【原】CentOS 6.x 安装 Docker CE
Docker 容器最早受到 RHEL 完善的支持是从最近的 CentOS 7.0 开始的,官方说明是只能运行于 64 位架构平台,内核版本为 2.6.32-431 及以上(即>=CentOS 6.5,运行 docker 时实际提示 3.8.0 及以上),升级内核请参考 CentOS 6.x 内核升级(2.6.32 -> 3.10.58)过程记录。
需要注意的是 CentOS 6.5 与 7.0 的安装是有一点点不同的,CentOS-6 上 docker 的安装包叫 docker-io,并且来源于 Fedora EPEL 库,这个仓库维护了大量的没有包含在发行版中的软件,所以先要安装 EPEL,而 CentOS-7 的 docker 直接包含在官方镜像源的 Extras 仓库(CentOS-Base.repo下的 [extras] 节 enable=1 启用)。前提是都需要联网,具体安装过程如下。
1 查看系统架构
[root@hadoop2 ~]# getconf LONG_BIT
64
目前大部分的服务器都是运行的 64 位架构的系统。
2 内核
[root@hadoop2 ~]# uname -r
2.6.32-573.el6.x86_64
3 发行版本
[root@hadoop2 ~]# cat /etc/redhat-release
CentOS release 6.7 (Final)
一、禁用 selinux
禁用 security linux 的功能,root 用户执行如下命令,将 SELINUX=enforcing 行改为 SELINUX=disabled,并保存退出
[root@hadoop2 selinux]# vi /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
# SELINUX=enforcing
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
二、安装 Fedora EPEL
root 在 Linux 的命令行执行如下命令安装 EPEL
[root@hadoop2 ~]# yum -y install http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
这一步执行之后,会在 /etc/yum.repos.d/ 下生成 epel.repo、epel-testing.repo 两个文件,用于从 Fedora 官网下载 rpm 包。
[root@hadoop2 yum.repos.d]# pwd
/etc/yum.repos.d
[root@hadoop2 yum.repos.d]# ll
total 32
-rw-r--r--. 1 root root 1991 Aug 3 2015 CentOS-Base.repo
-rw-r--r--. 1 root root 647 Aug 3 2015 CentOS-Debuginfo.repo
-rw-r--r--. 1 root root 289 Aug 3 2015 CentOS-fasttrack.repo
-rw-r--r--. 1 root root 630 Aug 3 2015 CentOS-Media.repo
-rw-r--r--. 1 root root 6259 Aug 3 2015 CentOS-Vault.repo
-rw-r--r--. 1 root root 957 Nov 4 2012 epel.repo
-rw-r--r--. 1 root root 1056 Nov 4 2012 epel-testing.repo
三、安装 docker-io
root 用户执行如下 yum 命令,并在提示符处输入 "y" 然后回车,当命令行中出现 "Complete" 时,即表示安装成功。
[root@hadoop2 ~]# yum install docker-io
...
Dependencies Resolved
======================================================================================================
Package Arch Version Repository Size
======================================================================================================
Installing:
docker-io x86_64 1.7.1-2.el6 epel 4.6 M
Installing for dependencies:
libcgroup x86_64 0.40.rc1-26.el6 base 131 k
lua-alt-getopt noarch 0.7.0-1.el6 epel 6.9 k
lua-filesystem x86_64 1.4.2-1.el6 epel 24 k
lua-lxc x86_64 1.0.11-1.el6 epel 16 k
lxc x86_64 1.0.11-1.el6 epel 124 k
lxc-libs x86_64 1.0.11-1.el6 epel 257 k
Transaction Summary
======================================================================================================
Install 7 Package(s)
Total download size: 5.1 M
Installed size: 20 M
Is this ok [y/N]: y
...
Downloading Packages:
(1/7): docker-io-1.7.1-2.el6.x86_64.rpm | 4.6 MB 00:03
(2/7): libcgroup-0.40.rc1-26.el6.x86_64.rpm | 131 kB 00:00
(3/7): lua-alt-getopt-0.7.0-1.el6.noarch.rpm | 6.9 kB 00:00
(4/7): lua-filesystem-1.4.2-1.el6.x86_64.rpm | 24 kB 00:00
(5/7): lua-lxc-1.0.11-1.el6.x86_64.rpm | 16 kB 00:00
(6/7): lxc-1.0.11-1.el6.x86_64.rpm | 124 kB 00:00
(7/7): lxc-libs-1.0.11-1.el6.x86_64.rpm | 257 kB 00:00
------------------------------------------------------------------------------------------------------
Total 951 kB/s | 5.1 MB 00:05
warning: rpmts_HdrFromFdno: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
Importing GPG key 0x0608B895:
Userid : EPEL (6) <epel@fedoraproject.org>
Package: epel-release-6-8.noarch (@/epel-release-6-8.noarch)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
Is this ok [y/N]: y
...
Installed:
docker-io.x86_64 0:1.7.1-2.el6
Dependency Installed:
libcgroup.x86_64 0:0.40.rc1-26.el6 lua-alt-getopt.noarch 0:0.7.0-1.el6
lua-filesystem.x86_64 0:1.4.2-1.el6 lua-lxc.x86_64 0:1.0.11-1.el6
lxc.x86_64 0:1.0.11-1.el6 lxc-libs.x86_64 0:1.0.11-1.el6
Complete!
四、docker 验证
1 查看 docker 版本
root 用户执行如下命令查看 docker 的版本信息
[root@hadoop2 ~]# docker -v
Docker version 1.7.1, build 786b29d/1.7.1
2 启动 docker
[root@hadoop2 ~]# service docker start
Starting cgconfig service: [ OK ]
Starting docker: [ OK ]
[root@hadoop2 ~]#
或者
[root@hadoop2 ~]# docker -d
WARN[0000] You are running linux kernel version 2.6.32-573.el6.x86_64, which might be unstable running docker. Please upgrade your kernel to 3.10.0.
INFO[0000] Listening for HTTP on unix (/var/run/docker.sock)
INFO[0000] [graphdriver] using prior storage driver "devicemapper"
WARN[0000] Running modprobe bridge nf_nat failed with message: , error: exit status 1
INFO[0000] Loading containers: start.
...
INFO[0000] Loading containers: done.
INFO[0000] Daemon has completed initialization
INFO[0000] Docker daemon commit=786b29d/1.7.1 execdriver=native-0.2 graphdriver=devicemapper version=1.7.1
3 查看 docker 运行状态
[root@hadoop2 ~]# service docker status
docker (pid 87987) is running...
4 查看 docker 运行日志
[root@hadoop2 ~]# tail -100f /var/log/docker
\nTue Oct 9 01:18:40 PDT 2018\n
time="2018-10-09T01:18:40.890641799-07:00" level=warning msg="You are running linux kernel version 2.6.32-573.el6.x86_64, which might be unstable running docker. Please upgrade your kernel to 3.10.0."
time="2018-10-09T01:18:40.949152236-07:00" level=info msg="Listening for HTTP on unix (/var/run/docker.sock)"
time="2018-10-09T01:18:44.811034484-07:00" level=warning msg="Running modprobe bridge nf_nat failed with message: insmod /lib/modules/2.6.32-573.el6.x86_64/kernel/net/ipv4/netfilter/nf_nat.ko \n, error: exit status 1"
time="2018-10-09T01:18:45.003556974-07:00" level=info msg="Loading containers: start."
time="2018-10-09T01:18:45.003712187-07:00" level=info msg="Loading containers: done."
time="2018-10-09T01:18:45.003729176-07:00" level=info msg="Daemon has completed initialization"
time="2018-10-09T01:18:45.003745856-07:00" level=info msg="Docker daemon" commit="786b29d/1.7.1" execdriver=native-0.2 graphdriver=devicemapper version=1.7.1
time="2018-10-09T01:19:33.300801075-07:00" level=info msg="Processing signal 'terminated'"
\nTue Oct 9 01:21:40 PDT 2018\n
time="2018-10-09T01:21:40.108192135-07:00" level=warning msg="You are running linux kernel version 2.6.32-573.el6.x86_64, which might be unstable running docker. Please upgrade your kernel to 3.10.0."
time="2018-10-09T01:21:40.165891525-07:00" level=info msg="Listening for HTTP on unix (/var/run/docker.sock)"
time="2018-10-09T01:21:40.188680250-07:00" level=info msg="[graphdriver] using prior storage driver \"devicemapper\""
time="2018-10-09T01:21:40.205446278-07:00" level=warning msg="Running modprobe bridge nf_nat failed with message: , error: exit status 1"
time="2018-10-09T01:21:40.316407475-07:00" level=info msg="Loading containers: start."
time="2018-10-09T01:21:40.316574302-07:00" level=info msg="Loading containers: done."
time="2018-10-09T01:21:40.316590896-07:00" level=info msg="Daemon has completed initialization"
time="2018-10-09T01:21:40.316609690-07:00" level=info msg="Docker daemon" commit="786b29d/1.7.1" execdriver=native-0.2 graphdriver=devicemapper version=1.7.1
可以看到运行日志中有两条警告信息:
(a) You are running linux kernel version 2.6.32-573.el6.x86_64, which might be unstable running docker. Please upgrade your kernel to 3.10.0. 这条警告主要是对 Linux 内核的检查和警告,大致意思就是说当前运行 docker 的 linux 内核版本为 2.6,可能有不稳定的风险,请将内核升级到 3.10.0 版本。(实际看来,2.6 版本的运行并没有问题,当然如果条件允许,你也可以升级你的内核版本,见:)
(b) Running modprobe bridge nf_nat failed with message: , error: exit status 1
4 停止 docker
[root@hadoop2 ~]# service docker stop
Stopping docker: [ OK ]
[root@hadoop2 ~]#
5 重启 docker
[root@hadoop2 ~]# service docker restart
Stopping docker: [ OK ]
Starting docker: [ OK ]
[root@hadoop2 ~]#
6 设置开机自启动
正常情况下,docker 安装完成后会自动设置开机自启动,可执行如下命令查看,如果 2、3、4、5 项的值为 on,则表示已经开启。
[root@hadoop2 ~]# chkconfig | grep docker
docker 0:off 1:off 2:on 3:on 4:on 5:on 6:off
如果没有设置开机自启动,所有项都为 off,此种情况执行如下命令即可开启自启动。
[root@hadoop2 ~]# chkconfig docker on
[root@hadoop2 ~]# chkconfig | grep docker
docker 0:off 1:off 2:on 3:on 4:on 5:on 6:off
五、docker hello-world
root 用户运行如下命令 docker run hello-world 运行一个 hello-world 的镜像,从运行日志来看,我们的本地没有 hello-world 的镜像时,会从 docker 的官方镜像去拉取一个 hello-world 的镜像并运行。
[root@hadoop2 ~]# docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from hello-world
74bc6c628a00: Pull complete
19b3f968b60c: Pull complete
Digest: sha256:523e382ab1801f2a616239b1052bb7ee5a7cce6a06cfed27ccb93680eacad6ef
Status: Downloaded newer image for hello-world:latest
...
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
如能够出现如上高亮部分的显示内容,表明 docker 的安装与运行都是正确的。
近期评论