安裝指令如下:
也可以使用國内 daocloud 一鍵安裝指令:
指令執行情況
[root@mcw1 /application]$ which docker #檢視docker指令位置
/usr/bin/docker
[root@mcw1 /application]$ rpm -qa|grep docker #檢視安裝後的包
docker-ce-rootless-extras-20.10.12-3.el7.x86_64
docker-ce-cli-20.10.12-3.el7.x86_64
docker-ce-20.10.12-3.el7.x86_64
docker-scan-plugin-0.12.0-3.el7.x86_64
[root@mcw1 /application]$ rpm -ql docker-ce #檢視包的安裝位置
/usr/bin/docker-init
/usr/bin/docker-proxy
/usr/bin/dockerd
/usr/lib/systemd/system/docker.service
/usr/lib/systemd/system/docker.socket
[root@mcw1 /application]$ rpm -ql docker-ce-cli #檢視包的安裝位置
/usr/libexec/docker/cli-plugins/docker-app
/usr/libexec/docker/cli-plugins/docker-buildx
/usr/share/bash-completion/completions/docker
/usr/share/doc/docker-ce-cli-20.10.12
/usr/share/doc/docker-ce-cli-20.10.12/LICENSE
/usr/share/doc/docker-ce-cli-20.10.12/MAINTAINERS
/usr/share/doc/docker-ce-cli-20.10.12/NOTICE
/usr/share/doc/docker-ce-cli-20.10.12/README.md
/usr/share/fish/vendor_completions.d/docker.fish
/usr/share/man/man1/docker-attach.1.gz
/usr/share/man/man1/docker-build.1.gz
[root@mcw1 /application]$ docker #檢視docker的幫助資訊
Usage: docker [OPTIONS] COMMAND
A self-sufficient runtime for containers
Options:
--config string Location of client config files (default "/root/.docker")
-c, --context string Name of the context to use to connect to the daemon (overrides DOCKER_HOST env var and default context set with "docker context use")
-D, --debug Enable debug mode
-H, --host list Daemon socket(s) to connect to
-l, --log-level string Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info")
--tls Use TLS; implied by --tlsverify
--tlscacert string Trust certs signed only by this CA (default "/root/.docker/ca.pem")
--tlscert string Path to TLS certificate file (default "/root/.docker/cert.pem")
--tlskey string Path to TLS key file (default "/root/.docker/key.pem")
--tlsverify Use TLS and verify the remote
-v, --version Print version information and quit
Management Commands:
app* Docker App (Docker Inc., v0.9.1-beta3)
builder Manage builds
buildx* Docker Buildx (Docker Inc., v0.7.1-docker)
config Manage Docker configs
container Manage containers
context Manage contexts
image Manage images
manifest Manage Docker image manifests and manifest lists
network Manage networks
node Manage Swarm nodes
plugin Manage plugins
scan* Docker Scan (Docker Inc., v0.12.0)
secret Manage Docker secrets
service Manage services
stack Manage Docker stacks
swarm Manage Swarm
system Manage Docker
trust Manage trust on Docker images
volume Manage volumes
Commands:
attach Attach local standard input, output, and error streams to a running container
build Build an image from a Dockerfile
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes to files or directories on a container's filesystem
events Get real time events from the server
exec Run a command in a running container
export Export a container's filesystem as a tar archive
history Show the history of an image
images List images
import Import the contents from a tarball to create a filesystem image
info Display system-wide information
inspect Return low-level information on Docker objects
kill Kill one or more running containers
load Load an image from a tar archive or STDIN
login Log in to a Docker registry
logout Log out from a Docker registry
logs Fetch the logs of a container
pause Pause all processes within one or more containers
port List port mappings or a specific mapping for the container
ps List containers
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rename Rename a container
restart Restart one or more containers
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container
save Save one or more images to a tar archive (streamed to STDOUT by default)
search Search the Docker Hub for images
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop one or more running containers
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
top Display the running processes of a container
unpause Unpause all processes within one or more containers
update Update configuration of one or more containers
version Show the Docker version information
wait Block until one or more containers stop, then print their exit codes
Run 'docker COMMAND --help' for more information on a command.
To get more help with docker, check out our guides at https://docs.docker.com/go/guides/
[root@mcw1 /application]$ ps -ef|grep docker #檢視剛剛安裝上docker的情況
root 6344 1370 0 07:45 pts/0 00:00:00 grep --color=auto docker
[root@mcw1 /application]$ systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
Active: inactive (dead)
Docs: https://docs.docker.com
加速器這裡有:https://www.runoob.com/docker/docker-mirror-acceleration.html
Ubuntu16.04+、Debian8+、CentOS7
對于使用 systemd 的系統,請在 /etc/docker/daemon.json 中寫入如下内容(如果檔案不存在請建立該檔案):
{"registry-mirrors":["https://hub-mirror.c.163.com/"]} #用這個吧,下面那個好像慢,回頭驗證是不是它的問題,像蝸牛,耽誤我好長時間
{"registry-mirrors":["https://reg-mirror.qiniu.com/"]}
添加之後需要重新啟動服務:
$ sudo systemctl daemon-reload
$ sudo systemctl restart docker
[root@mcw1 /application]$ docker run ubuntu:15.10 /bin/echo "Hello world"#運作docker容器,但是docker daemon還沒起
docker: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?.
See 'docker run --help'.
[root@mcw1 /application]$ systemctl start docker.service #啟動docker服務,這就是docker daemon
[root@mcw1 /application]$ ps -ef|grep docker
root 6506 1 2 07:51 ? 00:00:00 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
root 6660 1370 0 07:51 pts/0 00:00:00 grep --color=auto docker
/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock #這是容器服務程序吧,是不是可以直接用這個指令啟動呢?
[root@mcw1 /application]$ docker run -d -p 8080 httpd #運作容器
Unable to find image 'httpd:latest' locally
latest: Pulling from library/httpd
a2abf6c4d29d: Pull complete
dcc4698797c8: Pull complete
41c22baa66ec: Pull complete
67283bbdd4a0: Pull complete
d982c879c57e: Pull complete
Digest: sha256:0954cc1af252d824860b2c5dc0a10720af2b7a3d3435581ca788dff8480c7b32
Status: Downloaded newer image for httpd:latest
106809b6c9df7f7675efc4515eae856324ebe3cc84742a560eb97fe52a76723e
ERRO[0044] error waiting for container: context canceled
[root@mcw1 /application]$
[root@mcw1 /application]$ docker ps #檢視容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
106809b6c9df httpd "httpd-foreground" 2 minutes ago Up 2 minutes 80/tcp, 0.0.0.0:49153->8080/tcp, :::49153->8080/tcp friendly_dijkstra
剛剛弄錯了:停掉容器重新開機
[root@mcw1 /application]$ docker run -d -p 80:80 httpd
c8b617d91943185a4239a817ab5f62267494531686a032db0ac28b3190765f5f
[root@mcw1 /application]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c8b617d91943 httpd "httpd-foreground" 11 seconds ago Up 8 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp sweet_curran
頁面正常通路:
檢視docker daemon 啟動檔案,啟動檔案中有執行啟動的指令
[root@mcw1 /application]$ cat /usr/lib/systemd/system/docker.service|grep -i execstart
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
root 7025 1 0 08:24 ? 00:00:09 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
[root@mcw1 /application]$ systemctl daemon-reload
[root@mcw1 /application]$ systemctl restart docker.service
重新開機之後,之前運作的docker可能停掉
[root@mcw1 /application]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c8b617d91943 httpd "httpd-foreground" 23 minutes ago Exited (0) 25 seconds ago sweet_curran
重新啟動一下
[root@mcw1 /application]$ docker start c8b6
c8b6
c8b617d91943 httpd "httpd-foreground" 24 minutes ago Up 7 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp sweet_curran
啟動容器之後,可以看到兩個運作的docker-proxy服務,指向的容器ip和端口是一樣的
root 7879 1 0 08:56 ? 00:00:00 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
root 8031 7879 0 08:57 ? 00:00:00 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 80 -container-ip 172.17.0.2 -container-port 80
root 8035 7879 0 08:57 ? 00:00:00 /usr/bin/docker-proxy -proto tcp -host-ip :: -host-port 80 -container-ip 172.17.0.2 -container-port 80
root 8225 1370 1 08:59 pts/0 00:00:00 grep --color=auto docker
預設隻能響應本地HOst用戶端請求
ExecStart=/usr/bin/dockerd -H fd:// -H tcp://0.0.0.0#--containerd=/run/containerd/containerd.sock
ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix://var/run/docker.soc #修改為這樣也行
mcw1上未修改時,連不上服務端
mcw1通路:
[root@mcw1 /application]$ docker -H 127.0.0.1:2375 info
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Docker Buildx (Docker Inc., v0.7.1-docker)
scan: Docker Scan (Docker Inc., v0.12.0)
Server:
ERROR: Cannot connect to the Docker daemon at tcp://127.0.0.1:2375. Is the docker daemon running?
errors pretty printing info
mcw2通路mcw1
[root@mcw2 ~]# docker 10.0.0.131 info
docker: '10.0.0.131' is not a docker command.
See 'docker --help'
[root@mcw2 ~]# docker -H 10.0.0.131 info
ERROR: Cannot connect to the Docker daemon at tcp://10.0.0.131:2375. Is the docker daemon running?
mcw1修改重新開機後
[root@mcw1 /application]$ vim /usr/lib/systemd/system/docker.service
root 8338 1 1 09:03 ? 00:00:00 /usr/bin/dockerd -H fd:// -H tcp://0.0.0.0#--containerd=/run/containerd/containerd.sock
root 8473 1370 0 09:04 pts/0 00:00:00 grep --color=auto docker
[root@mcw1 /application]$ grep -i execstart /usr/lib/systemd/system/docker.service
修改後mcw1通路,有資料,有容器資訊
root@mcw1 /application]$ docker -H 127.0.0.1 info
Containers: 2
Running: 0
Paused: 0
Stopped: 2
Images: 1
Server Version: 20.10.12
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc io.containerd.runc.v2 io.containerd.runtime.v1.linux
Default Runtime: runc
Init Binary: docker-init
containerd version: 7b11cfaabd73bb80907dd23182b9347b4245eb5d
runc version: v1.0.2-0-g52b36a2
init version: de40ad0
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-693.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 976.3MiB
Name: mcw1
ID: XBZE:DN6Z:UQMS:2FCM:YSA4:XZFO:EPFV:LVET:UP3V:OJFK:WLGF:7Q64
Docker Root Dir: /var/lib/docker
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
https://hub-mirror.c.163.com/
Live Restore Enabled: false
WARNING: API is accessible on http://0.0.0.0:2375 without encryption.
Access to the remote API is equivalent to root access on the host. Refer
to the 'Docker daemon attack surface' section in the documentation for
more information: https://docs.docker.com/go/attack-surface/
修改後mcw2也能通路到
Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
[root@mcw2 ~]#
前提是要修改啟動檔案,支援遠端連接配接docker服務端
pip install docker
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c8b617d91943 httpd "httpd-foreground" 24 hours ago Up 16 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp sweet_curran
[root@mcw1 /application]$ docker container ls
c8b617d91943 httpd "httpd-foreground" 25 hours ago Up 16 minutes 0.0.0.0:80->80/tcp, :::80->80/tcp sweet_curran
[root@mcw1 /application]$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
httpd latest dabbfbe0c57b 3 days ago 144MB