:39:04  apt set to manually installed.
10:39:04  ca-certificates is already the newest version (20200601~deb10u2).
10:39:04  0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
10:39:05  Get:1 https://mirrors.tuna.tsinghua.edu.cn/debian buster InRelease [122 kB]
10:39:05  Get:2 https://mirrors.tuna.tsinghua.edu.cn/debian-security buster/updates InRelease [34.8 kB]
10:39:05  Err:1 https://mirrors.tuna.tsinghua.edu.cn/debian buster InRelease
10:39:05    At least one invalid signature was encountered.
10:39:05  Err:2 https://mirrors.tuna.tsinghua.edu.cn/debian-security buster/updates InRelease
10:39:05    At least one invalid signature was encountered.
10:39:05  Get:3 https://mirrors.tuna.tsinghua.edu.cn/debian buster-updates InRelease [56.6 kB]
10:39:05  Err:3 https://mirrors.tuna.tsinghua.edu.cn/debian buster-updates InRelease
10:39:05    At least one invalid signature was encountered.
10:39:05  Reading package lists...
10:39:06  W: GPG error: https://mirrors.tuna.tsinghua.edu.cn/debian buster InRelease: At least one invalid signature was encountered.
10:39:06  E: The repository 'https://mirrors.tuna.tsinghua.edu.cn/debian buster InRelease' is not signed.
10:39:06  W: GPG error: https://mirrors.tuna.tsinghua.edu.cn/debian-security buster/updates InRelease: At least one invalid signature was encountered.
10:39:06  E: The repository 'https://mirrors.tuna.tsinghua.edu.cn/debian-security buster/updates InRelease' is not signed.
10:39:06  W: GPG error: https://mirrors.tuna.tsinghua.edu.cn/debian buster-updates InRelease: At least one invalid signature was encountered.
10:39:06  E: The repository 'https://mirrors.tuna.tsinghua.edu.cn/debian buster-updates InRelease' is not signed.

root@xxx-xx-xx:~# df -h
Filesystem      Size  Used Avail Use% Mounted on
udev            1.9G     0  1.9G   0% /dev
tmpfs           394M  856K  393M   1% /run
/dev/vda2        79G   77G     0 100% /       <-- 根目录堆积
tmpfs           2.0G   24K  2.0G   1% /dev/shm
tmpfs           5.0M     0  5.0M   0% /run/lock
tmpfs           2.0G     0  2.0G   0% /sys/fs/cgroup
overlay          79G   77G     0 100% /data/docker/overlay2/1c8be8a669e12a0d1171a3de7af7319af334094ccf266beddb4292d0a59eb496/merged
overlay          79G   77G     0 100% /data/docker/overlay2/9edb271da2814a0f953b84073befb5fd904b444069f0930445f579a717c6c3ec/merged
tmpfs           394M     0  394M   0% /run/user/0

这是一个很2B的原因导致的,编译机的系统磁盘堆满了,导致无法继续写入。在这里记录,主要是因为终端报错和最终的这个原因在第一次遇到的时候,完全不会关联起来。所以,要在日常的监控中一定要完善完善再完善。

好了,这个编译报错根源也找到了,主要是这个编译机器残留了很多历史构建过的悬空(dangling)容器/镜像数据,接下来要考虑如何定期处理这些废弃的便衣数据。好在docker家目前已经对这方面有了很好的解决办法。

$ sudo cat /etc/cron.daily/docker-prune
#!/bin/sh
# -af -a表示既要查找悬空容器,还要查找所有不再使用的容器;-f表示不再命令行提示确认,直接执行
# --filter 过滤超过15天的数据
docker system prune -af --filter "until=$((24*15))h"

$ sudo chmod +x /etc/cron.daily/docker-prune
$ run-parts /etc/cron.daily

完美,以后应该不用担心再出现这类2B问题了。