Debian 11(apt系 )docker安装
apt系(Debian 11)安装Docker
参考:
- docker debian安装教程:https://docs.docker.com/engine/install/debian/
- 使用非roor用户组运行docker: https://docs.docker.com/compose/completion/
- docker compose安装教程:https://docs.docker.com/compose/completion/
1. 卸载旧版本docker(如果安装过的话)
sudo apt remove docker docker-engine docker.io containerd runc
2. 安装docker
- 更新apt包索引
sudo apt-get update
- 安装允许 apt 通过 HPPTS 使用仓库的依赖包
sudo apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg \
lsb-release
- 添加docker官方GPG密钥
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
- 配置仓库 添加
Docker软件源 (二选一,国外机子选官方源,国内机子选阿里源)
配置仓库 添加Docker软件源 (国外官方源)
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
配置仓库 添加Docker软件源 (国内镜像阿里源)
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://mirrors.aliyun.com/docker-ce/linux/debian \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
- 再次更新apt包索引
sudo apt update
- 安装最新版本的
Docker Engine,containerd,Docker Compose
sudo apt install docker-ce docker-ce-cli containerd.io docker-compose-plugin
或者使用 .deb 包手动安装(离线安装)
官方下载地址 https://download.docker.com/linux/debian/dists
使用阿里镜像地址 https://mirrors.aliyun.com/docker-ce/linux/debian/dists/
选择版本 Debian 11 bullseye
再选 pool
再选稳定版 stable
再选 CPU 架构 amd64
下载相应的版本 例如:
curl -O https://mirrors.aliyun.com/docker-ce/linux/debian/dists/bullseye/pool/stable/amd64/docker-ce_20.10.16~3-0~debian-bullseye_amd64.deb
curl -O https://mirrors.aliyun.com/docker-ce/linux/debian/dists/bullseye/pool/stable/amd64/docker-ce-cli_20.10.16~3-0~debian-bullseye_amd64.deb
curl -O https://mirrors.aliyun.com/docker-ce/linux/debian/dists/bullseye/pool/stable/amd64/containerd.io_1.6.4-1_amd64.deb
curl -O https://mirrors.aliyun.com/docker-ce/linux/debian/dists/bullseye/pool/stable/amd64/docker-compose-plugin_2.5.0~debian-bullseye_amd64.deb
安装本地包
sudo dpkg -i docker-ce_20.10.16~3-0~debian-bullseye_amd64.deb \
docker-ce-cli_20.10.16~3-0~debian-bullseye_amd64.deb \
docker-compose-plugin_2.5.0~debian-bullseye_amd64.deb \
containerd.io_1.6.4-1_amd64.deb
3. 通过运行 hello-world 镜像验证 Docker Engine 安装是否成功:
sudo docker run hello-world
输出一下内容,表示安装成功
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
2db29710123e: Pull complete
Digest: sha256:80f31da1ac7b312ba29d65080fddf797dd76acfb870e677f390d5acba9741b17
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
4. 以非 root 用户身份管理 Docker
Docker 守护进程绑定到 Unix 套接字而不是 TCP 端口。默认情况下,Unix 套接字归 root 用户所有,其他用户只能使用 sudo. Docker 守护程序始终以 root 用户身份运行。
如果您不想在 docker 命令前加上 sudo,请创建一个名为 Unix 组 docker 并将用户添加到其中。当 Docker 守护进程启动时,它会创建一个可供 docker 组成员访问的 Unix 套接字。
docker 组授予与 root 用户等效的权限。
不加 sudo 会提示拒绝访问 permission denied
docker run hello-world
docker: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/create": dial unix /var/run/docker.sock: connect: permission denied.
See 'docker run --help'.
- 创建 docker 组(可跳过)
安装 docker 后会自动创建 docker 组 但未向其中添加任何用户 需要使用 sudo 来运行 docker 命令
sudo groupadd docker
- 将 xx 用户添加到 docker 组中
sudo usermod -aG docker xx
- 切换用户当前登录所在组(或注销重新登录) 验证不使用 sudo 时是否可以使用 docker 命令
newgrp docker
5. Docker Hub 镜像加速
国内从 DockerHub 拉取镜像太慢 可以使用加速器提升获取 Docker 官方镜像的速度
未加速 52 秒
time docker pull debian
Using default tag: latest
latest: Pulling from library/debian
67e8aa6c8bbc: Pull complete
Digest: sha256:6137c67e2009e881526386c42ba99b3657e4f92f546814a33d35b14e60579777
Status: Downloaded newer image for debian:latest
docker.io/library/debian:latest
real 0m51.981s
user 0m0.009s
sys 0m0.046s
配置加速器 以阿里云为例
- 登录阿里云
- 进入控制台
- 搜索
容器镜像服务 - 镜像工具
- 镜像加速器 查看
个人专属加速器地址(每个人的地址都不一样) 并按说明配置镜像加速器
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://***.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
删除镜像再次拉取 20 秒
time docker pull debian
Using default tag: latest
latest: Pulling from library/debian
0e29546d541c: Pull complete
Digest: sha256:2906804d2a64e8a13a434a1a127fe3f6a28bf7cf3696be4223b06276f32f1f2d
Status: Downloaded newer image for debian:latest
docker.io/library/debian:latest
real 0m19.556s
user 0m0.004s
sys 0m0.017s
6. docker 命令 tab 自动补全
示例 docker run h 按 tab 会自动补全后面的 ello-world
示例 docker r 按 2 下 tab 会自动打印匹配的选项 rename restart rm rmi run
如果不能自动补全 需要安装 bash 自动补全工具 bash-completion
sudo apt install bash-completion
docker compose 命令行补全需要安装脚本
sudo curl \
-L https://raw.githubusercontent.com/docker/compose/v2.5.0/contrib/completion/bash/docker-compose \
-o /etc/bash_completion.d/docker-compose
如果提示
curl: (7) Failed to connect to raw.githubusercontent.com port 443: 拒绝连接
一般是 DNS 问题 无法解析域名 一般手动配置 DNS 即可解决,或者加上镜像代理下载
sudo curl \
-L https://ghproxy.com/https://raw.githubusercontent.com/docker/compose/v2.5.0/contrib/completion/bash/docker-compose \
-o /etc/bash_completion.d/docker-compose
