learning_record_doc/docker/Ubuntu20.04 安装Docker.md

## Install
#### 1.设置存储库
##### a. 更新APT程序包索引并安装程序包，以允许APT通过HTTPS使用存储库：

```shell
$ sudo apt-get update

$ sudo apt-get install \
    ca-certificates \
    curl \
    gnupg \
    lsb-release
```

##### b.添加Docker官方GPG密钥

```shell
$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
```

##### c.使用以下命令设置稳定的存储库。要添加夜间或测试存储库，请在下面命令中的稳定一词之后添加夜间或测试(或两者)一词。了解夜间频道和测试频道。

```shell
$ echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
```

#### 2.安装Docker

##### a.更新apt包索引，安装最新版本的Docker Engine和Containerd，或进入下一步安装具体版本

```shell
$ sudo apt-get update
$ sudo apt-get install docker-ce docker-ce-cli containerd.io
```

>如果您启用了多个 Docker 存储库，则在 apt-get install 或 apt-get update 命令中未指定版本的情况下安装或更新始终会安装可能的最高版本，这可能不适合您的稳定性需求。

##### b.要安装特定版本的 Docker Engine，请在 repo 中列出可用版本，然后选择并安装：

列出您的存储库中可用的版本：

```shell
$ apt-cache madison docker-ce

  docker-ce | 5:18.09.1~3-0~ubuntu-xenial | https://download.docker.com/linux/ubuntu  xenial/stable amd64 Packages
  docker-ce | 5:18.09.0~3-0~ubuntu-xenial | https://download.docker.com/linux/ubuntu  xenial/stable amd64 Packages
  docker-ce | 18.06.1~ce~3-0~ubuntu       | https://download.docker.com/linux/ubuntu  xenial/stable amd64 Packages
  docker-ce | 18.06.0~ce~3-0~ubuntu       | https://download.docker.com/linux/ubuntu  xenial/stable amd64 Packages
```

使用第二列中的版本字符串安装特定版本，例如 5:18.09.1~3-0~ubuntu-xenial

```shell
$ sudo apt-get install docker-ce=<VERSION_STRING> docker-ce-cli=<VERSION_STRING> containerd.io
```

##### 通过运行 hello-world 映像来验证 Docker 引擎是否已正确安装。

```shell
$ sudo docker run hello-world
```

>此命令下载测试映像并在容器中运行它。当容器运行时，它会打印一条消息并退出。
## Upgrade
要升级 Docker Engine，首先运行 sudo apt-get update，然后按照安装说明(Intall的第二节第b段)，选择要安装的新版本。

## Uninstall

#### 1.卸载Docker Engine、CLI和Containerd包
**purge 命令会同时清除软件包和软件的配置文件 谨慎操作**

```shell
$ sudo apt-get purge docker-ce docker-ce-cli containerd.io
```

#### 2.主机上的映像、容器、卷或自定义配置文件不会自动删除。要删除所有映像、容器和卷，请执行以下操作（谨慎操作）
```shell
$ sudo rm -rf /var/lib/docker
$ sudo rm -rf /var/lib/containerd
```

## Expand

#### 1.配置镜像加速器
docker官方镜像仓库国内访问较慢，我们需要设置国内镜像服务：

```bash
sudo mkdir -p /etc/docker 
sudo tee /etc/docker/daemon.json <<-'EOF' 
{"registry-mirrors": ["https://kaytushy.mirror.aliyuncs.com"]} 
EOF
sudo systemctl daemon-reload 
sudo systemctl restart docker
```

#### 2.查看当前安装版本和可安装版本
apt-cache policy 列出软件包可下载的版本 和当前安装版本

```bash
$ apt-cache policy docker-ce
docker-ce:
  Installed: 5:20.10.14~3-0~ubuntu-focal  #已安装版本
  Candidate: 5:20.10.14~3-0~ubuntu-focal  #候选版本(最新版本)
  Version table:                          #可安装版本的列表
 *** 5:20.10.14~3-0~ubuntu-focal 500
        500 https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
        100 /var/lib/dpkg/status
     5:20.10.13~3-0~ubuntu-focal 500
        500 https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
     5:20.10.12~3-0~ubuntu-focal 500
        500 https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
     5:20.10.11~3-0~ubuntu-focal 500
        500 https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
     5:20.10.10~3-0~ubuntu-focal 500
        500 https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
```

#### 3.添加用户到docker组中
默认情况下，`docker`命令只能由 **root** 用户或由 **docker** 组中的用户运行，docker 组用户是在Docker安装过程中自动创建的。
如果不想用 sudo 来执行 docker 命令，那么我们只需要把对应的用户添加到 docker 组中即可。

```bash
sudo usermod -aG docker ${USER}
```

使用新组成员身份执行命令，需要注销后重新登录，或使用su来切换身份。

```bash
su - ${USER}
```

我们可以通过`id`这个命令来确认刚刚添加的用户是否已经在 docker 组中：

```bash
$ id -nG

#输出
ds adm cdrom sudo dip plugdev lxd docker
```

## ERROR
 #### 1.解决docker服务无法重启，报错loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)

执行docker服务重启systemctl restart docker.service命令后，服务未正常启动，查看docker服务的状态，报loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)。

```bash
[root@localhost ~]# systemctl start docker.service  
Job for docker.service failed because start of the service was attempted too often. See "systemctl status docker.service" and "journalctl -xe" for details.
To force a start use "systemctl reset-failed docker.service" followed by "systemctl start docker.service" again.
[root@localhost ~]# systemctl status docker.service
● docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
   Active: failed (Result: start-limit) since Mo 2020-06-08 10:59:41 CST; 1min 44s ago
     Docs: https://docs.docker.com
  Process: 12296 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock (code=exited, status=1/FAILURE)
 Main PID: 12296 (code=exited, status=1/FAILURE)

Jun 08 10:59:41 localhost.localdomain systemd[1]: start request repeated too quickly for docker.service
Jun 08 10:59:41 localhost.localdomain systemd[1]: Failed to start Docker Application Container Engine.
Jun 08 10:59:41 localhost.localdomain systemd[1]: Unit docker.service entered failed state.
Jun 08 10:59:41 localhost.localdomain systemd[1]: docker.service failed.
Jun 08 11:00:06 localhost.localdomain systemd[1]: start request repeated too quickly for docker.service
Jun 08 11:00:06 localhost.localdomain systemd[1]: Failed to start Docker Application Container Engine.
Jun 08 11:00:06 localhost.localdomain systemd[1]: docker.service failed.
Jun 08 11:00:25 localhost.localdomain systemd[1]: start request repeated too quickly for docker.service
Jun 08 11:00:25 localhost.localdomain systemd[1]: Failed to start Docker Application Container Engine.
Jun 08 11:00:25 localhost.localdomain systemd[1]: docker.service failed.
```

##### a.检查/etc/docker/daemon.json文件配置是否正确。
```bash
[root@localhost ~]# cat /etc/docker/daemon.json 
{
   "insecure-registries":["11.1.14.145:8080"],
   "hosts": ["tcp://127.0.0.1:2375", "unix:///var/run/docker.sock"]
}
```

##### b.检查/usr/lib/systemd/system/docker.service文件是否正常。
```bash
[root@localhost ~]# cat /usr/lib/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target

[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd 
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s

[Install]
WantedBy=multi-user.target
```

**参考：**
[docker官方ubuntu安装文档](https://docs.docker.com/engine/install/ubuntu/#install-using-the-repository)
[阿里云镜像加速器配置](https://cr.console.aliyun.com/cn-hangzhou/instances/mirrors)
[docker扩展配置](https://kalacloud.com/blog/how-to-install-and-use-docker-on-ubuntu)
[docker 启动错误](https://www.jianshu.com/p/7d38cd3bf387)