docker离线安装

发表于 更新于 分类于 阅读次数:

docker离线包下载地址,下载最新,示例:docker-29.1.4.tgz
下载地址

docker compose插件下载地址,示例:docker-compose-linux-x86_64
下载地址

安装步骤

  1. 上传docker-29.1.4.tgz到linux服务器,比如/opt,然后解压

    1
    tar -xvf docker-29.1.4.tgz

  2. 将解压文件移动到指定文件夹下,用于全局环境配置

    1
    sudo cp docker/* /usr/bin/

  3. 编写dockers.service,让linux的systemctl接管

    1
    vi dokcer.service

    内容为

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    [Unit]
    Description=Docker Application Container Engine
    Documentation=https://docs.docker.com
    After=network-online.target firewalld.service
    Wants=network-online.target

    [Service]
    Type=notify
    ExecStart=/usr/bin/dockerd
    ExecReload=/bin/kill -s HUP $MAINPID
    Restart=always
    RestartSec=5
    LimitNOFILE=infinity
    LimitNPROC=infinity
    LimitCORE=infinity
    Delegate=yes
    KillMode=process
    TimeoutStartSec=0

    [Install]
    WantedBy=multi-user.target

    保存后将docker.service移动到/etc/systemd/system/下

    1
    mv dokcer.service /etc/systemd/system/

    加载docker.service并检查docker服务状态

    1
    2
    3
    4
    sudo systemctl daemon-reload
    sudo systemctl enable docker
    sudo systemctl start docker
    sudo systemctl status docker

  4. 如果有自己的镜像,可以直接导入tar镜像

    1
    docker load -i myapp.tar

  5. 如果使用官方下载,配置国内源

    1
    2
    sudo mkdir -p /etc/docker
    sudo vi /etc/docker/daemon.json

    daemon.json内容为

    1
    2
    3
    4
    5
    6
    7
    8
    {
      "registry-mirrors": [
        "https://docker.m.daocloud.io",
        "https://mirror.baidubce.com",
        "https://dockerproxy.com",
        "https://registry.docker-cn.com"
      ]
    }

    重启docker

    1
    2
    sudo systemctl daemon-reload
    sudo systemctl restart docker

  6. 如果使用docker compose,额外安装插件,先将下载的docker-compose-linux-x86_64上传到linux

    1
    2
    3
    sudo mkdir -p /usr/lib/docker/cli-plugins
    sudo cp ./docker-compose-linux-x86_64 /usr/lib/docker/cli-plugins/docker-compose
    sudo chmod +x /usr/lib/docker/cli-plugins/docker-compose

    验证

    1
    docker compose version

    使用加载

    1
    docker compose -f docker-compose.yml up -d

  7. docker-compose.yml内容示例

    1
    2
    3
    4
    5
    6
    7
    8
    9
    services:
      portainer:
        image: portainer/portainer-ce:latest
        container_name: portainer
        restart: unless-stopped
        ports:
          - "9443:9443"
        volumes:
          - /var/run/docker.sock:/var/run/docker.sock

  8. 如果想docker容器能够访问外网,开启ip转发

    1
    vi /etc/sysctl.conf

    添加或修改内容

    1
    net.ipv4.ip_forward = 1

    然后加载使配置生效

    1
    sudo sysctl -p

遇到的问题

  1. 问题描述
    启动或重启容器出现

    1
    Error response from daemon: Cannot restart container 8262d137b42f: failed to create task for container: failed to create shim task: OCI runtime create failed: container_linux.go:340: starting container process caused "permission denied"

    解决方案
    银河麒麟/usr/local/bin/runc一开始就存在,影响docker提供的/usr/bin/runc,用docker带的runc备份覆盖或删除原有的/usr/local/bin/runc.
    重启docker和容器检查是否已经恢复。

    1
    2
    cp ./docker/runc /usr/local/bin/runc
    systemctl restart docker

  2. 问题描述
    docker启动出现网络问题

    1
    docker ✘ Network opt_default Error Error response from daemon: Failed to Setup IP tables: Unable to enable ACCEPT OUTGOING rule: (iptables failed: iptables --wait -t filter -A DOCKER-FORWARD -i br-d43eab305ec7 ... 0.0s failed to create network opt_default: Error response from daemon: Failed to Setup IP tables: Unable to enable ACCEPT OUTGOING rule: (iptables failed: iptables --wait -t filter -A DOCKER-FORWARD -i br-d43eab305ec7 -j ACCEPT: iptables: No chain/target/match by that name. (exit status 1))

    解决方案
    编辑 /etc/docker/daemon.json(如果不存在可以创建):

    1
    2
    3
    {
    "iptables": true
    }

    重启docker

    1
    systemctl restart docker