docker_practice/install/centos.md

194 lines
5.4 KiB
Go
Raw Permalink Normal View History

# CentOS Docker
2014-09-05 07:49:58 +00:00
> Docker YUM 使 yum Docker.
##
2017-09-04 15:34:38 +00:00
###
2014-09-11 14:52:28 +00:00
Docker 64 CentOS 7/8 3.10 CentOS 7 `overlay2` 使
###
2017-09-04 03:17:39 +00:00
Docker `docker` `docker-engine`使
```bash
2017-09-04 03:17:39 +00:00
$ sudo yum remove docker \
2018-03-08 00:23:35 +00:00
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-selinux \
docker-engine-selinux \
docker-engine
```
## 使 yum
2017-09-04 03:17:39 +00:00
```bash
$ sudo yum install -y yum-utils
2017-09-04 03:17:39 +00:00
```
2017-12-08 16:12:02 +00:00
使
2017-09-04 03:17:39 +00:00
`yum`
2016-02-04 07:08:44 +00:00
```bash
2017-09-04 03:17:39 +00:00
$ sudo yum-config-manager \
--add-repo \
https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
2016-02-04 07:08:44 +00:00
$ sudo sed -i 's/download.docker.com/mirrors.aliyun.com\/docker-ce/g' /etc/yum.repos.d/docker-ce.repo
2017-09-04 15:34:38 +00:00
2017-12-08 16:12:02 +00:00
#
# $ sudo yum-config-manager \
# --add-repo \
# https://download.docker.com/linux/centos/docker-ce.repo
2017-09-04 03:17:39 +00:00
```
Docker
2017-09-04 03:17:39 +00:00
```bash
2018-07-20 01:31:19 +00:00
$ sudo yum-config-manager --enable docker-ce-test
2017-09-04 03:17:39 +00:00
```
### Docker
2017-09-04 03:17:39 +00:00
`yum` `docker-ce`
```bash
$ sudo yum install docker-ce docker-ce-cli containerd.io
2017-09-04 03:17:39 +00:00
```
## CentOS8
CentOS8 使 `nftables` Docker `nftables` 使使 `iptables`
`/etc/firewalld/firewalld.conf`
```bash
# FirewallBackend=nftables
FirewallBackend=iptables
```
```bash
$ firewall-cmd --permanent --zone=trusted --add-interface=docker0
$ firewall-cmd --reload
```
## 使
2017-09-04 03:17:39 +00:00
Docker 便CentOS 使 `--mirror` 使
2017-09-04 03:17:39 +00:00
> Docker, test.docker.com
2017-09-04 03:17:39 +00:00
```bash
# $ curl -fsSL test.docker.com -o get-docker.sh
2017-09-04 03:17:39 +00:00
$ curl -fsSL get.docker.com -o get-docker.sh
$ sudo sh get-docker.sh --mirror Aliyun
# $ sudo sh get-docker.sh --mirror AzureChinaCloud
2017-09-04 03:17:39 +00:00
```
Docker (stable)
2017-09-04 03:17:39 +00:00
## Docker
```bash
$ sudo systemctl enable docker
$ sudo systemctl start docker
2014-09-11 14:52:28 +00:00
```
## docker
`docker` 使 [Unix socket](https://en.wikipedia.org/wiki/Unix_domain_socket) 与 Docker 引擎通讯。而只有 `root` 用户和 `docker` 组的用户才可以访问 Docker 引擎的 Unix socket。出于安全考虑一般 Linux 系统上不会直接使用 `root` 用户。因此,更好地做法是将需要使用 `docker` 的用户加入 `docker` 用户组。
2016-02-04 07:08:44 +00:00
`docker`
2016-02-04 07:08:44 +00:00
```bash
$ sudo groupadd docker
2014-09-05 07:49:58 +00:00
```
2016-02-04 07:08:44 +00:00
`docker`
```bash
$ sudo usermod -aG docker $USER
```
退
## Docker
```bash
$ docker run --rm hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
b8dfde127a29: Pull complete
Digest: sha256:308866a43596e83578c7dfa15e27a73011bdd402185a84c5cd7f32a88b501a24
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
2018-10-21 01:51:36 +00:00
https://hub.docker.com/
For more examples and ideas, visit:
2018-10-21 01:51:36 +00:00
https://docs.docker.com/get-started/
```
##
2017-09-04 03:17:39 +00:00
2019-01-06 02:00:38 +00:00
使 Docker Docker [](mirror.md)
2017-09-04 03:17:39 +00:00
##
2017-09-04 15:34:38 +00:00
CentOS 使 Docker
2017-09-04 15:34:38 +00:00
```bash
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
```
```bash
$ sudo tee -a /etc/sysctl.conf <<-EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
```
`sysctl.conf`
```bash
$ sudo sysctl -p
```
##
2018-10-21 01:51:36 +00:00
* [Docker CentOS ](https://docs.docker.com/install/linux/docker-ce/centos/)。
* https://firewalld.org/2018/07/nftables-backend
* https://github.com/moby/libnetwork/issues/2496