Centos下docker离线安装
1、下载docker安装文件
离线安装docker,需要下载docker的安装文件。
地址:https://download.docker.com/linux/static/stable/x86_64/
我下的是最新的版本[docker-20.10.7.tgz],文件不大,只有69M左右。
2、离线docker安装
将安装包文件上传到服务器目录并解压。
[root@iZbp13sno1lc2yxlhjc4b3Z ~]#tar -xvf docker-19.03.6.tar
将解压出来的docker文件内容移动到 /usr/bin/ 目录下
[root@iZbp13sno1lc2yxlhjc4b3Z ~]#cp docker/* /usr/bin/
将docker注册为service,在/etc/systemd/system目录下创建docker.service文件,并配置如下内容保存。
[root@~]#vim /etc/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target
3、修改docker工作目录
/etc/docker/daemon.json文件值,文件不存在需手动创建
# vi /etc/docker/daemon.json
新增以下信息:
{
"data-root": "/app/docker/data"
}
4、设置开机启动
添加文件权限并启动docker,执行如下命令:
chmod +x /etc/systemd/system/docker.service #添加文件权限
systemctl daemon-reload #重载unit配置文件
systemctl start docker #启动Docker
systemctl enable docker.service #设置开机自启
验证docker安装是否成功:
systemctl status docker #查看Docker状态
docker -v
docker info
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.24/images/json: dial unix /var/run/docker.sock: connect: permission denied
解决方法
docker进程使用 Unix Socket 而不是 TCP 端口。而默认情况下,Unix socket 属于 root 用户,因此需要root权限 才能访问。
sudo groupadd docker #添加docker用户组
sudo gpasswd -a $XXX docker #检测当前用户是否已经在docker用户组中,其中XXX为用
户名,例如我
sudo gpasswd -a blekey docker
sudo gpasswd -a $USER docker #将当前用户添加至docker用户组
newgrp docker #更新docker用户组
需要生效的话需要重启docker服务
systemctl restart docker
如果还不行检查 /var/run/docker.sock
如果是这种需要修改
chown root:docker docker.sock
docker info 出现
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
解决办法:
vi /etc/sysctl.conf
添加以下内容
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
最后再执行
sysctl -p
此时docker info就看不到此报错了