linux安装docker

以下命令均以root权限执行

卸载docker旧版本

yum remove docker docker-client docker-client-latest docker-common docker-latest docker-latest-logrotate docker-logrotate docker-selinux docker-engine-selinux docker-engine

安装相关工具类

yum install -y yum-utils device-mapper-persistent-data lvm2

配置阿里云的仓库

yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

安装docker

yum install docker-ce

执行安装docker

yum install docker-ce
 
Installed:
  docker-ce.x86_64 0:18.03.0.ce-1.el7.centos
 
Dependency Installed:
  audit-libs-python.x86_64 0:2.7.6-3.el7 checkpolicy.x86_64 0:2.5-4.el7   container-selinux.noarch 2:2.42-1.gitad8f0f7.el7 libcgroup.x86_64 0
  libtool-ltdl.x86_64 0:2.4.2-22.el7_3   pigz.x86_64 0:2.3.3-1.el7.centos policycoreutils-python.x86_64 0:2.5-17.1.el7     python-IPy.noarch
 
Complete!

启动docker

systemctl start docker

验证docker

docker run hello-world

出现以下内容则表示安装成功

Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
9bb5a5d4561a: Pull complete
Digest: sha256:f5233545e43561214ca4891fd1157e1c3c563316ed8e237750d59bde73361e77
Status: Downloaded newer image for hello-world:latest
 
Hello from Docker!
This message shows that your installation appears to be working correctly.
 
To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
    (amd64)
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.
 
To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash
 
Share images, automate workflows, and more with a free Docker ID:
 https://hub.docker.com/
 
For more examples and ideas, visit:

设置开机自启

chkconfig docker on

升级docker ce

yum -y upgrade

配置国内镜像与存储目录

vim /etc/docker/daemon.json

registry-mirrors 为镜像地址

docker 版本<20 graph 为存储目录建议不要使用默认的否则空间会不够用

docker 版本>20 graph已经弃用需使用 data-root

{
  "registry-mirrors": [
    "https://docker.m.daocloud.io",
    "https://docker.nju.edu.cn",
    "https://dockerproxy.com"
  ],
  "data-root": "/home/docker"
}

重启docker

systemctl daemon-reload
systemctl restart docker

Linux 安装 docker-compose

从狮子大佬gitee中下载resources: 一些静态资源存储666 (gitee.com)

下载好之后上传到系统 /usr/local/bin 目录并改名为 docker-compose

授权

chmod +x /usr/local/bin/docker-compose

检查版本

1.27.4

docker-compose -version

2.2.2

docker-compose version

docker 开启端口 2375 供外部程序访问 (不推荐,容易被黑客利用)

重点 : 写在最前面,该方法有漏洞,容易被黑客远程放入挖矿机镜像,开启需做好防范

推荐使用 CA加密端口或者使用 SSH 转发端口

推荐使用 CA加密端口或者使用 SSH 转发端口

docker服务文件位置 /usr/lib/systemd/system/docker.service

编辑 docker.service

找到Service标签下的ExecStart属性

注释掉原来的 , 添加如下内容

ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock --containerd=/run/containerd/containerd.sock

重新加载配置并重启docker服务

systemctl daemon-reload
systemctl restart docker.service

记得关闭防火墙或者在防火墙放行2375端口

systemctl stop firewalld.service

__EOF__

本文作者：小懒猫
本文链接：https://www.cnblogs.com/SXLM/p/18281338.html
关于博主：评论和私信会在第一时间回复。或者直接私信我。
版权声明：本博客所有文章除特别声明外，均采用 BY-NC-SA 许可协议。转载请注明出处！
声援博主：如果您觉得文章对您有帮助，可以点击文章右下角【推荐】一下。您的鼓励是博主的最大动力！