Docker-部署实施
安装部署
安装方式
- 在线安装docker
- 离线安装docker
- 脚本式安装docker
安装实施详细过程
yum方式
配置epel源
yum -y install epel-release
安装依赖工具包
yum -y install yum-utils container-selinux device-mapper-persistent-data lvm2
安装docker
# 添加配置镜像源
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# 查看 docker-ce 源中的docker镜像
yum list docker-ce --show-duplicates
# 3. 安装最新版本 docker-ce
yum -y install docker-ce docker-ce-cli containerd.io
# 配置yum源
### docker yum源使用阿里云镜像 https://mirrors.aliyun.com/docker-ce/linux/
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -o /etc/yum.repos.d/docker-ce.repo
cat > /etc/yum.repos.d/docker-ce.repo <<-'EOF'
[docker-ce-stable]
name=Docker CE Stable - $basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/$basearch/stable
enabled=1
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
EOF
cat > /etc/yum.repos.d/aliyun.repo <<-'EOF'
[base]
name=CentOS-7 - Base - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/7/os/$basearch/
http://mirrors.aliyuncs.com/centos/7/os/$basearch/
http://mirrors.cloud.aliyuncs.com/centos/7/os/$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
[extras]
name=CentOS7 - Extras
baseurl=https://mirrors.aliyun.com/centos/7/extras/$basearch/
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
priority=1
EOF
sudo yum install -y yum-utils
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum makecache fast
sudo yum install -y http://mirror.centos.org/centos/7/extras/x86_64/Packages/container-selinux-2.74-1.el7.noarch.rpm
sudo yum install -y docker-ce
# -- 单独安装container-selinux。这个安装包更新挺频繁的,如果链接失效,需要前往http://mirror.centos.org/centos/7/extras/x86_64/Packages/查找最近打包的安装包。
# 安装
### 安装依赖
yum -y install container-selinux
### 查看可用版本
yum list docker-ce --show-duplicates
### 安装最新版本
yum -y install docker-ce
# 添加用户组docker
sudo usermod -aG docker albin
or
sudo groupadd docker #添加docker用户组
sudo gpasswd -a $USER docker #将登陆用户加入到docker用户组中
newgrp docker #更新用户组
docker ps #测试docker命令是否可以使用sudo正常使用
# 启动docker
systemctl enable docker
systemctl start docker
apt-get方式
https://docs.docker.com/engine/install/ubuntu/
离线安装
# 下载软件
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/static/stable/x86_64/docker-19.03.13.tgz -o /tmp/docker-19.03.13.tgz
wget https://download.docker.com/linux/static/stable/x86_64/docker-20.10.1.tgz
or
wget http://get.docker.io/builds/Linux/x86_64/docker-lastest.tgz
# 解压
tar -xvf docker-20.10.1.tgz
-- 将解压出来的docker文件内容移动到 /usr/bin/ 目录下
cp docker/* /usr/bin/
-- 注册编辑docker服务
vi /usr/lib/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target
-- 重新加载配置文件
systemctl daemon-reload
-- 启动
systemctl start docker.service
systemctl enable docker
脚本式安装
curl https://get.docker.io|sh
or
curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh
配置
查看信息
docker version
docker info
修改默认存储路径
# 方法1. 配置 /etc/docker/daemon.json 文件
cat > /etc/docker/daemon.json <<-'EOF'
{
"graph": "/ups/data/docker"
}
EOF
### 重启
systemctl restart docker.service
### 检查
[root@docker docker]# docker info|grep "Docker Root Dir"
WARNING: You're not using the default seccomp profile
Docker Root Dir: /ups/data/docker
[root@docker docker]#
# 方法2
mount -o bind /var/lib/docker /ups/data/docker
vi /etc/fstab
/ups/data/docker /var/lib/docker none bind 0 0
docker设置国内镜像源(加速)
# 修改配置文件 /etc/docker/daemon.json
{
"graph": "/ups/data/docker",
"registry-mirrors": [ "https://hub-mirror.c.163.com", "https://docker.mirrors.ustc.edu.cn", "https://registry.docker-cn.com" ]
}
# 2. 重启docker
systemctl daemon-reload
systemctl restart docker
cgroup 改成 systemd
在使用K8S的环境中,需要将 docker和kubelet的启动方式从cgroupfs统一改为systemd。
# 修改配置文件 /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"]
}
整合配置
# vi /etc/docker/daemon.json
{
"graph": "/ups/data/docker", # docker工作目录
"storage-driver": "overlay2", # 存储驱动
"insecure-registries": [ "registry.access.redhat.com" ], # 不安全的仓库
"registry-mirrors": [ "https://hub-mirror.c.163.com", "https://docker.mirrors.ustc.edu.cn", "https://registry.docker-cn.com" ], # 加速镜像
"bip": "172.6.244.1/24", # docker的网络,尽量要与宿主机有个对照关系
"exec-opts": ["native.cgroupdriver=systemd"], # cgroup的类型
"live-restore": true # 让docker容器不依懒docker引擎的死与活
}
卸载docker
yum方式
yum list installed | grep docker
yum -y remove docker docker-common docker-client
rm -rf /var/lib/docker
安装docker可视化管理工具 dockerui
docker pull abh1nav/dockerui:latest
docker run -d -p 9000:9000 -v /var/run/docker.sock:/var/run/docker.sock abh1nav/dockerui
# 打开web
http://192.168.10.180:9000
docker pull uifd/ui-for-docker
安装 docker-compose
Docker Compose是用于在使用yaml文件格式定义的Docker上运行多容器应用程序的工具。 Compose文件用于定义构成应用程序的一个或多个容器的配置方式。拥有Compose文件后,可以使用一个命令创建并启动应用程序:docker-compose up。
软件地址
https://github.com/docker/compose/releases
-- install
sudo curl -L "https://github.com/docker/compose/releases/download/1.27.3/docker-compose-$(uname -s)-$(uname -m)" -o /usr/bin/docker-compose
sudo chmod +x /usr/bin/docker-compose
sudo docker-compose --version
-- upgrade
docker-compose migrate-to-labels
-- uninstall
sudo rm -f /usr/bin/docker-compose
-- 参考: https://docs.docker.com/compose/install/
docker-compose管理
切换到默认文件(docker-compose.yml)的目录并运行docker-compose命令进行管理一组docker服务。
语法
Define and run multi-container applications with Docker.
Usage:
docker-compose [-f <arg>...] [options] [--] [COMMAND] [ARGS...]
docker-compose -h|--help
Options:
-f, --file FILE Specify an alternate compose file
(default: docker-compose.yml)
-p, --project-name NAME Specify an alternate project name
(default: directory name)
-c, --context NAME Specify a context name
--verbose Show more output
--log-level LEVEL Set log level (DEBUG, INFO, WARNING, ERROR, CRITICAL)
--no-ansi Do not print ANSI control characters
-v, --version Print version and exit
-H, --host HOST Daemon socket to connect to
--tls Use TLS; implied by --tlsverify
--tlscacert CA_PATH Trust certs signed only by this CA
--tlscert CLIENT_CERT_PATH Path to TLS certificate file
--tlskey TLS_KEY_PATH Path to TLS key file
--tlsverify Use TLS and verify the remote
--skip-hostname-check Don't check the daemon's hostname against the
name specified in the client certificate
--project-directory PATH Specify an alternate working directory
(default: the path of the Compose file)
--compatibility If set, Compose will attempt to convert keys
in v3 files to their non-Swarm equivalent (DEPRECATED)
--env-file PATH Specify an alternate environment file
Commands:
build Build or rebuild services
config Validate and view the Compose file
create Create services
down Stop and remove containers, networks, images, and volumes
events Receive real time events from containers
exec Execute a command in a running container
help Get help on a command
images List images
kill Kill containers
logs View output from containers
pause Pause services
port Print the public port for a port binding
ps List containers
pull Pull service images
push Push service images
restart Restart services
rm Remove stopped containers
run Run a one-off command
scale Set number of containers for a service
start Start services
stop Stop services
top Display the running processes
unpause Unpause services
up Create and start containers
version Show version information and quit
####### 启动服务
[root@progs tidb-docker-compose]# docker-compose up -h
Usage: up [options] [--scale SERVICE=NUM...] [--] [SERVICE...]
Options:
-d, --detach Detached mode: Run containers in the background,
print new container names. Incompatible with
--abort-on-container-exit.
--no-color Produce monochrome output.
--quiet-pull Pull without printing progress information
--no-deps Don't start linked services.
--force-recreate Recreate containers even if their configuration
and image haven't changed.
--always-recreate-deps Recreate dependent containers.
Incompatible with --no-recreate.
--no-recreate If containers already exist, don't recreate
them. Incompatible with --force-recreate and -V.
--no-build Don't build an image, even if it's missing.
--no-start Don't start the services after creating them.
--build Build images before starting containers.
--abort-on-container-exit Stops all containers if any container was
stopped. Incompatible with -d.
--attach-dependencies Attach to dependent containers.
-t, --timeout TIMEOUT Use this timeout in seconds for container
shutdown when attached or when containers are
already running. (default: 10)
-V, --renew-anon-volumes Recreate anonymous volumes instead of retrieving
data from the previous containers.
--remove-orphans Remove containers for services not defined
in the Compose file.
--exit-code-from SERVICE Return the exit code of the selected service
container. Implies --abort-on-container-exit.
--scale SERVICE=NUM Scale SERVICE to NUM instances. Overrides the
`scale` setting in the Compose file if present.
附录
参考文档
docker-ce | 镜像站使用帮助 | 清华大学开源软件镜像站 | Tsinghua Open Source Mirror
# 如果之前安装过 docker,请先删掉
sudo yum remove docker docker-common docker-selinux docker-engine
# 2. 安装一些依赖
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
# 3. 根据你的发行版下载repo文件:
## CentOS/RHEL
wget -O /etc/yum.repos.d/docker-ce.repo https://download.docker.com/linux/centos/docker-ce.repo
# 4. 把软件仓库地址替换为 TUNA:
sudo sed -i 's+download.docker.com+mirrors.tuna.tsinghua.edu.cn/docker-ce+' /etc/yum.repos.d/docker-ce.repo
# 5. 最后安装:
sudo yum makecache fast
sudo yum install docker-ce
