Centos下docker离线安装
在内网环境下,一般不能联网能在线部署,这时候就需要以离线的方式安装docker。本节内容主要总结记录离线安装docker的步骤。
- 下载docker安装包
官方地址:https://download.docker.com/linux/static/stable/x86_64/docker-19.03.9.tgz
其他地址:https://download.docker.com/linux/static/stable/x86_64/
- 离线docker安装
// 将安装包文件上传到服务器目录并解压
[root@T-AICS-WEB docker]# ls
docker-19.03.9.tgz
[root@T-AICS-WEB docker]# ls
docker-19.03.9.tgz docker-compose-linux-x86_64
[root@T-AICS-WEB docker]# ls
docker-19.03.9.tgz docker-compose-linux-x86_64
[root@T-AICS-WEB docker]# tar -zxvf docker-19.03.9.tgz
docker/
docker/docker-init
docker/runc
docker/docker
docker/docker-proxy
docker/containerd
docker/ctr
docker/dockerd
docker/containerd-shim
// 将解压出来的docker文件内容移动到 /usr/bin/ 目录下
[root@T-AICS-WEB docker]# cp docker/* /usr/bin/
- 将docker注册为service,在/etc/systemd/system目录下创建docker.service文件,并配置如下内容保存。
[root@~]#vim /etc/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target
- 修改docker工作目录(守护进程)
/etc/docker/daemon.json文件值,文件不存在需手动创建
# vi /etc/docker/daemon.json
新增以下信息:
{
"data-root": "/app/docker/data"
}
- 设置开机启动
设置开机启动
#systemctl enable docker
添加文件权限并启动docker,执行如下命令:
chmod +x /etc/systemd/system/docker.service #添加文件权限
systemctl daemon-reload #重载unit配置文件
systemctl start docker #启动Docker
systemctl enable docker.service #设置开机自启
验证docker安装是否成功:
systemctl status docker #查看Docker状态
docker -v
docker info
常见问题:
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.24/images/json: dial unix /var/run/docker.sock: connect: permission denied
解决方法
docker进程使用 Unix Socket 而不是 TCP 端口。而默认情况下,Unix socket 属于 root 用户,因此需要**root**权限 才能访问。
sudo groupadd docker #添加docker用户组
sudo gpasswd -a $XXX docker #检测当前用户是否已经在docker用户组中,其中XXX为用
户名,例如我
sudo gpasswd -a blekey docker
sudo gpasswd -a $USER docker #将当前用户添加至docker用户组
newgrp docker #更新docker用户组
需要生效的话需要重启**docker**服务
systemctl restart docker
如果还不行检查 /var/run/docker.sock
如果是这种需要修改
chown root:docker docker.sock
docker info 出现
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
解决办法:
vi /etc/sysctl.conf
添加以下内容
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
最后再执行
sysctl -p
此时docker info就看不到此报错了
Centos下docker-compose离线安装
官网地址:https://github.com/docker/compose/releases
sudo mv docker-compose-Linux-x86_64 /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
docker-compose -v
最后使用 docker-compose -v 命令测试是否安装成功(如果提示“没有那个文件或目录”可以重启下服务器再试试)
注意:docker与docker-compose版本需兼容,否则启动容器将失败