centos8 安装docker_CentOS下使用Docker常见问题及处理方法

在使用Docker的过程中会遇到各种各样的问题，下面是CentOS下使用Docker部分常见问题及处理方法的简单汇总，供参考。

1、CentOS下安装Docker

一般不建议使用系统yum源来安装，因为CentOS软件仓库里的docker版本太旧；

源码安装步骤稍显复杂，不适合初学者；

如果没有特殊需求，通常建议安装最新的Docker稳定版本，在线安装时需要先安装docker官方的yum配置包：

SET UP THE REPOSITORY

Install the yum-utils package (which provides the yum-config-manager utility) and set up the stable repository.

$ sudo yum install -y yum-utils$ sudo yum-config-manager \--add-repo \
    https://download.docker.com/linux/centos/docker-ce.repo

详见https://docs.docker.com/engine/install/centos/

如果是离线安装，可以参考：

(1)CentOS7离线安装docker最新稳定版

(2)CentOS8上离线安装Docker最新稳定版

2、容器开机自启动的实现

首先需要保证docker服务本身是自启动的；

其次是创建容器时加上参数--restart=always(这个最常用)，例如：

docker run -d --name Redis --restart=always -p 6379:6379 redis

如果创建时未指定 --restart=always，可通过update命令追加：

docker update --restart=always xxx

使用--restart=always要注意：务必在验证容器能正常启动后再添加此参数，不然创建容器后不断重启可能影响问题排查。

官方说明：

Use a restart policy

To configure the restart policy for a container, use the --restart flag when using the docker run command. The value of the --restart flag can be any of the following:

Flag        Description

no            --Do not automatically restart the container. (the default)

on-failure --Restart the container if it exits due to an error, which manifests as a non-zero exit code.

always     --Always restart the container if it stops. If it is manually stopped, it is restarted only when Docker daemon restarts or the container itself is manually restarted. (See the second bullet listed in restart policy details)

unless-stopped --Similar to always, except that when the container is stopped (manually or otherwise), it is not restarted even after Docker daemon restarts.

来源：

https://docs.docker.com/config/containers/start-containers-automatically/

3、停止所有容器的方法

一般建议使用下面的命令

docker stop $(docker ps -a -q)

或者docker stop `docker ps -a -q`

在命令行/终端执行时可以用下面的命令停止全部正在运行的容器

docker stop $(docker ps -q)

或者docker stop `docker ps -q`

但这样存在一种风险，即没有正在运行的容器时命令会报错，特别是在Jenkins等工具中调用时可能导致流水线中途退出。

实例：

[root@CentOS8 jenkins]# docker ps

CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES

[root@CentOS8 jenkins]# docker stop `docker ps -q`

"docker stop" requires at least 1 argument.

See 'docker stop --help'.

Usage:  docker stop [OPTIONS] CONTAINER [CONTAINER...]

Stop one or more running containers

[root@CentOS8 jenkins]# docker stop $(docker ps -q)

"docker stop" requires at least 1 argument.

See 'docker stop --help'.

Usage:  docker stop [OPTIONS] CONTAINER [CONTAINER...]

Stop one or more running containers

[root@CentOS8 jenkins]# 

4、Docker容器命名(container name)

[root@CentOS78 data]# docker run -d --name h+ -p 20080:80 -v /data/docker/h+:/usr/share/nginx/html/h+ hub.c.163.com/library/nginx:latest

docker: Error response from daemon: Invalid container name (h+), only [a-zA-Z0-9][a-zA-Z0-9_.-] are allowed.

See 'docker run --help'.

[root@CentOS78 data]# 

这是容器名称(container name)不符合要求，不支持-_.之外的特殊字符。

5、进入容器查看时的shell类型

不一定都是常用的bash，也可能是sh甚至其它的zsh等

[root@CentOS78 build01]# docker exec -it build01_web_1

"docker exec" requires at least 2 arguments.

See 'docker exec --help'.

Usage:  docker exec [OPTIONS] CONTAINER COMMAND [ARG...]

Run a command in a running container

[root@CentOS78 build01]# docker exec -it build01_web_1 bash

OCI runtime exec failed: exec failed: container_linux.go:349: starting container process caused "exec: \"bash\": executable file not found in $PATH": unknown

[root@CentOS78 build01]#

[root@CentOS78 build01]# docker exec -it build01_web_1 sh

/code # ls

Dockerfile          __pycache__         app.py              docker-compose.yml  requirements.txt

/code #

6、启动容器报错XX requires increasing mmap counts.

[root@CentOS78 ~]# docker logs -f 803c17171ee2

ERROR: As of 5.0.0 Elasticsearch requires increasing mmap counts.

Refer to https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html

[root@CentOS78 ~]# 

这个问题跟系统参数有关

参考：

https://blog.csdn.net/lyj1101066558/article/details/54345884

解决办法：

root下执行

sysctl -w vm.max_map_count=262144

[root@CentOS78 ~]# sysctl -w vm.max_map_count=262144

vm.max_map_count = 262144

[root@CentOS78 ~]# sysctl -p

net.bridge.bridge-nf-call-ip6tables = 1

net.bridge.bridge-nf-call-iptables = 1

net.bridge.bridge-nf-call-arptables = 1

[root@CentOS78 ~]# cat /etc/sysctl.conf 

# sysctl settings are defined through files in

# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.

#

# Vendors settings live in /usr/lib/sysctl.d/.

# To override a whole file, create a new file with the same in

# /etc/sysctl.d/ and put new settings there. To override

# only specific settings, add a file with a lexically later

# name in /etc/sysctl.d/ and put new settings there.

#

# For more information, see sysctl.conf(5) and sysctl.d(5).

net.bridge.bridge-nf-call-ip6tables = 1

net.bridge.bridge-nf-call-iptables = 1

net.bridge.bridge-nf-call-arptables = 1

[root@CentOS78 ~]# vi /etc/sysctl.conf 

[root@CentOS78 ~]# sysctl -p

net.bridge.bridge-nf-call-ip6tables = 1

net.bridge.bridge-nf-call-iptables = 1

net.bridge.bridge-nf-call-arptables = 1

vm.max_map_count = 262144

[root@CentOS78 ~]# 

之后再次尝试启动容器，可以成功启动了

7、拉取镜像报错XXX:latest not found: manifest unknown: manifest unknown

[root@CentOS78 ~]# docker pull elasticsearch

Using default tag: latest

latest: Pulling from library/elasticsearch

Image docker.io/library/elasticsearch:latest uses outdated schema1 manifest format. Please upgrade to a schema2 image for better future compatibility. More information at https://docs.docker.com/registry/spec/deprecated-schema-v1/

05d1a5232b46: Downloading 

5cee356eda6b: Downloading 

89d3385f0fd3: Downloading

65dd87f6620b: Downloading 

78a183a01190: Downloading 

1a4499c85f97: Downloading 

2c9d39b4bfc1: Downloading [==============>                                    ]  35.83MB/122.1MB

1b1cec2222c9: Downloading 

59ff4ce9df68: Download complete 

1976bc3ee432: Download complete 

5af49e8af381: Download complete 

42c8b75ff7af: Download complete 

7e6902915254: Download complete

99853874fa54: Download complete 

596fbad6fcff: Download complete 

manifest for elasticsearch:latest not found: manifest unknown: manifest unknown

[root@CentOS78 ~]# 

[root@CentOS78 ~]# docker pull elastic/logstash

Using default tag: latest

Error response from daemon: manifest for elastic/logstash:latest not found: manifest unknown: manifest unknown

[root@CentOS78 ~]#

这是表示相关镜像没有tag为lastest的版本。

解决的方法，就是使用下面的格式：

docker pull IMAGE:tag

用docker search XX是看不到tag信息的。

不知道tag具体是什么的话，可以到https://hub.docker.com/search?q=&type=image搜索镜像并查看相关信息，比如ELK的3个组件，官方镜像都没有default tag: latest，tag都是具体的版本号：

docker pull elasticsearch:7.9.2

docker pull logstash:7.9.2

docker pull kibana:7.9.2

(用上面这样的命令拉取就不会报错了)

tag查询页面：

https://hub.docker.com/_/elasticsearch?tab=tags

https://hub.docker.com/_/logstash?tab=tags

https://hub.docker.com/_/kibana?tab=tags