1、检查系统内核
Docker 要求 CentOS 系统的内核版本高于 3.10 ,查看本页面的前提条件来验证你的CentOS 版本是否支持 Docker 。
通过 uname -r 命令查看你当前的内核版本。
[xcbeyond@docker ~]$ uname -r
3.10.0-327.10.1.el7.x86_64
2、安装Docker
安装过程及其坎坷,出现了各种问题,并进行记录整个过程,与大家进行分享。2.1 节记录安装过程中出现的各种问题,2.2节整理的是安装成功过程,作为正常安装步骤。
2.1 安装失败
(1)Docker 软件包和依赖包已经包含在默认的 CentOS-Extras 软件源里。执行命令yum install docker
安装过程如下:
[xcbeyond@docker etc]$ sudo yum install docker
Loaded plugins: fastestmirror, langpacks
base | 3.6 kB 00:00:00
docker-ce-stable | 2.9 kB 00:00:00
extras | 3.4 kB 00:00:00
updates | 3.4 kB 00:00:00
docker-ce-stable/x86_64/primar FAILED
https://mirrors.aliyun.com/docker-ce/linux/centos/7/x86_64/stable/repodata/251ca0bf128072f68c0ccae90067d231841488501814e0b0b6f492c17c069daa-primary.sqlite.bz2: [Errno 14] curl#60 - "Peer's Certificate issuer is not recognized."
Trying other mirror.
It was impossible to connect to the CentOS servers.
This could mean a connectivity issue in your environment, such as the requirement to configure a proxy,
or a transparent proxy that tampers with TLS security, or an incorrect system clock.
You can try to solve this issue by using the instructions on https://wiki.centos.org/yum-errors
If above article doesn't help to resolve this issue please use https://bugs.centos.org/.
Loading mirror speeds from cached hostfile
* base: mirrors.nwsuaf.edu.cn
* extras: mirror.lzu.edu.cn
* updates: mirrors.163.com
docker-ce-stable/x86_64/primar FAILED
https://mirrors.aliyun.com/docker-ce/linux/centos/7/x86_64/stable/repodata/251ca0bf128072f68c0ccae90067d231841488501814e0b0b6f492c17c069daa-primary.sqlite.bz2: [Errno 14] curl#60 - "Peer's Certificate issuer is not recognized."
Trying other mirror.
docker-ce-stable/x86_64/primary_db | 15 kB 00:00:00
Resolving Dependencies
………………
Transaction Summary
========================================================================================
Install 1 Package (+12 Dependent packages)
Upgrade 1 Package (+15 Dependent packages)
Total download size: 38 M
Is this ok [y/d/N]: y
Downloading packages:
No Presto metadata available for base
updates/7/x86_64/prestodelta | 538 kB 00:00:00
(1/29): atomic-registries-1.22.1-22.git5a342e3.el7.x86_64.rpm | 35 kB 00:00:00
(2/29): container-selinux-2.68-1.el7.noarch.rpm | 36 kB 00:00:00
(3/29): docker-common-1.13.1-74.git6e3bb8e.el7.centos.x86_64.rpm | 92 kB 00:00:00
(4/29): container-storage-setup-0.11.0-2.git5eaf76c.el7.noarch.r | 35 kB 00:00:00
(5/29): libselinux-2.5-12.el7.x86_64.rpm | 162 kB 00:00:00
(6/29): libselinux-utils-2.5-12.el7.x86_64.rpm | 151 kB 00:00:00
(7/29): libselinux-python-2.5-12.el7.x86_64.rpm | 235 kB 00:00:00
(8/29): libsemanage-2.5-11.el7.x86_64.rpm | 150 kB 00:00:00
………………
(29/29): docker-1.13.1-74.git6e3bb8e.el7.centos.x86_64.rpm | 16 MB 00:00:09
----------------------------------------------------------------------------------------
Total 3.9 MB/s | 38 MB 00:09
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Updating : libsepol-2.5-8.1.el7.x86_64 1/45
Updating : libselinux-2.5-12.el7.x86_64 2/45
Updating : libsemanage-2.5-11.el7.x86_64 3/45
Installing : lz4-1.7.5-2.el7.x86_64 4/45
Updating : systemd-libs-219-57.el7_5.1.x86_64 5/45
Updating : systemd-219-57.el7_5.1.x86_64 6/45
Updating : libselinux-utils-2.5-12.el7.x86_64 7/45
Updating : policycoreutils-2.5-22.el7.x86_64 8/45
Updating : selinux-policy-3.13.1-192.el7_5.6.noarch 9/45
Updating : selinux-policy-targeted-3.13.1-192.el7_5.6.noarch 10/45
warning: /etc/selinux/targeted/seusers created as /etc/selinux/targeted/seusers.rpmnew
‘/etc/selinux/targeted/modules/active/seusers’ -> ‘/etc/selinux/targeted/active/seusers.local’
Installing : 1:oci-register-machine-0-6.git2b44233.el7.x86_64 11/45
Updating : libsemanage-python-2.5-11.el7.x86_64 12/45
Updating : libselinux-python-2.5-12.el7.x86_64 13/45
Installing : 1:oci-systemd-hook-0.1.17-2.git83283a0.el7.x86_64 14/45
Installing : 2:oci-umount-2.3.3-3.gite3c9055.el7.x86_64 15/45
Updating : setools-libs-3.3.8-2.el7.x86_64 16/45
Updating : policycoreutils-python-2.5-22.el7.x86_64 17/45
Installing : 2:container-selinux-2.68-1.el7.noarch 18/45
Installing : container-storage-setup-0.11.0-2.git5eaf76c.el7.noarch 19/45
Installing : python-pytoml-0.1.14-1.git7dea353.el7.noarch 20/45
Installing : 1:atomic-registries-1.22.1-22.git5a342e3.el7.x86_64 21/45
Installing : 1:skopeo-containers-0.1.31-1.dev.gitae64ff7.el7.centos.x86_64 22/45
Installing : 2:docker-common-1.13.1-74.git6e3bb8e.el7.centos.x86_64 23/45
Installing : 2:docker-client-1.13.1-74.git6e3bb8e.el7.centos.x86_64 24/45
Installing : subscription-manager-rhsm-certificates-1.20.11-1.el7.centos.x86_ 25/45
Installing : 2:docker-1.13.1-74.git6e3bb8e.el7.centos.x86_64 26/45
Updating : systemd-python-219-57.el7_5.1.x86_64 27/45
Updating : systemd-sysv-219-57.el7_5.1.x86_64 28/45
Updating : libgudev1-219-57.el7_5.1.x86_64 29/45
Cleanup : policycoreutils-python-2.2.5-20.el7.x86_64 30/45
Cleanup : selinux-policy-targeted-3.13.1-60.el7_2.3.noarch 31/45
warning: /etc/selinux/targeted/modules/active/seusers.final saved as /etc/selinux/targeted/modules/active/seusers.final.rpmsave
Cleanup : systemd-python-219-19.el7_2.4.x86_64 32/45
Cleanup : selinux-policy-3.13.1-60.el7_2.3.noarch 33/45
Cleanup : systemd-sysv-219-19.el7_2.4.x86_64 34/45
Cleanup : policycoreutils-2.2.5-20.el7.x86_64 35/45
Cleanup : systemd-219-19.el7_2.4.x86_64 36/45
Cleanup : setools-libs-3.3.7-46.el7.x86_64 37/45
Cleanup : libselinux-utils-2.2.2-6.el7.x86_64 38/45
Cleanup : libselinux-python-2.2.2-6.el7.x86_64 39/45
Cleanup : libsemanage-python-2.1.10-18.el7.x86_64 40/45
Cleanup : libsemanage-2.1.10-18.el7.x86_64 41/45
Cleanup : libgudev1-219-19.el7_2.4.x86_64 42/45
Cleanup : systemd-libs-219-19.el7_2.4.x86_64 43/45
Cleanup : libselinux-2.2.2-6.el7.x86_64 44/45
Cleanup : libsepol-2.1.9-3.el7.x86_64 45/45
Verifying : libsemanage-python-2.5-11.el7.x86_64 1/45
Verifying : libsemanage-2.5-11.el7.x86_64 2/45
Verifying : libselinux-python-2.5-12.el7.x86_64 3/45
Verifying : subscription-manager-rhsm-certificates-1.20.11-1.el7.centos.x86_ 4/45
Verifying : 2:container-selinux-2.68-1.el7.noarch 5/45
Verifying : libselinux-utils-2.5-12.el7.x86_64 6/45
Verifying : policycoreutils-2.5-22.el7.x86_64 7/45
Verifying : libsepol-2.5-8.1.el7.x86_64 8/45
Verifying : 1:skopeo-containers-0.1.31-1.dev.gitae64ff7.el7.centos.x86_64 9/45
Verifying : policycoreutils-python-2.5-22.el7.x86_64 10/45
Verifying : 1:oci-systemd-hook-0.1.17-2.git83283a0.el7.x86_64 11/45
Verifying : selinux-policy-targeted-3.13.1-192.el7_5.6.noarch 12/45
Verifying : python-pytoml-0.1.14-1.git7dea353.el7.noarch 13/45
Verifying : systemd-python-219-57.el7_5.1.x86_64 14/45
Verifying : systemd-219-57.el7_5.1.x86_64 15/45
Verifying : libgudev1-219-57.el7_5.1.x86_64 16/45
Verifying : 2:docker-common-1.13.1-74.git6e3bb8e.el7.centos.x86_64 17/45
Verifying : systemd-libs-219-57.el7_5.1.x86_64 18/45
Verifying : lz4-1.7.5-2.el7.x86_64 19/45
Verifying : 1:oci-register-machine-0-6.git2b44233.el7.x86_64 20/45
Verifying : 2:oci-umount-2.3.3-3.gite3c9055.el7.x86_64 21/45
Verifying : 2:docker-client-1.13.1-74.git6e3bb8e.el7.centos.x86_64 22/45
Verifying : 2:docker-1.13.1-74.git6e3bb8e.el7.centos.x86_64 23/45
Verifying : systemd-sysv-219-57.el7_5.1.x86_64 24/45
Verifying : setools-libs-3.3.8-2.el7.x86_64 25/45
Verifying : libselinux-2.5-12.el7.x86_64 26/45
Verifying : 1:atomic-registries-1.22.1-22.git5a342e3.el7.x86_64 27/45
Verifying : container-storage-setup-0.11.0-2.git5eaf76c.el7.noarch 28/45
Verifying : selinux-policy-3.13.1-192.el7_5.6.noarch 29/45
Verifying : systemd-python-219-19.el7_2.4.x86_64 30/45
Verifying : selinux-policy-targeted-3.13.1-60.el7_2.3.noarch 31/45
Verifying : libsemanage-python-2.1.10-18.el7.x86_64 32/45
Verifying : setools-libs-3.3.7-46.el7.x86_64 33/45
Verifying : libsemanage-2.1.10-18.el7.x86_64 34/45
Verifying : systemd-219-19.el7_2.4.x86_64 35/45
Verifying : systemd-sysv-219-19.el7_2.4.x86_64 36/45
Verifying : libselinux-utils-2.2.2-6.el7.x86_64 37/45
Verifying : systemd-libs-219-19.el7_2.4.x86_64 38/45
Verifying : selinux-policy-3.13.1-60.el7_2.3.noarch 39/45
Verifying : libsepol-2.1.9-3.el7.x86_64 40/45
Verifying : libgudev1-219-19.el7_2.4.x86_64 41/45
Verifying : libselinux-python-2.2.2-6.el7.x86_64 42/45
Verifying : policycoreutils-2.2.5-20.el7.x86_64 43/45
Verifying : libselinux-2.2.2-6.el7.x86_64 44/45
Verifying : policycoreutils-python-2.2.5-20.el7.x86_64 45/45
Installed:
docker.x86_64 2:1.13.1-74.git6e3bb8e.el7.centos
Dependency Installed:
atomic-registries.x86_64 1:1.22.1-22.git5a342e3.el7
container-selinux.noarch 2:2.68-1.el7
container-storage-setup.noarch 0:0.11.0-2.git5eaf76c.el7
docker-client.x86_64 2:1.13.1-74.git6e3bb8e.el7.centos
docker-common.x86_64 2:1.13.1-74.git6e3bb8e.el7.centos
lz4.x86_64 0:1.7.5-2.el7
oci-register-machine.x86_64 1:0-6.git2b44233.el7
oci-systemd-hook.x86_64 1:0.1.17-2.git83283a0.el7
oci-umount.x86_64 2:2.3.3-3.gite3c9055.el7
python-pytoml.noarch 0:0.1.14-1.git7dea353.el7
skopeo-containers.x86_64 1:0.1.31-1.dev.gitae64ff7.el7.centos
subscription-manager-rhsm-certificates.x86_64 0:1.20.11-1.el7.centos
Updated:
systemd.x86_64 0:219-57.el7_5.1
Dependency Updated:
libgudev1.x86_64 0:219-57.el7_5.1
libselinux.x86_64 0:2.5-12.el7
libselinux-python.x86_64 0:2.5-12.el7
libselinux-utils.x86_64 0:2.5-12.el7
libsemanage.x86_64 0:2.5-11.el7
libsemanage-python.x86_64 0:2.5-11.el7
libsepol.x86_64 0:2.5-8.1.el7
policycoreutils.x86_64 0:2.5-22.el7
policycoreutils-python.x86_64 0:2.5-22.el7
selinux-policy.noarch 0:3.13.1-192.el7_5.6
selinux-policy-targeted.noarch 0:3.13.1-192.el7_5.6
setools-libs.x86_64 0:3.3.8-2.el7
systemd-libs.x86_64 0:219-57.el7_5.1
systemd-python.x86_64 0:219-57.el7_5.1
systemd-sysv.x86_64 0:219-57.el7_5.1
Complete!
(2)查看Docker版本。执行命令docker version
[xcbeyond@docker etc]$ docker version
Client:
Version: 1.13.1
API version: 1.26
Package version:
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
(3)启动Docker。执行命令 service docker start.
[xcbeyond@docker ~]$ sudo service docker start
Redirecting to /bin/systemctl start docker.service
Job for docker.service failed because the control process exited with error code. See "systemctl status docker.service" and "journalctl -xe" for details.
哎,启动失败了。查看下docker状态,如下所示:
[xcbeyond@docker ~]$ systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Wed 2018-08-29 23:07:19 CST; 1min 13s ago
Docs: http://docs.docker.com
Process: 18527 ExecStart=/usr/bin/dockerd-current --add-runtime docker-runc=/usr/libexec/docker/docker-runc-current --default-runtime=docker-runc --exec-opt native.cgroupdriver=systemd --userland-proxy-path=/usr/libexec/docker/docker-proxy-current --init-path=/usr/libexec/docker/docker-init-current --seccomp-profile=/etc/docker/seccomp.json $OPTIONS $DOCKER_STORAGE_OPTIONS $DOCKER_NETWORK_OPTIONS $ADD_REGISTRY $BLOCK_REGISTRY $INSECURE_REGISTRY $REGISTRIES (code=exited, status=1/FAILURE)
Main PID: 18527 (code=exited, status=1/FAILURE)
Aug 29 23:07:17 docker systemd[1]: Starting Docker Application Container Engine...
Aug 29 23:07:18 docker dockerd-current[18527]: time="2018-08-29T23:07:18.066916004+...d"
Aug 29 23:07:18 docker dockerd-current[18527]: time="2018-08-29T23:07:18.071982389+...1"
Aug 29 23:07:19 docker dockerd-current[18527]: time="2018-08-29T23:07:19.085154395+08...
Aug 29 23:07:19 docker dockerd-current[18527]: Error starting daemon: SELinux is no...e)
Aug 29 23:07:19 docker systemd[1]: docker.service: main process exited, code=exite...URE
Aug 29 23:07:19 docker systemd[1]: Failed to start Docker Application Container Engine.
Aug 29 23:07:19 docker systemd[1]: Unit docker.service entered failed state.
Aug 29 23:07:19 docker systemd[1]: docker.service failed.
Hint: Some lines were ellipsized, use -l to show in full.
网上查阅了大量资料,进行配置的修改等,尝试都未能解决,最终决定还是卸载掉,重新换种方式来安装吧。
2.2 安装成功
(1)卸载docker,并配置docker.repo,如下所示:
[xcbeyond@docker run]$ sudo yum remove docker
……
[xcbeyond@docker run]$ sudo yum remove docker-selinux
……
[xcbeyond@docker run]$ sudo vi /etc/yum.repos.d/docker.repo
[dockerrepo]
name=Docker Repository
baseurl=https://yum.dockerproject.org/repo/main/centos/$releasever/
enabled=1
gpgcheck=1
gpgkey=https://yum.dockerproject.org/gpg
(2)安装docker,执行命令yum install docker-engine,如下所示:
(如失败,则可多执行几次便可。安装过程,因需下载安装包,请耐心等待)
[xcbeyond@docker run]$ sudo yum install docker-engine
Loaded plugins: fastestmirror, langpacks
base | 3.6 kB 00:00:00
dockerrepo | 2.9 kB 00:00:00
extras | 3.4 kB 00:00:00
updates | 3.4 kB 00:00:00
Loading mirror speeds from cached hostfile
* base: mirror.lzu.edu.cn
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package docker-engine.x86_64 0:17.05.0.ce-1.el7.centos will be installed
--> Processing Dependency: docker-engine-selinux >= 17.05.0.ce-1.el7.centos for package: docker-engine-17.05.0.ce-1.el7.centos.x86_64
--> Running transaction check
---> Package docker-engine-selinux.noarch 0:17.05.0.ce-1.el7.centos will be installed
--> Finished Dependency Resolution
Dependencies Resolved
========================================================================================
Package Arch Version Repository Size
========================================================================================
Installing:
docker-engine x86_64 17.05.0.ce-1.el7.centos dockerrepo 19 M
Installing for dependencies:
docker-engine-selinux noarch 17.05.0.ce-1.el7.centos dockerrepo 28 k
Transaction Summary
========================================================================================
Install 1 Package (+1 Dependent package)
Total download size: 20 M
Installed size: 70 M
Is this ok [y/d/N]: y
Downloading packages:
warning: /var/cache/yum/x86_64/7/dockerrepo/packages/docker-engine-selinux-17.05.0.ce-1.el7.centos.noarch.rpm: Header V4 RSA/SHA512 Signature, key ID 2c52609d: NOKEY
Public key for docker-engine-selinux-17.05.0.ce-1.el7.centos.noarch.rpm is not installed
(1/2): docker-engine-selinux-17.05.0.ce-1.el7.centos.noarch.rpm | 28 kB 00:00:01
(2/2): docker-engine-17.05.0.ce-1.el7.centos.x86_64.rpm 22% [================= ] 6.3 kB/s | 4.5 MB 00:40:30 ETA % [================= ] 8.6 kB/docker-engine-17.05.0.ce-1.el7 FAILED 7:57 ETA
https://yum.dockerproject.org/repo/main/centos/7/Packages/docker-engine-17.05.0.ce-1.el7.centos.x86_64.rpm: [Errno 12] Timeout on https://yum.dockerproject.org/repo/main/centos/7/Packages/docker-engine-17.05.0.ce-1.el7.centos.x86_64.rpm: (28, 'Operation too slow. Less than 1000 bytes/sec transferred the last 30 seconds')
Trying other mirror.
(2/2): docker-engine-17.05.0.ce-1.el7.centos.x86_64.rpm | 19 MB 00:08:32
----------------------------------------------------------------------------------------
Total 7.8 kB/s | 20 MB 42:45
Retrieving key from https://yum.dockerproject.org/gpg
Importing GPG key 0x2C52609D:
Userid : "Docker Release Tool (releasedocker) <docker@docker.com>"
Fingerprint: 5811 8e89 f3a9 1289 7c07 0adb f762 2157 2c52 609d
From : https://yum.dockerproject.org/gpg
Is this ok [y/N]: y
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : docker-engine-selinux-17.05.0.ce-1.el7.centos.noarch 1/2
Re-declaration of type docker_t
Failed to create node
Bad type declaration at /etc/selinux/targeted/tmp/modules/400/docker/cil:1
/usr/sbin/semodule: Failed!
Installing : docker-engine-17.05.0.ce-1.el7.centos.x86_64 2/2
Verifying : docker-engine-17.05.0.ce-1.el7.centos.x86_64 1/2
Verifying : docker-engine-selinux-17.05.0.ce-1.el7.centos.noarch 2/2
Installed:
docker-engine.x86_64 0:17.05.0.ce-1.el7.centos
Dependency Installed:
docker-engine-selinux.noarch 0:17.05.0.ce-1.el7.centos
Complete!
(3)启动docker。执行命令systemctl start docker,如下所示:
[xcbeyond@docker run]$ sudo systemctl start docker
哈哈,大功告成,终于安装成功啦。睡觉喽!
如果在检索镜像时,出现如下类似错误:
[docker@docker xcbeyond]$ docker search redis
Error response from daemon: Get https://index.docker.io/v1/search?q=redis&n=25: x509: certificate signed by unknown authority
这是由于无法访问国外docker镜像仓库的原因,或者访问比较慢,可修改为国内docker仓库。docker在中国已经有了仓库:https://www.docker-cn.com/registry-mirror,访问速度还不错。
修改方法:
(如果没有daemon.json文件,则创建)
[docker@docker xcbeyond]$ sudo vi /etc/docker/daemon.json
{
"registry-mirrors": ["https://registry.docker-cn.com"]
}
重启docker,就可以了。
[root@docker docker]# systemctl restart docker
[docker@docker xcbeyond]$ docker search redis
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
redis Redis is an open source key-value store th... 5665 [OK]
bitnami/redis Bitnami Redis Docker Image 88 [OK]
sameersbn/redis 71 [OK]
hypriot/rpi-redis Raspberry Pi compatible redis image 33
tenstartups/redis-commander 32 [OK]
kubeguide/redis-master redis-master with "Hello World!" 26
kubeguide/guestbook-redis-slave Guestbook redis slave 20
redislabs/redis Clustered in-memory database engine compat... 15
webhippie/redis Docker images for redis 9 [OK]
rediscommander/redis-commander Alpine image for redis-commander - Redis m... 8 [OK]
arm32v7/redis Redis is an open source key-value store th... 7
rtoma/logspout-redis-logstash Logspout including Redis adapter for sendi... 5
oliver006/redis_exporter Prometheus Exporter for Redis Metrics. Su... 5
centos/redis-32-centos7 Redis in-memory data structure store, used... 3
tomesar/redis-arm Redis for ARM! 2 [OK]
frodenas/redis A Docker Image for Redis 2 [OK]
dynomitedb/redis Redis backend for DynomiteDB. 2 [OK]
arm64v8/redis Redis is an open source key-value store th... 2
kilsoo75/redis-master This image is for the redis master of SK C... 1
tiredofit/redis Redis Server w/ Zabbix monitoring and S6 O... 1 [OK]
circleci/redis CircleCI images for Redis 1 [OK]
google/guestbook-python-redis A simple guestbook example written in Pyth... 1
anchorfree/redis redis cache server for logging 0
iadvize/redis 0
brendangibat/docker-logspout-redis Docker Logspout container with Logspout-Re... 0 [OK]
本文分享自微信公众号 - 程序猿技术大咖(cxyjsdk)。
如有侵权,请联系 support@oschina.cn 删除。
本文参与“OSC源创计划”,欢迎正在阅读的你也加入,一起分享。
来源:oschina
链接:https://my.oschina.net/u/587487/blog/4572786