Docker 离线安装
大约 3 分钟约 1043 字
Docker 离线安装
工作准备
# 准备一台正常访问外网的CentOS7虚拟机,用于官方镜像下载导出
# 访问https://download.docker.com/linux/static/stable/x86_64/站点下载需要的docker版本二进制文件
# 以下用docker-20.10.9.tgz作为示例
# 上传docker-20.10.9.tgz至需要安装的虚拟机
开始离线安装Docker
解压docker软件压缩包
tar -zxvf docker-20.10.9.tgz
把docker文件里面的内容复制到bin目录下
cp docker/* /usr/bin
#输入y确认 ,如出现文件列表,进入命令模式重新执行一下
在/etc/systemd/system目录下创建文件 docker.socket和docker.service以及containerd.service
cd /etc/systemd/system
vi docker.socke
# ====================内容=============================
[Unit]
Description=Docker Socket for the API
PartOf=docker.service
[Socket]
ListenStream=/var/run/docker.sock
SocketMode=0660
SocketUser=root
SocketGroup=docker
[Install]
WantedBy=sockets.target
# ====================内容=============================
#保存退出
vi docker.service
# ====================内容=============================
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network.target
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
#ExecStart=/usr/bin/dockerd
#ExecStart=/usr/bin/docker daemon --tlsverify --tlscacert=/root/openssl/ca.pem --tlscert=/root/openssl/server-cert.pem --tlskey=/root/openssl/server-key.pem --registry-mirror=http://3cda3ca9.m.daocloud.io -H tcp://0.0.0.0:2376
#ExecStart=/usr/bin/docker daemon --registry-mirror=http://3cda3ca9.m.daocloud.io -H fd:// -H tcp://0.0.0.0:2375
#ExecStart=/usr/bin/dockerd --registry-mirror=http://3cda3ca9.m.daocloud.io
ExecStart=/usr/bin/dockerd --registry-mirror=http://3cda3ca9.m.daocloud.io -H unix:///var/run/docker.sock -H tcp://0.0.0.0:2375
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
[Install]
WantedBy=multi-user.target
# ====================内容=============================
#保存退出
vi containerd.service
# ====================内容=============================
# Copyright The containerd Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
[Unit]
Description=containerd container runtime
Documentation=https://containerd.io
After=network.target local-fs.target
[Service]
ExecStartPre=-/sbin/modprobe overlay
ExecStart=/usr/local/bin/containerd
Type=notify
Delegate=yes
KillMode=process
Restart=always
RestartSec=5
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNPROC=infinity
LimitCORE=infinity
LimitNOFILE=infinity
# Comment TasksMax if your systemd version does not supports it.
# Only systemd 226 and above support this version.
TasksMax=infinity
OOMScoreAdjust=-999
[Install]
WantedBy=multi-user.target
# ====================内容=============================
#保存退出
重新加载配置文件
systemctl daemon-reload
创建组
groupadd docker
启动docker
systemctl start docker
设置开机自启动
# 执行此命令初次会展示创建links,如不放心执行两遍
systemctl enable docker.service
检查是否报错
docker ps
准备离线镜像包
提示
以下操作,离线环境下无法拉取镜像包通用
使用有网环境下载镜像文件并上传启动运行
# 以rabbitmq 为参照示例
#拉取镜像
docker pull rabbitmq:management
# 导出镜像
#-o 可指定存放路径,此命令示范为当前文件夹
docker save -o rabbitmq.tar rabbitmq:management
#下载rabbitmq.tar转移至离线虚拟机
上传后导入镜像并运行
#上传后cd至上传目录执行以下命令导入镜像
docker load < ./rabbitmq.tar
#运行docker images查看是否存在镜像
docker images
#运行rabbitmq
# 创建本地目录
mkdir -p /usr/local/docker/rabbitmq/1/lib
mkdir -p /usr/local/docker/rabbitmq/1/log
chmod -R 777 /usr/local/docker/rabbitmq/1/log
#运行容器 RABBITMQ_DEFAULT_PASS 自定定义密码 111111只是示范
sudo docker run -d \
--restart=always \
--hostname rabbitmq \
--name rabbitmq \
-p 15672:15672 \
-p 5672:5672 \
-e RABBITMQ_DEFAULT_USER=admin \
-e RABBITMQ_DEFAULT_PASS=111111 \
-e RABBITMQ_ERLANG_COOKIE='rabbitmq_cookie' \
--privileged=true \
-v /usr/local/docker/rabbitmq/1/lib:/var/lib/rabbitmq \
-v /usr/local/docker/rabbitmq/1/log:/var/log/rabbitmq \
rabbitmq:management
#运行docker ps 查看是否运行成功
docker ps
如有防火墙,开放相关端口
#查看防火墙目前的放行端口列表
firewall-cmd --list-ports
#添加防火墙放行端口(permanent代表永久生效)
firewall-cmd --add-port=15672/tcp --permanent
firewall-cmd --add-port=5672/tcp --permanent
#重新加载防火墙(添加完放行端口一定要重新加载防火墙)
firewall-cmd --reload
浏览器访问检查是否正常
# 地址
http://ip:port
# 输入账户,密码进入控制面板