Hello World

Appearance

On this page

docker002 install 安装和配置

官方文档: https://docs.docker.com/engine/install/

安装docker

docker官方脚本安装

https://github.com/okeyear/scripts/blob/main/shell/install_docker.sh

bash
curl -fsSL get.docker.com | sudo sh -

curl -fsSL get.docker.com -o get-docker.sh
sudo sh get-docker.sh --mirror Aliyun
# sudo sh get-docker.sh --mirror AzureChinaCloud

ubuntu安装

bash
# delete old version
sudo apt-get remove docker docker-engine docker.io containerd runc

# step 1: 安装必要的一些系统工具
sudo apt-get update
sudo apt-get install \
    ca-certificates \
    curl \
    gnupg \
    lsb-release
    
# step 2: 安装GPG证书
# curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg

# Step 3: 写入软件源信息
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

# Step 4: 更新并安装Docker-CE
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin

centos安装

bash
# step 1: 安装必要的一些系统工具
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
# Step 2: 添加软件源信息
# wget -O /etc/yum.repos.d/docker-ce.repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# Step 3
sudo sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
# Step 4: 更新并安装Docker-CE
sudo yum -y install docker-ce docker-ce-cli containerd.io docker-compose-plugin
sudo yum install docker-ce
# Step 4: 开启Docker服务
sudo systemctl enable --now docker
# sudo systemctl status docker


# container-selinux
# yum install -y http://mirror.centos.org/centos/7/extras/x86_64/Packages/container-selinux-2.119.2-1.911c772.el7_8.noarch.rpm
# yum install -y http://mirror.centos.org/centos/7/extras/x86_64/Packages/slirp4netns-0.4.3-4.el7_8.x86_64.rpm
# yum install -y http://mirror.centos.org/centos/7/extras/x86_64/Packages/fuse-overlayfs-0.7.2-6.el7_8.x86_64.rpm


# 新版本会自动解决依赖, 不需要以下部分了
# centos8需要额外的依赖containerd.io
# firefox https://download.docker.com/linux/fedora/35/x86_64/stable/Packages
# fedora/35/上的有问题, 继续使用fedora/31上面的最新版本
# yum install https://download.docker.com/linux/fedora/35/x86_64/stable/Packages/containerd.io-1.4.12-3.1.fc35.x86_64.rpm
# sudo yum install -y https://download.docker.com/linux/fedora/31/x86_64/stable/Packages/containerd.io-1.4.3-3.1.fc31.x86_64.rpm

开机自启动

bash
systemctl start docker
systemctl enable docker
systemctl is-enabled docker
docker version

配置docker服务

非特权运行

把当前用户加入docker组

bash
sudo usermod -aG docker $USER
# 如果已经sudo到root,请执行如下
sudo usermod -aG docker $SUDO_USER

默认配置文件

Centos系统的配置 /etc/sysconfig/docker

Ubuntu系统的配置 /etc/default/docker

配置文件完整参考 https://docs.docker.com/engine/reference/commandline/dockerd/#options

修改DOCKER_OPTS

shell
DOCKER_OPTS="$DOCKER_OPTS -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock"
  • 配置文件json则是:
shell
"hosts": ["unix:///var/run/docker.sock","tcp://0.0.0.0:2375"]
  • 非官方仓库的信任 编辑docker配置文件,加入
shell
DOCKER_OPTS='--insecure-registry dl.dockerpool.com:5000'

镜像加速器

docker官方中国区 https://registry.docker-cn.com

网易 http://hub-mirror.c.163.com

ustc http://docker.mirrors.ustc.edu.cn

阿里云 http://<你的ID>.mirror.aliyuncs.com

您可以通过修改daemon配置文件/etc/docker/daemon.json来使用加速器

bash
sudo usermod -aG docker $USER # $SUDO_USER
sudo usermod -aG docker $SUDO_USER
sudo chmod 666 /var/run/docker.sock
sudo mkdir -p /etc/docker
#  "https://registry.docker-cn.com",
sudo tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": [
    "http://hub-mirror.c.163.com",
    "https://xc8hlpxv.mirror.aliyuncs.com",
    "https://docker.mirrors.ustc.edu.cn",
    "http://f1361db2.m.daocloud.io"
  ],
  "exec-opts": ["native.cgroupdriver=systemd"],
  "max-concurrent-downloads": 10,
  "max-concurrent-uploads": 5,
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "300m",
    "max-file": "2"
  },
  "live-restore": true
}
EOF
sudo systemctl daemon-reload
sudo systemctl enable --now docker
sudo systemctl restart docker

# 查看配置的加速器生效
docker info
bash
curl -sSL https://get.daocloud.io/daotools/set_mirror.sh | sh -s http://f1361db2.m.daocloud.io

该脚本可以将 --registry-mirror 加入到你的 Docker 配置文件 /etc/docker/daemon.json 中。适用于 Ubuntu14.04、Debian、CentOS6 、CentOS7、Fedora、Arch Linux、openSUSE Leap 42.1

配置docker cgroup驱动systemd

关于cgroup驱动,参考 https://docs.docker.com/engine/reference/commandline/dockerd/

  • cgroup v1 sudo grubby --update-kernel=ALL --args="systemd.unified_cgroup_hierarchy=0"
  • cgroup v2 sudo grubby --update-kernel=ALL --args="systemd.unified_cgroup_hierarchy=1"
bash
# 查看
docker info |grep Cgroup

# 1. /etc/docker/daemon.json
"exec-opts": ["native.cgroupdriver=systemd"]

# 2.
/usr/lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --exec-opt native.cgroupdriver=systemd
systemctl daemon-reload
systemctl restart docker

配置docker proxy代理

https://docs.docker.com/network/proxy/

bash
HTTP_PROXY=http://6.86.3.12:3128
# HTTP_PROXY=http://172.17.1.250:3128
sudo mkdir /etc/systemd/system/docker.service.d
sudo tee /etc/systemd/system/docker.service.d/http-proxy.conf <<EOF
[Service]
Environment="HTTP_PROXY=$HTTP_PROXY"
Environment="HTTPS_PROXY=$HTTP_PROXY"
Environment="NO_PROXY=10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,127.0.0.0/8,6.86.0.0/16"
EOF

sudo systemctl daemon-reload
# 验证配置
sudo systemctl show --property Environment docker
# 重启docker
sudo systemctl restart docker

配置docker container使用的 proxy代理

https://docs.docker.com/network/proxy/

bash
# 1
docker container run \
  -e HTTP_PROXY=http://username:password@proxy2.domain.com \
  -e HTTPS_PROXY=http://username:password@proxy2.domain.com \
  myimage

# 2
mkdir ~/.docker
tee ~/.docker/config.json <<EOF
{
 "proxies":
 {
   "default":
   {
     "httpProxy": "http://6.86.3.12:3128",
     "httpsProxy": "http://6.86.3.12:3128",
     "noProxy": "10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,127.0.0.0/8,6.86.0.0/16"
   }
 }
}
EOF

第一个镜像

bash
docker run hello-world

Install cri-dockerd

shell
function get_github_latest_release() {
	curl --silent "https://api.github.com/repos/$1/releases/latest" | # Get latest release from GitHub api
    grep '"tag_name":' |                                            # Get tag line
    sed -E 's/.*"([^"]+)".*/\1/'                                    # Pluck JSON value
}
# https://github.com/Mirantis/cri-dockerd/releases/download/v${VERSION}/cri-dockerd-${VERSION}.${ARCH}.tgz
VERSION=$(get_github_latest_release "Mirantis/cri-dockerd")
#### 官方把名称改了,这部分没用了 begin
# wget -c https://github.com/Mirantis/cri-dockerd/releases/download/${VERSION}/cri-dockerd-${VERSION}-linux-amd64.tar.gz
# tar xvf cri-dockerd-${VERSION}-linux-amd64.tar.gz
# sudo mv ./cri-dockerd /usr/local/bin/
#### 官方把名称改了,这部分没用了 end
sudo wget -c https://github.com/Mirantis/cri-dockerd/releases/download/${VERSION}/cri-dockerd-${VERSION/v/}.amd64.tgz
sudo tar xvf cri-dockerd-${VERSION/v/}.amd64.tgz
# Run these commands as root
cd cri-dockerd
sudo mkdir -p /usr/local/bin
sudo install -o root -g root -m 0755 cri-dockerd /usr/local/bin/cri-dockerd
sudo install packaging/systemd/* /etc/systemd/system
sudo sed -i -e 's,/usr/bin/cri-dockerd,/usr/local/bin/cri-dockerd,' /etc/systemd/system/cri-docker.service
sudo systemctl daemon-reload
sudo systemctl enable cri-docker.service
sudo systemctl enable --now cri-docker.socket

Last updated:

Released under the MIT License.

Copyright © 2019-present @okeyear