支持前缀替换的 Registry
源站 | 替换为 |
---|---|
cr.l5d.io | l5d.m.daocloud.io |
docker.elastic.co | elastic.m.daocloud.io |
docker.io | docker.m.daocloud.io |
gcr.io | gcr.m.daocloud.io |
ghcr.io | ghcr.m.daocloud.io |
k8s.gcr.io | k8s-gcr.m.daocloud.io |
registry.k8s.io | k8s.m.daocloud.io |
mcr.microsoft.com | mcr.m.daocloud.io |
nvcr.io | nvcr.m.daocloud.io |
quay.io | quay.m.daocloud.io |
registry.jujucharms.com | jujucharms.m.daocloud.io |
rocks.canonical.com | rocks-canonical.m.daocloud.io |
1、基于centos7
#!/usr/bin/env bash
install_docker(){
docker version &>/dev/null
if [ $? -eq 0 ];then
echo "docekr already installed"
exit 0
fi
if [ $UID -ne 0 ];then
echo "Permission denied"
exit 1
fi
yum -y install yum-utils device-mapper-persistent-data lvm2 yum-utils
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum makecache fast
yum -y install docker-ce-18.06.3.ce-3.el7
systemctl start docker.service
systemctl enable docker.service
mkdir -p /etc/docker
cat > /etc/docker/daemon.json <<EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"registry-mirrors": ["https://t3xbrfwz.mirror.aliyuncs.com"],
"live-restore": true
}
EOF
systemctl daemon-reload
systemctl restart docker
groupadd docker
useradd docker -g docker
echo "docker" | passwd --stdin docker
}
groupadd docker
useradd docker -g docker
echo "docker" | passwd --stdin docker
install_docker
2、基于ubuntu安装
#!/usr/bin/env bash
install_docker(){
docker version &>/dev/null
if [ $? -eq 0 ];then
echo "docekr already installed"
exit 0
fi
if [ $UID -ne 0 ];then
echo "Permission denied"
exit 1
fi
apt-get -y install apt-transport-https ca-certificates curl software-properties-common
curl -fsSL http://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
add-apt-repository "deb [arch=amd64] http://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
apt-get -y update
apt-cache madison docker-ce
apt-get -y install docker-ce=18.06.1~ce~3-0~ubuntu
mkdir -p /etc/docker
cat > /etc/docker/daemon.json <<EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"registry-mirrors": ["https://t3xbrfwz.mirror.aliyuncs.com"],
"live-restore": true
}
EOF
systemctl daemon-reload && systemctl start docker && systemctl enable docker
groupadd docker
useradd docker -G docker
echo "docker" | passwd --stdin docker
}
install_docker
3、建议配置使用systemd以及限制日志的大小,指定存储类型
cat > /etc/docker/daemon.json <<EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
},
"max-concurrent-downloads": 30,
"max-concurrent-uploads": 15,
"registry-mirrors": ["https://t3xbrfwz.mirror.aliyuncs.com"],
"live-restore": true
EOF
离线部署
1、下载离线包
wget https://download.docker.com/linux/static/stable/x86_64/docker-23.0.6.tgz
2、部署docker
tar -xf docker-23.0.6.tgz
cp docker/* /usr/bin/
vi /etc/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
ExecStart=/usr/bin/dockerd --selinux-enabled=false --insecure-registry=127.0.0.1
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TimeoutStartSec=0
Delegate=yes
KillMode=process
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target
chmod 777 /etc/systemd/system/docker.service
systemctl daemon-reload && systemctl enable docker.service
systemctl restart docker
mkdir -p /data/docker-datafs/docker
mkdir -p /etc/docker
vi /etc/docker/daemon.json
{
"data-root": "/data/docker-datafs/docker",
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"max-concurrent-downloads": 30,
"max-concurrent-uploads": 15,
"registry-mirrors": ["https://t3xbrfwz.mirror.aliyuncs.com"],
"live-restore": true
}
systemctl stop docker
cd /data/docker-datafs/docker
cp /var/lib/docker/* /data/docker-datafs/docker/
cp -a /var/lib/docker-delete/* /data/docker-datafs/docker/
mv /var/lib/docker /var/lib/docker-delete
systemctl daemon-reload && systemctl restart docker
4、支持buildx
1、安装buildx二进制包
mkdir -p ~/.docker/cli-plugins
wget https://mirror.ghproxy.com/https://github.com/docker/buildx/releases/download/v0.14.0/buildx-v0.14.0.linux-amd64
mv buildx-v0.14.0.linux-amd64 ~/.docker/cli-plugins/docker-buildx
chmod a+x ~/.docker/cli-plugins/docker-buildx
2、激活特性
cat /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"max-concurrent-downloads": 30,
"max-concurrent-uploads": 15,
"registry-mirrors": ["https://t3xbrfwz.mirror.aliyuncs.com"],
"live-restore": true,
"experimental": true #开启此特性
}
3、重启docker
systemctl daemon-reload
systemctl restart docker
docker buildx ls
4、安装qemu-user-static(qemu-user-static 用来模拟多平台环境,它依赖于binfmt-support,所以这两者都要安装。)
apt install -y qemu-user-static binfmt-support
5、通知docker使用qemu
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
6、创建Buildx构建容器
#创建构建容器
docker buildx create --name infrabuilder
#buildx使用构建容器
docker buildx use infrabuilder
#初始化构建容器
docker buildx inspect --bootstrap
#当初始化成功,会拉下来moby/buildkit:buildx-stable-1的镜像,并启动构建容器。通过 docker ps 查看如下:
docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
116905f3c7d1 moby/buildkit:buildx-stable-1 "buildkitd --allow-i…" About a minute ago Up About a minute buildx_buildkit_infrabuilder0
7、调整Dockerfile接收平台相关参数
为确保构建容器能拉取到正确平台的基础镜像,可显式在FROM后指定平台参数 TARGETPLATFORM 或 BUILDPLATFORM,由buildx自动传递。
FROM --platform=$TARGETPLATFORM 基础镜像名:TAG
.... 其他内容
同时构建X86_64与ARM64镜像,构建并直接推送到指定仓库
docker buildx build -t 镜像仓库地址/镜像名:TAG --platform linux/amd64,linux/arm64 . --push
构建并导出到本地Docker images中
docker buildx build -t 镜像仓库地址/镜像名:TAG --platform linux/arm64 . --load
导出的镜像如果与当前运行环境平台不同,是无法直接启动的,可以导出(docker save)传输到合适的平台上运行。