系统运维

# 安装部署Docker(二进制包方式)

参考:https://docs.docker.com/engine/install/binaries/

# 1. 先决条件

在尝试从二进制文件安装 Docker 之前,请确保您的主机满足先决条件:

  • 当前系统没有安装过docker(如果已安装,请先卸载)
  • 必须 64 位安装
  • 只适用于Linux或信创操作系统
  • Linux内核版本大于等于3.10,建议使用适用于您平台的最新版本的内核。
  • iptables1.4 或更高版本
  • XZ Utils 4.9 或更高版本
# ubuntu可能默认没有iptables,需要手动安装
sudo apt update -y
sudo apt install iptables

卸载历史安装的docker参考: 注意:卸载前请确认没有使用docker

# ubuntu、debian
apt remove podman containerd docker*

# centos、redhat
yum remove podman containerd docker*

# 2. 安装

Docker数据目录默认安装在 /var/lib/docker ,请注意保证磁盘空间足够,定期检查

# 2.1 下载二进制包

下载地址:https://download.docker.com/linux/static/stable/

请根据cpu选择对应架构(可通过命令arch查看)

1735545922606.png

进入后建议选择最新版本下载

1735545815598.png

下载后可上传至服务器/tmp/目录

# 2.2 解压

cd /tmp
tar xzvf docker-27.4.1.tgz

# 再拷贝至 /usr/bin/
# 如果之前有残留文件,提示需要覆盖,直接覆盖即可
cp docker/* /usr/bin/

# 3 配置systemd服务

# 3.1 containerd

mkdir -p /usr/lib/systemd/system/
mkdir -p /etc/containerd

# 生成默认配置文件
containerd config default > /etc/containerd/config.toml

# 创建服务配置文件
cat >/usr/lib/systemd/system/containerd.service << EOF
[Unit]
Description=containerd container runtime
Documentation=https://containerd.io
After=network.target local-fs.target

[Service]
#uncomment to enable the experimental sbservice (sandboxed) version of containerd/cri integration
#Environment="ENABLE_CRI_SANDBOXES=sandboxed"
ExecStartPre=-/sbin/modprobe overlay
ExecStart=/usr/bin/containerd

Type=notify
Delegate=yes
KillMode=process
Restart=always
RestartSec=5
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNPROC=infinity
LimitCORE=infinity
LimitNOFILE=infinity
# Comment TasksMax if your systemd version does not supports it.
# Only systemd 226 and above support this version.
TasksMax=infinity
OOMScoreAdjust=-999

[Install]
WantedBy=multi-user.target
EOF

# 3.2 docker.socket

cat > /usr/lib/systemd/system/docker.socket << EOF
[Unit]
Description=Docker Socket for the API
PartOf=docker.service

[Socket]
ListenStream=/var/run/docker.sock
SocketMode=0660
SocketUser=root
SocketGroup=root

[Install]
WantedBy=sockets.target
EOF

# 3.2 docker.service

cat > /usr/lib/systemd/system/docker.service << EOF
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target docker.socket firewalld.service containerd.service time-set.target
Wants=network-online.target containerd.service
Requires=docker.socket

[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutStartSec=0
RestartSec=2
Restart=always

# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
# Both the old, and new location are accepted by systemd 229 and up, so using the old location
# to make them work for either version of systemd.
StartLimitBurst=3

# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
# this option work for either version of systemd.
StartLimitInterval=60s

# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNPROC=infinity
LimitCORE=infinity

# Comment TasksMax if your systemd version does not support it.
# Only systemd 226 and above support this option.
TasksMax=infinity

# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes

# kill only the docker process, not all processes in the cgroup
KillMode=process
OOMScoreAdjust=-500

[Install]
WantedBy=multi-user.target
EOF

# 启动docker

# 加载配置文件
systemctl daemon-reload

# 设置开机启动
systemctl enable containerd
systemctl enable docker

systemctl start containerd.service
systemctl start docker

# 检查docker版本
docker -v
# 查看镜像
docker images
# 查看运行中容器
docker ps
# 查看所有容器
docker ps -a

# 卸载docker

# 关闭开机启动
systemctl enable containerd
systemctl enable docker

# 停止docker
systemctl stop containerd.service
systemctl stop docker

# 删除docker、containerd的systemd服务
rm -f /usr/lib/systemd/system/{docker.service,docker.socket,containerd.service}

# 删除containerd配置文件
rm -f /etc/containerd/config.toml

# 删除docker工具
rm -f /usr/bin/{containerd,containerd-shim-runc-v2,ctr,docker,dockerd,docker-init,docker-proxy,runc}

# 清理docker文件
mv /var/lib/docker /tmp/
编撰人:wangyxyf、het

快速跳转

Docker 运行支持 GPU 的容器