Docker离线安装
安装docker
安装步骤如下:
- (1)拷贝docker 到 /usr/bin
- (2)修改Docker存储路径
service docker stop
cd /var/lib/
mv docker/*/home/dockerfile
rm -rf docker
- (3)进入/home/dockerfile创建软连接
ln -s/home/dockerfile/ /var/lib/docker
service docker start
开启远程访问
打开服务配置文件
vi /lib/systemd/system/docker.service
在文件中添加以下内容
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
ExecStart=
ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock
[Install]
WantedBy=multi-user.target
开启docker随系统启动模式
systemctl enable docker
配置仓库管理地址
这个步骤主要用于开启docker 仓库,如果您不需要将服务器作为docker仓库,可以跳过这个步骤。
echo 'export DOCKER_HOST=tcp://0.0.0.0:2375' >> /etc/profile
source /etc/profile
创建docker仓库
docker pull registry
docker run -d -p 5000:5000 --restart=always --privileged=true -v /opt/registry:/tmp/registry registry ```
## 参数说明
* -d
后台执行
* -p
端口映射, 宿主机80端口映射给容器的5000端口
* --restart=always
容器意外关闭后, 自动重启(如果重启docker服务, 带这个参数的, 能自动启动为Up状态, 不带这个的,不会自动启动)
* -v /opt/registry:/tmp/registry
默认情况下,会将仓库存放于容器内的/tmp/registry目录下,指定本地目录挂载到容器
* -privileged=true
在CentOS7中,安全模块selinux把权限禁掉了,参数给容器加特权,如果不加上这个参数,在传镜像的过程中会报权限错误(OSError: [Errno 13] Permission denied: ‘/tmp/registry/repositories/liibrary’)或者(Received unexpected HTTP status: 500 Internal Server Error)
## 镜像仓库配置
修改/etc/sysconfig/docker,在已有参数的在后面追加增加以下启动选项 ,保存并重启docker。
* CentOS 7系统 OPTIONS='--insecure-registry 192.168.44.240:5000'
* CentOS 6系统 other_args='--insecure-registry 192.168.44.240:5000'
通过修改以上配置,让你的私有仓库支持 http,因为从 docker1.3.2 开始,docker registry 默认都是使用 https 协议而不使用 http