CENTOS环境DOCKER的正确安装及疑难杂症

根据官方文档:https://docs.docker.com/install/linux/docker-ce/centos/搭建docker 
1.卸载docker旧版本:

 

sudo yum remove docker \
                  docker-client \
                  docker-client-latest \
                  docker-common \
                  docker-latest \
                  docker-latest-logrotate \
                  docker-logrotate \
                  docker-selinux \
                  docker-engine-selinux \
                  docker-engine\

 

2.安装相关工具类:

sudo yum install -y yum-utils \
  device-mapper-persistent-data \
  lvm2

3.配置docker仓库:

sudo yum-config-manager \
    --add-repo \
    https://download.docker.com/linux/centos/docker-ce.repo
会报以下错误:
>     --add-repo \
>     https://download.docker.com/linux/centos/docker-ce.repo
已加载插件:fastestmirror, langpacks
adding repo from: https://download.docker.com/linux/centos/docker-ce.repo
grabbing file https://download.docker.com/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
Could not fetch/save url https://download.docker.com/linux/centos/docker-ce.repo to file /etc/yum.repos.d/docker-ce.repo: [Errno 14] curl#6 - "Could not resolve host: download.docker.com; 未知的错误"
[root@localhost init.d]# sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

这是由于国内访问不到docker官方镜像的缘故 

解决办法:在/etc/resolv.conf文件中添加 :nameserver 8.8.8.8


可以通过aliyun的源来完成:

sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
出现以下内容则表示docker仓库配置成功:
Loaded plugins: fastestmirror
adding repo from: http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
grabbing file http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
repo saved to /etc/yum.repos.d/docker-ce.repo

4.安装docker

sudo yum install docker-ce

 

出现以下异常:
Loaded plugins: fastestmirror
base
https://download-stage.docker.com/linux/centos/7/x86_64/stable/repodata/repomd.xml: [Errno 14] curl#35 - "TCP connection reset by peer"
Trying other mirror.
 One of the configured repositories failed (Docker CE Stable - x86_64),
 and yum doesn't have enough cached data to continue. At this point the only
 safe thing yum can do is fail. There are a few ways to work "fix" this:

     1. Contact the upstream for the repository and get them to fix the problem.

     2. Reconfigure the baseurl/etc. for the repository, to point to a working
        upstream. This is most often useful if you are using a newer
        distribution release than is supported by the repository (and the
        packages for the previous distribution release still work).

     3. Run the command with the repository temporarily disabled
            yum --disablerepo=docker-ce-stable ...

     4. Disable the repository permanently, so yum won't use it by default. Yum
        will then just ignore the repository until you permanently enable it
        again or use --enablerepo for temporary usage:

            yum-config-manager --disable docker-ce-stable
        or
            subscription-manager repos --disable=docker-ce-stable

     5. Configure the failing repository to be skipped, if it is unavailable.
        Note that yum will try to contact the repo. when it runs most commands,
        so will have to try and fail each time (and thus. yum will be be much
        slower). If it is a very temporary problem though, this is often a nice
        compromise:

            yum-config-manager --save --setopt=docker-ce-stable.skip_if_unavailable=true

failure: repodata/repomd.xml from docker-ce-stable: [Errno 256] No more mirrors to try.
https://download-stage.docker.com/linux/centos/7/x86_64/stable/repodata/repomd.xml: [Errno 14] curl#35 - "TCP connection reset by peer"

 

分析原因为:阿里的镜像库文件也指向docker官方库,所以需要修改库文件

sudo vim /etc/yum.repos.d/docker-ce.repo

通过命令把https://download-stage.docker.com替换为http://mirrors.aliyun.com/docker-ce

命令如下::%s#https://download-stage.docker.com#http://mirrors.aliyun.com/docker-ce#g

第一种安装方式:

再执行docker的安装命令即可安装成功。

sudo yum install docker-ce

内容如下:

 

Installed:
  docker-ce.x86_64 0:18.03.0.ce-1.el7.centos

Dependency Installed:
  audit-libs-python.x86_64 0:2.7.6-3.el7 checkpolicy.x86_64 0:2.5-4.el7   container-selinux.noarch 2:2.42-1.gitad8f0f7.el7 libcgroup.x86_64 0
  libtool-ltdl.x86_64 0:2.4.2-22.el7_3   pigz.x86_64 0:2.3.3-1.el7.centos policycoreutils-python.x86_64 0:2.5-17.1.el7     python-IPy.noarch

Complete!

第二种安装方式:

可以查看所有仓库中所有docker版本,并选择特定版本安装:yum list docker-ce --showduplicates | sort -r

安装docker:sudo yum install docker-ce-17.12.0.ce

如果出现如下内容:

已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
正在解决依赖关系
--> 正在检查事务
---> 软件包 docker-ce.x86_64.0.17.12.0.ce-1.el7.centos 将被 安装
--> 正在处理依赖关系 container-selinux >= 2.9,它被软件包 docker-ce-17.12.0.ce-1.el7.centos.x86_64 需要
--> 解决依赖关系完成
错误:软件包:docker-ce-17.12.0.ce-1.el7.centos.x86_64 (docker-ce-stable)
          需要:container-selinux >= 2.9
 您可以尝试添加 --skip-broken 选项来解决该问题
 您可以尝试执行:rpm -Va --nofiles --nodigest

container-selinux >= 2.9 

这个报错是container-selinux版本低或者是没安装的原因

yum 安装container-selinux 一般的yum源又找不到这个包

需要安装epel源 才能yum安装container-selinux

然后在安装docker-ce就可以了。

wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo  

 yum install epel-release   #阿里云上的epel源

然后yum install container-selinux
 

已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
epel/x86_64/metalink                                                                                                                                                                                                                                   | 9.1 kB  00:00:00     
 * base: mirrors.aliyun.com
 * epel: mirrors.aliyun.com
 * extras: mirrors.aliyun.com
 * updates: mirrors.aliyun.com
epel                                                                                                                                                                                                                                                   | 5.4 kB  00:00:00     
(1/3): epel/x86_64/group_gz                                                                                                                                                                                                                            |  90 kB  00:00:05     
(2/3): epel/x86_64/updateinfo                                                                                                                                                                                                                          | 1.0 MB  00:00:00     
(3/3): epel/x86_64/primary_db                                                                                                                                                                                                                          | 6.9 MB  00:00:01     
正在解决依赖关系
--> 正在检查事务
---> 软件包 container-selinux.noarch.2.2.107-3.el7 将被 安装
--> 正在处理依赖关系 selinux-policy-targeted >= 3.13.1-216.el7,它被软件包 2:container-selinux-2.107-3.el7.noarch 需要
--> 正在处理依赖关系 selinux-policy-base >= 3.13.1-216.el7,它被软件包 2:container-selinux-2.107-3.el7.noarch 需要
--> 正在处理依赖关系 selinux-policy >= 3.13.1-216.el7,它被软件包 2:container-selinux-2.107-3.el7.noarch 需要
--> 正在检查事务
---> 软件包 selinux-policy.noarch.0.3.13.1-192.el7 将被 升级
---> 软件包 selinux-policy.noarch.0.3.13.1-252.el7_7.6 将被 更新
--> 正在处理依赖关系 policycoreutils >= 2.5-24,它被软件包 selinux-policy-3.13.1-252.el7_7.6.noarch 需要
--> 正在处理依赖关系 libsemanage >= 2.5-13,它被软件包 selinux-policy-3.13.1-252.el7_7.6.noarch 需要
---> 软件包 selinux-policy-targeted.noarch.0.3.13.1-192.el7 将被 升级
---> 软件包 selinux-policy-targeted.noarch.0.3.13.1-252.el7_7.6 将被 更新
--> 正在处理依赖关系 policycoreutils >= 2.5-24,它被软件包 selinux-policy-targeted-3.13.1-252.el7_7.6.noarch 需要
--> 解决依赖关系完成
错误:软件包:selinux-policy-3.13.1-252.el7_7.6.noarch (updates)
          需要:policycoreutils >= 2.5-24
          已安装: policycoreutils-2.5-22.el7.x86_64 (@anaconda)
              policycoreutils = 2.5-22.el7
错误:软件包:selinux-policy-3.13.1-252.el7_7.6.noarch (updates)
          需要:libsemanage >= 2.5-13
          已安装: libsemanage-2.5-11.el7.x86_64 (@anaconda)
              libsemanage = 2.5-11.el7
错误:软件包:selinux-policy-targeted-3.13.1-252.el7_7.6.noarch (updates)
          需要:policycoreutils >= 2.5-24
          已安装: policycoreutils-2.5-22.el7.x86_64 (@anaconda)
              policycoreutils = 2.5-22.el7
 您可以尝试添加 --skip-broken 选项来解决该问题
 您可以尝试执行:rpm -Va --nofiles --nodigest

 

最后解决:yum clean all

yum install docker-ce

 

5.验证docker安装成功:

启动docker:

sudo systemctl start docker

验证docker:

sudo docker run hello-world

则会出现以下异常:

Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
9bb5a5d4561a: Pulling fs layer
docker: error pulling image configuration: Get https://dseasb33srnrn.cloudfront.net/registry-v2/docker/registry/v2/blobs/sha256/e3/e38bc07ac18e
See 'docker run --help'.

此错误也是网络问题:出现这个问题原因为国内网络问题,无法连接到 docker hub。 
配置阿里云的docker镜像库:在阿里云开通容器镜像服务拿到加速地址在执行以下命令:

也可以:

好在国内已经有  daocloud,docker指定该源即可。

 

vi /usr/lib/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target

[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd --registry-mirror=http://f2d6cb40.m.daocloud.io
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s

[Install]
WantedBy=multi-user.target

 

重启docker服务:

$ sudo systemctl daemon-reload
$ sudo systemctl restart docker

 

再次验证docker:

sudo docker run hello-world

出现一下内容表示验证成功:

 

Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
9bb5a5d4561a: Pull complete 
Digest: sha256:f5233545e43561214ca4891fd1157e1c3c563316ed8e237750d59bde73361e77
Status: Downloaded newer image for hello-world:latest

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
    (amd64)
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
 https://hub.docker.com/

For more examples and ideas, visit:
 https://docs.docker.com/engine/userguide/

 

 

卸载:

  1、查询docker安装过的包:

    yum list installed | grep docker

       

  2、删除安装包:

   yum remove docker-ce.x86_64 ddocker-ce-cli.x86_64 -y

  3、删除镜像/容器等

    rm -rf /var/lib/docker

你可能感兴趣的:(devops,docker)