02 Docker部署
[TOC]
00X01 Redhat/Centos
00X011 YUM部署
# remove the old version of the docker
sudo yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-selinux \
docker-engine-selinux \
docker-engine
# remove all docker data
sudo rm -rf /var/lib/docker
# install the utils
sudo yum install -y yum-utils \
device-mapper-persistent-data \
lvm2
# add the ali repository
curl -l http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -o /etc/yum.repos.d/docker-ce.repo
# make cache
sudo yum makecache fast
# install the latest stable version of docker
sudo yum install -y docker-ce
# add base daemon
sudo mkdir -p /etc/docker
cat > /etc/docker/daemon.json <<EOF
{
"registry-mirrors": ["http://hub-mirror.c.163.com"],
"max-concurrent-downloads": 10,
"log-driver": "json-file",
"log-level": "warn",
"log-opts": {
"max-size": "10m",
"max-file": "3"
},
"data-root": "/var/lib/docker",
"exec-opts": ["native.cgroupdriver=systemd"],
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
]
}
EOF
# start deamon and enable auto start when power on
sudo systemctl start docker
sudo systemctl enable docker
# add current user to docker group
sudo groupadd docker
sudo gpasswd -a ${USER} docker
sudo systemctl restart docker
# check the version
docker -v查看版本,可部署指定版本
sudo yum list docker-ce --showduplicates | sort -r
docker-ce.x86_64 3:19.03.9-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.8-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.8-3.el7 @docker-ce-stable
docker-ce.x86_64 3:19.03.7-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.6-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.5-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.4-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.3-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.2-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.1-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.0-3.el7 docker-ce-stable
docker-ce.x86_64 3:18.09.9-3.el7 docker-ce-stable
docker-ce.x86_64 3:18.09.8-3.el7 docker-ce-stable
docker-ce.x86_64 3:18.09.7-3.el7 docker-ce-stable
docker-ce.x86_64 3:18.09.6-3.el7 docker-ce-stable
docker-ce.x86_64 3:18.09.5-3.el7 docker-ce-stable
...00X011 RPM包部署
适合在没有网络的时候的情况下
官方地址涵盖所有CentOS版本的docker
https://download.docker.com/linux/centos/7/x86_64/stable/Packages/
docker-ce-18.09.0-3.el7.x86_64.rpm
# install
sudo yum install -y docker-ce-18.09.0-3.el7.x86_64.rpm
# add base daemon
sudo mkdir -p /etc/docker
sudo cat > /etc/docker/daemon.json <<EOF
{
"registry-mirrors": ["http://hub-mirror.c.163.com"],
"max-concurrent-downloads": 10,
"log-driver": "json-file",
"log-level": "warn",
"log-opts": {
"max-size": "10m",
"max-file": "3"
},
"data-root": "/var/lib/docker",
"exec-opts": ["native.cgroupdriver=systemd"],
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
]
}
EOF
# start deamon and enable auto start when power on
sudo systemctl start docker
sudo systemctl enable docker
# add current user to docker group
sudo groupadd docker
sudo gpasswd -a ${USER} docker
sudo systemctl restart docker
# check the version
docker -vps:
通过rpm部署,需要考虑到当前服务器系统的依赖是否满足。推荐稍微低点的版本,不然在没有网络的服务器上安装依赖很麻烦
00X012 二进制部署
适合在没有网络且系统补丁较为老旧和依赖难以解决的情况下
官方地址涵盖所有版本的docker
https://download.docker.com/linux/static/stable/x86_64/
# download docker-ce
sudo wget https://download.docker.com/linux/static/stable/x86_64/docker-19.03.5.tgz
sudo tar -xf docker-19.03.5.tgz
sudo chmod +x docker/*
sudo cp docker/* /usr/bin/
# add docker.service
sudo cat >> /etc/systemd/system/docker.service <<EOF
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target
EOF
# add the execute permissions
sudo chmod +x /etc/systemd/system/docker.service
# reload daemon
sudo systemctl daemon-reload
# add base daemon
sudo mkdir -p /etc/docker
sudo cat > /etc/docker/daemon.json <<EOF
{
"registry-mirrors": ["http://hub-mirror.c.163.com"],
"max-concurrent-downloads": 10,
"log-driver": "json-file",
"log-level": "warn",
"log-opts": {
"max-size": "10m",
"max-file": "3"
},
"data-root": "/var/lib/docker",
"exec-opts": ["native.cgroupdriver=systemd"],
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
]
}
EOF
# start deamon and enable auto start when power on
sudo systemctl start docker
sudo systemctl enable docker
# add current user to docker group
sudo groupadd docker
sudo gpasswd -a ${USER} docker
sudo systemctl restart docker
# check the version
docker -v00X02 Ubuntu/Debian
00X021 APT部署
# remove the old version of the docker
sudo apt-get remove docker \
docker-engine \
docker.io \
containerd \
runc
# update apt index
sudo apt-get update
# install the utils
sudo apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg2 \
software-properties-common
# add GPG key
sudo curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
# add the ali repository
sudo add-apt-repository \
"deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/debian \
$(lsb_release -cs) \
stable"
# install docker-ce
sudo apt-get install docker-ce
# add base daemon
sudo mkdir -p /etc/docker
cat > /etc/docker/daemon.json <<EOF
{
"registry-mirrors": ["http://hub-mirror.c.163.com"],
"max-concurrent-downloads": 10,
"log-driver": "json-file",
"log-level": "warn",
"log-opts": {
"max-size": "10m",
"max-file": "3"
},
"data-root": "/var/lib/docker",
"exec-opts": ["native.cgroupdriver=systemd"],
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
]
}
EOF
# start deamon and enable auto start when power on
sudo systemctl start docker
sudo systemctl enable docker
# add current user to docker group
sudo groupadd docker
sudo gpasswd -a ${USER} docker
sudo systemctl restart docker
# check the version
docker -v查看版本,可部署指定版本
sudo apt-cache madison docker-ce00X03 查看信息
查看docker信息
[[email protected] ~]# docker info
Client:
Debug Mode: false #debug是否开启
Server:
Containers: 36 #运行的容器数量
Running: 31 #正在运行的容器数量
Paused: 0
Stopped: 5 #停止的容器数量
Images: 19 #本地拥有的镜像数量
Server Version: 19.03.6 #当前docker-ce 版本
Storage Driver: overlay2 #存储驱动
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file #日志格式
Cgroup Driver: systemd
Plugins: #支持的插件
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive #docker集群内部管理Swarm
Runtimes: runc #创建容器管理容器的引擎
Default Runtime: runc #默认创建容器管理容器的引擎
Init Binary: docker-init
containerd version: 7ad184331fa3e55e52b890ea95e65ba581ae3429
runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 4.20.13-1.el7.elrepo.x86_64
Operating System: CentOS Linux 7 (Core) #当前宿主机器的信息
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 3.852GiB
Name: k8s-node1
ID: B742:JF4V:43BC:7G3L:OGDK:S2S3:KNGF:R6ON:AYIH:7XXF:WN4X:3M4E
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/ #默认从个接口下载docker镜像的
Labels:
Experimental: false
Insecure Registries: #非安全的镜像
127.0.0.0/8
Live Restore Enabled: false00X04 查看版本
查看版本
[[email protected] ~]# docker version
Client: Docker Engine - Community
Version: 19.03.6
API version: 1.40
Go version: go1.12.16
Git commit: 369ce74a3c
Built: Thu Feb 13 01:29:29 2020
OS/Arch: linux/amd64
Experimental: false
Server: Docker Engine - Community
Engine:
Version: 19.03.6
API version: 1.40 (minimum version 1.12)
Go version: go1.12.16
Git commit: 369ce74a3c
Built: Thu Feb 13 01:28:07 2020
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.2.13
GitCommit: 7ad184331fa3e55e52b890ea95e65ba581ae3429
runc:
Version: 1.0.0-rc10
GitCommit: dc9208a3303feef5b3839f4323d9beb36df0a9dd
docker-init:
Version: 0.18.0
GitCommit: fec3683FAQ:
1.执行docker info出现如下警告
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled解决办法:
cat >> /etc/sysctl.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
#最后再执行
sysctl -p