官方资源
install Docker-ce On Centos
安装必须的软件包
yum-utils提供了yum-config-manager工具,device-mapper-persistent-data和lvm2被存储驱动devicemapper所需要。
1
| sudo yum install -y yum-utils device-mapper-persistent-data lvm2
|
使用stable仓库源
1
| sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
|
清理已安装
1
2
3
4
5
6
7
8
9
|
sudo yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
|
安装docker
1
| sudo yum -y install docker-ce docker-ce-cli containerd.io
|
启动docker
1
| sudo systemctl start docker.service
|
验证是否正确启动
1
| sudo docker run hello-world
|
设置自动启动
1
| sudo systemctl enable docker.service
|
更改数据目录
或者将/var/lib/docker挂载到足够大的数据目录上
1
| vi /lib/systemd/system/docker.service
|
##找到ExecStart=/usr/bin/dockerd -H fd://行修改增加graph参数
ExecStart=/usr/bin/dockerd --graph=/data/docker -H unix:///var/run/docker.sock
启用ssl远程通讯
具体证书生成可参考文章使用openssl生成单CN的自签名证书
1
| vi /lib/systemd/system/docker.service
|
##找到ExecStart=/usr/bin/dockerd行修改增加tls参数
ExecStart=/usr/bin/dockerd --tlsverify --tlscacert=/root/ca-cert.pem --tlscert=/root/server-cert.pem --tlskey=/root/server-key.pem -H tcp://0.0.0.0:2376 -H unix:///var/run/docker.sock
重载配置并重启服务
1
2
| systemctl daemon-reload
sudo systemctl restart docker.service
|
测试连通性
1
2
|
docker --tlsverify --tlscacert=/root/ca-cert.pem --tlscert=/root/client-cert.pem --tlskey=/root/client-key.pem -H=[host]:2376 version
|
可能结果
Client:
Version: 18.09.2
API version: 1.39
Go version: go1.10.6
Git commit: 6247962
Built: Sun Feb 10 04:13:27 2019
OS/Arch: linux/amd64
Experimental: false
Server: Docker Engine - Community
Engine:
Version: 18.09.2
API version: 1.39 (minimum version 1.12)
Go version: go1.10.6
Git commit: 6247962
Built: Sun Feb 10 03:47:25 2019
OS/Arch: linux/amd64
Experimental: false