ehlxr
/
docker_practice
mirror of https://github.com/yeasy/docker_practice
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
docker_practice/install/centos.md

194 lines
5.4 KiB
Go
Raw Permalink Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

# CentOS Docker
> Docker YUM 使 yum Docker.
##
###
Docker 64 CentOS 7/8 3.10 CentOS 7 `overlay2` 使
###
Docker `docker` `docker-engine`使
```bash
$ sudo yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-selinux \
docker-engine-selinux \
docker-engine
```
## 使 yum
```bash
$ sudo yum install -y yum-utils
```
使
`yum`
```bash
$ sudo yum-config-manager \
--add-repo \
https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
$ sudo sed -i 's/download.docker.com/mirrors.aliyun.com\/docker-ce/g' /etc/yum.repos.d/docker-ce.repo
# 官方源
# $ sudo yum-config-manager \
# --add-repo \
# https://download.docker.com/linux/centos/docker-ce.repo
```
Docker
```bash
$ sudo yum-config-manager --enable docker-ce-test
```
### Docker
`yum` `docker-ce`
```bash
$ sudo yum install docker-ce docker-ce-cli containerd.io
```
## CentOS8
CentOS8 使 `nftables` Docker `nftables` 使使 `iptables`
`/etc/firewalld/firewalld.conf`
```bash
# FirewallBackend=nftables
FirewallBackend=iptables
```
```bash
$ firewall-cmd --permanent --zone=trusted --add-interface=docker0
$ firewall-cmd --reload
```
## 使
Docker 便CentOS 使 `--mirror` 使
> Docker, test.docker.com
```bash
# $ curl -fsSL test.docker.com -o get-docker.sh
$ curl -fsSL get.docker.com -o get-docker.sh
$ sudo sh get-docker.sh --mirror Aliyun
# $ sudo sh get-docker.sh --mirror AzureChinaCloud
```
Docker (stable)
## Docker
```bash
$ sudo systemctl enable docker
$ sudo systemctl start docker
```
## docker
`docker` 使 [Unix socket](https://en.wikipedia.org/wiki/Unix_domain_socket) 与 Docker 引擎通讯。而只有 `root` 用户和 `docker` 组的用户才可以访问 Docker 引擎的 Unix socket。出于安全考虑一般 Linux 系统上不会直接使用 `root` 用户。因此,更好地做法是将需要使用 `docker` 的用户加入 `docker` 用户组。
`docker`
```bash
$ sudo groupadd docker
```
`docker`
```bash
$ sudo usermod -aG docker $USER
```
退
## Docker
```bash
$ docker run --rm hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
b8dfde127a29: Pull complete
Digest: sha256:308866a43596e83578c7dfa15e27a73011bdd402185a84c5cd7f32a88b501a24
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
```
##
使 Docker Docker [](mirror.md)
##
CentOS 使 Docker
```bash
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
```
```bash
$ sudo tee -a /etc/sysctl.conf <<-EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
```
`sysctl.conf`
```bash
$ sudo sysctl -p
```
##
* [Docker CentOS ](https://docs.docker.com/install/linux/docker-ce/centos/)。
* https://firewalld.org/2018/07/nftables-backend
* https://github.com/moby/libnetwork/issues/2496
Reference in New Issue View Git Blame Copy Permalink