操作系统要求

  • 64位安装,查看系统内核uname -r
  • 版本 3.10 或更高版本的 Linux 内核,查看版本sudo cat /etc/redhat-release
  • iptables版本 1.4 或更高版本rpm -q iptables
  • docker守护进程,启用seccomp选项:grep CONFIG_SECCOMP= /boot/config-$(uname -r),输出CONFIG_SECCOMP=y。

卸载旧版本

  1. # 检查删除yum安装的docker
  2. sudo yum remove docker \
  3.                   docker-client \
  4.                   docker-client-latest \
  5.                   docker-common \
  6.                   docker-latest \
  7.                   docker-latest-logrotate \
  8.                   docker-logrotate \
  9.                   docker-engine
  10. # 检查docker相关文件夹,根据查找结果删除文件/文件夹
  11. find / -name docker

下载docker

docker官方下载地址:https://download.docker.com/linux/static/stable/x86_64/
这里选择的是ce版本即社区版
image.png

上传并解压

上传docker二进制文件到服务器,解压docker-18.06.3-ce.tgz获得docker文件夹,复制执行程序到/usr/bin目录下
image.png

  1. tar -zxvf docker-18.06.3-ce.tgz
  3. cp docker/* /usr/bin/

创建docker.service和docker.socket

在/etc/systemd/system目录下创建docker.service和docker.socket,内容如下。
注:创建文件的原因是,二进制安装方式,缺少与系统的交互功能,也就是下文的systemctl操作docker。

  1. [Unit]
  2. Description=Docker Application Container Engine
  3. Documentation=https://docs.docker.com
  4. After=network-online.target firewalld.service
  5. Wants=network-online.target
  7. [Service]
  8. Type=notify
  9. # the default is not to use systemd for cgroups because the delegate issues still
  10. # exists and systemd currently does not support the cgroup feature set required
  11. # for containers run by docker
  12. ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock
  13. ExecReload=/bin/kill -s HUP $MAINPID
  14. # Having non-zero Limit*s causes performance problems due to accounting overhead
  15. # in the kernel. We recommend using cgroups to do container-local accounting.
  16. LimitNOFILE=infinity
  17. LimitNPROC=infinity
  18. LimitCORE=infinity
  19. # Uncomment TasksMax if your systemd version supports it.
  20. # Only systemd 226 and above support this version.
  21. #TasksMax=infinity
  22. TimeoutStartSec=0
  23. # set delegate yes so that systemd does not reset the cgroups of docker containers
  24. Delegate=yes
  25. # kill only the docker process, not all processes in the cgroup
  26. KillMode=process
  27. # restart the docker process if it exits prematurely
  28. Restart=on-failure
  29. StartLimitBurst=3
  30. StartLimitInterval=60s
  32. [Install]
  33. WantedBy=multi-user.target
  1. [Unit]
  2. Description=Docker Socket for the API
  4. [Socket]
  5. # If /var/run is not implemented as a symlink to /run, you may need to
  6. # specify ListenStream=/var/run/docker.sock instead.
  7. ListenStream=/run/docker.sock
  8. SocketMode=0660
  9. SocketUser=root
  10. SocketGroup=docker
  12. [Install]
  13. WantedBy=sockets.target

启动docker

注:非root用户执行命令时,需在命令前输入 sudo

  1. # 重启 systemctl 守护进程
  2. systemctl daemon-reload
  4. # 启动docker
  5. systemctl start docker
  7. # 查看docker是否启动成功
  8. docker version
  10. # 设置开机自启,如下两条命令都可以
  11. systemctl enable docker
  12. systemctl enable docker.service
  13. # 设置外开机自启后,输出如下内容,表示成功
  14. #Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to #/etc/systemd/system/docker.service.
  16. # 重启系统验证
  17. reboot
  18. # 启动后查看docker
  19. docker version
  21. # 停止docker
  22. systemctl stop docker
  24. # 关闭开机自启,如下命令均可
  25. systemctl disable docker
  26. systemctl disable docker.service

至此,docker环境安装完成!