centos7 安装 Docker-CE

jimmy 2019年05月13日 1,052次浏览

centos 安装 docker-ce

Docker 介绍

Docker是一种容器技术,让我的应用在隔离的环境中运行,提供比虚拟机技术更高效的方式。Docker从2017年3月,版本1.13后将版本分为了社区版Docker-CE和企业版Docker-EE,社区版是免费提供给个人开发者和小型团体使用的,企业版会提供额外的收费服务,而某些企业级的Linux不支持Docker-CE了,比如RedHat Enterprise Linux,SUSE Linux Enterprise Server,而我目前所在的公司使用的恰好是SUSE Linux Enterprise Server,和Docker-CE无缘了。

具体支持情况入下:

请输入图片描述

三种安装方式

1.通过设置docker的yum源,使用yum直接安装,这种方式方便后续升级,是官方推荐的安装方式,但是所有机器要联网。

2.下载rmp包,通脱rpm手动安装,这种安装方式适合没有网络环境的机器。

3.通过一个shell脚本安装。

$ curl -fsSL https://get.docker.com -o get-docker.sh
$ sudo sh get-docker.sh

卸载旧版本

centos默认已经安装了docker,只是版本比较老,我们卸载老的版本。

[root@localhost ~]# uname -r
3.10.0-514.el7.x86_64
[root@localhost ~]# yum info docker
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.163.com
 * extras: mirrors.cn99.com
 * updates: centos.ustc.edu.cn
Available Packages
Name        : docker
Arch        : x86_64
Epoch       : 2
Version     : 1.13.1
Release     : 96.gitb2f74b2.el7.centos
Size        : 18 M
Repo        : extras/7/x86_64
Summary     : Automates deployment of containerized applications
URL         : https://github.com/docker/docker
License     : ASL 2.0
Description : Docker is an open-source engine that automates the deployment of any
            : application as a lightweight, portable, self-sufficient container that will
            : run virtually anywhere.
            :
            : Docker containers can encapsulate any payload, and will run consistently on
            : and between virtually any server. The same container that a developer builds
            : and tests on a laptop will run at scale, in production*, on VMs, bare-metal
            : servers, OpenStack clusters, public instances, or combinations of the above.

可以看出1.13.1是yum仓库中最新的docker版本了,后面的docker已经分为docker-ee和docker-ce了。

执行卸载
yum remove docker  docker-client docker-client-latest docker-common docker-latest \
                  docker-latest-logrotate docker-logrotate docker-selinux docker-engine-selinux docker-engine

从yum源安装Docker-CE

1.增加Docker-ce的yum源

安装yum-utils是为了安装yum-config-manager工具。
yum -y install yum-utils

安装源
[root@localhost ~]# yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
Loaded plugins: fastestmirror
adding repo from: https://download.docker.com/linux/centos/docker-ce.repo
grabbing file https://download.docker.com/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
repo saved to /etc/yum.repos.d/docker-ce.repo

2.安装docker, 大小66M,网络不好的话需要下载一会。

[root@localhost ~]# yum install docker-ce
Loaded plugins: fastestmirror
docker-ce-stable                                                                                                         | 3.5 kB  00:00:00
(1/2): docker-ce-stable/x86_64/updateinfo                                                                                |   55 B  00:00:03
(2/2): docker-ce-stable/x86_64/primary_db                                                                                |  28 kB  00:00:06
Loading mirror speeds from cached hostfile
 * base: mirrors.163.com
 * extras: mirrors.cn99.com
 * updates: centos.ustc.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package docker-ce.x86_64 3:18.09.6-3.el7 will be installed
--> Processing Dependency: container-selinux >= 2.9 for package: 3:docker-ce-18.09.6-3.el7.x86_64
--> Processing Dependency: containerd.io >= 1.2.2-3 for package: 3:docker-ce-18.09.6-3.el7.x86_64
--> Processing Dependency: libseccomp >= 2.3 for package: 3:docker-ce-18.09.6-3.el7.x86_64
--> Processing Dependency: docker-ce-cli for package: 3:docker-ce-18.09.6-3.el7.x86_64
--> Processing Dependency: libcgroup for package: 3:docker-ce-18.09.6-3.el7.x86_64
--> Processing Dependency: libseccomp.so.2()(64bit) for package: 3:docker-ce-18.09.6-3.el7.x86_64
--> Running transaction check
---> Package container-selinux.noarch 2:2.95-2.el7_6 will be installed
--> Processing Dependency: selinux-policy-targeted >= 3.13.1-216.el7 for package: 2:container-selinux-2.95-2.el7_6.noarch
--> Processing Dependency: selinux-policy-base >= 3.13.1-216.el7 for package: 2:container-selinux-2.95-2.el7_6.noarch
--> Processing Dependency: selinux-policy >= 3.13.1-216.el7 for package: 2:container-selinux-2.95-2.el7_6.noarch
--> Processing Dependency: policycoreutils >= 2.5-11 for package: 2:container-selinux-2.95-2.el7_6.noarch
--> Processing Dependency: policycoreutils-python for package: 2:container-selinux-2.95-2.el7_6.noarch
---> Package containerd.io.x86_64 0:1.2.5-3.1.el7 will be installed
---> Package docker-ce-cli.x86_64 1:18.09.6-3.el7 will be installed
---> Package libcgroup.x86_64 0:0.41-20.el7 will be installed
---> Package libseccomp.x86_64 0:2.3.1-3.el7 will be installed
--> Running transaction check
---> Package policycoreutils.x86_64 0:2.5-8.el7 will be updated
---> Package policycoreutils.x86_64 0:2.5-29.el7_6.1 will be an update
--> Processing Dependency: libsepol >= 2.5-10 for package: policycoreutils-2.5-29.el7_6.1.x86_64
--> Processing Dependency: libsemanage >= 2.5-14 for package: policycoreutils-2.5-29.el7_6.1.x86_64
--> Processing Dependency: libselinux-utils >= 2.5-14 for package: policycoreutils-2.5-29.el7_6.1.x86_64
---> Package policycoreutils-python.x86_64 0:2.5-29.el7_6.1 will be installed
--> Processing Dependency: setools-libs >= 3.3.8-4 for package: policycoreutils-python-2.5-29.el7_6.1.x86_64
--> Processing Dependency: libsemanage-python >= 2.5-14 for package: policycoreutils-python-2.5-29.el7_6.1.x86_64
--> Processing Dependency: audit-libs-python >= 2.1.3-4 for package: policycoreutils-python-2.5-29.el7_6.1.x86_64
--> Processing Dependency: python-IPy for package: policycoreutils-python-2.5-29.el7_6.1.x86_64
--> Processing Dependency: libqpol.so.1(VERS_1.4)(64bit) for package: policycoreutils-python-2.5-29.el7_6.1.x86_64
--> Processing Dependency: libqpol.so.1(VERS_1.2)(64bit) for package: policycoreutils-python-2.5-29.el7_6.1.x86_64
--> Processing Dependency: libapol.so.4(VERS_4.0)(64bit) for package: policycoreutils-python-2.5-29.el7_6.1.x86_64
--> Processing Dependency: checkpolicy for package: policycoreutils-python-2.5-29.el7_6.1.x86_64
--> Processing Dependency: libqpol.so.1()(64bit) for package: policycoreutils-python-2.5-29.el7_6.1.x86_64
--> Processing Dependency: libapol.so.4()(64bit) for package: policycoreutils-python-2.5-29.el7_6.1.x86_64
---> Package selinux-policy.noarch 0:3.13.1-102.el7 will be updated
---> Package selinux-policy.noarch 0:3.13.1-229.el7_6.12 will be an update
---> Package selinux-policy-targeted.noarch 0:3.13.1-102.el7 will be updated
---> Package selinux-policy-targeted.noarch 0:3.13.1-229.el7_6.12 will be an update
--> Running transaction check
---> Package audit-libs-python.x86_64 0:2.8.4-4.el7 will be installed
--> Processing Dependency: audit-libs(x86-64) = 2.8.4-4.el7 for package: audit-libs-python-2.8.4-4.el7.x86_64
---> Package checkpolicy.x86_64 0:2.5-8.el7 will be installed
---> Package libselinux-utils.x86_64 0:2.5-6.el7 will be updated
---> Package libselinux-utils.x86_64 0:2.5-14.1.el7 will be an update
--> Processing Dependency: libselinux(x86-64) = 2.5-14.1.el7 for package: libselinux-utils-2.5-14.1.el7.x86_64
---> Package libsemanage.x86_64 0:2.5-4.el7 will be updated
---> Package libsemanage.x86_64 0:2.5-14.el7 will be an update
---> Package libsemanage-python.x86_64 0:2.5-14.el7 will be installed
---> Package libsepol.x86_64 0:2.5-6.el7 will be updated
---> Package libsepol.x86_64 0:2.5-10.el7 will be an update
---> Package python-IPy.noarch 0:0.75-6.el7 will be installed
---> Package setools-libs.x86_64 0:3.3.8-4.el7 will be installed
--> Running transaction check
---> Package audit-libs.x86_64 0:2.6.5-3.el7 will be updated
--> Processing Dependency: audit-libs(x86-64) = 2.6.5-3.el7 for package: audit-2.6.5-3.el7.x86_64
---> Package audit-libs.x86_64 0:2.8.4-4.el7 will be an update
---> Package libselinux.x86_64 0:2.5-6.el7 will be updated
--> Processing Dependency: libselinux(x86-64) = 2.5-6.el7 for package: libselinux-python-2.5-6.el7.x86_64
---> Package libselinux.x86_64 0:2.5-14.1.el7 will be an update
--> Running transaction check
---> Package audit.x86_64 0:2.6.5-3.el7 will be updated
---> Package audit.x86_64 0:2.8.4-4.el7 will be an update
---> Package libselinux-python.x86_64 0:2.5-6.el7 will be updated
---> Package libselinux-python.x86_64 0:2.5-14.1.el7 will be an update
--> Finished Dependency Resolution

Total download size: 66 M
Is this ok [y/d/N]: y
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.

Total                                                                                                                                                498 kB/s |  66 MB  00:02:15
Retrieving key from https://download.docker.com/linux/centos/gpg
Importing GPG key 0x621E9F35:
 Userid     : "Docker Release (CE rpm) <docker@docker.com>"
 Fingerprint: 060a 61c5 1b55 8a7f 742b 77aa c52f eb6b 621e 9f35
 From       : https://download.docker.com/linux/centos/gpg
Is this ok [y/N]: y
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction

Installed:
  docker-ce.x86_64 3:18.09.6-3.el7

Dependency Installed:
  audit-libs-python.x86_64 0:2.8.4-4.el7              checkpolicy.x86_64 0:2.5-8.el7      container-selinux.noarch 2:2.95-2.el7_6      containerd.io.x86_64 0:1.2.5-3.1.el7
  docker-ce-cli.x86_64 1:18.09.6-3.el7                libcgroup.x86_64 0:0.41-20.el7      libseccomp.x86_64 0:2.3.1-3.el7              libsemanage-python.x86_64 0:2.5-14.el7
  policycoreutils-python.x86_64 0:2.5-29.el7_6.1      python-IPy.noarch 0:0.75-6.el7      setools-libs.x86_64 0:3.3.8-4.el7

Dependency Updated:
  audit.x86_64 0:2.8.4-4.el7                    audit-libs.x86_64 0:2.8.4-4.el7                        libselinux.x86_64 0:2.5-14.1.el7   libselinux-python.x86_64 0:2.5-14.1.el7
  libselinux-utils.x86_64 0:2.5-14.1.el7        libsemanage.x86_64 0:2.5-14.el7                        libsepol.x86_64 0:2.5-10.el7       policycoreutils.x86_64 0:2.5-29.el7_6.1
  selinux-policy.noarch 0:3.13.1-229.el7_6.12   selinux-policy-targeted.noarch 0:3.13.1-229.el7_6.12

Complete!

如果需要特定版本的docker,可以列出所有版本,选择一个安装

[root@localhost ~]# yum list docker-ce --showduplicates | sort -r
 * updates: centos.ustc.edu.cn
Loading mirror speeds from cached hostfile
Loaded plugins: fastestmirror
Installed Packages
 * extras: mirrors.cn99.com
docker-ce.x86_64            3:18.09.6-3.el7                    docker-ce-stable
docker-ce.x86_64            3:18.09.6-3.el7                    @docker-ce-stable
docker-ce.x86_64            3:18.09.5-3.el7                    docker-ce-stable
docker-ce.x86_64            3:18.09.4-3.el7                    docker-ce-stable
docker-ce.x86_64            3:18.09.3-3.el7                    docker-ce-stable
docker-ce.x86_64            3:18.09.2-3.el7                    docker-ce-stable
docker-ce.x86_64            3:18.09.1-3.el7                    docker-ce-stable
docker-ce.x86_64            3:18.09.0-3.el7                    docker-ce-stable
docker-ce.x86_64            18.06.3.ce-3.el7                   docker-ce-stable
 * base: mirrors.163.com
Available Packages

执行方式是yum install docker-ce- ,其中VERSION是上面的第二列,从:后面开始,到-结束,一共包含3个版本数据,用两个点分割,比如18.09.6

选择安装3:18.09.6-3.el7 则执行下列命令。

yum install docker-ce-18.09.6

查看已经安装好的版本

[root@localhost ~]# rpm -qa | grep docker
docker-ce-cli-18.09.6-3.el7.x86_64
docker-ce-18.09.6-3.el7.x86_64

通过下载rpm包安装

rmp包下载地址rpm

通过下面的命令安装,需要修改rpm为实际的路径。

yum install /path/to/package.rpm

其他操作和从yum安装方式一样。
这种方式安装rpm包的时候会提示缺少依赖,可以使用下列命令,找一台可以连接互联网的机器批量下载,但是安装的时候可能还会说缺少依赖,可以到http://rpmfind.net/这个网站下载。

[root@server docker-ce]# yum install --downloadonly --downloaddir=/root/docker-ce docker-ce-17.09.0.ce
部分rpm为单独下载
[root@k8s-node1 docker-ce]# ls -la
total 34544
drwxr-xr-x. 2 root root     4096 May 15 09:51 .
dr-xr-x---. 4 root root     4096 May 15 09:28 ..
-rw-r--r--. 1 root root   255648 May 15 09:28 audit-2.8.4-4.el7.x86_64.rpm
-rw-r--r--. 1 root root   102448 May 15 09:28 audit-libs-2.8.4-4.el7.x86_64.rpm
-rw-r--r--. 1 root root    78216 May 15 09:28 audit-libs-python-2.8.4-4.el7.x86_64.rpm
-rw-r--r--. 1 root root   302068 May 15 09:28 checkpolicy-2.5-8.el7.x86_64.rpm
-rw-r--r--. 1 root root    39468 May 15 09:28 container-selinux-2.95-2.el7_6.noarch.rpm
-rw-r--r--. 1 root root 22157896 May 15 09:28 docker-ce-17.09.0.ce-1.el7.centos.x86_64.rpm
-rw-r--r--. 1 root root    67652 May 15 09:28 libcgroup-0.41-20.el7.x86_64.rpm
-rw-r--r--. 1 root root    56988 May 15 09:28 libseccomp-2.3.1-3.el7.x86_64.rpm
-rw-r--r--. 1 root root   165932 May 15 09:28 libselinux-2.5-14.1.el7.x86_64.rpm
-rw-r--r--. 1 root root   191104 May 15 09:28 libselinux-devel-2.5-14.1.el7.x86_64.rpm
-rw-r--r--. 1 root root   241132 May 15 09:28 libselinux-python-2.5-14.1.el7.x86_64.rpm
-rw-r--r--. 1 root root   155092 May 15 09:28 libselinux-utils-2.5-14.1.el7.x86_64.rpm
-rw-r--r--. 1 root root   154244 May 15 09:28 libsemanage-2.5-14.el7.x86_64.rpm
-rw-r--r--. 1 root root   115284 May 15 09:28 libsemanage-python-2.5-14.el7.x86_64.rpm
-rw-r--r--. 1 root root   304196 May 15 09:28 libsepol-2.5-10.el7.x86_64.rpm
-rw-r--r--. 1 root root    78740 May 15 09:28 libsepol-devel-2.5-10.el7.x86_64.rpm
-rw-r--r--. 1 root root    50076 May 15 09:28 libtool-ltdl-2.4.2-22.el7_3.x86_64.rpm
-rw-r--r--. 1 root root   432020 Aug 10  2017 pcre-8.32-17.el7.x86_64.rpm
-rw-r--r--. 1 root root   491272 Aug 10  2017 pcre-devel-8.32-17.el7.x86_64.rpm
-rw-r--r--. 1 root root    54928 Jul  4  2014 pkgconfig-0.27.1-4.el7.x86_64.rpm
-rw-r--r--. 1 root root   938004 May 15 09:28 policycoreutils-2.5-29.el7_6.1.x86_64.rpm
-rw-r--r--. 1 root root   466748 May 15 09:28 policycoreutils-python-2.5-29.el7_6.1.x86_64.rpm
-rw-r--r--. 1 root root    32880 May 15 09:28 python-IPy-0.75-6.el7.noarch.rpm
-rw-r--r--. 1 root root   495512 May 15 09:28 selinux-policy-3.13.1-229.el7_6.12.noarch.rpm
-rw-r--r--. 1 root root  7247400 May 15 09:28 selinux-policy-targeted-3.13.1-229.el7_6.12.noarch.rpm
-rw-r--r--. 1 root root   635184 May 15 09:28 setools-libs-3.3.8-4.el7.x86_64.rpm

[root@k8s-node1 docker-ce]# rpm -ivh *.rpm --force
warning: docker-ce-17.09.0.ce-1.el7.centos.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY
Preparing...                          ################################# [100%]
Updating / installing...
   1:libsepol-2.5-10.el7              ################################# [  4%]
   2:audit-libs-2.8.4-4.el7           ################################# [  8%]
   3:pkgconfig-1:0.27.1-4.el7         ################################# [ 12%]
   4:pcre-8.32-17.el7                 ################################# [ 15%]
   5:libselinux-2.5-14.1.el7          ################################# [ 19%]
   6:libsemanage-2.5-14.el7           ################################# [ 23%]
   7:libselinux-utils-2.5-14.1.el7    ################################# [ 27%]
   8:policycoreutils-2.5-29.el7_6.1   ################################# [ 31%]
   9:selinux-policy-3.13.1-229.el7_6.1################################# [ 35%]
  10:libcgroup-0.41-20.el7            ################################# [ 38%]
  11:selinux-policy-targeted-3.13.1-22################################# [ 42%]
  12:libsemanage-python-2.5-14.el7    ################################# [ 46%]
  13:libselinux-python-2.5-14.1.el7   ################################# [ 50%]
  14:setools-libs-3.3.8-4.el7         ################################# [ 54%]
  15:pcre-devel-8.32-17.el7           ################################# [ 58%]
  16:libsepol-devel-2.5-10.el7        ################################# [ 62%]
  17:audit-libs-python-2.8.4-4.el7    ################################# [ 65%]
  18:python-IPy-0.75-6.el7            ################################# [ 69%]
  19:libtool-ltdl-2.4.2-22.el7_3      ################################# [ 73%]
  20:libseccomp-2.3.1-3.el7           ################################# [ 77%]
  21:checkpolicy-2.5-8.el7            ################################# [ 81%]
  22:policycoreutils-python-2.5-29.el7################################# [ 85%]
  23:container-selinux-2:2.95-2.el7_6 ################################# [ 88%]
  24:docker-ce-17.09.0.ce-1.el7.centos################################# [ 92%]
  25:libselinux-devel-2.5-14.1.el7    ################################# [ 96%]
  26:audit-2.8.4-4.el7                ################################# [100%]

测试Docker

启动docker

[root@localhost ~]# systemctl start docker

测试运行一个docker镜像

[rroot@localhost docker]# docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
1b930d010525: Pull complete
Digest: sha256:5f179596a7335398b805f036f7e8561b6f0e32cd30a32f5e19d17a3cda6cc33d
Status: Downloaded newer image for hello-world:latest

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
    (amd64)
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
 https://hub.docker.com/

For more examples and ideas, visit:
 https://docs.docker.com/get-started/

开机启动docker

systemctl enable docker

取消开机启动docker

systemctl disable docker

docker的相关配置

docker有一个平台无关的配置文件,在/etc/docker/daemon.json,格式如下:

{
  "exec-opts": ["native.cgroupdriver=cgroupfs"],
  "graph": "/opt/docker",
  "storage-driver": "overlay2",
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m"
  }
}

配置docker的http代理

docker使用HTTP_PROXY,HTTPS_PROXY,NO_PROXY3个环境变量来设置相关代理,但是这个代理不能设置到daemon.json配置文件,需要设置到docker.service文件,在主机需要代理才能上网的时候非常有用。如下内容在使用yum,rpm安装方式会自动创建。
1.创建一个目录,来存储docker.service的相关文件

mkdir -p /etc/systemd/system/docker.service.d

2.创建一个文件/etc/systemd/system/docker.service.d/http-proxy.conf来存储HTTP_PROXY环境变量

[Service]
Environment="HTTP_PROXY=http://proxy.example.com:80/"

或者创建一个HTTPS_PROXY来使用https代理

[Service]
Environment="HTTPS_PROXY=https://proxy.example.com:443/"

3.如果我们有自己的私有docker注册中心,那么这个中心的地址就不需要走代理了,通过配置NO_PROXY来设置。
可以设置ip,域名等设置。

[Service]    
Environment="HTTP_PROXY=http://proxy.example.com:80/" "NO_PROXY=localhost,127.0.0.1,docker-registry.example.com,.corp"
  1. 使设置生效
systemctl daemon-reload
systemctl restart docker

5.检查是否生效

systemctl show --property=Environment docker
Environment=HTTP_PROXY=http://proxy.example.com:80/

修改docker0网卡的ip段

[root@k8s-node1 system]# vi /etc/docker/daemon.json
{
  "bip":"172.19.19.1/24"
}
[root@k8s-node1 system]# systemctl restart docker.service
[root@k8s-node1 system]# ifconfig docker0
docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.19.19.1  netmask 255.255.255.0  broadcast 0.0.0.0
        ether 02:42:86:01:b4:a4  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

卸载Docker

删除安装包
yum remove docker-ce

删除主机上的mages, containers, volumes等等
rm -rf /var/lib/docker