我们在官网找到二进制安装docker文档Binaries | Docker Docs
先决条件:
64位主机 查看命令 uname -p
Linux >=3.10 查看命令 uname -r
iptables >=1.4 查看命令 iptables -V
git >=1.7 查看命令 git version
xz >=4.9 查看命令 xz -V
ps可执行文件 查看命令ps -V
cgroupfs正确挂载 查看cgroupfs挂载
启用 SELinux 或 AppArmor
启用
seccomp安全配置文件启用用户命名空间
环境版本
安装docker 二进制文件
转到 https://download.docker.com/linux/static/stable/,选择您的硬件平台,然后下载与要安装的 Docker Engine 版本相关的
.tgz文件。使用tar提取docker和dockerd二进制文件
tar xzvf /path/to/<FILE>.tar.gz将二进制文件移动到可执行路径上的目录,例如
/usr/bin/。如果跳过此步骤,则必须在调用docker或dockerd命令时提供可执行文件的路径。
sudo cp docker/* /usr/bin/启动docker守护程序
sudo dockerd &如果您需要使用其他选项启动守护进程,请相应地修改上述命令或创建并编辑文件 /etc/docker/daemon.json 以添加自定义配置选项。
要编写
docker.service文件加入Linux服务当中并开启守护进程
# vim /etc/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target docker.socket firewalld.service time-set.target
Wants=network-online.target
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutStartSec=0
RestartSec=2
Restart=always
# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
# Both the old, and new location are accepted by systemd 229 and up, so using the old location
# to make them work for either version of systemd.
StartLimitBurst=3
# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
# this option work for either version of systemd.
StartLimitInterval=60s
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNPROC=infinity
LimitCORE=infinity
# Comment TasksMax if your systemd version does not support it.
# Only systemd 226 and above support this option.
# TasksMax=infinity
# Older systemd versions default to a LimitNOFILE of 1024:1024, which is insufficient for many
# applications including dockerd itself and will be inherited. Raise the hard limit, while
# preserving the soft limit for select(2).
#LimitNOFILE=1024:524288
LimitNOFILE=524288
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
OOMScoreAdjust=-500
[Install]
WantedBy=multi-user.target# 添加可执行权限
chmod +x /etc/systemd/system/docker.service
# 配置文件生效,加载daemon-reload
systemctl daemon-reload
# 设置开机自启动
systemctl enable --now docker.service拓展: 查看docker.service的启动路径
systemctl show -p FragmentPath docker
注意:docker 用户组存在,但不包含任何用户,因此需要使用 sudo 来运行 Docker 命令。继续 Linux 安装后 以允许非特权用户运行 Docker 命令和其他可选配置步骤
安装Docker Compose CLI plugin
插件仓库地址:https://github.com/docker/compose/
mkdir -p /usr/local/lib/docker/cli-plugins
curl -SL https://github.com/docker/compose/releases/download/v2.36.2/docker-compose-linux-x86_64 -o /usr/local/lib/docker/cli-plugins/docker-compose
chmod +x /usr/local/lib/docker/cli-plugins/docker-compose
docker compose version安装docker buildx plugin
插件仓库地址:https://github.com/docker/buildx/
mkdir -p /usr/local/lib/docker/cli-plugins
curl -SL https://github.com/docker/buildx/releases/download/v0.24.0/buildx-v0.24.0.linux-amd64 -o /usr/local/lib/docker/cli-plugins/docker-buildx
chmod +x /usr/local/lib/docker/cli-plugins/docker-buildx
docker buildx version
docker buildx ls
