在CentOS 8上安装Docker CE

更新系统

# docker 官方还没8的yum源如果使用7的源安装也可以不过会有报错，当然可以忽略报错。这里使用二进制安装# 开启PowerToolssed -i "s/enabled=0/enabled=1/" /etc/yum.repos.d/CentOS-PowerTools.repodnf update -ydnf install -y lvm2 device-mapper-persistent-data dnf-utils# 关闭SELinuxsetenforce 0sed -i 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config 

创建docker组

groupadd docker

下载docker二进制包

wget https://download.docker.com/linux/static/stable/x86_64/docker-19.03.5.tgz

解压二进制包

tar -xvf docker-19.03.5.tgzcp docker/* /usr/bin/

配置containerd

# 生成containerd 配置mkdir -p /etc/containerdcontainerd config default >/etc/containerd/config.toml# 生成启动文件cat > /usr/lib/systemd/system/containerd.service << EOF[Unit]Description=containerd container runtimeDocumentation=https://containerd.ioAfter=network.target[Service]ExecStartPre=-/sbin/modprobe overlayExecStart=/usr/bin/containerdKillMode=processDelegate=yesLimitNOFILE=1048576# Having non-zero Limit*s causes performance problems due to accounting overhead# in the kernel. We recommend using cgroups to do container-local accounting.LimitNPROC=infinityLimitCORE=infinityTasksMax=infinity[Install]WantedBy=multi-user.targetEOF

配置docker

# 创建docker 配置文件mkdir /etc/dockercat > /etc/docker/daemon.json << EOF{    "max-concurrent-downloads": 20,    "data-root": "/apps/docker",    "exec-root": "/apps/docker",    "log-driver": "json-file",    "bridge": "docker0",  # 如果使用外部网络插件可以修改为"bridge": "none",    "oom-score-adjust": -1000,    "debug": false,    "log-opts": {        "max-size": "100M",        "max-file": "10"    },    "default-ulimits": {        "nofile": {            "Name": "nofile",            "Hard": 1024000,            "Soft": 1024000        },        "nproc": {            "Name": "nproc",            "Hard": 1024000,            "Soft": 1024000        },       "core": {            "Name": "core",            "Hard": -1,            "Soft": -1          }    }}EOF# 创建docker sock 启动cat > /usr/lib/systemd/system/docker.socket << EOF[Unit]Description=Docker Socket for the APIPartOf=docker.service[Socket]ListenStream=/var/run/docker.sockSocketMode=0660SocketUser=rootSocketGroup=docker[Install]WantedBy=sockets.targetEOF# 创建docker 启动文件cat > /usr/lib/systemd/system/docker.service << EOF[Unit]Description=Docker Application Container EngineDocumentation=https://docs.docker.comBindsTo=containerd.serviceAfter=network-online.target firewalld.service containerd.serviceWants=network-online.targetRequires=docker.socket[Service]Type=notify# the default is not to use systemd for cgroups because the delegate issues still# exists and systemd currently does not support the cgroup feature set required# for containers run by dockerExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sockExecReload=/bin/kill -s HUP \$MAINPIDTimeoutSec=0RestartSec=2Restart=always# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.# Both the old, and new location are accepted by systemd 229 and up, so using the old location# to make them work for either version of systemd.StartLimitBurst=3# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make# this option work for either version of systemd.StartLimitInterval=60s# Having non-zero Limit*s causes performance problems due to accounting overhead# in the kernel. We recommend using cgroups to do container-local accounting.LimitNOFILE=infinityLimitNPROC=infinityLimitCORE=infinity# Comment TasksMax if your systemd version does not support it.# Only systemd 226 and above support this option.TasksMax=infinity# set delegate yes so that systemd does not reset the cgroups of docker containersDelegate=yes# kill only the docker process, not all processes in the cgroupKillMode=process[Install]WantedBy=multi-user.targetEOF# 刷新systemdsystemctl daemon-reload# 开机启动dockersystemctl enable  docker.service# 启动dockersystemctl start  docker.service 

测试docker

# 查看docker及依赖插件状态[root@localhost ~]# systemctl status containerd.service● containerd.service - containerd container runtime   Loaded: loaded (/usr/lib/systemd/system/containerd.service; disabled; vendor preset: disabled)   Active: active (running) since Tue 2019-11-26 10:50:43 CST; 2h 50min ago     Docs: https://containerd.io Main PID: 2659 (containerd)    Tasks: 21   Memory: 21.4M   CGroup: /system.slice/containerd.service           └─2659 /usr/bin/containerdNov 26 10:50:43 localhost.localdomain containerd[2659]: time="2019-11-26T10:50:43.449730600+08:00" level=info msg="Start snapshots syncer"Nov 26 10:50:43 localhost.localdomain containerd[2659]: time="2019-11-26T10:50:43.449755222+08:00" level=info msg="Start streaming server"[root@localhost ~]# systemctl status docker.socket● docker.socket - Docker Socket for the API   Loaded: loaded (/usr/lib/systemd/system/docker.socket; disabled; vendor preset: disabled)   Active: active (running) since Tue 2019-11-26 10:50:43 CST; 2h 50min ago   Listen: /var/run/docker.sock (Stream)    Tasks: 0 (limit: 204655)   Memory: 24.0K   CGroup: /system.slice/docker.socketNov 26 10:50:43 localhost.localdomain systemd[1]: Starting Docker Socket for the API.Nov 26 10:50:43 localhost.localdomain systemd[1]: Listening on Docker Socket for the API.[root@localhost ~]# systemctl status docker.service● docker.service - Docker Application Container Engine   Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)   Active: active (running) since Tue 2019-11-26 10:50:44 CST; 2h 50min ago     Docs: https://docs.docker.com Main PID: 2660 (dockerd)    Tasks: 24   Memory: 76.0M   CGroup: /system.slice/docker.service           └─2660 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sockNov 26 10:50:44 localhost.localdomain systemd[1]: Started Docker Application Container Engine.Nov 26 10:52:41 localhost.localdomain dockerd[2660]: time="2019-11-26T10:52:41.060293930+08:00" level=info msg="ignoring event" module=libcontainerd namespace=moby topic=/tasks/delete type="*events.TaskDelete"# 查看docker版本号[root@localhost ~]# docker  versionClient: Docker Engine - Community Version:           19.03.5 API version:       1.40 Go version:        go1.12.12 Git commit:        633a0ea838 Built:             Wed Nov 13 07:22:05 2019 OS/Arch:           linux/amd64 Experimental:      falseServer: Docker Engine - Community Engine:  Version:          19.03.5  API version:      1.40 (minimum version 1.12)  Go version:       go1.12.12  Git commit:       633a0ea838  Built:            Wed Nov 13 07:28:45 2019  OS/Arch:          linux/amd64  Experimental:     false containerd:  Version:          v1.2.10  GitCommit:        b34a5c8af56e510852c35414db4c1f4fa6172339 runc:  Version:          1.0.0-rc8+dev  GitCommit:        3e425f80a8c931f88e6d94a8c831b9d5aa481657 docker-init:  Version:          0.18.0  GitCommit:        fec3683    # 查看docker info    [root@localhost ~]# docker  infoClient: Debug Mode: falseServer: Containers: 0  Running: 0  Paused: 0  Stopped: 0 Images: 2 Server Version: 19.03.5 Storage Driver: overlay2  Backing Filesystem: xfs  Supports d_type: true  Native Overlay Diff: true Logging Driver: json-file Cgroup Driver: cgroupfs Plugins:  Volume: local  Network: bridge host ipvlan macvlan null overlay  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog Swarm: inactive Runtimes: runc Default Runtime: runc Init Binary: docker-init containerd version: b34a5c8af56e510852c35414db4c1f4fa6172339 runc version: 3e425f80a8c931f88e6d94a8c831b9d5aa481657 init version: fec3683 Security Options:  seccomp   Profile: default Kernel Version: 4.18.0-80.11.2.el8_0.x86_64 Operating System: CentOS Linux 8 (Core) OSType: linux Architecture: x86_64 CPUs: 12 Total Memory: 31.25GiB Name: localhost.localdomain ID: BEN6:67IU:RIDY:42JB:T7AO:G465:OFBY:CLXV:AVWY:XIDG:SRJK:C2VZ Docker Root Dir: /apps/docker Debug Mode: false Registry: https://index.docker.io/v1/ Labels: Experimental: false Insecure Registries:  127.0.0.0/8 Live Restore Enabled: false Product License: Community Engine# 测试容器是否能成功启动docker run --rm hello-world[root@localhost ~]# docker run --rm hello-worldHello from Docker!This message shows that your installation appears to be working correctly.To generate this message, Docker took the following steps: 1. The Docker client contacted the Docker daemon. 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.    (amd64) 3. The Docker daemon created a new container from that image which runs the    executable that produces the output you are currently reading. 4. The Docker daemon streamed that output to the Docker client, which sent it    to your terminal.To try something more ambitious, you can run an Ubuntu container with: $ docker run -it ubuntu bashShare images, automate workflows, and more with a free Docker ID: https://hub.docker.com/For more examples and ideas, visit: https://docs.docker.com/get-started/ # 测试网络是否联通 docker run --rm -ti  juestnow/net-tools [root@localhost ~]# docker run --rm -ti  juestnow/net-tools/ # route -nKernel IP routing tableDestination     Gateway         Genmask         Flags Metric Ref    Use Iface0.0.0.0         172.17.0.1      0.0.0.0         UG    0      0        0 eth0172.17.0.0      0.0.0.0         255.255.0.0     U     0      0        0 eth0/ # ping www.qq.comPING www.qq.com (14.18.175.154): 56 data bytes64 bytes from 14.18.175.154: seq=0 ttl=52 time=13.685 ms64 bytes from 14.18.175.154: seq=1 ttl=52 time=7.925 ms^C--- www.qq.com ping statistics ---2 packets transmitted, 2 packets received, 0% packet lossround-trip min/avg/max = 7.925/10.805/13.685 ms/ # dig www.qq.com; <<>> DiG 9.14.8 <<>> www.qq.com;; global options: +cmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4470;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0;; QUESTION SECTION:;www.qq.com.                    IN      A;; ANSWER SECTION:www.qq.com.             260     IN      CNAME   public.sparta.mig.tencent-cloud.net.public.sparta.mig.tencent-cloud.net. 152 IN A   113.96.232.215;; Query time: 10 msec;; SERVER: 192.168.1.169#53(192.168.1.169);; WHEN: Tue Nov 26 05:43:57 UTC 2019;; MSG SIZE  rcvd: 138# 能正常上网

安装docker-compose

curl -L https://github.com/docker/compose/releases/download/1.25.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-composechmod +x /usr/local/bin/docker-compose