Docker离线安装

安装docker

安装步骤如下:

  • (1)拷贝docker 到 /usr/bin
  • (2)修改Docker存储路径
1
2
3
4
service docker stop
cd /var/lib/
mv docker/*/home/dockerfile
rm -rf docker
  • (3)进入/home/dockerfile创建软连接
    1
    2
    ln -s/home/dockerfile/ /var/lib/docker
    service docker start

开启远程访问

打开服务配置文件

1
vi /lib/systemd/system/docker.service

在文件中添加以下内容

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38

[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target

[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s


ExecStart=
ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock

[Install]
WantedBy=multi-user.target

开启docker随系统启动模式

1
systemctl enable docker

配置仓库管理地址

这个步骤主要用于开启docker 仓库,如果您不需要将服务器作为docker仓库,可以跳过这个步骤。

1
2
echo 'export DOCKER_HOST=tcp://0.0.0.0:2375' >> /etc/profile 
source /etc/profile

创建docker仓库

1
2
docker pull registry
docker run -d -p 5000:5000 --restart=always --privileged=true -v /opt/registry:/tmp/registry registry

参数说明

  • -d
    后台执行
  • -p
    端口映射, 宿主机80端口映射给容器的5000端口
  • –restart=always
    容器意外关闭后, 自动重启(如果重启docker服务, 带这个参数的, 能自动启动为Up状态, 不带这个的,不会自动启动)
  • -v /opt/registry:/tmp/registry
    默认情况下,会将仓库存放于容器内的/tmp/registry目录下,指定本地目录挂载到容器
  • -privileged=true
    在CentOS7中,安全模块selinux把权限禁掉了,参数给容器加特权,如果不加上这个参数,在传镜像的过程中会报权限错误(OSError: [Errno 13] Permission denied: ‘/tmp/registry/repositories/liibrary’)或者(Received unexpected HTTP status: 500 Internal Server Error)

镜像仓库配置

修改/etc/sysconfig/docker,在已有参数的在后面追加增加以下启动选项 ,保存并重启docker。

  • CentOS 7系统 OPTIONS=’–insecure-registry 192.168.44.240:5000’
  • CentOS 6系统 other_args=’–insecure-registry 192.168.44.240:5000’
    通过修改以上配置,让你的私有仓库支持 http,因为从 docker1.3.2 开始,docker registry 默认都是使用 https 协议而不使用 http