# 内网环境下离线安装Docker ## 1、系统要求 首先需要确定 CentOS7 的内核版本号,因为 docker 安装要求 Linux 内核版本在 3.10 及以上。查看内核版本号: ```bash uname -r ``` 查看系统名称: ```bash cat /etc/redhat-release ``` ## 2、下载Docker - Docker官网:[Docker: Accelerated Container Application Development](https://www.docker.com/) - Docker引擎安装说明:[在 CentOS 上安装 Docker 引擎 |Docker 文档](https://docs.docker.com/engine/install/centos/) - Docker二进制安装说明:[从二进制文件安装 Docker 引擎 |Docker 文档](https://docs.docker.com/engine/install/binaries/) 因为这里要使用离线安装Docker,所以为二进制安装。需要下载二进制文件。 - 下载地址:[https://download.docker.com/linux/static/stable/x86_64/](https://download.docker.com/linux/static/stable/x86_64/)  选择版本进行下载,下载成功后解压docker包。 ```bash tar -zxvf docker-26.1.3.tgz ``` ## 3、安装Docker 将解压出来的`docker`文件内容拷贝或者移动到 `/usr/bin/`目录下 ```bash cp docker/* /usr/bin/ ``` 然后就可以使用 `docker -v` 或者 `docker info` 命令验证是否可以输出`docker`信息了。因为没有开启守护进程,docker 其他命令还不能使用。所以需要编写`docker.service` 文件加入Linux服务当中并开启守护进程。 编辑文件: ```bash vim /etc/systemd/system/docker.service ``` 添加内容: ```bash [Unit] Description=Docker Application Container Engine Documentation=https://docs.docker.com After=network-online.target firewalld.service Wants=network-online.target [Service] Type=notify # the default is not to use systemd for cgroups because the delegate issues still # exists and systemd currently does not support the cgroup feature set required # for containers run by docker ExecStart=/usr/bin/dockerd -H unix:///var/run/docker.sock --selinux-enabled=false --default-ulimit nofile=65536:65536 ExecReload=/bin/kill -s HUP $MAINPID # Having non-zero Limit*s causes performance problems due to accounting overhead # in the kernel. We recommend using cgroups to do container-local accounting. LimitNOFILE=infinity LimitNPROC=infinity LimitCORE=infinity # Uncomment TasksMax if your systemd version supports it. # Only systemd 226 and above support this version. #TasksMax=infinity TimeoutStartSec=0 # set delegate yes so that systemd does not reset the cgroups of docker containers Delegate=yes # kill only the docker process, not all processes in the cgroup KillMode=process # restart the docker process if it exits prematurely Restart=on-failure StartLimitBurst=3 StartLimitInterval=60s [Install] WantedBy=multi-user.target ``` 如果需要开启远程服务`ExecStart`属性修改为以下命令: ```bash ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --selinux-enabled=false --default-ulimit nofile=65536:65536 ``` 添加文件可执行权限 ```bash chmod +x /etc/systemd/system/docker.service ``` 配置成功后,重新加载 daemon 服务 ```bash systemctl daemon-reload ``` 启动 docker 服务 ```bash systemctl start docker ``` ## 4、配置Docker镜像 在目录 `etc` 下面创建一个 `docker` 文件夹,进入 `docker`目录创建 `daemon.json` 文件 ```bash vim daemon.json ``` 加入镜像源地址。 ```bash { "registry-mirrors": ["https://docker.m.daocloud.io"], "log-driver":"json-file", "log-opts": {"max-size":"1g", "max-file":"3"}, "live-restore": true } ``` 配置成功后,**重新启动Docker** ## 5、Docker服务相关命令 重新加载配置文件 ```bash systemctl daemon-reload ``` 启动 docker 服务 ```bash systemctl start docker ``` 查看 docker 服务的运行状态 ```bash systemctl status docker ``` 停止运行 ```bash systemctl stop docker ``` 重新启动 ```bash systemctl restart docker ``` 将 docker 服务设置为开机自动启动 ```bash systemctl enable docker ``` 禁用开机自动启动 ```bash systemctl disabled docker ``` 查看docker开机自动启动状态 enabled:开启, disabled:关闭 ```bash systemctl is-enabled docker.service ``` 查看 docker 版本号 ```bash docker -v docker version ``` Docker启动所有容器 ```bash docker start $(docker ps -a -q) ``` ## 6、导出和导入镜像 首先在可以连接网络的服务器上面获取相关软件镜像,然后通过 `save` 和 `load` 命令导出和导入镜像。由于导入的镜像没有镜像名称和 `tag` 版本号,需要使用 `docker tag 命令` 修改导入的镜像命令。 docker导出镜像: ```bash docker save 99ee9af2b6b1 > redis.tar ``` docker导入镜像: ```bash docker load < redis.tar ``` docker修改镜像标签名称: ```bash docker tag 99ee9af2b6b1 redis:3.2.0 ``` ## 快照 - https://b.bdstatic.com/comment/-ZsE5conygPrGnTb2cfDFwbf2633b2ea71fb1c3d916f05009c980f.png - https://i3.wp.com/b.bdstatic.com/comment/-ZsE5conygPrGnTb2cfDFwbf2633b2ea71fb1c3d916f05009c980f.png - https://788910.xyz/api/snapshot?p=ab2e3ebcc63b9d48378f711a90d570dc&u=https://b.bdstatic.com/comment/-ZsE5conygPrGnTb2cfDFwbf2633b2ea71fb1c3d916f05009c980f.png
