文章目录
- Docker从入门到精通_02 Docker魔法之旅:零基础Linux用户也能轻松驾驭的安装部署指南
- 一 操作系统安装
- 二 操作系统环境准备
- 2.1 关闭防火墙
- 2.1.2.2 关闭selinux
- 2.2.1 临时关闭selinux
- 2.2.2 永久关闭selinux
- 三 docker引擎安装
- 3.1 从get.docker.com 下载 get-docker.sh
- 3.2 执行安装脚本
- 3.2.1 直接去docker官方下载软件自动安装
- 3.3.2 去阿里云镜像仓库下载软件自动安装
- 3.3 docker启动/自启动
- 3.4 检查docker信息
- 3.4.1 查看docker简要信息
- 3.4.2 查看docker程序运行状态
- 3.4.3 查看当前docker版本
- 3.5 赋予普通用户执行docker权限
- 3.6 普通用户下测试是否能够正确执行docker程序
Docker从入门到精通_02 Docker魔法之旅:零基础Linux用户也能轻松驾驭的安装部署指南
一 操作系统安装
Docker 支持多种操作系统,包括但不限于 Linux、Windows 和 macOS。CentOS Linux 操作系统安装详见
。
二 操作系统环境准备
准备网络环境 192.168.0.121 255.255.255.0 192.168.0.1 | DNS 202.102.224.68
2.1 关闭防火墙
- 为了测试方便,先关闭防火墙
[root@docker ~]# systemctl stop firewalld
- 设置开机不自动启动防火墙
[root@docker ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@superman ~]#
2.1.2.2 关闭selinux
2.2.1 临时关闭selinux
#修改好后,通过setenforce 0让设置马上生效
[root@docker ~]# setenforce 0
2.2.2 永久关闭selinux
[root@docker ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
三 docker引擎安装
联网安装
下载docker软件 –> 安装docker依赖 –> 安装docker软件 –> 运行docker软件运行(引擎)
不同linux版本安装方法不同
官方出版bash通用安装脚本 (get-docker.sh) 自动下载软件 – 自动安装
3.1 从get.docker.com 下载 get-docker.sh
[root@docker ~]# curl -fskSL get.docker.com -o get-docker.sh
[root@docker ~]# ls
anaconda-ks.cfg get-docker.sh initial-setup-ks.cfg 公共 模板 视频 图片 文档 下载 音乐 桌面
[root@docker ~]#
3.2 执行安装脚本
3.2.1 直接去docker官方下载软件自动安装
[root@docker ~]# sh get-docker.sh
3.3.2 去阿里云镜像仓库下载软件自动安装
[root@docker ~]# sh get-docker.sh --mirror Aliyun
# Executing docker install script, commit: e5543d473431b782227f8908005543bb4389b8de
+ sh -c 'yum install -y -q yum-utils'
+ sh -c 'yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo'
已加载插件:fastestmirror, langpacks
adding repo from: https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
grabbing file https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
repo saved to /etc/yum.repos.d/docker-ce.repo
+ '[' stable '!=' stable ']'
+ sh -c 'yum makecache'
已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
epel/x86_64/metalink | 7.2 kB 00:00:00
* base: mirrors.ustc.edu.cn
* epel: mirrors.tuna.tsinghua.edu.cn
* extras: mirrors.ustc.edu.cn
* updates: mirrors.ustc.edu.cn
base | 3.6 kB 00:00:00
docker-ce-stable | 3.5 kB 00:00:00
extras | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
(1/4): docker-ce-stable/7/x86_64/filelists_db | 51 kB 00:00:00
(2/4): docker-ce-stable/7/x86_64/updateinfo | 55 B 00:00:00
(3/4): docker-ce-stable/7/x86_64/primary_db | 118 kB 00:00:00
(4/4): docker-ce-stable/7/x86_64/other_db | 135 kB 00:00:00
元数据缓存已建立
+ sh -c 'yum install -y -q docker-ce docker-ce-cli containerd.io docker-compose-plugin docker-ce-rootless-extras docker-buildx-plugin'
warning: /var/cache/yum/x86_64/7/docker-ce-stable/packages/docker-buildx-plugin-0.11.2-1.el7.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY
docker-buildx-plugin-0.11.2-1.el7.x86_64.rpm 的公钥尚未安装
导入 GPG key 0x621E9F35:
用户ID : "Docker Release (CE rpm) <docker@docker.com>"
指纹 : 060a 61c5 1b55 8a7f 742b 77aa c52f eb6b 621e 9f35
来自 : https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
================================================================================
To run Docker as a non-privileged user, consider setting up the
Docker daemon in rootless mode for your user:
dockerd-rootless-setuptool.sh install
Visit https://docs.docker.com/go/rootless/ to learn about rootless mode.
To run the Docker daemon as a fully privileged service, but granting non-root
users access, refer to https://docs.docker.com/go/daemon-access/
WARNING: Access to the remote API on a privileged Docker daemon is equivalent
to root access on the host. Refer to the 'Docker daemon attack surface'
documentation for details: https://docs.docker.com/go/attack-surface/
================================================================================
[root@docker ~]#
3.3 docker启动/自启动
[root@docker ~]# systemctl start docker
[root@docker ~]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[root@docker ~]#
3.4 检查docker信息
3.4.1 查看docker简要信息
[root@docker ~]# docker info
Client: Docker Engine - Community
Version: 24.0.7
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.11.2
Path: /usr/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.21.0
Path: /usr/libexec/docker/cli-plugins/docker-compose
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 24.0.7
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 3dd1e886e55dd695541fdcd67420c2888645a495
runc version: v1.1.10-0-g18a0cb0
init version: de40ad0
Security Options:
seccomp
Profile: builtin
Kernel Version: 3.10.0-957.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 3.683GiB
Name: superman
ID: 70cdde2c-be80-48b8-bfbb-f562145167a6
Docker Root Dir: /var/lib/docker
Debug Mode: false
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
[root@docker ~]#
3.4.2 查看docker程序运行状态
[root@docker ~]# systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: active (running) since 一 2024-01-01 10:21:16 CST; 58s ago
Docs: https://docs.docker.com
Main PID: 14121 (dockerd)
CGroup: /system.slice/docker.service
└─14121 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
1月 01 10:21:15 superman systemd[1]: Starting Docker Application Container Engine...
1月 01 10:21:15 superman dockerd[14121]: time="2024-01-01T10:21:15.418949437+08:00" level=info msg="Starting up"
1月 01 10:21:15 superman dockerd[14121]: time="2024-01-01T10:21:15.467564828+08:00" level=info msg="Loading conta...art."
1月 01 10:21:15 superman dockerd[14121]: time="2024-01-01T10:21:15.849257542+08:00" level=info msg="Loading conta...one."
1月 01 10:21:15 superman dockerd[14121]: time="2024-01-01T10:21:15.935873189+08:00" level=info msg="Docker daemon...4.0.7
1月 01 10:21:15 superman dockerd[14121]: time="2024-01-01T10:21:15.936334123+08:00" level=info msg="Daemon has co...tion"
1月 01 10:21:16 superman dockerd[14121]: time="2024-01-01T10:21:16.006059262+08:00" level=info msg="API listen on...sock"
1月 01 10:21:16 superman systemd[1]: Started Docker Application Container Engine.
Hint: Some lines were ellipsized, use -l to show in full.
[root@docker ~]#
3.4.3 查看当前docker版本
[root@docker ~]# docker --version
Docker version 24.0.7, build afdd53b
[root@docker ~]#
3.5 赋予普通用户执行docker权限
创建docker用户组 - 将普通用户superman添加到docker用户组。
[root@docker ~]# groupadd docker
groupadd: group 'docker' already exists
[root@docker ~]# usermod -aG docker superman
[root@docker ~]# systemctl restart docker
[root@docker ~]#
3.6 普通用户下测试是否能够正确执行docker程序
切换到superman用户下测试是否能够正确执行docker程序。
[root@docker ~]# su - superman
上一次登录:一 1月 1 10:22:26 CST 2024pts/1 上
[superman@docker ~]$ docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
c1ec31eb5944: Pull complete
Digest: sha256:ac69084025c660510933cca701f615283cdbb3aa0963188770b54c31c8962493
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an nginx container with:
$ docker run -it nginx bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
[superman@docker ~]$
👍 点赞,你的认可是我创作的动力!
⭐️ 收藏,你的青睐是我努力的方向!
✏️ 评论,你的意见是我进步的财富!
