02 Docker部署

[TOC]

00X01 Redhat/Centos

00X011 YUM部署

# remove the old version of the docker
sudo yum remove docker \
                docker-client \
                docker-client-latest \
                docker-common \
                docker-latest \
                docker-latest-logrotate \
                docker-logrotate  \
                docker-selinux     \
                docker-engine-selinux   \
                docker-engine
            
# remove all docker data 
sudo rm -rf /var/lib/docker

# install the utils 
sudo yum install -y yum-utils     \
                      device-mapper-persistent-data \
                      lvm2
# add the ali repository
curl -l http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -o /etc/yum.repos.d/docker-ce.repo

# make cache
sudo yum makecache fast

# install the latest stable version of docker
sudo yum install -y docker-ce

# add base daemon
sudo mkdir -p /etc/docker
cat > /etc/docker/daemon.json <<EOF
{
  "registry-mirrors": ["http://hub-mirror.c.163.com"],
  "max-concurrent-downloads": 10,
  "log-driver": "json-file",
  "log-level": "warn",
  "log-opts": {
    "max-size": "10m",
    "max-file": "3"
    },
  "data-root": "/var/lib/docker",
  "exec-opts": ["native.cgroupdriver=systemd"],
  "storage-driver": "overlay2",
  "storage-opts": [
    "overlay2.override_kernel_check=true"
  ]
}
EOF

# start deamon and enable auto start when power on
sudo systemctl start docker
sudo systemctl enable docker

# add current user to docker group
sudo groupadd docker
sudo gpasswd -a ${USER} docker
sudo systemctl restart docker

# check the version
docker -v

查看版本,可部署指定版本

sudo yum list docker-ce --showduplicates | sort -r
docker-ce.x86_64            3:19.03.9-3.el7                    docker-ce-stable 
docker-ce.x86_64            3:19.03.8-3.el7                    docker-ce-stable 
docker-ce.x86_64            3:19.03.8-3.el7                    @docker-ce-stable
docker-ce.x86_64            3:19.03.7-3.el7                    docker-ce-stable 
docker-ce.x86_64            3:19.03.6-3.el7                    docker-ce-stable 
docker-ce.x86_64            3:19.03.5-3.el7                    docker-ce-stable 
docker-ce.x86_64            3:19.03.4-3.el7                    docker-ce-stable 
docker-ce.x86_64            3:19.03.3-3.el7                    docker-ce-stable 
docker-ce.x86_64            3:19.03.2-3.el7                    docker-ce-stable 
docker-ce.x86_64            3:19.03.1-3.el7                    docker-ce-stable 
docker-ce.x86_64            3:19.03.0-3.el7                    docker-ce-stable 
docker-ce.x86_64            3:18.09.9-3.el7                    docker-ce-stable 
docker-ce.x86_64            3:18.09.8-3.el7                    docker-ce-stable 
docker-ce.x86_64            3:18.09.7-3.el7                    docker-ce-stable 
docker-ce.x86_64            3:18.09.6-3.el7                    docker-ce-stable 
docker-ce.x86_64            3:18.09.5-3.el7                    docker-ce-stable 
...

00X011 RPM包部署

适合在没有网络的时候的情况下

官方地址涵盖所有CentOS版本的docker
https://download.docker.com/linux/centos/7/x86_64/stable/Packages/

docker-ce-18.09.0-3.el7.x86_64.rpm

# install
sudo yum install -y docker-ce-18.09.0-3.el7.x86_64.rpm

# add base daemon
sudo mkdir -p /etc/docker
sudo cat > /etc/docker/daemon.json <<EOF
{
  "registry-mirrors": ["http://hub-mirror.c.163.com"],
  "max-concurrent-downloads": 10,
  "log-driver": "json-file",
  "log-level": "warn",
  "log-opts": {
    "max-size": "10m",
    "max-file": "3"
    },
  "data-root": "/var/lib/docker",
  "exec-opts": ["native.cgroupdriver=systemd"],
  "storage-driver": "overlay2",
  "storage-opts": [
    "overlay2.override_kernel_check=true"
  ]
}
EOF

# start deamon and enable auto start when power on
sudo systemctl start docker
sudo systemctl enable docker

# add current user to docker group
sudo groupadd docker
sudo gpasswd -a ${USER} docker
sudo systemctl restart docker

# check the version
docker -v

ps:

通过rpm部署,需要考虑到当前服务器系统的依赖是否满足。推荐稍微低点的版本,不然在没有网络的服务器上安装依赖很麻烦

00X012 二进制部署

适合在没有网络且系统补丁较为老旧和依赖难以解决的情况下

官方地址涵盖所有版本的docker

https://download.docker.com/linux/static/stable/x86_64/

# download docker-ce
sudo wget https://download.docker.com/linux/static/stable/x86_64/docker-19.03.5.tgz
sudo tar -xf docker-19.03.5.tgz
sudo chmod +x docker/*
sudo cp docker/* /usr/bin/


# add docker.service
sudo cat >> /etc/systemd/system/docker.service <<EOF
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
 
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
 
[Install]
WantedBy=multi-user.target
EOF

# add the execute permissions
sudo chmod +x /etc/systemd/system/docker.service

# reload daemon
sudo systemctl daemon-reload

# add base daemon
sudo mkdir -p /etc/docker
sudo cat > /etc/docker/daemon.json <<EOF
{
  "registry-mirrors": ["http://hub-mirror.c.163.com"],
  "max-concurrent-downloads": 10,
  "log-driver": "json-file",
  "log-level": "warn",
  "log-opts": {
    "max-size": "10m",
    "max-file": "3"
    },
  "data-root": "/var/lib/docker",
  "exec-opts": ["native.cgroupdriver=systemd"],
  "storage-driver": "overlay2",
  "storage-opts": [
    "overlay2.override_kernel_check=true"
  ]
}
EOF

# start deamon and enable auto start when power on
sudo systemctl start docker
sudo systemctl enable docker

# add current user to docker group
sudo groupadd docker
sudo gpasswd -a ${USER} docker
sudo systemctl restart docker

# check the version
docker -v

00X02 Ubuntu/Debian

00X021 APT部署

# remove the old version of the docker
sudo apt-get remove docker \
                    docker-engine \
                    docker.io \
                    containerd \
                    runc

# update apt index
sudo apt-get update

# install the utils 
sudo apt-get install \
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg2 \
    software-properties-common

# add GPG key
sudo curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -

# add the ali repository
sudo add-apt-repository \
   "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/debian \
   $(lsb_release -cs) \
   stable"
   
# install docker-ce
sudo apt-get install docker-ce

# add base daemon
sudo mkdir -p /etc/docker
cat > /etc/docker/daemon.json <<EOF
{
  "registry-mirrors": ["http://hub-mirror.c.163.com"],
  "max-concurrent-downloads": 10,
  "log-driver": "json-file",
  "log-level": "warn",
  "log-opts": {
    "max-size": "10m",
    "max-file": "3"
    },
  "data-root": "/var/lib/docker",
  "exec-opts": ["native.cgroupdriver=systemd"],
  "storage-driver": "overlay2",
  "storage-opts": [
    "overlay2.override_kernel_check=true"
  ]
}
EOF

# start deamon and enable auto start when power on
sudo systemctl start docker
sudo systemctl enable docker

# add current user to docker group
sudo groupadd docker
sudo gpasswd -a ${USER} docker
sudo systemctl restart docker

# check the version
docker -v

查看版本,可部署指定版本

sudo apt-cache madison docker-ce

00X03 查看信息

查看docker信息

[[email protected] ~]# docker info  
Client:
 Debug Mode: false #debug是否开启

Server:
 Containers: 36 #运行的容器数量
  Running: 31   #正在运行的容器数量
  Paused: 0
  Stopped: 5 #停止的容器数量
 Images: 19  #本地拥有的镜像数量
 Server Version: 19.03.6  #当前docker-ce 版本
 Storage Driver: overlay2 #存储驱动
  Backing Filesystem: xfs
  Supports d_type: true
  Native Overlay Diff: true
 Logging Driver: json-file #日志格式
 Cgroup Driver: systemd
 Plugins: #支持的插件
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive #docker集群内部管理Swarm
 Runtimes: runc  #创建容器管理容器的引擎
 Default Runtime: runc #默认创建容器管理容器的引擎
 Init Binary: docker-init
 containerd version: 7ad184331fa3e55e52b890ea95e65ba581ae3429
 runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
 init version: fec3683
 Security Options:
  seccomp
   Profile: default
 Kernel Version: 4.20.13-1.el7.elrepo.x86_64
 Operating System: CentOS Linux 7 (Core) #当前宿主机器的信息
 OSType: linux
 Architecture: x86_64
 CPUs: 2
 Total Memory: 3.852GiB
 Name: k8s-node1
 ID: B742:JF4V:43BC:7G3L:OGDK:S2S3:KNGF:R6ON:AYIH:7XXF:WN4X:3M4E
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/ #默认从个接口下载docker镜像的
 Labels:
 Experimental: false
 Insecure Registries:                   #非安全的镜像
 127.0.0.0/8
 Live Restore Enabled: false

00X04 查看版本

查看版本

[[email protected] ~]# docker version
Client: Docker Engine - Community
 Version:           19.03.6
 API version:       1.40
 Go version:        go1.12.16
 Git commit:        369ce74a3c
 Built:             Thu Feb 13 01:29:29 2020
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          19.03.6
  API version:      1.40 (minimum version 1.12)
  Go version:       go1.12.16
  Git commit:       369ce74a3c
  Built:            Thu Feb 13 01:28:07 2020
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.2.13
  GitCommit:        7ad184331fa3e55e52b890ea95e65ba581ae3429
 runc:
  Version:          1.0.0-rc10
  GitCommit:        dc9208a3303feef5b3839f4323d9beb36df0a9dd
 docker-init:
  Version:          0.18.0
  GitCommit:        fec3683

FAQ:

1.执行docker info出现如下警告

WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled

解决办法:

cat >> /etc/sysctl.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF

#最后再执行
sysctl -p
Last modification:August 3rd, 2020 at 03:44 pm
如果觉得我的文章对你有用,请随意赞赏