Sign in Subscribe
Docker

安装docker

qianqian

4 min read

1、安装前先关闭防火墙和selinux

关闭防火墙:

[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld

关闭selinux:

[root@localhost ~]# vi /etc/selinux/config

把如下的SELINUX修改成disabled

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

修改后重启linux:

[root@localhost ~]# reboot

重启后执行如下命令查看selinux是否关闭,如果显示Disabled则表示已关闭:

 [root@localhost ~]# getenforce

Last login: Tue Apr 29 16:50:26 2025 from 192.168.101.121
[root@localhost ~]# getenforce
Disabled
[root@localhost ~]#

2、开启IPv4 转发

开启IPv4 转发,将网卡的路由功能开启,使容器能够和linux宿主机进行网络通信

[root@localhost ~]# vi /etc/sysctl.conf

在末尾增加一行net.ipv4.ip_forward=1

# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).

重启网卡:

[root@localhost ~]# systemctl restart network

检查配置是否生效

[root@localhost ~]# sysctl net.ipv4.ip_forward

执行以上命令,若显式如下,则表示配置成功:

[root@localhost ~]# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1

3、安装需要的系统工具

[root@localhost ~]# yum install -y yum-utils device-mapper-persistent-data lvm2

4、添加软件源信息

[root@localhost ~]# yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

添加后查询/etc/yum.repos.d目录下多出一个docker-ce.repo源,证明添加成功了。

[root@localhost ~]# ll /etc/yum.repos.d/
total 48
-rw-r--r--. 1 root root 1841 Apr 29 15:57 CentOS-Base.repo
-rw-r--r--. 1 root root 1664 Apr 29 15:56 CentOS-Base.repo.bak
-rw-r--r--. 1 root root 1309 May 21  2024 CentOS-CR.repo
-rw-r--r--. 1 root root  649 May 21  2024 CentOS-Debuginfo.repo
-rw-r--r--. 1 root root  314 May 21  2024 CentOS-fasttrack.repo
-rw-r--r--. 1 root root  630 May 21  2024 CentOS-Media.repo
-rw-r--r--. 1 root root 1331 May 21  2024 CentOS-Sources.repo
-rw-r--r--. 1 root root 9454 May 21  2024 CentOS-Vault.repo
-rw-r--r--. 1 root root  616 May 21  2024 CentOS-x86_64-kernel.repo
-rw-r--r--  1 root root 2081 Apr 29 16:53 docker-ce.repo

5、安装Docker-CE(Docker社区版)

 [root@localhost ~]# yum makecache fast
 [root@localhost ~]# yum -y install docker-ce

6、启动docker服务,并设置docker开机自动启动

 [root@localhost ~]# systemctl start docker
 [root@localhost ~]# systemctl enable docker

7、配置docker加速器

 [root@localhost ~]# vi /etc/docker/daemon.json

配置如下,使该文件只有如下内容:

 {
 "registry-mirrors": [
 "https://kfwkfulq.mirror.aliyuncs.com",
 "https://2lqq34jg.mirror.aliyuncs.com",
 "https://pee6w651.mirror.aliyuncs.com",
 "https://registry.docker-cn.com",
 "http://hub-mirror.c.163.com"
 ],
 "dns": ["8.8.8.8","8.8.4.4"]
 }


{
  "registry-mirrors": [
    "https://docker.1panelproxy.com",
    "https://2m11665s.mirror.aliyuncs.com",
    "https://registry.docker-cn.com",
    "https://dockerhub.azk8s.cn",
    "https://docker.mirrors.ustc.edu.cn",
    "http://hub-mirror.c.163.com",
    "https://k8s.gcr.io",
    "https://github-releases.githubusercontent.com",
    "https://ustc-edu-cn.mirror.aliyuncs.com"
  ]
}

保存,退出。

8、 配置后重启docker

 [root@localhost ~]# systemctl daemon-reload
 [root@localhost ~]# systemctl restart docker

查看docker服务是否启动正常

[root@localhost ~]# systemctl status docker

9、链接超时配置

1、同步时间

# 下载ntpdate
yum install -y ntpdate
# 时间同步
ntpdate cn.pool.ntp.org

2、链接超时

# 错误为:Error response from daemon: Get "https://index.docker.io/v1/search?q=mysql&n=25": dial tcp 69.171.229.11:443: i/o timeout

docker拉取最新的镜像,默认是去官方镜像仓库https://hub.docker.com/,但好像大陆官方很难拉取,所以导致拉取失败

所以更改daemon.json文件的镜像源

# 1、修改docker配置
vi /etc/docker/daemon.json

# 2、配置信息
# 中科院
{
"registry-mirrors":["https://docker.mirrors.ustc.edu.cn"]
}
# 阿里云
{
"registry-mirrors":["https://6kx4zyno.mirror.aliyuncs.com"]
}
# Docker中国区官方镜像:
# https://registry.docker-cn.com
# 网易:
# http://hub-mirror.c.163.com
# 中国科技大学:
# https://docker.mirrors.ustc.edu.cn
# 阿里云:
# https://cr.console.aliyun.com/

# 3、重启
systemctl daemon-reload
systemctl restart docker

3、2025年目前还可用的docker镜像源

docker.1ms.run  # 一般用这个
docker.domys.cc
docker.imgdb.de
docker-0.unsee.tech
docker.hlmirror.com
cjie.eu.org
docker.m.daocloud.io
hub.rat.dev
docker.1panel.live
docker.rainbond.cc

Sign up for more like this.

Enter your email
Subscribe