Ubuntu 22.04 LTS 在线/离线安装 Docker
1.Docker 知识梳理及其 CentOS7.9 在线/离线安装使用
2.Ubuntu 22.04 LTS 在线/离线安装 Docker
3.Ubuntu 22.04 LTS 离线安装 Harbor v2.11 (附https认证,Trivy镜像扫描)
正文
Docker 安装方式
准备环境
root@ubuntu2204:~# hostnamectl Static hostname: ubuntu2204 Icon name: computer-vm Chassis: vm Machine ID: 06204406df2343f89f6ba6550a356854 Boot ID: 3142ea12a9e64adbab7b8939935e7698 Virtualization: vmware Operating System: Ubuntu 22.04.5 LTS Kernel: Linux 5.15.0-43-generic Architecture: x86-64 Hardware Vendor: VMware, Inc. Hardware Model: VMware Virtual Platform # 关闭 swap root@ubuntu2204:~# swapoff -a root@ubuntu2204:~# sed -ri.bak 's/.*swap.*/#&/' /etc/fstab # 更换阿里源 root@ubuntu2204:~# cp /etc/apt/sources.list /etc/apt/sources.list_bak root@ubuntu2204:~# cat /etc/apt/sources.list deb https://mirrors.aliyun.com/ubuntu/ jammy main restricted universe multiverse deb-src https://mirrors.aliyun.com/ubuntu/ jammy main restricted universe multiverse deb https://mirrors.aliyun.com/ubuntu/ jammy-security main restricted universe multiverse deb-src https://mirrors.aliyun.com/ubuntu/ jammy-security main restricted universe multiverse deb https://mirrors.aliyun.com/ubuntu/ jammy-updates main restricted universe multiverse deb-src https://mirrors.aliyun.com/ubuntu/ jammy-updates main restricted universe multiverse # deb https://mirrors.aliyun.com/ubuntu/ jammy-proposed main restricted universe multiverse # deb-src https://mirrors.aliyun.com/ubuntu/ jammy-proposed main restricted universe multiverse deb https://mirrors.aliyun.com/ubuntu/ jammy-backports main restricted universe multiverse deb-src https://mirrors.aliyun.com/ubuntu/ jammy-backports main restricted universe multiverse root@ubuntu2204:~# apt update root@ubuntu2204:~# apt upgrade -y
在线 APT 安装
# 卸载 docker 旧版本 root@ubuntu2204:~# for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do sudo apt-get remove $pkg; done root@ubuntu2204:~# rm /var/lib/docker /var/lib/containerd -rf # 安装必要的依赖包 root@ubuntu2204:~# apt install apt-transport-https ca-certificates curl gnupg lsb-release -y # 添加软件源的GPG密钥及docker源(三选一) # ------------------------------------------------------------------------------------------------------------ # 一:阿里 root@ubuntu2204:~# curl -fsSL http://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add - root@ubuntu2204:~# add-apt-repository "deb [arch=$(dpkg --print-architecture)] http://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable" # 二:清华 curl -fsSL https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu/gpg | sudo apt-key add - add-apt-repository "deb [arch=$(dpkg --print-architecture)] https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu $(lsb_release -cs) stable" # 三:docker官方 curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - add-apt-repository "deb [arch=$(dpkg --print-architecture)] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" # ------------------------------------------------------------------------------------------------------------ # 方式一:选择安装最新稳定版 root@ubuntu2204:~# apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y # 或方式二:选择安装指定稳定版, 例如 5:24.0.9-1~ubuntu.22.04~jammy root@ubuntu2204:~# apt-cache madison docker-ce | awk '{ print $3 }' | less 5:27.3.1-1~ubuntu.22.04~jammy 5:27.3.0-1~ubuntu.22.04~jammy ...... 5:25.0.3-1~ubuntu.22.04~jammy 5:25.0.2-1~ubuntu.22.04~jammy 5:25.0.1-1~ubuntu.22.04~jammy 5:25.0.0-1~ubuntu.22.04~jammy 5:24.0.9-1~ubuntu.22.04~jammy 5:24.0.8-1~ubuntu.22.04~jammy ...... root@ubuntu2204:~# VERSION_STRING=5:24.0.9-1~ubuntu.22.04~jammy root@ubuntu2204:~# apt-get install docker-ce=$VERSION_STRING docker-ce-cli=$VERSION_STRING containerd.io docker-buildx-plugin docker-compose-plugin -y # 查看docker信息 root@ubuntu2204:~# docker -v Docker version 24.0.9, build 2936816 root@ubuntu2204:~# docker version Client: Docker Engine - Community Version: 24.0.9 API version: 1.43 Go version: go1.20.13 Git commit: 2936816 Built: Thu Feb 1 00:48:39 2024 OS/Arch: linux/amd64 Context: default Server: Docker Engine - Community Engine: Version: 24.0.9 API version: 1.43 (minimum version 1.12) Go version: go1.20.13 Git commit: fca702d Built: Thu Feb 1 00:48:39 2024 OS/Arch: linux/amd64 Experimental: false containerd: Version: 1.7.22 GitCommit: 7f7fdf5fed64eb6a7caf99b3e12efcf9d60e311c runc: Version: 1.1.14 GitCommit: v1.1.14-0-g2c9f560 docker-init: Version: 0.19.0 GitCommit: de40ad0 root@ubuntu2204:~# ps -ef | grep docker root 2032 1 0 14:51 ? 00:00:00 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock root 2214 940 0 14:51 pts/0 00:00:00 grep --color=auto docker # 启动|停止|查看|开机自启 root@ubuntu2204:~# systemctl start|stop|status|enable docker # 测试 docker 是否安装正确 root@ubuntu2204:~# docker run --rm hello-world Unable to find image 'hello-world:latest' locally latest: Pulling from library/hello-world c1ec31eb5944: Pull complete Digest: sha256:d211f485f2dd1dee407a80973c8f129f00d54604d2c90732e8e320e5038a0348 Status: Downloaded newer image for hello-world:latest Hello from Docker! This message shows that your installation appears to be working correctly. To generate this message, Docker took the following steps: 1. The Docker client contacted the Docker daemon. 2. The Docker daemon pulled the "hello-world" image from the Docker Hub. (amd64) 3. The Docker daemon created a new container from that image which runs the executable that produces the output you are currently reading. 4. The Docker daemon streamed that output to the Docker client, which sent it to your terminal. To try something more ambitious, you can run an Ubuntu container with: $ docker run -it ubuntu bash Share images, automate workflows, and more with a free Docker ID: https://hub.docker.com/ For more examples and ideas, visit: https://docs.docker.com/get-started/ 若能正常输出以上信息,则说明安装成功。
二进制离线安装
时间:2024-10 下载 Docker docker-24.0.9.tgz 为例
下载 Docker 地址
- 阿里地址【 docker-24.0.9.tgz 】
- 清华大学地址【 docker-24.0.9.tgz 】
- 官方地址【 docker-24.0.6.tgz 】
# 下载 Docker docker-24.0.9.tgz 为例 (当前最新版本 docker-27.3.1.tgz) root@ubuntu2204:~# wget https://mirrors.aliyun.com/docker-ce/linux/static/stable/x86_64/docker-24.0.9.tgz root@ubuntu2204:~# tar -xf docker-24.0.9.tgz root@ubuntu2204:~# cp -a docker/* /usr/local/bin/ root@ubuntu2204:~# docker -v Docker version 24.0.9, build 2936816 root@ubuntu2204:~# docker -h # 将docker注册为 Systemd 的 service # /usr/lib/systemd/system/docker.service 或 /etc/systemd/system/docker.service [root@ubuntu2204 ~]# cat > /usr/lib/systemd/system/docker.service <<EOF [Unit] Description=Docker Application Container Engine Documentation=https://docs.docker.com After=network-online.target firewalld.service Wants=network-online.target [Service] Type=notify # the default is not to use systemd for cgroups because the delegate issues still # exists and systemd currently does not support the cgroup feature set required # for containers run by docker ExecStart=/usr/local/bin/dockerd -H unix:///var/run/docker.sock --default-ulimit nofile=65536:65536 ExecReload=/bin/kill -s HUP $MAINPID # Having non-zero Limit*s causes performance problems due to accounting overhead # in the kernel. We recommend using cgroups to do container-local accounting. LimitNOFILE=infinity LimitNPROC=infinity LimitCORE=infinity # Uncomment TasksMax if your systemd version supports it. # Only systemd 226 and above support this version. #TasksMax=infinity TimeoutStartSec=0 # set delegate yes so that systemd does not reset the cgroups of docker containers Delegate=yes # kill only the docker process, not all processes in the cgroup KillMode=process # restart the docker process if it exits prematurely Restart=on-failure StartLimitBurst=3 StartLimitInterval=60s [Install] WantedBy=multi-user.target EOF # 如果需要开启远程服务ExecStart属性修改为以下命令: ExecStart=/usr/local/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --default-ulimit nofile=65536:65536 # -H tcp://0.0.0.0:2375 开启远程连接命令 # 测试远程连接 docker -H DockerHost_ip version # 添加文件可执行权限 [root@ubuntu2204 ~]# chmod +x /usr/lib/systemd/system/docker.service # 启动 [root@ubuntu2204 ~]# systemctl daemon-reload && systemctl start docker # 启动|停止|查看|开机自启 root@ubuntu2204:~# systemctl start|stop|status|enable docker
此时可能会无法启动报错信息如下
root@ubuntu2204:~# systemctl daemon-reload && systemctl start docker Job for docker.service failed because the control process exited with error code. See "systemctl status docker.service" and "journalctl -xeu docker.service" for details. root@ubuntu2204:~# systemctl status docker.service ...... Oct 21 17:24:36 ubuntu2204 systemd[1]: docker.service: Scheduled restart job, restart counter is at 3. Oct 21 17:24:36 ubuntu2204 systemd[1]: Stopped Docker Application Container Engine. Oct 21 17:24:36 ubuntu2204 systemd[1]: docker.service: Start request repeated too quickly. Oct 21 17:24:36 ubuntu2204 systemd[1]: docker.service: Failed with result 'exit-code'. Oct 21 17:24:36 ubuntu2204 systemd[1]: Failed to start Docker Application Container Engine. root@ubuntu2204:~# journalctl -xeu docker.service Oct 21 17:32:56 ubuntu2204 dockerd[1001]: time="2024-10-21T17:32:56.838180448+08:00" level=info msg="Starting up" Oct 21 17:32:56 ubuntu2204 dockerd[1001]: time="2024-10-21T17:32:56.838180448+08:00" level=info msg="Starting up" Oct 21 17:32:56 ubuntu2204 dockerd[1001]: time="2024-10-21T17:32:56.846181372+08:00" level=warning msg="could not change group /var/run/docker.sock to docker: group docker not found" Oct 21 17:32:56 ubuntu2204 dockerd[1001]: time="2024-10-21T17:32:56.846351136+08:00" level=info msg="containerd not running, starting managed containerd" Oct 21 17:32:56 ubuntu2204 dockerd[1001]: time="2024-10-21T17:32:56.847171970+08:00" level=info msg="started new containerd process" address=/var/run/docker/containerd/containerd.sock module=libcontainerd pid=1011 Oct 21 17:32:56 ubuntu2204 dockerd[1011]: time="2024-10-21T17:32:56.861897616+08:00" level=info msg="starting containerd" revision=7c3aca7a610df76212171d200ca3811ff6096eb8 version=v1.7.13 Oct 21 17:32:56 ubuntu2204 dockerd[1011]: time="2024-10-21T17:32:56.879453787+08:00" level=info msg="loading plugin \"io.containerd.warning.v1.deprecations\"..." type=io.containerd.warning.v1 ...... Oct 21 17:32:56 ubuntu2204 dockerd[1011]: time="2024-10-21T17:32:56.915675066+08:00" level=info msg=serving... address=/var/run/docker/containerd/containerd.sock Oct 21 17:32:56 ubuntu2204 dockerd[1011]: time="2024-10-21T17:32:56.915690393+08:00" level=info msg="containerd successfully booted in 0.054759s" Oct 21 17:32:56 ubuntu2204 dockerd[1001]: time="2024-10-21T17:32:56.922245751+08:00" level=info msg="detected 127.0.0.53 nameserver, assuming systemd-resolved, so using resolv.conf: /run/systemd/resolve/resolv.conf" Oct 21 17:32:57 ubuntu2204 dockerd[1001]: time="2024-10-21T17:32:57.069029579+08:00" level=info msg="Loading containers: start." Oct 21 17:32:57 ubuntu2204 dockerd[1001]: time="2024-10-21T17:32:57.131593492+08:00" level=warning msg="failed to find iptables" error="exec: \"iptables\": executable file not found in $PATH" Oct 21 17:32:57 ubuntu2204 dockerd[1001]: time="2024-10-21T17:32:57.134033772+08:00" level=info msg="stopping event stream following graceful shutdown" error="<nil>" module=libcontainerd namespace=moby Oct 21 17:32:57 ubuntu2204 dockerd[1001]: time="2024-10-21T17:32:57.134833160+08:00" level=info msg="stopping event stream following graceful shutdown" error="context canceled" module=libcontainerd namespace=plugins.moby Oct 21 17:32:57 ubuntu2204 dockerd[1001]: time="2024-10-21T17:32:57.134935282+08:00" level=info msg="stopping healthcheck following graceful shutdown" module=libcontainerd Oct 21 17:32:58 ubuntu2204 dockerd[1001]: failed to start daemon: Error initializing network controller: error obtaining controller instance: failed to create NAT chain DOCKER: Iptables not found Oct 21 17:32:58 ubuntu2204 systemd[1]: docker.service: Main process exited, code=exited, status=1/FAILUR .....
原因:这些错误表明 Docker 无法找到 iptables 命令,它是用于配置网络规则和转发的重要工具。缺少 iptables 可能会导致 Docker 无法初始化网络控制器,从而无法启动。
解决方法
# 检查 iptables 是否已安装 root@ubuntu2204:~# which iptables root@ubuntu2204:~# apt-get install iptables # 或重新安装:apt-get install --reinstall iptables # 再次启动 docker root@ubuntu2204:~# systemctl start docker root@ubuntu2204:~# iptables -L -n Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy DROP) target prot opt source destination DOCKER-USER all -- 0.0.0.0/0 0.0.0.0/0 DOCKER-ISOLATION-STAGE-1 all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED DOCKER all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain DOCKER (1 references) target prot opt source destination Chain DOCKER-ISOLATION-STAGE-1 (1 references) target prot opt source destination DOCKER-ISOLATION-STAGE-2 all -- 0.0.0.0/0 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain DOCKER-ISOLATION-STAGE-2 (1 references) target prot opt source destination DROP all -- 0.0.0.0/0 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain DOCKER-USER (1 references) target prot opt source destination RETURN all -- 0.0.0.0/0 0.0.0.0/0 # 测试 Docker 是否安装正确 root@ubuntu2204:~# docker run --rm hello-world Unable to find image 'hello-world:latest' locally latest: Pulling from library/hello-world c1ec31eb5944: Pull complete Digest: sha256:d211f485f2dd1dee407a80973c8f129f00d54604d2c90732e8e320e5038a0348 Status: Downloaded newer image for hello-world:latest Hello from Docker! This message shows that your installation appears to be working correctly. To generate this message, Docker took the following steps: 1. The Docker client contacted the Docker daemon. 2. The Docker daemon pulled the "hello-world" image from the Docker Hub. (amd64) 3. The Docker daemon created a new container from that image which runs the executable that produces the output you are currently reading. 4. The Docker daemon streamed that output to the Docker client, which sent it to your terminal. To try something more ambitious, you can run an Ubuntu container with: $ docker run -it ubuntu bash Share images, automate workflows, and more with a free Docker ID: https://hub.docker.com/ For more examples and ideas, visit: https://docs.docker.com/get-started/ 若能正常输出以上信息,则说明安装成功。
添加 docker 镜像加速
# 每次修改 daemon.json 后,必须重载配置及重启 docker root@ubuntu2204:~# mkdir -p /etc/docker root@ubuntu2204:~# tee /etc/docker/daemon.json <<-'EOF' { "registry-mirrors": [ "https://dockerpull.com", "https://docker.anyhub.us.kg", "https://dockerhub.jobcher.com", "https://dockerhub.icu", "https://docker.awsl9527.cn" ] } EOF root@ubuntu2204:~# systemctl daemon-reload && sudo systemctl restart docker root@ubuntu2204:~# docker info | grep "Registry Mirrors" -A 1
********** 如果您认为这篇文章还不错或者有所收获,请点击右下角的【推荐】/【赞助】按钮,因为您的支持是我继续创作分享的最大动力! **********
作者:讲文张字
出处:https://www.cnblogs.com/zhangwencheng
版权:本文版权归作者和博客园共有,欢迎转载,但未经作者同意必须保留此段声明,且在文章页面明显位置给出 原文链接
出处:https://www.cnblogs.com/zhangwencheng
版权:本文版权归作者和博客园共有,欢迎转载,但未经作者同意必须保留此段声明,且在文章页面明显位置给出 原文链接
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】凌霞软件回馈社区,博客园 & 1Panel & Halo 联合会员上线
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】博客园社区专享云产品让利特惠,阿里云新客6.5折上折
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 【.NET】调用本地 Deepseek 模型
· CSnakes vs Python.NET:高效嵌入与灵活互通的跨语言方案对比
· DeepSeek “源神”启动!「GitHub 热点速览」
· 我与微信审核的“相爱相杀”看个人小程序副业
· Plotly.NET 一个为 .NET 打造的强大开源交互式图表库
2020-10-28 配置交换机之间直连链路聚合-手工模式
2020-10-28 配置交换机接口二三层切换