soarli

Ubuntu Docker 安装及常用操作
兼容性Docker Engine-Community 支持以下的 Ubuntu 版本:Xenial 16.04 (...
扫描右侧二维码阅读全文
17
2022/02

Ubuntu Docker 安装及常用操作

兼容性

Docker Engine-Community 支持以下的 Ubuntu 版本:

  • Xenial 16.04 (LTS)
  • Bionic 18.04 (LTS)
  • Cosmic 18.10
  • Disco 19.04
  • 其他更新的版本……

Docker Engine - Community 支持上 x86_64(或 amd64)armhf,arm64,s390x (IBM Z),和 ppc64le(IBM的Power)架构。

安装必要工具(必要)

安装curl

sudo apt install curl

卸载旧版本(必要)

旧版本的docker叫做docker或者docker-engine ,如果有安装,先卸载其以及其依赖,新版本的docker叫做docker-ce
/var/lib/docker/目录下的镜像文件,容器,卷和网络将会被保留,不会被删除。

sudo apt-get remove docker docker-engine docker.io containerd runc

支持的存储驱动(非必要)

Ubuntu上的docker CE支持overlay2aufs存储驱动

  • Linux 4.X内核极其以上才支持overlay2,并且overlay2表现的比aufs
  • Linux 3.X内核不支持overlayoverlay2,但是支持aufs

除非有特殊理由要用aufs没否则不建议,如果要使用aufs,需要额外的准备工作:

  • Trusty 14.04
$ # 安装linux-image-extra-*包,让docker支持aufs
$ sudo apt-get update

$ sudo apt-get install \
    linux-image-extra-$(uname -r) \
    linux-image-extra-virtual

安装Docker(必要)

方法一:使用官方安装脚本自动安装(推荐)

安装命令如下:

sudo curl -fsSL https://get.docker.com | sudo bash -s docker --mirror Aliyun

也可以使用国内 daocloud 一键安装命令:

sudo curl -sSL https://get.daocloud.io/docker | sudo sh

image-20220217154332757

启动Docker

sudo service docker start

测试 Docker 是否安装成功,输入以下指令,打印出以下信息则安装成功:

$ sudo docker run hello-world

Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
1b930d010525: Pull complete                                                                  Digest: sha256:c3b4ada4687bbaa170745b3e4dd8ac3f194ca95b2d0518b417fb47e5879d9b5f
Status: Downloaded newer image for hello-world:latest


Hello from Docker!
This message shows that your installation appears to be working correctly.


To generate this message, Docker took the following steps:
 \1. The Docker client contacted the Docker daemon.
 \2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
  (amd64)
 \3. The Docker daemon created a new container from that image which runs the
  executable that produces the output you are currently reading.
 \4. The Docker daemon streamed that output to the Docker client, which sent it
  to your terminal.


To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash


Share images, automate workflows, and more with a free Docker ID:
 https://hub.docker.com/


For more examples and ideas, visit:
 https://docs.docker.com/get-started/

设置开机启动:

sudo systemctl enable docker
// Synchronizing state of docker.service with SysV service script with /lib/systemd/systemd-sysv-install.
// Executing: /lib/systemd/systemd-sysv-install enable docker

image-20220217155319856

方法二:手动安装(不推荐)

新版Docker称为 Docker Engine-Community 软件包 docker-ce

安装 Docker Engine-Community,以下介绍两种方式。

1.使用 Docker 仓库进行安装

在新主机上首次安装 Docker Engine-Community 之前,需要设置 Docker 仓库。之后可以从仓库安装和更新 Docker

设置仓库

更新 apt 包索引。

$ sudo apt-get update

安装 apt 依赖包,用于通过HTTPS来获取仓库:

$ sudo apt-get install \
  apt-transport-https \
  ca-certificates \
  curl \
  gnupg-agent \
  software-properties-common

添加 Docker 的官方 GPG 密钥:

$ curl -fsSL https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu/gpg | sudo apt-key add -

9DC8 5822 9FC7 DD38 854A E2D8 8D81 803C 0EBF CD88 通过搜索指纹的后8个字符,验证您现在是否拥有带有指纹的密钥。

$ sudo apt-key fingerprint 0EBFCD88
  
pub  rsa4096 2017-02-22 [SCEA]
   9DC8 5822 9FC7 DD38 854A  E2D8 8D81 803C 0EBF CD88
uid      [ unknown] Docker Release (CE deb) <docker@docker.com>
sub  rsa4096 2017-02-22 [S]

使用以下指令设置稳定版仓库

$ sudo add-apt-repository \
  "deb [arch=amd64] https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu/ \
 $(lsb_release -cs) \
 stable"

2.安装 Docker Engine-Community

更新 apt 包索引。

$ sudo apt-get update

安装最新版本的 Docker Engine-Communitycontainerd ,或者转到下一步安装特定版本:

$ sudo apt-get install docker-ce docker-ce-cli containerd.io

要安装特定版本的 Docker Engine-Community,请在仓库中列出可用版本,然后选择一种安装。列出您的仓库中可用的版本:

$ apt-cache madison docker-ce

 docker-ce | 5:18.09.1~3-0~ubuntu-xenial | https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu  xenial/stable amd64 Packages
 docker-ce | 5:18.09.0~3-0~ubuntu-xenial | https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu  xenial/stable amd64 Packages
 docker-ce | 18.06.1~ce~3-0~ubuntu    | https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu  xenial/stable amd64 Packages
 docker-ce | 18.06.0~ce~3-0~ubuntu    | https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu  xenial/stable amd64 Packages
 ...

使用第二列中的版本字符串安装特定版本,例如 5:18.09.1~3-0~ubuntu-xenial

$ sudo apt-get install docker-ce=<VERSION_STRING> docker-ce-cli=<VERSION_STRING> containerd.io

测试 Docker 是否安装成功,输入以下指令,打印出以下信息则安装成功:

$ sudo docker run hello-world

Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
1b930d010525: Pull complete                                                                  Digest: sha256:c3b4ada4687bbaa170745b3e4dd8ac3f194ca95b2d0518b417fb47e5879d9b5f
Status: Downloaded newer image for hello-world:latest


Hello from Docker!
This message shows that your installation appears to be working correctly.


To generate this message, Docker took the following steps:
 \1. The Docker client contacted the Docker daemon.
 \2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
  (amd64)
 \3. The Docker daemon created a new container from that image which runs the
  executable that produces the output you are currently reading.
 \4. The Docker daemon streamed that output to the Docker client, which sent it
  to your terminal.


To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash


Share images, automate workflows, and more with a free Docker ID:
 https://hub.docker.com/


For more examples and ideas, visit:
 https://docs.docker.com/get-started/

方法三:离线安装(推荐)

安装包官方地址https://download.docker.com/linux/static/stable/x86_64/

可以先下载到本地,然后通过ftp工具上传到服务器上,或者在服务器上使用命令下载

wget https://download.docker.com/linux/static/stable/x86_64/docker-18.06.3-ce.tgz

解压

tar -zxvf docker-18.06.3-ce.tgz

将解压出来的docker文件复制到 /usr/bin/ 目录下

cp docker/* /usr/bin/

在/etc/systemd/system/目录下新增docker.service文件,内容如下,这样可以将docker注册为service服务

[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
  
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd --selinux-enabled=false --insecure-registry=127.0.0.1
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
  
[Install]
WantedBy=multi-user.target

此处的--insecure-registry=127.0.0.1(此处改成你私服ip)设置是针对有搭建了自己私服Harbor时允许docker进行不安全的访问,否则访问将会被拒绝。

启动docker

docker.service文件添加执行权限

chmod +x /etc/systemd/system/docker.service

重新加载配置文件(每次有修改docker.service文件时都要重新加载下)

systemctl daemon-reload

启动

systemctl start docker

设置开机启动

systemctl enable docker.service

查看docker服务状态

systemctl status docker

上图表示docker已安装成功。

配置Docker(必要)

1)建立 docker 用户组:

默认情况下,docker 命令会使用 Unix socketDocker 引擎通讯。而只有 root 用户和 docker 组的用户才可以访问 Docker 引擎的 Unix socket。出于安全考虑,一般 Linux 系统上不会直接使用 root 用户。因此,更好地做法是将需要使用 docker 的用户加入 docker 用户组。

命令如下:

$ sudo groupadd docker

2)将当前用户加入 docker

$ sudo usermod -aG docker $USER

3)退出当前终端并重新登录即可

4)配置镜像加速(非必要,可参考:Linux Docker 配置阿里云镜像加速的方法

常用操作(重要)

本文列举几个配置相关的常用操作,更多用法可以参考我上个月的那篇博文

启动docker

sudo systemctl start docker

查看docker运行壮态:

sudo systemctl status docker

image-20220217160421549

查看已经安装的docker版本:

docker -v
// Docker version 20.10.12, build e91ed57

image-20220217155529053

可以看到当前默认仓库里的版本是20.10.12,当然它会自动持续更新的.

停止运行docker

sudo systemctl stop docker

禁止docker开机自动运行:

sudo systemctl disable docker
// Synchronizing state of docker.service with SysV service script with /lib/systemd/systemd-sysv-install.
// Executing: /lib/systemd/systemd-sysv-install disable docker

卸载刚刚安装的版本:

sudo apt remove docker.io -y && sudo apt autoremove -y

image-20220217155809348

安装Ubuntu官方仓库的版本:

sudo apt install docker.io

修改 Docker 镜像服务器(重要)

Docker Hub 是我们分发和获取 Docker 镜像的中心,但由于服务器位于海外,经常会出现拉取 / 上传镜像时速度太慢或无法访问的情况。可以尝试改用国内的 Docker Hub 镜像服务器。

具体步骤

  1. 编辑 /etc/docker/daemon.json 配置文件

    创建配置文件目录
    $ sudo mkdir /etc/docker
    
    编辑配置文件,如果文件不存在,以下命令会自动创建。
    $ sudo nano /etc/docker/daemon.json
    
    将配置信息粘贴到配置文件中,配置信息为 json 格式,可以根据实际需要设置多个国内的镜像服务器。
    {
      "registry-mirrors": [
        "https://hub-mirror.c.163.com",
        "https://mirror.baidubce.com"
      ]
    }
  2. 重启 Docker 服务

    $ sudo systemctl daemon-reload 
    $ sudo systemctl restart docker
  3. 检查设置是否生效

    $ sudo docker info
    
    结果中显示了我们设置的镜像服务器地址,则说明设置已经生效,返回的信息类似下面这样:
    
    Registry Mirrors:
     https://hub-mirror.c.163.com/

docker 拉镜像的几个阶段说明展开目录

一般我们使用 docker 拉取镜像时候会经历几个阶段,等待、拉取开始、下载成功、检验、拉取成功:

Waiting
Pulling fs layer
Download complete
Verifying Checksum
Pull complete

其中 Pull completeDownload complete 区别:

Pull complete
Download complete

When pulling a remote docker image, you can see that the layers are downloaded. After a layer is downloaded, docker shows a status of extracting the image which is mainly uncompressing the layer and verifying its checksum. Once this is done the layer is maked with Pull complete. 
So in short, Download complete means the layer is downloaded whereas Pull complete implies that the layer was downloaded and extracted onto the host machine.

Download 只是说这个镜像下载下来了,Pull complete 则是经过解压缩、校验之后导入到系统里去了!

卸载 Docker(非必要)

停止所有的 container,这样才能够删除其中的 images

docker stop $(docker ps -a -q)

删除安装包:

sudo apt-get purge docker-ce

删除镜像、容器、配置文件等内容:

sudo rm -rf /var/lib/docker

参考资料:

https://www.runoob.com/docker/ubuntu-docker-install.html

https://www.cnblogs.com/kingsonfu/p/11576797.html

https://zhuanlan.zhihu.com/p/54147784

https://www.linuxrumen.com/fwqdj/887.html

https://www.cjavapy.com/article/2324/

https://vimin.cc/default/704.html

最后修改:2022 年 02 月 17 日 07 : 06 PM

发表评论