This paper describes the CentOS system installation process Docker's.
Prerequisites
OS requirements
CentOS7:
The centos-extras repository must be enabled. This repository is enabled by default, but if you have disabled it, you need to re-enable it. The overlay2 storage driver is recommended
Uninstall the old version
It is known as an older version of Docker docker
or docker-engine
. If you have installed these, please uninstall them and related dependencies:
sudo yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-selinux \
docker-engine-selinux \
docker-engine
复制代码
/var/lib/docker
It holds the mirror, the container, the volume, the network directory. Official documentation of the installation docker-ce
package, only internal source docker-engine
package, docker-ce
is the latest community version of the package name.
Installation Docker CE
Use the installation source
Set the source
1. Install the dependent packages, yum tils
provided yum-config-manager
kits, device-mapper-persistent-data
and lvm2
are devicemapper
stored in the drive package depends.
$ sudo yum install -y yum-utils \
device-mapper-persistent-data \
lvm2
复制代码
2. Source stable following command set:
$ sudo yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
复制代码
Choose domestic Tsinghua source -Docker Community Edition mirroring Help
Installation Docker CE
1. Install the latest version of Docker CE:
$ sudo yum install docker-ce
复制代码
2. To install a specific version Docker CE, to list the available versions in the repo, and then select and install:
$ yum list docker-ce --showduplicates | sort -r
复制代码
Docker after installation, docker group was created, but no user is added to this group.
3. Start Docekr:
$ sudo systemctl start docker
复制代码
4 can be run hello-world
to verify successful installation docker mirror:
sudo docker run hello-world`
复制代码
The command to download a test image, run it in a container. When the container is running, it will print a message and exit.
From the RPM package installation
If you are unable to install the source Docker Docker, you can download to your release .rpm
file and install it manually. You need to download a new file each time you want to upgrade Docker.
- Go download.docker.com/linux/cento... download the rpm package
- Installation Docker CE:
$ sudo yum install /path/to/package.rpm
Upgrade Docker CE
Use the yum -y upgrade docker-ce
upgrade version.
Uninstall
- Uninstall Docker package:
$ sudo yum remove docker-ce
- Mirroring, container, or the volume does not automatically delete the custom configuration file on the host. To delete these files, you can run the following command:
$ sudo rm -rf /var/lib/docker
You must manually delete any edited configuration file
important point
- If a non-root user wants to use Docker, you should add the user to docker groups:
sudo usermod -aG docker your-user
- After installing Docker CE, it is based on
DEB
will start automatically on release. BasedRPM
on release, requires the use of appropriatesystemctl
orservice
manual commands start it
Use systemd control Docker
Manual start
Most Linux distributions use systemctl
to start the service, if not, use service
the command:
systemctl
:$ sudo systemctl start docker
service
:$ sudo service docker start
Self-priming system
If you want Docker to start at boot , see if you want to achieve open from the start docker
, you can read this article Configure Docker to start on boot
systemctl list-unit-files|grep docker # 查看 Docker 服务状态
复制代码
Docker daemon configuration options
The recommended method is to use a platform-independent daemon.json
file, located by default /etc/docker/
in. Detailed configuration items, see the official declared the Configuration File -daemon , there's a Chinese Remarks: Docker daemon (dockerd) profile daemon.json .
You can use daemon.json
to configure almost all the daemons configuration options. The following example is configured with two options. You can not use the daemon.json
mechanism of a configuration option HTTP proxy
.
Runtime directory and storage driver
You might want by moving a mirror, container and roll to a separate partition to control disk space.
To achieve this, you can daemon.json
do the following configuration:
{
"data-root": "/mnt/docker-data",
"storage-driver": "overlay"
}
复制代码
HTTP/HTTPS proxy
Docker daemon uses HTTP_PROXY
, HTTPS_PROXY
and NO_PROXY
environmental variables in its boot environment to configure HTTP and HTTPS proxy. You can not use daemon.json
to configure these environment variables files.
If you are using HTTP or HTTPS proxy server, for example, the company set up, you need to add this to Docker systemd service configuration file.
1. Create a directory for docker systemd services:
$ sudo mkdir -p /etc/systemd/system/docker.service.d
复制代码
2. Create a file /etc/systemd/system/docker.service.d/http-proxy.conf
, adding HTTP_PROXY
environment variables:
[Service]
Environment="HTTP_PROXY=http://proxy.example.com:80/"
复制代码
Or, if you use the HTTPS proxy services, create a file /etc/systemd/system/docker.service.d/https-proxy.conf
, adding HTTPS_PROXY
environment variables:
[Service]
Environment="HTTPS_PROXY=https://proxy.example.com:443/"
复制代码
3. If you have internal Docker registries service or to use domestic mirrored accelerator -daocloud.io , you need to specify NO_PROXY
to them without going through proxy access environment variables:
[Service]
Environment="HTTP_PROXY=http://proxy.example.com:80/" "NO_PROXY=localhost,127.0.0.1,docker-registry.somecorporation.com,daocloud.io"
复制代码
In this way, you visit NO_PROXY
when the URL, the proxy will not go, the speed will be faster.
Or, if you are behind an HTTPS proxy server:
[Service]
Environment="HTTPS_PROXY=https://proxy.example.com:443/" "NO_PROXY=localhost,127.0.0.1,docker-registry.somecorporation.com"
复制代码
The actual configuration of a chestnut:
mkdir -p /etc/systemd/system/docker.service.d/ # 先保证有这个目录
cat <<'EOF'>/etc/systemd/system/docker.service.d/http-proxy.conf # 这里一定要记得让内部镜像仓地址不要走代理,否则无法访问我们私有的镜像仓
[Service]
Environment="HTTP_PROXY=http://127.0.0.1:3128/"
Environment="HTTPS_PROXY=http://127.0.0.1:3128/"
Environment="NO_PROXY=localhost,127.0.0.0/8,.domain.com"
EOF
复制代码
4.Flush changes:
$ sudo systemctl daemon-reload
复制代码
5. Restart Docker:
$ sudo systemctl restart docker
复制代码
6. Verify the configuration items have been loaded:
$ systemctl show --property=Environment docker
Environment=HTTP_PROXY=http://proxy.example.com:80/
复制代码
If you used HTTPS proxy:
$ systemctl show --property=Environment docker
Environment=HTTPS_PROXY=https://proxy.example.com:443/
复制代码
Systemd unit files manually create
When you manually install Docker, if you want to use systemd management Docker, two units can be installed files service
and socket
reference MOBY / contrib / the init / systemd / , to download the file /etc/systemd/system
.
Mirroring configuration uses docker warehouse
Select a: ustc mirror
Docker use the new version of /etc/docker/daemon.json(Linux)
Configuration Daemon:
{
"registry-mirrors": ["https://docker.mirrors.ustc.edu.cn"]
}
复制代码
Option two: Docker Chinese official mirror accelerated
{
"registry-mirrors": ["https://registry.docker-cn.com"]
}
复制代码
Docker pulling them away is mirrored default HTTPS protocol (port 443), generally have no legitimate private warehouse HTTPS certificates, by a non-security warehouse by configuring the private warehouse:
{
"insecure-registries" : ["hub.h.com"]
}
复制代码
insecure-registries
It is to address non-secure warehouse configuration.
Test results configuration:
busybox is an integrated more than one hundred of the most commonly used commands and tools linux software, but it is also a minimal Linux system, which provides the main functionality of the system, such as grep, find, mount, and telnet, etc. but does not include some of GNU-related features and options
docker pull busybox
复制代码
Docker storage drive
Linux kernel 4.0 after only supported overlay2 (Linux kernel support is called just after 3.18 overlayFS). Also make sure the server version docker is not less than 1.12, or can not support. uname -sr
You can view the system kernel version.
Docker 1.12.6/v17.03
Document under CentOS7 system installation, explicitly, when used in the production, must be devicemapper
driven direct-lvm
model, we need to be ready ahead of block devices, to provide better stability and performance. Use the default devicemapper
drive loop-lvm
mode, because the simple installation only applies to the test environment. From docker info
we can see the information, loop-lvm
mode the maximum available space is only 107GB. Production environment must devicemapper
drive direct-lvm
mode, block devices, faster and more efficient use of system resources.
In Docker v17.06
later versions and, with regard to OverlayFS
the storage drive, try to use overlay2
instead of overlay
the official explanation that overlay
can be used but is not recommended. Use overlay2
of the Linux kernel in claim 4.0 or more, or in the kernel CentOS7 3.10.0-693
above. Docker-CE v17.06 and above, using the overlay2
drive, set the additional parameters needed to inhibit the detection kernel version 4.0.
#查看当前存储驱动
docker info|grep -i storage
#停止Docker
service docker stop
#清空数据,如果有啥需要的请自己备份
rm -rf /var/lib/docker/*
#修改配置文件
vi /etc/docker/daemon.json
#如果没有这个文件或没有内容,就直接把下面的粘贴进去
#不然就只添加那一条
#如果不是在最后一行加请自行在末尾添加逗号
{
"storage-driver": "overlay2"
}
#如果是CentOS7或者RedHat7内核在3.10.0-693以下的,设置额外的参数:
{
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
]
}
#当然,也可以通过给docker修改启动参数的方式来
# 1.修改/etc/init.d/docker
# 这个直接在 dockerd 后面加参数就行,不过其实和下面的差不多
# 2.修改/etc/sysconfig/docker
# 改成类似 other_args="-s overlay2"
# 3.修改/usr/lib/systemd/system/docker.service
# 改成类似 ExecStart=/usr/bin/dockerd -s overlay2
#启动docker
service docker start
复制代码
Typically in the production of Constructing the machine, the system is generally not large disc size, will mount a large-capacity disk data, such as data directory. So, in order to avoid future Docker's root directory /var/lib/mock
is too large, explode the system disk, we need to find ways to change it Docker's root directory, there are two main ways:
1. To back up /var/lib/docker
the content, and then create a /data/docker
soft link of:ln -s /data/docker /var/lib/docker
2. Modify daemon.json
configuration:
{
# before before 17.06-ce
"graph": "/data/docker",
# docker after 17.06-ce
"data-root":"/data/docker",
}
复制代码
reference
- 官宣-Get Docker CE for CentOS
- Official declared -Control Docker with systemd-Docker proxy settings
- How to install Docker in CentOS 7 mentioned in this article must be upgraded in order to use overlay2 CentOS kernel, not in fact be
Dockuer Hub Mirror:
- Haven -Docker socks5 proxy settings or domestic mirror
- Ibrahimovic - domestic docker warehouse image contrast text with a mirror test script speed
- Ali cloud -Docker mirror accelerator
- Huawei cloud -Docker Hub Services
Storage drive:
- Lao Gao technology blog -centos upgraded version of the kernel to support overlay2
- Depth understanding of Docker storage drive community on a container and related K8s
- 官宣-Use the OverlayFS storage driver
- 官宣-Docker storage drivers
- senra-Docker switching OverLay (2) - to improve the performance, speed
- CentOS7.x system problems when used Docker, storage areas requiring attention
- Operation and maintenance notes -DOCKER change the image storage location describes two common methods to modify the storage location at the same time, pay attention to the points mentioned in the old and new versions of configuration items
- SOF-How to change the docker image installation directory explained the difference between different versions of the root directory of configuration items
original
The author: Michael Cheung
This link: michael728.github.io/2019/06/01/...
Reproduced in: https: //juejin.im/post/5cf341bff265da1b971a5d65