1.初始检查及配置
wget https://raw.githubusercontent.com/moby/moby/master/contrib/check-config.sh
bash check-config.sh
2.升级内核
wget https://www.elrepo.org/elrepo-release-6-8.el6.elrepo.noarch.rpm
rpm -Uvh elrepo-release-6-8.el6.elrepo.noarch.rpm
yum --enablerepo=elrepo-kernel install kernel-lt -y
yum --enablerepo=elrepo-kernel install kernel-ml -y
yum -y --enablerepo=elrepo-kernel install kernel-ml.x86_64 kernel-ml-devel.x86_64
yum --disablerepo="*" --enablerepo="elrepo-kernel" list available
uname -r
sed -i 's/^default=1/default=0/' /etc/grub.conf
reboot
3.安装Docker-CE 19.03.4
modprobe bridge
modprobe br_netfilter
modprobe nf_nat
modprobe iptable_nat
cat <<EOF > /etc/sysconfig/modules/ipvs.modules
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF
chmod 755 /etc/sysconfig/modules/ipvs.modules
bash /etc/sysconfig/modules/ipvs.modules
lsmod | grep -e ip_vs -e nf_conntrack_ipv4
sudo groupadd docker
sudo gpasswd -a root docker
sudo usermod -aG docker root
newgrp - docker
setenforce 0
sed -i 's/^SELINUX.*/SELINUX=disabled/' /etc/selinux/config
cat <<EOF >>/etc/fstab
none /sys/fs/cgroup cgroup defaults 0 0
EOF
cat <<EOF >> /etc/sysctl.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-arptables = 1
net.ipv4.ip_forward = 1
net.ipv4.ip_local_port_range=32768 65535
EOF
sysctl -p
wget https://download.docker.com/linux/static/stable/x86_64/docker-19.03.4.tgz
wget https://mirrors.aliyun.com/docker-ce/linux/static/stable/x86_64/docker-19.03.4.tgz
tar xzvf docker-19.03.4.tgz
cp -ar docker/* /usr/bin/
rm -rf docker*
which docker
docker version
mkdir -p /etc/docker
cat <<EOF >/etc/docker/daemon.json
{
"hosts": [ "unix:///var/run/docker.sock" ],
"mtu": 1454,
"debug": false,
"experimental": true,
"metrics-addr": "0.0.0.0:1337",
"selinux-enabled": false,
"registry-mirrors": [ "http://hub-mirror.c.163.com", "https://2508xbaf.mirror.aliyuncs.com", "https://docker.mirrors.ustc.edu.cn", "https://registry.docker-cn.com"],
"insecure-registries":[
"gcr.io",
"quay.io",
"registry.cn-hangzhou.aliyuncs.com",
"registry.senyang.com:5000"
],
"exec-opts": [ "native.cgroupdriver=cgroupfs" ],
"exec-root": "/var/run/docker",
"data-root": "/data/docker/graph",
"storage-driver": "overlay2",
"storage-opts": [ "overlay2.override_kernel_check=true" ],
"live-restore": true,
"max-concurrent-downloads": 10,
"max-concurrent-uploads": 5,
"shutdown-timeout": 15,
"oom-score-adjust": -500,
"default-shm-size": "64M",
"log-driver": "json-file",
"log-level": "warn",
"default-address-pools":[{"base":"172.16.0.0/16","size":24}],
"seccomp-profile": "",
"no-new-privileges": false,
"raw-logs": false
}
EOF
vi /etc/init.d/docker
!/bin/sh
/etc/rc.d/init.d/docker
Daemon for docker.com
chkconfig: 2345 95 95
description: Daemon for docker.com
BEGIN INIT INFO
Provides: docker
Required-Start: $network cgconfig
Required-Stop:
Should-Start:
Should-Stop:
Default-Start: 2 3 4 5
Default-Stop: 0 1 6
Short-Description: start and stop docker
Description: Daemon for docker.com
END INIT INFO
Source function library.
. /etc/rc.d/init.d/functions
prog="dockerd"
exec="/usr/bin/prog.pid"
lockfile="/var/lock/subsys/prog.log"
[ -e /etc/sysconfig/prog
[ -e /etc/sysconfig/prog-storage
prestart() {
service cgconfig status > /dev/null
if [[ $? != 0 ]]; then
service cgconfig start
fi
}
start() {
if [ ! -x exec ]; then
echo "Docker executable exec"
fi
exit 5
fi
check_for_cleanup
if ! [ -f $pidfile ]; then
prestart
printf "Starting $prog:\t"
echo "\n$(date)\n" >> $logfile
$exec --pidfile=$pidfile &>> $logfile &
pid=$!
touch $lockfile
# wait up to 10 seconds for the pidfile to exist. see
# https://github.com/docker/docker/issues/5359
tries=0
while [ ! -f $pidfile -a $tries -lt 10 ]; do
sleep 1
tries=$((tries + 1))
done
success
echo
else
failure
echo
printf "$pidfile still exists...\n"
exit 7
fi
}
stop() {
echo -n prog: "
killproc -p prog
retval=retval -eq 0 ] && rm -f
retval
}
restart() {
stop
start
}
reload() {
restart
}
force_reload() {
restart
}
rh_status() {
status -p prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
check_for_cleanup() {
if [ -f (cat
{pidfile}
fi
}
case "1
;;
stop)
rh_status_q || exit 0
1
;;
reload)
rh_status_q || exit 7
"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
exit 2
esac
exit $?
4.启动Docker
chmod a+x /etc/init.d/docker
chkconfig --add /etc/init.d/docker
chkconfig docker on
service docker stop
service docker restart
service docker status
docker info
网友评论