9.6 KiB
9.6 KiB
Install
1.设置存储库
a. 更新APT程序包索引并安装程序包,以允许APT通过HTTPS使用存储库:
$ sudo apt-get update
$ sudo apt-get install \
ca-certificates \
curl \
gnupg \
lsb-release
b.添加Docker官方GPG密钥
$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
c.使用以下命令设置稳定的存储库。要添加夜间或测试存储库,请在下面命令中的稳定一词之后添加夜间或测试(或两者)一词。了解夜间频道和测试频道。
$ echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
2.安装Docker
a.更新apt包索引,安装最新版本的Docker Engine和Containerd,或进入下一步安装具体版本
$ sudo apt-get update
$ sudo apt-get install docker-ce docker-ce-cli containerd.io
如果您启用了多个 Docker 存储库,则在 apt-get install 或 apt-get update 命令中未指定版本的情况下安装或更新始终会安装可能的最高版本,这可能不适合您的稳定性需求。
b.要安装特定版本的 Docker Engine,请在 repo 中列出可用版本,然后选择并安装:
列出您的存储库中可用的版本:
$ apt-cache madison docker-ce
docker-ce | 5:18.09.1~3-0~ubuntu-xenial | https://download.docker.com/linux/ubuntu xenial/stable amd64 Packages
docker-ce | 5:18.09.0~3-0~ubuntu-xenial | https://download.docker.com/linux/ubuntu xenial/stable amd64 Packages
docker-ce | 18.06.1~ce~3-0~ubuntu | https://download.docker.com/linux/ubuntu xenial/stable amd64 Packages
docker-ce | 18.06.0~ce~3-0~ubuntu | https://download.docker.com/linux/ubuntu xenial/stable amd64 Packages
使用第二列中的版本字符串安装特定版本,例如 5:18.09.1~3-0~ubuntu-xenial
$ sudo apt-get install docker-ce=<VERSION_STRING> docker-ce-cli=<VERSION_STRING> containerd.io
通过运行 hello-world 映像来验证 Docker 引擎是否已正确安装。
$ sudo docker run hello-world
此命令下载测试映像并在容器中运行它。当容器运行时,它会打印一条消息并退出。
Upgrade
要升级 Docker Engine,首先运行 sudo apt-get update,然后按照安装说明(Intall的第二节第b段),选择要安装的新版本。
Uninstall
1.卸载Docker Engine、CLI和Containerd包
purge 命令会同时清除软件包和软件的配置文件 谨慎操作
$ sudo apt-get purge docker-ce docker-ce-cli containerd.io
2.主机上的映像、容器、卷或自定义配置文件不会自动删除。要删除所有映像、容器和卷,请执行以下操作(谨慎操作)
$ sudo rm -rf /var/lib/docker
$ sudo rm -rf /var/lib/containerd
Expand
1.配置镜像加速器
下面列出国内常用的加速站点,排名不分先后,总体来说阿里云速度较稳定。
docker中国区官方镜像加速:
https://registry.docker-cn.com
网易镜像加速:
中国科技大学镜像加速:
https://docker.mirrors.ustc.edu.cn
腾讯云镜像加速:
https://mirror.ccs.tencentyun.com
阿里云镜像加速:
https://ung2thfc.mirror.aliyuncs.com
docker官方镜像仓库国内访问较慢,我们需要设置国内镜像服务:
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{"registry-mirrors": ["https://registry.docker-cn.com"]}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
2.查看当前安装版本和可安装版本
apt-cache policy 列出软件包可下载的版本 和当前安装版本
$ apt-cache policy docker-ce
docker-ce:
Installed: 5:20.10.14~3-0~ubuntu-focal #已安装版本
Candidate: 5:20.10.14~3-0~ubuntu-focal #候选版本(最新版本)
Version table: #可安装版本的列表
*** 5:20.10.14~3-0~ubuntu-focal 500
500 https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
100 /var/lib/dpkg/status
5:20.10.13~3-0~ubuntu-focal 500
500 https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
5:20.10.12~3-0~ubuntu-focal 500
500 https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
5:20.10.11~3-0~ubuntu-focal 500
500 https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
5:20.10.10~3-0~ubuntu-focal 500
500 https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
3.添加用户到docker组中
默认情况下,docker命令只能由 root 用户或由 docker 组中的用户运行,docker 组用户是在Docker安装过程中自动创建的。
如果不想用 sudo 来执行 docker 命令,那么我们只需要把对应的用户添加到 docker 组中即可。
sudo usermod -aG docker ${USER}
使用新组成员身份执行命令,需要注销后重新登录,或使用su来切换身份。
su - ${USER}
我们可以通过id这个命令来确认刚刚添加的用户是否已经在 docker 组中:
$ id -nG
#输出
ds adm cdrom sudo dip plugdev lxd docker
ERROR
1.解决docker服务无法重启,报错loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
执行docker服务重启systemctl restart docker.service命令后,服务未正常启动,查看docker服务的状态,报loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)。
[root@localhost ~]# systemctl start docker.service
Job for docker.service failed because start of the service was attempted too often. See "systemctl status docker.service" and "journalctl -xe" for details.
To force a start use "systemctl reset-failed docker.service" followed by "systemctl start docker.service" again.
[root@localhost ~]# systemctl status docker.service
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: failed (Result: start-limit) since Mo 2020-06-08 10:59:41 CST; 1min 44s ago
Docs: https://docs.docker.com
Process: 12296 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock (code=exited, status=1/FAILURE)
Main PID: 12296 (code=exited, status=1/FAILURE)
Jun 08 10:59:41 localhost.localdomain systemd[1]: start request repeated too quickly for docker.service
Jun 08 10:59:41 localhost.localdomain systemd[1]: Failed to start Docker Application Container Engine.
Jun 08 10:59:41 localhost.localdomain systemd[1]: Unit docker.service entered failed state.
Jun 08 10:59:41 localhost.localdomain systemd[1]: docker.service failed.
Jun 08 11:00:06 localhost.localdomain systemd[1]: start request repeated too quickly for docker.service
Jun 08 11:00:06 localhost.localdomain systemd[1]: Failed to start Docker Application Container Engine.
Jun 08 11:00:06 localhost.localdomain systemd[1]: docker.service failed.
Jun 08 11:00:25 localhost.localdomain systemd[1]: start request repeated too quickly for docker.service
Jun 08 11:00:25 localhost.localdomain systemd[1]: Failed to start Docker Application Container Engine.
Jun 08 11:00:25 localhost.localdomain systemd[1]: docker.service failed.
a.检查/etc/docker/daemon.json文件配置是否正确。
[root@localhost ~]# cat /etc/docker/daemon.json
{
"insecure-registries":["11.1.14.145:8080"],
"hosts": ["tcp://127.0.0.1:2375", "unix:///var/run/docker.sock"]
}
b.检查/usr/lib/systemd/system/docker.service文件是否正常。
[root@localhost ~]# cat /usr/lib/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target