linux环境下安装docker
1.安装环境要求
在 CentOS 7安装docker要求系统为64位、系统内核版本为 3.10 以上,可以使用以下命令查看
查看当前CentOS的版本:
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# lsb_release -a
LSB Version: :core-4.1-amd64:core-4.1-noarch
Distributor ID: CentOS
Description: CentOS Linux release 7.8.2003 (Core)
查看当前系统内核版本级位数
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# uname -r2. 用yum源安装
2.1 查看是否已安装docker列表
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# yum list installed | grep docker2.2 使用yum安装docker
-y表示不静默安装,直到安装成功,安装完后再次查看安装列表
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# yum -y install docker
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package docker.x86_64 2:1.13.1-161.git64e9980.el7_8 will be installed
--> Processing Dependency: docker-common = 2:1.13.1-161.git64e9980.el7_8 for package: 2:docker-1.13.1-161.git64e9980.el7_8.x86_64
......
subscription-manager-rhsm-certificates.x86_64 0:1.24.26-3.el7.centos usermode.x86_64 0:1.111-6.el7
yajl.x86_64 0:2.0.4-4.el7
Complete!
3. 启动docker 并查看状态
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# systemctl start docker
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
Active: active (running) since Mon 2020-06-29 13:39:51 CST; 18s ago
Docs: http://docs.docker.com
Main PID: 20999 (dockerd-current)
CGroup: /system.slice/docker.service
├─20999 /usr/bin/dockerd-current --add-runtime docker-runc=/usr/libexec/docker/docker-runc-current --default-runtime=docker-runc --exec-opt native.cgr...
└─21007 /usr/bin/docker-containerd-current -l unix:///var/run/docker/libcontainerd/docker-containerd.sock --metrics-interval=0 --start-timeout 2m --st...
Jun 29 13:39:51 iZ8vb4s55pp0vcgoosyy9vZ dockerd-current[20999]: time="2020-06-29T13:39:51.077856393+08:00" level=warning msg="Docker could not enable SELi...system"
Jun 29 13:39:51 iZ8vb4s55pp0vcgoosyy9vZ dockerd-current[20999]: time="2020-06-29T13:39:51.102776667+08:00" level=info msg="Graph migration to content-addr...econds"
Jun 29 13:39:51 iZ8vb4s55pp0vcgoosyy9vZ dockerd-current[20999]: time="2020-06-29T13:39:51.103149607+08:00" level=info msg="Loading containers: start."
Jun 29 13:39:51 iZ8vb4s55pp0vcgoosyy9vZ dockerd-current[20999]: time="2020-06-29T13:39:51.143690517+08:00" level=info msg="Firewalld running: false"
Jun 29 13:39:51 iZ8vb4s55pp0vcgoosyy9vZ dockerd-current[20999]: time="2020-06-29T13:39:51.202007507+08:00" level=info msg="Default bridge (docker0) is ass...ddress"
Jun 29 13:39:51 iZ8vb4s55pp0vcgoosyy9vZ dockerd-current[20999]: time="2020-06-29T13:39:51.229563832+08:00" level=info msg="Loading containers: done."
Jun 29 13:39:51 iZ8vb4s55pp0vcgoosyy9vZ dockerd-current[20999]: time="2020-06-29T13:39:51.255392835+08:00" level=info msg="Daemon has completed initialization"
Jun 29 13:39:51 iZ8vb4s55pp0vcgoosyy9vZ dockerd-current[20999]: time="2020-06-29T13:39:51.255422845+08:00" level=info msg="Docker daemon" commit="64e9980/...=1.13.1
Jun 29 13:39:51 iZ8vb4s55pp0vcgoosyy9vZ dockerd-current[20999]: time="2020-06-29T13:39:51.259429069+08:00" level=info msg="API listen on /var/run/docker.sock"
Jun 29 13:39:51 iZ8vb4s55pp0vcgoosyy9vZ systemd[1]: Started Docker Application Container Engine.
Hint: Some lines were ellipsized, use -l to show in
查看docker 当前版本
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# docker version
Client:
Version: 1.13.1
API version: 1.26
Package version: docker-1.13.1-161.git64e9980.el7_8.x86_64
Go version: go1.10.3
Git commit: 64e9980/1.13.1
Built: Tue Apr 28 14:43:01 2020
OS/Arch: linux/amd64
Server:
Version: 1.13.1
API version: 1.26 (minimum version 1.12)
Package version: docker-1.13.1-161.git64e9980.el7_8.x86_64
Go version: go1.10.3
Git commit: 64e9980/1.13.1
Built: Tue Apr 28 14:43:01 2020
OS/Arch: linux/amd64
Experimental: false
4. 升级docker(如果嫌弃版本低的话)
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# rpm -qa | grep docker4.1 移除系统中原有的rpm包
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# yum remove docker-1.13.1-161.git64e9980.el7_8.x86_64
Loaded plugins: fastestmirror, product-id, search-disabled-repos, subscription-manager
This system is not registered with an entitlement server. You can use subscription-manager to register.
No Match for argument: docker-1.13.1-161.git64e9980.el7_8.x86_64
No Packages marked for removal
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# yum remove docker-common-1.13.1-161.git64e9980.el7_8.x86_64
Loaded plugins: fastestmirror, product-id, search-disabled-repos, subscription-manager
This system is not registered with an entitlement server. You can use subscription-manager to register.
Resolving Dependencies
--> Running transaction check
---> Package docker-common.x86_64 2:1.13.1-161.git64e9980.el7_8 will be erased
--> Finished Dependency Resolution
Dependencies Resolved
====================================================================================================================================================================
Package Arch Version Repository Size
====================================================================================================================================================================
Removing:
docker-common x86_64 2:1.13.1-161.git64e9980.el7_8 @extras 4.4 k
Transaction Summary
====================================================================================================================================================================
Remove 1 Package
Installed size: 4.4 k
Is this ok [y/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Erasing : 2:docker-common-1.13.1-161.git64e9980.el7_8.x86_64 1/1
Verifying : 2:docker-common-1.13.1-161.git64e9980.el7_8.x86_64 1/1
Removed:
docker-common.x86_64 2:1.13.1-161.git64e9980.el7_8
Complete!
4.2 验证是否已经移除
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# docker
-bash: docker: command
4.3 安装 最新的docker
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# curl -fsSL https://get.docker.com/ | sh
# Executing docker install script, commit: 26ff363bcf3b3f5a00498ac43694bf1c7d9ce16c
+ sh -c 'yum install -y -q yum-utils'
+ sh -c 'yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo'
Loaded plugins: fastestmirror, product-id, subscription-manager
This system is not registered with an entitlement server. You can use subscription-manager to register.
adding repo from: https://download.docker.com/linux/centos/docker-ce.repo
grabbing file https://download.docker.com/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
repo saved to /etc/yum.repos.d/docker-ce.repo
+ '[' stable '!=' stable ']'
+ sh -c 'yum makecache'
Loaded plugins: fastestmirror, product-id, search-disabled-repos, subscription-manager
This system is not registered with an entitlement server. You can use subscription-manager to register.
Loading mirror speeds from cached hostfile
base | 3.6 kB 00:00:00
docker-ce-stable | 3.5 kB 00:00:00
epel | 4.7 kB 00:00:00
extras | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
(1/13): base/7/x86_64/other_db | 2.6 MB 00:00:00
(2/13): base/7/x86_64/filelists_db | 7.1 MB 00:00:00
(3/13): docker-ce-stable/x86_64/updateinfo | 55 B 00:00:00
(4/13): docker-ce-stable/x86_64/filelists_db | 21 kB 00:00:00
(5/13): docker-ce-stable/x86_64/primary_db | 45 kB 00:00:00
(6/13): epel/x86_64/filelists_db | 12 MB 00:00:00
(7/13): epel/x86_64/other_db | 3.3 MB 00:00:00
(8/13): updates/7/x86_64/filelists_db | 1.6 MB 00:00:00
(9/13): epel/x86_64/prestodelta | 75 B 00:00:00
(10/13): extras/7/x86_64/filelists_db | 205 kB 00:00:00
(11/13): updates/7/x86_64/other_db | 239 kB 00:00:00
(12/13): extras/7/x86_64/other_db | 122 kB 00:00:00
(13/13): docker-ce-stable/x86_64/other_db | 114 kB 00:00:00
Metadata Cache Created
+ '[' -n '' ']'
+ sh -c 'yum install -y -q docker-ce'
https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-19.03.12-3.el7.x86_64.rpm: [Errno 12] Timeout on https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-19.03.12-3.el7.x86_64.rpm: (28, 'Operation too slow. Less than 1000 bytes/sec transferred the last 30 seconds')
Trying other mirror.
warning: /var/cache/yum/x86_64/7/docker-ce-stable/packages/docker-ce-cli-19.03.12-3.el7.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY
Public key for docker-ce-cli-19.03.12-3.el7.x86_64.rpm is not installed
Importing GPG key 0x621E9F35:
Userid : "Docker Release (CE rpm) <docker@docker.com>"
Fingerprint: 060a 61c5 1b55 8a7f 742b 77aa c52f eb6b 621e 9f35
From : https://download.docker.com/linux/centos/gpg
If you would like to use Docker as a non-root user, you should now consider
adding your user to the "docker" group with something like:
sudo usermod -aG docker your-user
Remember that you will have to log out and back in for this to take effect!
WARNING: Adding a user to the "docker" group will grant the ability to run
containers which can be used to obtain root privileges on the
docker host.
Refer to https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface
for more
4.4 查看已经升级docker版本
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# docker version
Client: Docker Engine - Community
Version: 19.03.12
API version: 1.40
Go version: go1.13.10
Git commit: 48a66213fe
Built: Mon Jun 22 15:46:54 2020
OS/Arch: linux/amd64
Experimental: false
Server: Docker Engine - Community
Engine:
Version: 19.03.12
API version: 1.40 (minimum version 1.12)
Go version: go1.13.10
Git commit: 48a66213fe
Built: Mon Jun 22 15:45:28 2020
OS/Arch: linux/amd64
Experimental: false
4.5 docker 常用命令
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# systemctl start docker
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# systemctl status docker
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# service docker start#启动docker
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# service docker stop#停止docker
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# service docker restart#重启docker
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# docker update --restart=always redis # 设置镜像容器自启动
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# docker rmi 镜像名/镜像ID
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# docker restart [-i] 容器名/容器ID ## 重启容器
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# docker stop 容器名/容器ID (发送信号,等待停止)## 停止容器
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# docker kill 容器名/容器ID(直接停止)## 立即停止容器
查看镜像
docker images [OPTSIONS] [REPOSITORY]
-a --all=false 显示所有镜像,默认并不显示中间层的镜像
-f --filter=[] 显示时的过滤条件
--no-trunc=false 指定不使用截断的形式来显示数据,默认情况下我们用images查到的列表会截断镜像的唯一id
-q --quiet=false 只显示镜像的唯一id
删除镜像
docker rmi [OPTIONS] IMAGE [IMAGE...]
-f,--force=false 强制删除镜像
--no-prune=false 保留被删除镜像中被打标签的父镜像
启动容器
docker run IMAGE [COMMAND] [ARG...]
# IMAGE 是指启动容器所使用的操作系统镜像
# [COMMAND] [ARG...] 指的是容器启动后运行的命令及其参数
启动交互容器式
#启动交互式容器
docker run -i -t IMAGE /bin/bash
#退出交互式容器的bash,这样容器就会在后台运行
Ctrl+P+Q
在run命令中增加了两个参数 -i -t ,并在容器启动时运行bash命令
i --interactive=true | fasle 默认是false
用来告诉docker守护进程为容器始终打开标准输入
-t --tty = true | false
启动守护式容器
docker run -d 镜像名 [COMMAND] [ARG...]
# -d 是指以后台的形式运行命令
说白来就是后台运行
查看运行的容器
docker ps [-a] [-l]
[-a] 列出所有创建的容器
[-l]
查看容器详细配置
docker inspect CONTAINER_ID
删除停止的容器
docker rm 容器名/容器ID
-f : 通过SIGKILL信号强制删除一个运行中的容器
-v :
查看容器日志
docker logs [-f] [-t] [--tail] 容器名
-f --follows=true | false 默认为false,告诉logs命令一直跟踪日志的变化并返回结果
-t --timestamps=true | false 默认为false,在返回的结果上加上时间戳
--tail = "all" 是选择返回结尾处多少数量的日志,如果不指定的话就返回所有的日志
查看容器内进程
docker top在运行容器进程内启动新进程
docker exec [-d] [-i] [-t] 容器名 [COMMAND] [ARG...]
eg :
docker exec
获取容器、镜像元数据
docker inspect [OPTIONS] CONTAINER|IMAGE[CONTAINER|IMAGE...]
更多命令可以参考:https://www.runoob.com/docker/docker-command-manual.html
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# systemctl enable docker5. 配置国内镜像源
5.1 阿里云镜像源配置
sudo mkdir -p /etc/docker
sudo vim /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://duvzla6d.mirror.aliyuncs.com","https://docker.mirrors.ustc.edu.cn/","https://hub-mirror.c.163.com","https://registry.docker-cn.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
6. 常见错误
6.1 错误1
docker: Error response from daemon: driver failed programming external connectivity on endpoint rmqconsole (16f4dd3ba81e295353ea44aeba0979885660f4b6cebbe339e819da79b9126ae5): (iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 12581 -j DNAT --to-destination 172.17.0.5:8080 ! -i docker0: iptables: No chain/target/match by that name.
(exit status 1)).
解决:重启docker服务后再启动容器
systemctl restart docker
