【docker 安装】 与【docker-compose 安装】

不同的操作系统需要不同的docker安装文件：具体下载位置：
Docker: https://download.docker.com/linux/static/stable/
docekr-compose：https://github.com/docker/compose/releases

1. 验证客户机器是否有docker 和docker-compose

docker -v
输出Docker版本号成功>>  Docker version 20.10.12, build 3967b7d 

docker-compose -v
输出Docker-compse版本号成功>> docker-compose version 1.29.2, build 5becea4c

1.1 docker安装

1. 将压缩包上传到服务器并解压

tar -zxvf xxx.taz 

2. 拷贝docker文件夹至/usr/bin/下

cp docker/* /usr/bin/

3. 拷贝docker.service文件夹至/etc/systemd/system/下（）

docker.service:

[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target

[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd --selinux-enabled=false --insecure-registry=192.168.31.242
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s

[Install]
WantedBy=multi-user.target

cp docker.service  /etc/systemd/system/

4. 查看本机ip

ifconfig

>>---
enp5s0: flags=4163,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.31.242  netmask 255.255.255.0  broadcast 192.168.31.255
        inet6 fe80::7656:3cff:fe27:4006  prefixlen 64  scopeid 0x20
        ether 74:56:3c:27:40:06  txqueuelen 1000  (Ethernet)
        RX packets 50821046  bytes 52119283120 (52.1 GB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 65044588  bytes 45372132281 (45.3 GB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

5. 修改/etc/systemd/system/docker.service

vim /etc/systemd/system/docker.service

修改对应位置配置，保存退出。

[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target

[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd --selinux-enabled=false --insecure-registry=192.168.31.242
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s

[Install]
WantedBy=multi-user.target

6. 添加执行权限 /etc/systemd/system/docker.service

chmod +x /etc/systemd/system/docker.service

7. 重新加载服务配置文件

systemctl daemon-reload 

8. 设置开机启动

systemctl enable docker.service

9. 启动docker

systemctl start docker

10. 查看docker状态

systemctl status docker

>>>
docker.service - Docker Application Container Engine
   Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2021-09-17 09:29:46 UTC; 1 years 10 months ago
     Docs: https://docs.docker.com

11. 查看docker版本

docker -v 

>>>
 输出Docker版本号安装成功>>  Docker version 20.10.12, build 3967b7d 
安装成功

1.2 docker-compose安装

1. 将docker-compose文件移动到/usr/local/bin/下

sudo mv docker-compose-Linux-x86_64 /usr/local/bin/docker-compose

2. 赋予可执行权限

sudo chmod +x /usr/local/bin/docker-compose 

3. 查看版本验证是否成功

docker-compose -v
输出Docker-compse版本号安装成功>> docker-compose version 1.29.2, build 5becea4c

2. 验证当前用户是否有docker，docker-compose命令权限.
   2.1 当前用户执行docker命令 验证：

docker ps

>>>
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json": dial unix /var/run/docker.sock: connect: permission denied

根据报错信息（/var/run/docker.sock: connect: permission denied），可知，用户无操作权限。
若可以正常执行则忽略此处

2.1.1 查看docker组用户：

cat /etc/group  | grep docker

>>>
docker:x:999:

如果有docker用户组，且当前用户不在docker用户组中,将当前用户加入到docker用户组中，并更新用户组，重启docker。

# 新建docker组，若存在，则忽略
groupadd docker

# 修改docker.sock权限为root:docker
sudo chown root:docker /var/run/docker.sock

#将用户添加到docker组
sudo usermod -aG docker ${USER}

#更新用户组
newgrp docker


#重启docker
systemctl daemon-reload 
systemctl restart docker

2.2 docker-compose权限设置
查看docker-compose执行权限：

ll  /usr/local/bin/   |grep docker-compose 

>>>
-rwxr-xr-x  1 root root 8856808 Mar 10 02:11 docker-compose*

docker-compose 属于root , root在用户组root中。 root用户可读可写可执行（rwx）
root组其用户可读不可写可执行(r-x)。 其他用户可读不可写可执行(r-x)

若当前用户没有可执行权限：

sudo chmod a+x /usr/local/bin/docker-compose