entos7.2离线安装docker
Centos7.2离线安装docker
1. 查看内核版本
a) #cat /etc/redhat-release
b) CentOS Linux release 7.2.1511 (Core)
2. 关闭防火墙与selinux
c) 临时关闭防火墙
systemctl stop firewalld
d) 永久防火墙开机自关闭
systemctl disable firewalld
e) 临时打开防火墙
systemctl start firewalld
f) 防火墙开机启动
systemctl enable firewalld
g) 查看防火墙状态
systemctl status firewalld
3. SELinux
h) 临时关闭SELinux
setenforce 0
i) 临时打开SELinux
setenforce 1
j) 查看SELinux状态
getenforce
k) 永久关闭selinux
sed -i.bak 's/SELINUX=enforcing/SELINUX=disabled/' /etc/sysconfig/selinux
sed -i.bak 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
4. 上传docker安装包,用工具winscp
l) 
m) 安装包下载地址 链接:https://pan.baidu.com/s/1zYO2UtYBvSO0UVRqJZ0xbQ 密码:i6nf
5. 创建组和用户
n) # groupadd docker
- o) # useradd –G docker docker
p) # chown -R docker:docker /home/docker/docker
q) # passwd docker 密码为docker
6. docker非root配置
r) # 查看是否存在docker用户组
s) $ cat /etc/group | grep docker grep docker /etc/group
t) # 添加当前用户到docker组中
u) sudo gpasswd -a ${USER} docker
7. 安装docker
v) cd /home/docker/docker
w) 先安装docker的依赖关系
x) yum install -y libcgroup-0.41-13.el7.x86_64.rpm
y) 安装docker安装包
z) yum install –y docker-engine-1.7.1-1.el7.centos.x86_64.rpm
8. 启动关闭docker进程
# sudo /etc/init.d/docker restart
# sudo /etc/init.d/docker stop
# sudo systemctl restart docker
# sudo systemctl stop docker
9. 查看进程是否启动
# sudo /etc/init.d/docker status
# sudo ps -elf|grep docker
10. 查看docker的版本号
查看版本:docker version
帮助信息:docker --help
概要信息:docker info
镜像查看:docker images
进程查看:docker ps -a
搜索镜像:docker search centos #搜索可用docker镜像
# sudo docker –v
搜索centos基础镜像 docker search centos
下载centos基础镜像
# docker pull centos
Using default
tag: latest
Trying to pull repository docker.io/library/centos ...
latest: Pulling from docker.io/library/centos
343b09361036: Pull complete
Digest: sha256:bba1de7c9d900a898e3cadbae040dfe8a633c06bc104a0df76ae24483e03c077
下载支持ssh服务器的centos镜像
# docker pull jdeathe/centos-ssh
Using default tag: latest
Trying to pull repository docker.io/jdeathe/centos-ssh ...
latest: Pulling from docker.io/jdeathe/centos-ssh
45a2e645736c: Pull complete
f0d571ff94cf: Pull complete
ea228e12ac20: Pull complete
edd63eef0a83: Pull complete
27c3eb39991d: Pull complete
4bf26ef9f3dd: Pull complete
4e572750aff7: Pull complete
b94a26882ae9: Pull complete
91ee52de11b1: Pull complete
e89f8a480c42: Pull complete
bd26710715b3: Pull complete
75c421c47829: Pull complete
f6eabaf37913: Pull complete
Digest: sha256:c80d3b79c853ce41a993cfa76f1b5983dffeb08aceefaaf04d64c9dc2e177d8e
11. 通过导出、导入的方式部署基础镜像
#官方镜像的下载很慢,有时多次尝试才能下载。
方法一:
#一台已经下载的好的镜像的服务器上操作。
docker save centos >
/opt/centos.tar #Docker导出镜像
docker load <
/opt/centos.tar
#Docker导入镜像
方法二:
docker export id >
/opt/centos.tar #Docker导出镜像
cat /opt/centos.tar | docker import centos #Docker导入镜像
12. 查看下载的基础镜像
# docker images
-----------------------------------------------------------------------------------------------------
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/jdeathe/centos-ssh latest 1d551d635e99 4 days ago 214 MB
docker.io/centos latest 8140d0c64310 2 weeks ago 192.5 MB
说明 :
REPOSITORY:来自于哪个仓库,比如
centos
TAG : 镜像的标记,一般修改版本号,latest为最后版本
IMAGE ID : 镜像的id号
CREATED : 创建镜像的时间
SIZE : 镜像的大小
通过基础镜像创建一个容器
1)通过基础镜像centos创建一个容器名为centos_v1,并在后台执行
[root@docker1 ~]#
docker run -it -d --name centos_v1 centos /bin/bash
0c1841e5d1115d35b80177ed5ea4fc5782e8a3ffc5f5c801979fb90ac5f26423
常用参数说明:
-i: 开启交互式shell
-t: 为容器分配一个伪tty终端
centos: 指定镜像的名字
/bin/bash: 运行/bin/bash
2) 查看容器
[root@docker1 ~]#
docker ps -a
CONTAINER ID
IMAGE
COMMAND
CREATED
STATUS
PORTS
NAMES
0c1841e5d111
centos
"/bin/bash" 7 seconds
ago Up 4
seconds
centos_v1
查看docker镜像的状态,-a表示列出所有的容器,STATUS如果为Exited为退出,UP为运行。
3)进入容器
[root@docker1 ~]# docker exec -it centos_v1 /bin/bash
提示符变成了0c1841e5d111,也是该容器的ID, 也是该容器的主机名。
[root@0c1841e5d111
/]# ls
anaconda-post.log bin dev etc home lib lib64
lost+found media mnt opt proc root
run sbin srv sys tmp usr var
[root@0c1841e5d111
/]# hostname
0c1841e5d111
4)退出容器
[root@0c1841e5d111
/]# exit
exit
[root@docker1 ~]#
5. 查看容器状态
[root@docker1 ~]#
docker ps -a
CONTAINER ID
IMAGE
COMMAND
CREATED
STATUS
PORTS
NAMES
0c1841e5d111
centos
"/bin/bash" About an
hour ago Up About an hour
centos_v1
6. 关闭与启动容器
关闭容器
[root@docker1 ~]#
docker stop centos_v1
centos_v1
[root@docker1 ~]#
docker ps -a
CONTAINER ID
IMAGE
COMMAND
CREATED
STATUS
PORTS
NAMES
0c1841e5d111
centos
"/bin/bash" About an
hour ago Exited (137) 3 seconds
ago
centos_v1
说明:STATUS状态为EXIT表示容器是退出状态。
启动容器
[root@docker1 ~]#
docker start centos_v1
centos_v1
[root@docker1 ~]#
docker ps -a
CONTAINER ID
IMAGE
COMMAND
CREATED
STATUS
PORTS
NAMES
0c1841e5d111
centos
"/bin/bash" About an
hour ago Up 3 seconds
centos_v1
[root@docker1 ~]#
[root@docker1 ~]#
7. 删除容器
1)删除容器(通过镜像ID与镜像名称均可)
[root@docker1 ~]# docker rm centos_v1 或 docker rm 0c1841e5d111
2)对于正在运行的容器,可以加-f参数强制进行删除。
[root@docker1 ~]# docker rm -f centos_v1
8. 通过一个容器创建镜像
说明:只能对运行中的容器提交本地镜像,关闭状态的容器无法提交本地镜像。
1)通过容器提交镜像
[root@docker1 ~]#
docker commit centos_v1 centos:v1
sha256:66d2dc12144a87def3c16080553cca41d2a2965d9332f2a085dc23cc30366afa
[root@docker1 ~]#
docker images
REPOSITORY
TAG
IMAGE ID
CREATED
SIZE
centos
v1
66d2dc12144a 6 seconds
ago 192.5 MB
docker.io/jdeathe/centos-ssh
latest
1d551d635e99 4 days
ago 214 MB
docker.io/centos
latest
8140d0c64310 2 weeks
ago 192.5 MB
2)删除镜像(通过镜像ID与镜像名称均可)
[root@docker1 ~]# docker rmi centos:v1
或
[root@docker1 ~]# docker rmi 66d2dc12144a
Untagged: centos:v1
Deleted: sha256:66d2dc12144a87def3c16080553cca41d2a2965d9332f2a085dc23cc30366afa
Deleted:
sha256:9c6100b12798ef72aeb16c13d3d8da8bef0a060d3162f068ea8730025e3508ea
9. 示例:创建一个提供apache服务器的容器
1)通过最基础镜像创建一个容器,用于制做
[root@docker1 ~]#
docker run -it -d --name abc centos /bin/bash
[root@docker1 ~]# docker exec -it httpd-80 /bin/bash
# yum install net-tools httpd -y
2) 通过httpd-80容器制一个http本地镜像
[root@docker1 ~]# docker commit httpd-80 centos:apache
3) 通过centos:apache镜像可以创建很多个容器
参数说明:-p 80:80 映射本地端口到容器的对应端口上,可以配置多个端口。
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
|
13. 测试docker服务
# docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
9bb5a5d4561a: Pull complete
Digest: sha256:f5233545e43561214ca4891fd1157e1c3c563316ed8e237750d59bde73361e77
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the
Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs
the
executable that produces the output you are currently
reading.
4. The Docker daemon streamed that output to the Docker client, which
sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/engine/userguide/
至此,docker18在CentOS7中的成功安装已经得到初步验证。
14. 查看帮助sudo docker --help
# docker --help
Usage: docker [OPTIONS] COMMAND [arg...]
A self-sufficient runtime for linux containers.
Options:
--api-cors-header= Set CORS headers in the remote API
-b, --bridge= Attach containers to a network bridge
--bip= Specify network bridge IP
-D, --debug=false Enable debug mode
-d, --daemon=false Enable daemon mode
--default-gateway= Container default gateway IPv4 address
--default-gateway-v6= Container default gateway IPv6 address
--default-ulimit=[] Set default ulimits for containers
--dns=[] DNS server to use
--dns-search=[] DNS search domains to use
-e, --exec-driver=native Exec driver to use
--exec-opt=[] Set exec driver options
--exec-root=/var/run/docker Root of the Docker execdriver
--fixed-cidr= IPv4 subnet for fixed IPs
--fixed-cidr-v6= IPv6 subnet for fixed IPs
-G, --group=docker Group for the unix socket
-g, --graph=/var/lib/docker Root of the Docker runtime
-H, --host=[] Daemon socket(s) to connect to
-h, --help=false Print usage
--icc=true Enable inter-container communication
--insecure-registry=[] Enable insecure registry communication
--ip=0.0.0.0 Default IP when binding container ports
--ip-forward=true Enable net.ipv4.ip_forward
--ip-masq=true Enable IP masquerading
--iptables=true Enable addition of iptables rules
--ipv6=false Enable IPv6 networking
-l, --log-level=info Set the logging level
--label=[] Set key=value labels to the daemon
--log-driver=json-file Default driver for container logs
--log-opt=map[] Set log driver options
--mtu=0 Set the containers network MTU
-p, --pidfile=/var/run/docker.pid Path to use for daemon PID file
--registry-mirror=[] Preferred Docker registry mirror
-s, --storage-driver= Storage driver to use
--selinux-enabled=false Enable selinux support
--storage-opt=[] Set storage driver options
--tls=false Use TLS; implied by --tlsverify
--tlscacert=~/.docker/ca.pem Trust certs signed only by this CA
--tlscert=~/.docker/cert.pem Path to TLS certificate file
--tlskey=~/.docker/key.pem Path to TLS key file
--tlsverify=false Use TLS and verify the remote
--userland-proxy=true Use userland proxy for loopback traffic
-v, --version=false Print version information and quit
Commands:
attach Attach to a running container
build Build an image from a Dockerfile
commit Create a new image from a container's changes
cp Copy files/folders from a container's filesystem to the host path
create Create a new container
diff Inspect changes on a container's filesystem
events Get real time events from the server
exec Run a command in a running container
export Stream the contents of a container as a tar archive
history Show the history of an image
images List images
import Create a new filesystem image from the contents of a tarball
info Display system-wide information
inspect Return low-level information on a container or image
kill Kill a running container
load Load an image from a tar archive
login Register or log in to a Docker registry server
logout Log out from a Docker registry server
logs Fetch the logs of a container
pause Pause all processes within a container
port Lookup the public-facing port that is NAT-ed to PRIVATE_PORT
ps List containers
pull Pull an image or a repository from a Docker registry server
push Push an image or a repository to a Docker registry server
rename Rename an existing container
restart Restart a running container
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container
save Save an image to a tar archive
search Search for an image on the Docker Hub
start Start a stopped container
stats Display a stream of a containers' resource usage statistics
stop Stop a running container
tag Tag an image into a repository
top Lookup the running processes of a container
unpause Unpause a paused container
version Show the Docker version information
wait Block until a container stops, then print its exit code
Run 'docker COMMAND --help' for more information on a command.
浙公网安备 33010602011771号