linux环境下安装docker

linux环境下安装docker

1.安装环境要求

在 CentOS 7安装docker要求系统为64位、系统内核版本为 3.10 以上，可以使用以下命令查看

查看当前CentOS的版本：

[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# lsb_release -a
LSB Version:    :core-4.1-amd64:core-4.1-noarch
Distributor ID: CentOS
Description:    CentOS Linux release 7.8.2003 (Core)
Release:        7.8.2003
Codename:       Core

查看当前系统内核版本级位数

[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# uname -r
3.10.0-1127.8.2.el7.x86_64

2. 用yum源安装

2.1 查看是否已安装docker列表

[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# yum list installed | grep docker

2.2 使用yum安装docker

​ -y表示不静默安装，直到安装成功，安装完后再次查看安装列表

[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# yum -y install docker
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package docker.x86_64 2:1.13.1-161.git64e9980.el7_8 will be installed
--> Processing Dependency: docker-common = 2:1.13.1-161.git64e9980.el7_8 for package: 2:docker-1.13.1-161.git64e9980.el7_8.x86_64
......               
  subscription-manager-rhsm-certificates.x86_64 0:1.24.26-3.el7.centos                   usermode.x86_64 0:1.111-6.el7                                             
  yajl.x86_64 0:2.0.4-4.el7                                                             

Complete!

3. 启动docker 并查看状态

[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# systemctl start docker
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# systemctl status docker 
● docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
   Active: active (running) since Mon 2020-06-29 13:39:51 CST; 18s ago
     Docs: http://docs.docker.com
 Main PID: 20999 (dockerd-current)
   CGroup: /system.slice/docker.service
           ├─20999 /usr/bin/dockerd-current --add-runtime docker-runc=/usr/libexec/docker/docker-runc-current --default-runtime=docker-runc --exec-opt native.cgr...
           └─21007 /usr/bin/docker-containerd-current -l unix:///var/run/docker/libcontainerd/docker-containerd.sock --metrics-interval=0 --start-timeout 2m --st...

Jun 29 13:39:51 iZ8vb4s55pp0vcgoosyy9vZ dockerd-current[20999]: time="2020-06-29T13:39:51.077856393+08:00" level=warning msg="Docker could not enable SELi...system"
Jun 29 13:39:51 iZ8vb4s55pp0vcgoosyy9vZ dockerd-current[20999]: time="2020-06-29T13:39:51.102776667+08:00" level=info msg="Graph migration to content-addr...econds"
Jun 29 13:39:51 iZ8vb4s55pp0vcgoosyy9vZ dockerd-current[20999]: time="2020-06-29T13:39:51.103149607+08:00" level=info msg="Loading containers: start."
Jun 29 13:39:51 iZ8vb4s55pp0vcgoosyy9vZ dockerd-current[20999]: time="2020-06-29T13:39:51.143690517+08:00" level=info msg="Firewalld running: false"
Jun 29 13:39:51 iZ8vb4s55pp0vcgoosyy9vZ dockerd-current[20999]: time="2020-06-29T13:39:51.202007507+08:00" level=info msg="Default bridge (docker0) is ass...ddress"
Jun 29 13:39:51 iZ8vb4s55pp0vcgoosyy9vZ dockerd-current[20999]: time="2020-06-29T13:39:51.229563832+08:00" level=info msg="Loading containers: done."
Jun 29 13:39:51 iZ8vb4s55pp0vcgoosyy9vZ dockerd-current[20999]: time="2020-06-29T13:39:51.255392835+08:00" level=info msg="Daemon has completed initialization"
Jun 29 13:39:51 iZ8vb4s55pp0vcgoosyy9vZ dockerd-current[20999]: time="2020-06-29T13:39:51.255422845+08:00" level=info msg="Docker daemon" commit="64e9980/...=1.13.1
Jun 29 13:39:51 iZ8vb4s55pp0vcgoosyy9vZ dockerd-current[20999]: time="2020-06-29T13:39:51.259429069+08:00" level=info msg="API listen on /var/run/docker.sock"
Jun 29 13:39:51 iZ8vb4s55pp0vcgoosyy9vZ systemd[1]: Started Docker Application Container Engine.
Hint: Some lines were ellipsized, use -l to show in full.

查看docker 当前版本

[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# docker version
Client:
 Version:         1.13.1
 API version:     1.26
 Package version: docker-1.13.1-161.git64e9980.el7_8.x86_64
 Go version:      go1.10.3
 Git commit:      64e9980/1.13.1
 Built:           Tue Apr 28 14:43:01 2020
 OS/Arch:         linux/amd64

Server:
 Version:         1.13.1
 API version:     1.26 (minimum version 1.12)
 Package version: docker-1.13.1-161.git64e9980.el7_8.x86_64
 Go version:      go1.10.3
 Git commit:      64e9980/1.13.1
 Built:           Tue Apr 28 14:43:01 2020
 OS/Arch:         linux/amd64
 Experimental:    false

4. 升级docker（如果嫌弃版本低的话）

[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# rpm -qa | grep docker
docker-client-1.13.1-161.git64e9980.el7_8.x86_64
docker-1.13.1-161.git64e9980.el7_8.x86_64
docker-common-1.13.1-161.git64e9980.el7_8.x86_64

4.1 移除系统中原有的rpm包

[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# yum remove docker-1.13.1-161.git64e9980.el7_8.x86_64       
Loaded plugins: fastestmirror, product-id, search-disabled-repos, subscription-manager

This system is not registered with an entitlement server. You can use subscription-manager to register.

No Match for argument: docker-1.13.1-161.git64e9980.el7_8.x86_64
No Packages marked for removal
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# yum remove docker-common-1.13.1-161.git64e9980.el7_8.x86_64
Loaded plugins: fastestmirror, product-id, search-disabled-repos, subscription-manager

This system is not registered with an entitlement server. You can use subscription-manager to register.

Resolving Dependencies
--> Running transaction check
---> Package docker-common.x86_64 2:1.13.1-161.git64e9980.el7_8 will be erased
--> Finished Dependency Resolution
Dependencies Resolved

====================================================================================================================================================================
 Package                               Arch                           Version                                                 Repository                       Size
====================================================================================================================================================================
Removing:
 docker-common                         x86_64                         2:1.13.1-161.git64e9980.el7_8                           @extras                         4.4 k

Transaction Summary
====================================================================================================================================================================
Remove  1 Package

Installed size: 4.4 k
Is this ok [y/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Erasing    : 2:docker-common-1.13.1-161.git64e9980.el7_8.x86_64                                                                                               1/1 
  Verifying  : 2:docker-common-1.13.1-161.git64e9980.el7_8.x86_64                                                                                            1/1 

Removed:
  docker-common.x86_64 2:1.13.1-161.git64e9980.el7_8                                                                                                                
Complete!

4.2 验证是否已经移除

[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# docker
-bash: docker: command not found

4.3 安装 最新的docker

[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# curl -fsSL https://get.docker.com/ | sh
# Executing docker install script, commit: 26ff363bcf3b3f5a00498ac43694bf1c7d9ce16c
+ sh -c 'yum install -y -q yum-utils'
+ sh -c 'yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo'
Loaded plugins: fastestmirror, product-id, subscription-manager

This system is not registered with an entitlement server. You can use subscription-manager to register.

adding repo from: https://download.docker.com/linux/centos/docker-ce.repo
grabbing file https://download.docker.com/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
repo saved to /etc/yum.repos.d/docker-ce.repo
+ '[' stable '!=' stable ']'
+ sh -c 'yum makecache'
Loaded plugins: fastestmirror, product-id, search-disabled-repos, subscription-manager

This system is not registered with an entitlement server. You can use subscription-manager to register.

Loading mirror speeds from cached hostfile
base                                                                                                                                         | 3.6 kB  00:00:00     
docker-ce-stable                                                                                                                             | 3.5 kB  00:00:00     
epel                                                                                                                                         | 4.7 kB  00:00:00     
extras                                                                                                                                       | 2.9 kB  00:00:00     
updates                                                                                                                                      | 2.9 kB  00:00:00     
(1/13): base/7/x86_64/other_db                                                                                                               | 2.6 MB  00:00:00     
(2/13): base/7/x86_64/filelists_db                                                                                                           | 7.1 MB  00:00:00     
(3/13): docker-ce-stable/x86_64/updateinfo                                                                                                   |   55 B  00:00:00     
(4/13): docker-ce-stable/x86_64/filelists_db                                                                                                 |  21 kB  00:00:00     
(5/13): docker-ce-stable/x86_64/primary_db                                                                                                   |  45 kB  00:00:00     
(6/13): epel/x86_64/filelists_db                                                                                                             |  12 MB  00:00:00     
(7/13): epel/x86_64/other_db                                                                                                                 | 3.3 MB  00:00:00     
(8/13): updates/7/x86_64/filelists_db                                                                                                        | 1.6 MB  00:00:00     
(9/13): epel/x86_64/prestodelta                                                                                                              |   75 B  00:00:00     
(10/13): extras/7/x86_64/filelists_db                                                                                                        | 205 kB  00:00:00     
(11/13): updates/7/x86_64/other_db                                                                                                           | 239 kB  00:00:00     
(12/13): extras/7/x86_64/other_db                                                                                                            | 122 kB  00:00:00     
(13/13): docker-ce-stable/x86_64/other_db                                                                                                    | 114 kB  00:00:00     
Metadata Cache Created
+ '[' -n '' ']'
+ sh -c 'yum install -y -q docker-ce'

https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-19.03.12-3.el7.x86_64.rpm: [Errno 12] Timeout on https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-19.03.12-3.el7.x86_64.rpm: (28, 'Operation too slow. Less than 1000 bytes/sec transferred the last 30 seconds')
Trying other mirror.
warning: /var/cache/yum/x86_64/7/docker-ce-stable/packages/docker-ce-cli-19.03.12-3.el7.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY
Public key for docker-ce-cli-19.03.12-3.el7.x86_64.rpm is not installed
Importing GPG key 0x621E9F35:
 Userid     : "Docker Release (CE rpm) "
 Fingerprint: 060a 61c5 1b55 8a7f 742b 77aa c52f eb6b 621e 9f35
 From       : https://download.docker.com/linux/centos/gpg
If you would like to use Docker as a non-root user, you should now consider
adding your user to the "docker" group with something like:

  sudo usermod -aG docker your-user

Remember that you will have to log out and back in for this to take effect!

WARNING: Adding a user to the "docker" group will grant the ability to run
         containers which can be used to obtain root privileges on the
         docker host.
         Refer to https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface
         for more information.

4.4 查看已经升级docker版本

[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# docker version
Client: Docker Engine - Community
 Version:           19.03.12
 API version:       1.40
 Go version:        go1.13.10
 Git commit:        48a66213fe
 Built:             Mon Jun 22 15:46:54 2020
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          19.03.12
  API version:      1.40 (minimum version 1.12)
  Go version:       go1.13.10
  Git commit:       48a66213fe
  Built:            Mon Jun 22 15:45:28 2020
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.2.13
  GitCommit:        7ad184331fa3e55e52b890ea95e65ba581ae3429
 runc:
  Version:          1.0.0-rc10
  GitCommit:        dc9208a3303feef5b3839f4323d9beb36df0a9dd
 docker-init:
  Version:          0.18.0
  GitCommit:        fec3683

4.5 docker 常用命令

[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# systemctl start docker 
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# systemctl status docker
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# service docker start#启动docker
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# service docker stop#停止docker
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# service docker restart#重启docker
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# docker update --restart=always redis # 设置镜像容器自启动

[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# docker rmi 镜像名/镜像ID

[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# docker restart [-i]  容器名/容器ID ## 重启容器
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# docker stop 容器名/容器ID (发送信号，等待停止）## 停止容器
[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# docker kill 容器名/容器ID（直接停止）## 立即停止容器

查看镜像

docker images [OPTSIONS] [REPOSITORY]
-a  --all=false  显示所有镜像，默认并不显示中间层的镜像
-f  --filter=[]  显示时的过滤条件
--no-trunc=false   指定不使用截断的形式来显示数据，默认情况下我们用images查到的列表会截断镜像的唯一id
-q  --quiet=false  只显示镜像的唯一id

删除镜像

docker rmi [OPTIONS] IMAGE [IMAGE...]
-f，--force=false 强制删除镜像
--no-prune=false 保留被删除镜像中被打标签的父镜像

启动容器

docker run IMAGE [COMMAND]  [ARG...]
# IMAGE 是指启动容器所使用的操作系统镜像
# [COMMAND] [ARG...] 指的是容器启动后运行的命令及其参数

启动交互容器式

#启动交互式容器
docker run -i -t IMAGE /bin/bash
 
#退出交互式容器的bash,这样容器就会在后台运行
Ctrl+P+Q

在run命令中增加了两个参数 -i -t ，并在容器启动时运行bash命令

i --interactive=true | fasle 默认是false
用来告诉docker守护进程为容器始终打开标准输入
-t --tty = true | false 默认是false
告诉docker要为创建的容器分配一个--tty终端，这样新创建的容器才能提供一个交互式的shell

启动守护式容器

docker run -d 镜像名 [COMMAND] [ARG...]
# -d 是指以后台的形式运行命令

说白来就是后台运行

查看运行的容器

docker ps [-a] [-l]
[-a] 列出所有创建的容器
[-l] 列出最新创建的容器

查看容器详细配置

docker inspect CONTAINER_ID

删除停止的容器

docker rm 容器名/容器ID
-f : 通过SIGKILL信号强制删除一个运行中的容器
-v : 删除与容器关联的卷

查看容器日志

docker logs [-f] [-t] [--tail] 容器名
-f  --follows=true | false 默认为false,告诉logs命令一直跟踪日志的变化并返回结果
-t  --timestamps=true | false 默认为false,在返回的结果上加上时间戳
--tail  = "all"   是选择返回结尾处多少数量的日志，如果不指定的话就返回所有的日志

查看容器内进程

docker top 容器名/容器ID

在运行容器进程内启动新进程

docker exec [-d] [-i] [-t]  容器名 [COMMAND] [ARG...]
eg :
docker exec -i -t 容器名 /bin/bash

获取容器、镜像元数据

docker  inspect [OPTIONS] CONTAINER|IMAGE[CONTAINER|IMAGE...]

更多命令可以参考：https://www.runoob.com/docker/docker-command-manual.html

[root@iZ8vb4s55pp0vcgoosyy9vZ ~]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.

5. 配置国内镜像源

5.1 阿里云镜像源配置

sudo mkdir -p /etc/docker
sudo vim /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://duvzla6d.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker

也可以参考其他镜像源：https://www.cnblogs.com/reasonzzy/p/11127359.html

6. 常见错误

6.1 错误1

docker: Error response from daemon: driver failed programming external connectivity on endpoint rmqconsole (16f4dd3ba81e295353ea44aeba0979885660f4b6cebbe339e819da79b9126ae5):  (iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 12581 -j DNAT --to-destination 172.17.0.5:8080 ! -i docker0: iptables: No chain/target/match by that name.
 (exit status 1)).

解决:重启docker服务后再启动容器

systemctl restart docker