# **Docker的安装及如何配置从国内镜像中拖取需要的images到本地使用**
实验环境:
OS:CentOS7.0 -X64
上网环境:通过代理服务器上网
1.首先下载docker安装包
下载docker安装所需的插件:
docker-engine-selinux-1.9.1-1.e17.centos.noarch.rpm
下载地址:http://yum.dockerproject.org/repo/main/centos/7/Packages/
docker-engine-1.9.1.1.e17.centos.x86_64.rpm
下载地址:http://yum.dockerproject.org/repo/main/centos/7/Packages/
2.安装docker
先查看下载下来的安装包:
[root@docker docker]# pwd
/docker
[root@docker docker]# ls
docker-engine-1.9.1-1.el7.centos.x86_64.rpm docker-engine-selinux-1.9.1-1.el7.centos.noarch.rpm
[root@docker docker]# rpm -ivh docker-engine*
warning: docker-engine-1.9.1-1.el7.centos.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 2c52609d: NOKEY
error: Failed dependencies:
policycoreutils-python is needed by docker-engine-selinux-1.9.1-1.el7.centos.noarch
安装提示缺少policycoreutils-python组件
[root@docker docker]# yum install -y policycoreutils-python (通过光盘yum源就可以直接安装该组件)
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package policycoreutils-python.x86_64 0:2.5-17.1.el7 will be installed
--> Processing Dependency: setools-libs >= 3.3.8-1 for package: policycoreutils-python-2.5-17.1.el7.x86_64
--> Processing Dependency: libsemanage-python >= 2.5-5 for package: policycoreutils-python-2.5-17.1.el7.x86_64
--> Processing Dependency: audit-libs-python >= 2.1.3-4 for package: policycoreutils-python-2.5-17.1.el7.x86_64
--> Processing Dependency: python-IPy for package: policycoreutils-python-2.5-17.1.el7.x86_64
--> Processing Dependency: libqpol.so.1(VERS_1.4)(64bit) for package: policycoreutils-python-2.5-17.1.el7.x86_64
--> Processing Dependency: libqpol.so.1(VERS_1.2)(64bit) for package: policycoreutils-python-2.5-17.1.el7.x86_64
--> Processing Dependency: libapol.so.4(VERS_4.0)(64bit) for package: policycoreutils-python-2.5-17.1.el7.x86_64
--> Processing Dependency: checkpolicy for package: policycoreutils-python-2.5-17.1.el7.x86_64
--> Processing Dependency: libqpol.so.1()(64bit) for package: policycoreutils-python-2.5-17.1.el7.x86_64
--> Processing Dependency: libapol.so.4()(64bit) for package: policycoreutils-python-2.5-17.1.el7.x86_64
--> Running transaction check
---> Package audit-libs-python.x86_64 0:2.7.6-3.el7 will be installed
---> Package checkpolicy.x86_64 0:2.5-4.el7 will be installed
---> Package libsemanage-python.x86_64 0:2.5-8.el7 will be installed
---> Package python-IPy.noarch 0:0.75-6.el7 will be installed
---> Package setools-libs.x86_64 0:3.3.8-1.1.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
==================================================================================================================
Package Arch Version Repository Size
==================================================================================================================
Installing:
policycoreutils-python x86_64 2.5-17.1.el7 c7-media 446 k
Installing for dependencies:
audit-libs-python x86_64 2.7.6-3.el7 c7-media 73 k
checkpolicy x86_64 2.5-4.el7 c7-media 290 k
libsemanage-python x86_64 2.5-8.el7 c7-media 104 k
python-IPy noarch 0.75-6.el7 c7-media 32 k
setools-libs x86_64 3.3.8-1.1.el7 c7-media 612 k
Transaction Summary
==================================================================================================================
Install 1 Package (+5 Dependent packages)
Total download size: 1.5 M
Installed size: 5.0 M
Downloading packages:
------------------------------------------------------------------------------------------------------------------
Total 4.8 MB/s | 1.5 MB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : checkpolicy-2.5-4.el7.x86_64 1/6
Installing : setools-libs-3.3.8-1.1.el7.x86_64 2/6
Installing : python-IPy-0.75-6.el7.noarch 3/6
Installing : audit-libs-python-2.7.6-3.el7.x86_64 4/6
Installing : libsemanage-python-2.5-8.el7.x86_64 5/6
Installing : policycoreutils-python-2.5-17.1.el7.x86_64 6/6
Verifying : libsemanage-python-2.5-8.el7.x86_64 1/6
Verifying : audit-libs-python-2.7.6-3.el7.x86_64 2/6
Verifying : python-IPy-0.75-6.el7.noarch 3/6
Verifying : policycoreutils-python-2.5-17.1.el7.x86_64 4/6
Verifying : setools-libs-3.3.8-1.1.el7.x86_64 5/6
Verifying : checkpolicy-2.5-4.el7.x86_64 6/6
Installed:
policycoreutils-python.x86_64 0:2.5-17.1.el7
Dependency Installed:
audit-libs-python.x86_64 0:2.7.6-3.el7 checkpolicy.x86_64 0:2.5-4.el7
libsemanage-python.x86_64 0:2.5-8.el7 python-IPy.noarch 0:0.75-6.el7
setools-libs.x86_64 0:3.3.8-1.1.el7
Complete!
[root@docker docker]# rpm -ivh docker-engine* 再次安装docker,成功安装
warning: docker-engine-1.9.1-1.el7.centos.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 2c52609d: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:docker-engine-selinux-1.9.1-1.el7################################# [ 50%]
Re-declaration of type docker_t
Failed to create node
Bad type declaration at /etc/selinux/targeted/tmp/modules/400/docker/cil:1
/usr/sbin/semodule: Failed!
2:docker-engine-1.9.1-1.el7.centos ################################# [100%]
[root@docker docker]# systemctl enable docker.service 设置系统开机自动启动服务
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[root@docker docker]# service docker start 启动服务
Redirecting to /bin/systemctl start docker.service
[root@docker ~]# docker ps #查看docker驱动的进程,目前暂时没有驱动进程
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@docker ~]# docker images #查看docker镜像文件,初始安装没有镜像
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
2.配置服务器代理上网:由于上网环境是通过代理上网,所以本台测试机器需要配置代理才可以上网。
配置方法如下:编辑/etc/profile 添加以下内容
http_proxy=192.168.1.100:8005 #根据实际情况设定自己的代理服务器
https_proxy=$http_proxy
http_proxy_username=test #如果代理需要通过用户名和密码验证则设置,如果不需要验证username和password则可以不设定。
http_proxy_password=12356
no_proxy=192.*.*.*,*.local,localhost,127.0.0.1 #设定不需要代理的ip
[root@docker ~]# ping baidu.com #测试ping百度,连接成功,配置外网代理成功。
PING baidu.com (220.181.57.216) 56(84) bytes of data.
64 bytes from 220.181.57.216 (220.181.57.216): icmp_seq=1 ttl=51 time=30.7 ms
64 bytes from 220.181.57.216 (220.181.57.216): icmp_seq=2 ttl=51 time=33.4 ms
64 bytes from 220.181.57.216 (220.181.57.216): icmp_seq=3 ttl=51 time=34.0 ms
以为通过上述设定就可以通过 docker pull [images名称] 下载docker镜像文件,结果报以下错误:
[root@docker ~]# docker pull daocloud.io/library/node:8.1.0-slim #通过pull命令,提示的报错,反正我也没看懂,所以就网上搜索
一下,找了很多方法,总算找到了原因,是由于docker需要再单独配置代理上网。
Error response from daemon: invalid registry endpoint https://daocloud.io/v0/: unable to ping registry endpoint https://daocloud.io/v0/
v2 ping attempt failed with error: Get https://daocloud.io/v2/: remote error: handshake failure
v1 ping attempt failed with error: Get https://daocloud.io/v1/_ping: remote error: handshake failure. If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add `--insecure-registry daocloud.io` to the daemon's arguments. In the case of HTTPS, if you have access to the registry's CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/daocloud.io/ca.crt
3.配置docker代理上网,新增以下配置文件
[root@docker ~]# vim /etc/systemd/system/docker.service.d/http-proxy.conf #新增代理配置文件,内容如下:
[Service]
Environment="HTTP_PROXY=10.109.134.247:8005"
Environment="NO_PROXY=localhost,127.0.0.0/8,docker-registry.somecorporation.com"
保存退出,再次使用pull命令下载成功,可以使用pull命令下载镜像了,总算搞定了。
[root@docker ~]# systemctl daemon-reload #重新加载daemon
[root@docker ~]# systemctl show docker --property Environment #查看设置的代理环境是否成功。
Environment=HTTP_PROXY=192.168.1.100:8005 NO_PROXY=localhost,127.0.0.0/8,docker-registry.somecorporation.com
[root@docker ~]# systemctl restart docker #或者直接service docker restart 重启docker服务。
Starting docker (via systemctl): [ OK ]
[root@docker ~]# docker images #查看docker镜像文件,初始安装没有镜像
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
[root@docker ~]# docker pull busybox #通过pull下载busybox镜像到本地镜像仓库。
latest: Pulling from busybox
f9ea5e501ad7: Pull complete
ac3f08b78d4e: Pull complete
Digest: sha256:da268b65d710e5ca91271f161d0ff078dc63930bbd6baac88d21b20d23b427ec
Status: Downloaded newer image for busybox:latest #下载busybox镜像成功
[root@docker docker]# docker pull daocloud.io/library/nginx:latest #下载nginx镜像成功
latest: Pulling from daocloud.io/library/nginx
2cd56ba950c8: Pull complete
8ecf8a9b915f: Pull complete
2f035d3cb1ca: Pull complete
33ff728209b6: Pull complete
a8788126754a: Pull complete
534bc4991cb2: Pull complete
4eff2ba6990a: Pull complete
ca14437b52c6: Pull complete
64d6b4f35a10: Pull complete
476b0368435b: Pull complete
Digest: sha256:cb29ee85b234f356fb8a77d8cfb78b42355f7f016f528f11a2a5f75e4862dc94
Status: Downloaded newer image for daocloud.io/library/nginx:latest
[root@docker docker]# docker images #再次查看本地镜像仓库,已经有2个刚下载的镜像。
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
daocloud.io/library/nginx latest 476b0368435b 7 days ago 108.9 MB
busybox latest ac3f08b78d4e 12 days ago 1.146 MB
顺便提供国内镜像地址:
https://hub.daocloud.io/repos?type=featured