Docker安装

摘要

(1)直接安装(版本较低)

1
yum install docker

(2)安装高版本

Centos

1
2
3
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum makecache

Ubuntu

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
sudo apt -y install apt-transport-https ca-certificates curl software-properties-common
# aliyun
sudo curl -fsSL http://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] http://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
sudo apt -y update
# tencent
sudo curl -fsSL http://mirrors.tencent.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] http://mirrors.tencent.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
# tsinghua
sudo curl -fsSL https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu $(lsb_release -cs) stable"

sudo apt -y update

出现以下提示:

Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).

原因如下:

apt-key is used to manage the list of keys used by apt to authenticate packages. Packages which have been authenticated using these keys are considered trusted. Use of apt-key is deprecated, except for the use of apt-key del in maintainer scripts to remove existing keys from the main keyring. If such usage of apt-key is desired, the additional installation of the GNU Privacy Guard suite (packaged in gnupg) is required. apt-key(8) will last be available in Debian 11 and Ubuntu 22.04.

使用如下命令

1
2
3
cd /etc/apt/trusted.gpg.d/
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor >docker.gpg
echo "deb [arch=$(dpkg --print-architecture)] https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" > /etc/apt/sources.list.d/docker.list

列出Docker版本

Centos

1
yum list docker-ce --showduplicates | sort -r

CentOS8 默认使用 podman 代替 docker ,所以需要 containerd.io

安装containerd.io

1
yum -y install https://mirrors.aliyun.com/docker-ce/linux/centos/7/x86_64/edge/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm

Ubuntu

1
sudo apt-cache madison docker-ce|awk '{print $3}'

安装指定版本

Centos

1
2
yum install docker-ce-<VERSION_STRING>
yum install docker-ce-19.03.15

Ubuntu

1
2
sudo apt -y install docker-ce=<VERSION_STRING>
sudo apt -y install docker-ce=5:19.03.15~3-0~ubuntu-focal

修改加速器,添加私有仓库,修改docker默认存储位置

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
    "data-root": "/data/docker",
    "registry-mirrors": ["https://docker.mirrors.ustc.edu.cn", "https://hub-mirror.c.163.com", "https://ung2thfc.mirror.aliyuncs.com"],
    "insecure-registries": ["192.168.0.2"],
    "experimental": true,
    "log-driver": "json-file",
    "log-opts": {
        "max-size": "50m",
        "max-file": "10"
    }
}
EOF
1
2
systemctl start docker
systemctl enable docker

为了避免每次命令都输入sudo,可以设置用户权限

1
sudo usermod -a -G docker $USER

首先要注意 docker 的包是位于社区仓库里的,需要取消 community注释

https://img.bwcxtech.com/img/20210428110621.png

1
2
apk add docker
apk add docker-compose

安装一些依赖

1
apk add --no-cache iptables ip6tables python3

创建docker的openrc文件

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
cat > /etc/init.d/docker <<'EOF'
#!/sbin/openrc-run
supervisor=supervise-daemon

name="Docker Daemon"
description="Persistent process that manages docker containers"
description_reload="Reload configuration without exiting"

command="${DOCKERD_BINARY:-/usr/bin/dockerd}"
command_args="${DOCKER_OPTS}"
DOCKER_LOGFILE="${DOCKER_LOGFILE:-/var/log/${RC_SVCNAME}.log}"
DOCKER_ERRFILE="${DOCKER_ERRFILE:-${DOCKER_LOGFILE}}"
DOCKER_OUTFILE="${DOCKER_OUTFILE:-${DOCKER_LOGFILE}}"
supervise_daemon_args="--stderr \"${DOCKER_ERRFILE}\" --stdout \"${DOCKER_OUTFILE}\""

extra_started_commands="reload"

rc_ulimit="${DOCKER_ULIMIT:--c unlimited -n 1048576 -u unlimited}"

retry="${DOCKER_RETRY:-TERM/60/KILL/10}"

depend() {
        need sysfs cgroups
}

start_pre() {
        #checkpath -f -m 0644 -o root:docker "$DOCKER_ERRFILE" "$DOCKER_OUTFILE"
        echo ""
}

reload() {
        ebegin "Reloading configuration"
        $supervisor $RC_SVCNAME --signal HUP
        eend $?
}
EOF
## 授权可执行
chmod +x /etc/init.d/docker

## 下载docker-ce的二进制文件并释放到/usr/bin目录
curl -fsSL https://opentuna.cn/docker-ce/linux/static/stable/x86_64/docker-19.03.15.tgz | tar -xvz --strip-components 1 --directory=/usr/bin

修改配置

添加自启并启动

1
2
rc-update add docker boot
service docker start

如果启动报错failed to start daemon: Devices cgroup isn't mounted

执行以下脚本

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
#!/bin/sh
# Copyright 2011 Canonical, Inc
#           2014 Tianon Gravi
# Author: Serge Hallyn <serge.hallyn@canonical.com>
#         Tianon Gravi <tianon@debian.org>
set -e

# for simplicity this script provides no flexibility

# if cgroup is mounted by fstab, don't run
# don't get too smart - bail on any uncommented entry with 'cgroup' in it
if grep -v '^#' /etc/fstab | grep -q cgroup; then
	echo 'cgroups mounted from fstab, not mounting /sys/fs/cgroup'
	exit 0
fi

# kernel provides cgroups?
if [ ! -e /proc/cgroups ]; then
	exit 0
fi

# if we don't even have the directory we need, something else must be wrong
if [ ! -d /sys/fs/cgroup ]; then
	exit 0
fi

# mount /sys/fs/cgroup if not already done
if ! mountpoint -q /sys/fs/cgroup; then
	mount -t tmpfs -o uid=0,gid=0,mode=0755 cgroup /sys/fs/cgroup
fi

cd /sys/fs/cgroup

# get/mount list of enabled cgroup controllers
for sys in $(awk '!/^#/ { if ($4 == 1) print $1 }' /proc/cgroups); do
	mkdir -p $sys
	if ! mountpoint -q $sys; then
		if ! mount -n -t cgroup -o $sys cgroup $sys; then
			rmdir $sys || true
		fi
	fi
done

# example /proc/cgroups:
#  #subsys_name	hierarchy	num_cgroups	enabled
#  cpuset	2	3	1
#  cpu	3	3	1
#  cpuacct	4	3	1
#  memory	5	3	0
#  devices	6	3	1
#  freezer	7	3	1
#  blkio	8	3	1

exit 0
1
systemctl stop docker
1
2
3
yum -y remove docker \
docker-client \
docker-common
1
2
3
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum makecache
1
yum install docker-ce-19.03.9-3.el7

使用之前的数据目录,指定之前的储存目录,我们之前Docker的储存目录是 /data/docker

修改docker默认存储位置,配置镜像加速器,添加私有仓库地址

1
systemctl enable --now docker

以前Docker版本为1.13.1,,在对其版本升级到18.06.1之后,启动旧版本创建的容器时遇到这个错误:

https://img.bwcxtech.com/img/20200928154200.png

查资料得知:因为「当您从不兼容的版本升级docker并且升级后无法启动docker容器时会出现这种情况」,解决办法如下:

1
2
grep -rl 'docker-runc' /data/docker/containers/ | xargs sed -i 's/docker-runc/runc/g'
systemctl restart docker

/data/docker/containers/为docker存储目录

由于某些项目需要用到中文字体

Dockerfile中添加

1
COPY simsun.ttc /usr/share/fonts/simsun.ttc

执行以下命令查看系统中的中文字体

1
fc-list :lang=zh

二进制

1
2
3
4
curl -L https://github.com/docker/compose/releases/download/1.29.2/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
# 国内
curl -L https://get.daocloud.io/docker/compose/releases/download/1.29.2/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose

pip安装

1
2
#curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py && python3 get-pip.py
pip3 install docker-compose