以下命令均以root权限执行

卸载docker旧版本

yum remove docker docker-client docker-client-latest docker-common docker-latest docker-latest-logrotate docker-logrotate docker-selinux docker-engine-selinux docker-engine

安装相关工具类

yum install -y yum-utils device-mapper-persistent-data lvm2

配置阿里云的仓库

yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

安装docker

yum install docker-ce

执行安装docker

yum install docker-ce
 
Installed:
  docker-ce.x86_64 0:18.03.0.ce-1.el7.centos
 
Dependency Installed:
  audit-libs-python.x86_64 0:2.7.6-3.el7 checkpolicy.x86_64 0:2.5-4.el7   container-selinux.noarch 2:2.42-1.gitad8f0f7.el7 libcgroup.x86_64 0
  libtool-ltdl.x86_64 0:2.4.2-22.el7_3   pigz.x86_64 0:2.3.3-1.el7.centos policycoreutils-python.x86_64 0:2.5-17.1.el7     python-IPy.noarch
 
Complete!

启动docker

systemctl start docker

验证docker

docker run hello-world

出现以下内容则表示安装成功

Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
9bb5a5d4561a: Pull complete
Digest: sha256:f5233545e43561214ca4891fd1157e1c3c563316ed8e237750d59bde73361e77
Status: Downloaded newer image for hello-world:latest
 
Hello from Docker!
This message shows that your installation appears to be working correctly.
 
To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
    (amd64)
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.
 
To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash
 
Share images, automate workflows, and more with a free Docker ID:
 https://hub.docker.com/
 
For more examples and ideas, visit:

设置开机自启

chkconfig docker on

升级docker ce

yum -y upgrade

配置国内镜像与存储目录

vim /etc/docker/daemon.json

registry-mirrors 为镜像地址

docker 版本<20 graph 为存储目录 建议不要使用默认的 否则空间会不够用

docker 版本>20 graph已经弃用 需使用 data-root

{
  "registry-mirrors": [
    "https://docker.m.daocloud.io",
    "https://docker.nju.edu.cn",
    "https://dockerproxy.com"
  ],
  "data-root": "/home/docker"
}

重启docker

systemctl daemon-reload
systemctl restart docker

Linux 安装 docker-compose

从狮子大佬gitee中下载resources: 一些静态资源存储666 (gitee.com)

下载好之后 上传到系统 /usr/local/bin 目录 并改名为 docker-compose

授权

chmod +x /usr/local/bin/docker-compose

检查版本

1.27.4

docker-compose -version

2.2.2

docker-compose version

docker 开启端口 2375 供外部程序访问 (不推荐,容易被黑客利用)

重点 : 写在最前面,该方法有漏洞,容易被黑客远程放入挖矿机镜像,开启需做好防范

推荐使用 CA加密端口 或者 使用 SSH 转发端口

推荐使用 CA加密端口 或者 使用 SSH 转发端口

docker服务文件位置 /usr/lib/systemd/system/docker.service

编辑 docker.service

找到Service标签下的ExecStart属性

注释掉原来的 , 添加如下内容

ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock --containerd=/run/containerd/containerd.sock

重新加载配置并重启docker服务

systemctl daemon-reload
systemctl restart docker.service

记得关闭防火墙或者在防火墙放行2375端口

systemctl stop firewalld.service