环境说明
1、安装用户有sudo权限
2、本文讲docker组件安装,不是桌面程序安装
3、本文讲离线安装,不是在线安装
4、目标机器是内网机器,与外部网络不连通
下载
1、下载离线安装包,并上传到$HOME/basic-tool 目录
下载地址:Index of linux/static/stable/x86_64/
我下的这个:
https://download.docker.com/linux/static/stable/x86_64/docker-27.5.1.tgz
理由:rpm的安装起来反而麻烦,缺这个库缺那个库的
# Docker 的扩展功能包(在离线安装包下载地址页面)
https://download.docker.com/linux/static/stable/x86_64/docker-rootless-extras-27.5.1.tgz
说明:"rootless" 通常指的是不需要 root 权限就能运行 Docker 的特性
安装
1、解压
cd $HOME/basic-tooltar -xvf docker-27.5.1.tgz2、安装
sudo cp docker/* /usr/bin/3、注册docker.service服务
# 用vi就行了,vim用的刚装的机器上都没这命令vi /etc/systemd/system/docker.service[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
ExecStart=/usr/bin/dockerd --selinux-enabled=false --insecure-registry=127.0.0.1
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TimeoutStartSec=0
Delegate=yes
KillMode=process
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target4、添加镜像加速(此步可选)
sudo mkdir -p /etc/dockersudo tee /etc/docker/daemon.json <<-'EOF'
{"oom-score-adjust": -1000,"log-driver": "json-file","log-opts": {"max-size": "20m","max-file": "3"},"max-concurrent-downloads": 10,"max-concurrent-uploads": 10,"registry-mirrors": ["https://sto5ef1n.mirror.aliyuncs.com"],"storage-driver": "overlay2","storage-opts": ["overlay2.override_kernel_check=true"]
}
EOF
5、创建 Docker 组并添加(当前)用户
# 添加用户组 docker
sudo groupadd docker# 添加用户
sudo usermod -aG docker $USER
# 等价于
# sudo usermod -aG docker xxx(当前用户名)#更新用户组
newgrp docker 6、启动 Docker 服务
sudo chmod 777 /etc/systemd/system/docker.service
sudo systemctl daemon-reload
sudo systemctl enable docker
sudo systemctl start docker7、验证安装
systemctl status docker
docker -v
docker info常见问题
1、执行docker命令时报权限错
[zhaoXXXXXX@GZXXX-PM153161 basic-tool]$ docker ps
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock:
Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json":
dial unix /var/run/docker.sock: connect: permission denied解决:更新用户组
#更新用户组
newgrp docker 2、启动docker守护进程报错
[zhao****@GZ****-PM153160 ~]$ sudo systemctl restart docker
Job for docker.service failed because the control process exited with error code.
See "systemctl status docker.service" and "journalctl -xe" for details.解决:配置文件语法问题。删除解析不了的配置
查看报错详细日志(一般能看到提示了配置文件具体哪行的语法错,不同的版本支持的配置参数有差异):
# 查看 docker 守护进程日志
journalctl -u docker.service3、登陆(私有)镜像仓库报错
[zhao****@GZ****-PM153160 ~]$ docker login 10.130.***.106:30089
Username: admin
Password:
Error response from daemon: Get "https://10.130.***.106:30089/v2/": tls: failed to verify certificate: x509: cannot validate certificate for 10.130.***.106 because it doesn't contain any IP SANs解决:换成域名
[zhao***@GZ***-PM153160 ~]$ docker login harbor.***.com:30089
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /home/zhaozheng/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credential-storesLogin Succeeded总结
因大部分文章都不完整,不是少这步就是少那步,本文章是作者看了网上多个文章后取其精华并完善整理而来。作者此贴已亲测并验证通过,请放心参考!
附件
附件一:创建linux用户
# 创建用户组(上面有执行过)
# groupadd docker -g 200# 创建 docker 用户 第一个docker是分组名,第二个docker是用户名
sudo useradd -g docker docker
sudo usermod -aG docker docker# 修改 docker 用户密码
passwd docker 附件二:将docker添加到sudo用户列表
# 没错这里就是vi和sudo两命令连在一起,中间没有空格
visudo# 最后一行添加,保存即刻生效
docker ALL=(ALL) NOPASSWD:ALL附件三:docker desktop下载
docker桌面程序下载地址
https://www.docker.com/
附件四:rpm相关包下载地址
本文不需要用
https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-26.1.4-1.el7.x86_64.rpm
https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.6.33-3.1.el7.x86_64.rpm
# policycoreutils-python安装(装docker-ce-selinux的依赖,本文不需要用)
policycoreutils-python-2.5-34.el7.x86_64.rpm
附件五:不采用rpm包的理由
rpm的安装起来缺这个库缺那个库的
[zhaoXXXXX@GZXXX-PM153161 basic-tool]$ sudo rpm -ivh containerd.io-1.6.33-3.1.el7.x86_64.rpm
warning: containerd.io-1.6.33-3.1.el7.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY
error: Failed dependencies:container-selinux >= 2:2.74 is needed by containerd.io-1.6.33-3.1.el7.x86_64[zhaoXXXXX@GZXXX-PM153161 basic-tool]$ sudo rpm -ivh docker-ce-20.10.24-3.el7.x86_64.rpm
warning: docker-ce-20.10.24-3.el7.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY
error: Failed dependencies:container-selinux >= 2:2.74 is needed by docker-ce-3:20.10.24-3.el7.x86_64containerd.io >= 1.4.1 is needed by docker-ce-3:20.10.24-3.el7.x86_64docker-ce-cli is needed by docker-ce-3:20.10.24-3.el7.x86_64docker-ce-rootless-extras is needed by docker-ce-3:20.10.24-3.el7.x86_64libcgroup is needed by docker-ce-3:20.10.24-3.el7.x86_64[zhaoXXXXX@GZXXX-PM153161 basic-tool]$ sudo rpm -ivh docker-ce-rootless-extras-20.10.24-3.el7.x86_64.rpm
warning: docker-ce-rootless-extras-20.10.24-3.el7.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY
error: Failed dependencies:docker-ce is needed by docker-ce-rootless-extras-0:20.10.24-3.el7.x86_64fuse-overlayfs >= 0.7 is needed by docker-ce-rootless-extras-0:20.10.24-3.el7.x86_64slirp4netns >= 0.4 is needed by docker-ce-rootless-extras-0:20.10.24-3.el7.x86_64[zhaoXXXXX@GZXXX-PM153161 basic-tool]$ sudo rpm -ivh policycoreutils-python-2.5-34.el7.x86_64.rpm
warning: policycoreutils-python-2.5-34.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
error: Failed dependencies:audit-libs-python >= 2.1.3-4 is needed by policycoreutils-python-2.5-34.el7.x86_64checkpolicy is needed by policycoreutils-python-2.5-34.el7.x86_64libapol.so.4()(64bit) is needed by policycoreutils-python-2.5-34.el7.x86_64libapol.so.4(VERS_4.0)(64bit) is needed by policycoreutils-python-2.5-34.el7.x86_64libcgroup is needed by policycoreutils-python-2.5-34.el7.x86_64libqpol.so.1()(64bit) is needed by policycoreutils-python-2.5-34.el7.x86_64libqpol.so.1(VERS_1.2)(64bit) is needed by policycoreutils-python-2.5-34.el7.x86_64libqpol.so.1(VERS_1.4)(64bit) is needed by policycoreutils-python-2.5-34.el7.x86_64libselinux-python is needed by policycoreutils-python-2.5-34.el7.x86_64libsemanage-python >= 2.5-14 is needed by policycoreutils-python-2.5-34.el7.x86_64policycoreutils = 2.5-34.el7 is needed by policycoreutils-python-2.5-34.el7.x86_64python-IPy is needed by policycoreutils-python-2.5-34.el7.x86_64setools-libs >= 3.3.8-4 is needed by policycoreutils-python-2.5-34.el7.x86_64附件六:iptables对外开放5151端口
sudo iptables -I INPUT -p tcp --dport 5151 -j ACCEPT
