如何在CentOS 8上安装Docker
时间:2020-03-05 15:25:19 来源:igfitidea点击:
CentOS 8附带自己的工具,Buildah和Podman,它与现有的Docker图像和工作兼容,而无需依赖守护程序,允许创建容器作为普通用户,而无需特殊权限。
这些工具仍然存在一些限制,因此在本教程中,我们将看到如何使用官方Docker存储库在CentOS 8上安装和运行原始Docker CE。
什么是Docker?
Docker是一个开源项目,允许在容器内部的应用程序创建和分发,这些应用程序是可以独立于主机系统轻松复制的标准化环境。
添加Docker存储库
首先,我们必须添加外部存储库以获取Docker CE。
我们将使用官方Docker CE CentOS存储库。
DNF Config-Manager实用程序让我们在另一件事中,以便在CentOS中轻松启用或者禁用存储库。
默认情况下,CentOS 8上仅启用AppStream和BaseS存储库。
下一步是添加和启用Docker-CE Repo。
我们需要做的就是完成此任务的只是运行以下内容:
$sudo dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo Adding repo from: https://download.docker.com/linux/centos/docker-ce.repo
我们可以通过键入以下dnf命令来验证已启用存储库:
$sudo dnf repolist -v .... Repo-id : docker-ce-stable Repo-name : Docker CE Stable - x86_64 Repo-revision: 1567619328 Repo-updated : Wed 04 Sep 2019 05:48:48 PM UTC Repo-pkgs : 51 Repo-size : 1.1 G Repo-baseurl : https://download.docker.com/linux/centos/7/x86_64/stable Repo-expire : 172,800 second(s) (last: Mon 30 Sep 2019 09:28:09 PM UTC) Repo-filename: /etc/yum.repos.d/docker-ce.repo
安装Docker-CE包
存储库包含多个版本的Docker-CE包,显示所有版本,我们可以运行:
$dnf list docker-ce --showduplicates | sort -r Extra Packages for Enterprise Linux 8 - x86_64 501 kB/s | 2.3 MB 00:04 docker-ce.x86_64 3:19.03.4-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.3-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.2-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.1-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.0-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.9-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.8-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.7-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.6-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.5-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.4-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.3-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.2-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.1-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.0-3.el7 docker-ce-stable docker-ce.x86_64 18.06.3.ce-3.el7 docker-ce-stable docker-ce.x86_64 18.06.2.ce-3.el7 docker-ce-stable docker-ce.x86_64 18.06.1.ce-3.el7 docker-ce-stable docker-ce.x86_64 18.06.0.ce-3.el7 docker-ce-stable docker-ce.x86_64 18.03.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 18.03.0.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.12.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.12.0.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.09.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.09.0.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.06.2.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.06.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.06.0.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.03.3.ce-1.el7 docker-ce-stable docker-ce.x86_64 17.03.2.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.03.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.03.0.ce-1.el7.centos docker-ce-stable
当时,封锁ContainerD.IO> 1.2.0-3.el7,这是Docker-CE的依赖。
因此,我们必须解决这个问题。
但是,存在另一个问题。
只要防火墙,系统防火墙管理器就会启用,DNS分辨率内部DOCK容器内容不起作用。
暂时这是安装Docker-CE的唯一方法。
我们将在适当的CentOS 8套件可用后更新文章。
我们现在将使用以下命令安装Docker:
$sudo dnf -y install docker-ce --nobest
Last metadata expiration check: 0:35:54 ago on Sun 20 Oct 2019 05:17:37 PM UTC.
Dependencies resolved.
Problem: package docker-ce-3:19.03.4-3.el7.x86_64 requires containerd.io >= 1.2.2-3, but none of the providers can be installed
- cannot install the best candidate for the job
- package containerd.io-1.2.10-3.2.el7.x86_64 is excluded
- package containerd.io-1.2.2-3.3.el7.x86_64 is excluded
- package containerd.io-1.2.2-3.el7.x86_64 is excluded
- package containerd.io-1.2.4-3.1.el7.x86_64 is excluded
- package containerd.io-1.2.5-3.1.el7.x86_64 is excluded
- package containerd.io-1.2.6-3.3.el7.x86_64 is excluded
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
docker-ce x86_64 3:18.09.1-3.el7 docker-ce-stable 19 M
Installing dependencies:
container-selinux noarch 2:2.94-1.git1e99f1d.module_el8.0.0+58+91b614e7
AppStream 43 k
libcgroup x86_64 0.41-19.el8 BaseOS 70 k
containerd.io x86_64 1.2.0-3.el7 docker-ce-stable 22 M
docker-ce-cli x86_64 1:19.03.4-3.el7 docker-ce-stable 39 M
Enabling module streams:
container-tools rhel8
Skipping packages with broken dependencies:
docker-ce x86_64 3:19.03.4-3.el7 docker-ce-stable 24 M
Transaction Summary
================================================================================
Install 5 Packages
Skip 1 Package
Total download size: 80 M
Installed size: 338 M
Downloading Packages:
(1/5): container-selinux-2.94-1.git1e99f1d.modu 314 kB/s | 43 kB 00:00
(2/5): libcgroup-0.41-19.el8.x86_64.rpm 470 kB/s | 70 kB 00:00
(3/5): containerd.io-1.2.0-3.el7.x86_64.rpm 3.1 MB/s | 22 MB 00:07
(4/5): docker-ce-18.09.1-3.el7.x86_64.rpm 2.6 MB/s | 19 MB 00:07
(5/5): docker-ce-cli-19.03.4-3.el7.x86_64.rpm 2.6 MB/s | 39 MB 00:15
-------------------------------------------------------------------------------
Total 4.5 MB/s | 80 MB 00:17
warning: /var/cache/dnf/docker-ce-stable-091d8a9c23201250/packages/containerd.io-1.2.0-3.el7.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY
Docker CE Stable - x86_64 1.4 kB/s | 1.6 kB 00:01
Importing GPG key 0x621E9F35:
Userid : "Docker Release (CE rpm) "
Fingerprint: 060A 61C5 1B55 8A7F 742B 77AA C52F EB6B 621E 9F35
From : https://download.docker.com/linux/centos/gpg
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : docker-ce-cli-1:19.03.4-3.el7.x86_64 1/5
Running scriptlet: docker-ce-cli-1:19.03.4-3.el7.x86_64 1/5
Installing : containerd.io-1.2.0-3.el7.x86_64 2/5
Running scriptlet: containerd.io-1.2.0-3.el7.x86_64 2/5
Running scriptlet: libcgroup-0.41-19.el8.x86_64 3/5
Installing : libcgroup-0.41-19.el8.x86_64 3/5
Running scriptlet: libcgroup-0.41-19.el8.x86_64 3/5
Installing : container-selinux-2:2.94-1.git1e99f1d.module_el8.0.0 4/5
Running scriptlet: container-selinux-2:2.94-1.git1e99f1d.module_el8.0.0 4/5
Running scriptlet: docker-ce-3:18.09.1-3.el7.x86_64 5/5
Installing : docker-ce-3:18.09.1-3.el7.x86_64 5/5
Running scriptlet: docker-ce-3:18.09.1-3.el7.x86_64 5/5
Verifying : container-selinux-2:2.94-1.git1e99f1d.module_el8.0.0 1/5
Verifying : libcgroup-0.41-19.el8.x86_64 2/5
Verifying : containerd.io-1.2.0-3.el7.x86_64 3/5
Verifying : docker-ce-3:18.09.1-3.el7.x86_64 4/5
Verifying : docker-ce-cli-1:19.03.4-3.el7.x86_64 5/5
Installed:
docker-ce-3:18.09.1-3.el7.x86_64
container-selinux-2:2.94-1.git1e99f1d.module_el8.0.0+58+91b614e7.noarch
libcgroup-0.41-19.el8.x86_64
containerd.io-1.2.0-3.el7.x86_64
docker-ce-cli-1:19.03.4-3.el7.x86_64
Skipped:
docker-ce-3:19.03.4-3.el7.x86_64
Complete!
现在我们必须启用Docker服务:
$sudo systemctl enable --now docker Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.
我们可以检查服务是否应该运行:
$systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor pres>
Active: active (running) since Sun 2019-10-20 18:00:45 UTC; 2min 12s ago
Docs: https://docs.docker.com
Main PID: 2856 (dockerd)
Tasks: 21
Memory: 53.2M
CGroup: /system.slice/docker.service
├─2856 /usr/bin/dockerd -H fd://
└─2873 containerd --config /var/run/docker/containerd/containerd.tom>
从其中我们可以看到一切都可以。
将用户添加到Docker组
创建Docker组,但没有将用户添加到组中。
将用户添加到此组以运行没有sudo的Docker命令。
$sudo usermod -aG docker $USER $id $USER uid=1000(vagrant) gid=1000(vagrant) groups=1000(vagrant),988(docker)
注销并再次登录以使用没有sudo的Docker。
我们可以查看Docker版本:
$newgrp docker $docker version Client: Docker Engine - Community Version: 19.03.4 API version: 1.39 (downgraded from 1.40) Go version: go1.12.10 Git commit: 9013bf583a Built: Fri Oct 18 15:52:22 2019 OS/Arch: linux/amd64 Experimental: false Server: Docker Engine - Community Engine: Version: 18.09.1 API version: 1.39 (minimum version 1.12) Go version: go1.10.6 Git commit: 4c52b90 Built: Wed Jan 9 19:06:30 2019 OS/Arch: linux/amd64 Experimental: false
通过pull测试图像测试Docker安装
我们现在可以提取Alpine Docker容器图像来测试我们已安装的Docker:
$docker pull alpine Using default tag: latest latest: Pulling from library/alpine 9d48c3bd43c5: Pull complete Digest: sha256:72c42ed48c3a2db31b7dafe17d275b634664a708d901ec9fd57b1529280f01fb Status: Downloaded newer image for alpine:latest docker.io/library/alpine:latest
列表下载的容器图像:
$docker images REPOSITORY TAG IMAGE ID CREATED SIZE alpine latest 961769676411 2 months ago 5.58MB
通过从下载的图像运行Alpine容器,验证Docker CE是否正常工作。
$docker run -it --rm alpine /bin/sh /# apk update fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/main/x86_64/APKINDEX.tar.gz ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.10/main: temporary error (try again later) WARNING: Ignoring APKINDEX.00740ba1.tar.gz: No such file or directory fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/community/x86_64/APKINDEX.tar.gz ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.10/community: temporary error (try again later) WARNING: Ignoring APKINDEX.d8b2a6f4.tar.gz: No such file or directory 2 errors; 14 distinct packages available /# exit
我们在这里看到我们会收到尝试使用"APK更新"更新的错误。
如前所述,为了使DNS解析在Docker容器中,必须禁用防火墙(也可能需要系统重启):
$sudo systemctl disable firewalld Removed /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
重新启动后,我们将重新尝试APK更新:
$docker run -it --rm alpine /bin/sh /# apk update fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/main/x86_64/APKINDEX.tar.gz fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/community/x86_64/APKINDEX.tar.gz v3.10.2-189-g393dc02e8c [http://dl-cdn.alpinelinux.org/alpine/v3.10/main] v3.10.2-189-g393dc02e8c [http://dl-cdn.alpinelinux.org/alpine/v3.10/community] OK: 10337 distinct packages available /# exit And now it works. This is not a good solution, but for now, this is the only way. Now you can ssh into docker and start using it.
