二进制安装 docker-20.10.4

Write by lyc at 2021-3-2

1.二进制安装 docker-20.10.4

docker 二进制包下载

Docker目前分为两个版本：EE版本（企业版本）、CE版本（社区版本）。我们一般都是使用CE社区版。

二进制安装的优势就是：支持离线、快速部署、跨平台（CentOS/Ubuntu之间通用）

安装

$ cd /usr/local/src
$ wget https://download.docker.com/linux/static/stable/x86_64/docker-20.10.4.tgz
$ tar xvf docker-20.10.4.tgz
$ mv docker/* /usr/bin

修改docker家目录

docker家目录默认是在 /var/lib/docker，为了防止镜像、容器等把服务器的 / 根占满，我们把其 link软链接到挂载盘。

$ mkdir -p /data/docker_data/docker
$ ln -s /data/docker_data/docker /var/lib

2.systemd 管理docker

$ cat > /etc/systemd/system/docker.service << EOF
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target

[Service]
Type=notify
ExecStart=/usr/bin/dockerd
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TimeoutStartSec=0
Delegate=yes
KillMode=process
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s

[Install]
WantedBy=multi-user.target
EOF

3.配置阿里云镜像源加速器

$ mkdir -p /etc/docker
$ cat > /etc/docker/daemon.json << EOF
{
  "registry-mirrors": ["https://b9pmyelo.mirror.aliyuncs.com"]
}
EOF

4.启动并设置开机启动

$ systemctl daemon-reload
$ systemctl start docker
$ systemctl enable docker

5.验证

docker -v

$ docker -v
Docker version 20.10.4, build d3cb89e

docker version

$ docker version
Client: Docker Engine - Community   # 社区版CE
 Version:           20.10.4         # 版本号
 API version:       1.41
 Go version:        go1.13.15
 Git commit:        d3cb89e
 Built:             Thu Feb 25 07:01:39 2021
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server: Docker Engine - Community   # 社区版
 Engine:
  Version:          20.10.4         # 版本号
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.13.15
  Git commit:       363e9a8
  Built:            Thu Feb 25 07:05:55 2021
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          v1.4.3
  GitCommit:        269548fa27e0089a8b8278fc4fc781d7f65a939b
 runc:
  Version:          1.0.0-rc93
  GitCommit:        12644e614e25b05da6fd08a38ffa0cfe1903fdec
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

docker info

$ docker info
Client:
 Context:    default
 Debug Mode: false

Server:
 Containers: 0
  Running: 0
  Paused: 0
  Stopped: 0
 Images: 0
 Server Version: 20.10.4        # version
 Storage Driver: overlay2
  Backing Filesystem: xfs
  Supports d_type: true
  Native Overlay Diff: false
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 1
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 269548fa27e0089a8b8278fc4fc781d7f65a939b
 runc version: 12644e614e25b05da6fd08a38ffa0cfe1903fdec
 init version: de40ad0
 Security Options:
  seccomp
   Profile: default
 Kernel Version: 4.19.0-9.el7.ucloud.x86_64
 Operating System: CentOS Linux 7 (Core)
 OSType: linux
 Architecture: x86_64
 CPUs: 2
 Total Memory: 3.716GiB
 Name: 10-19-10-132
 ID: WGFP:E2MN:PMUS:JPVI:ILJT:SQUU:3AIB:HXZ6:W6OD:HVPJ:T3AT:3PNR
 Docker Root Dir: /data/docker_data/docker    # docker家目录
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Registry Mirrors:
  https://b9pmyelo.mirror.aliyuncs.com/       # 阿里云docker镜像加速器
 Live Restore Enabled: false
 Product License: Community Engine

WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled

6.执行docker info出现警告

WARNING: bridge-nf-call-iptables is disabled解决

....
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled

添加内核参数

$ vim /etc/sysctl.conf
net.bridge.bridge-nf-call-ip6tables=1
net.bridge.bridge-nf-call-iptables=1

$ sysctl -p