当前位置：首页 > news >正文

灌南住房和城乡建设局网站建立网站的条件

news 2025/11/13 15:35:30

灌南住房和城乡建设局网站,建立网站的条件,厦门网络科技有限公司,建设网站的页面设计Docker简介、基本概念和安装 1.docker简介 1.1 什么是docker Docker 最初是 dotCloud 公司创始人 Solomon Hykes (opens new window)在法国期间发起的一个公司内部项目#xff0c;它是基于 dotCloud 公司多年云服务技术的一次革新#xff0c;并于 2013 年 3 月以 Apache 2…Docker简介、基本概念和安装 1.docker简介 1.1 什么是docker Docker 最初是 dotCloud 公司创始人 Solomon Hykes (opens new window)在法国期间发起的一个公司内部项目它是基于 dotCloud 公司多年云服务技术的一次革新并于 2013 年 3 月以 Apache 2.0 授权协议开源 (opens new window)主要项目代码在 GitHub (opens new window)上进行维护。Docker 项目后来还加入了 Linux 基金会并成立推动开放容器联盟OCI (opens new window)。 Docker 自开源后受到广泛的关注和讨论至今其 GitHub 项目 (opens new window)已经超过 5 万 7 千个星标和一万多个 fork。甚至由于 Docker 项目的火爆在 2013 年底dotCloud 公司决定改名为 Docker (opens new window)。Docker 最初是在 Ubuntu 12.04 上开发实现的Red Hat 则从 RHEL 6.5 开始对 Docker 进行支持Google 也在其 PaaS 产品中广泛应用 Docker。 Docker 使用 Google 公司推出的 Go 语言 (opens new window)进行开发实现基于 Linux 内核的 cgroup (opens new window)namespace (opens new window)以及 OverlayFS (opens new window)类的 Union FS (opens new window)等技术对进程进行封装隔离属于操作系统层面的虚拟化技术 (opens new window)。由于隔离的进程独立于宿主和其它的隔离的进程因此也称其为容器。最初实现是基于 LXC (opens new window)从 0.7 版本以后开始去除 LXC转而使用自行开发的 libcontainer (opens new window)从 1.11 版本开始则进一步演进为使用 runC (opens new window)和 containerd (opens new window)。图1-1 docker架构 runc 是一个 Linux 命令行工具用于根据 OCI容器运行时规范 (opens new window)创建和运行容器。 containerd 是一个守护程序它管理容器生命周期提供了在一个节点上执行容器和管理镜像的最小功能集。 Docker 在容器的基础上进行了进一步的封装从文件系统、网络互联到进程隔离等等极大的简化了容器的创建和维护。使得 Docker 技术比虚拟机技术更为轻便、快捷。图1-2 传统虚拟机技术图1-3 容器技术上面的图片比较了 Docker 和传统虚拟化方式的不同之处。传统虚拟机技术是虚拟出一套硬件后在其上运行一个完整操作系统在该系统上再运行所需应用进程而容器内的应用进程直接运行于宿主的内核容器内没有自己的内核而且也没有进行硬件虚拟。因此容器要比传统虚拟机更为轻便。 1.2 为什么要使用 Docker 作为一种新兴的虚拟化方式Docker 跟传统的虚拟化方式相比具有众多的优势。更高效的利用系统资源由于容器不需要进行硬件虚拟以及运行完整操作系统等额外开销Docker 对系统资源的利用率更高。无论是应用执行速度、内存损耗或者文件存储速度都要比传统虚拟机技术更高效。因此相比虚拟机技术一个相同配置的主机往往可以运行更多数量的应用。更快速的启动时间传统的虚拟机技术启动应用服务往往需要数分钟而 Docker 容器应用由于直接运行于宿主内核无需启动完整的操作系统因此可以做到秒级、甚至毫秒级的启动时间。大大的节约了开发、测试、部署的时间。一致的运行环境开发过程中一个常见的问题是环境一致性问题。由于开发环境、测试环境、生产环境不一致导致有些 bug 并未在开发过程中被发现。而 Docker 的镜像提供了除内核外完整的运行时环境确保了应用运行环境一致性从而不会再出现「这段代码在我机器上没问题啊」这类问题。持续交付和部署对开发和运维DevOps (opens new window)人员来说最希望的就是一次创建或配置可以在任意地方正常运行。使用 Docker 可以通过定制应用镜像来实现持续集成、持续交付、部署。开发人员可以通过 Dockerfile 来进行镜像构建并结合持续集成(Continuous Integration) (opens new window)系统进行集成测试而运维人员则可以直接在生产环境中快速部署该镜像甚至结合持续部署(Continuous Delivery/Deployment) (opens new window)系统进行自动部署。而且使用 Dockerfile 使镜像构建透明化不仅仅开发团队可以理解应用运行环境也方便运维团队理解应用运行所需条件帮助更好的生产环境中部署该镜像。更轻松的迁移由于 Docker 确保了执行环境的一致性使得应用的迁移更加容易。Docker 可以在很多平台上运行无论是物理机、虚拟机、公有云、私有云甚至是笔记本其运行结果是一致的。因此用户可以很轻易的将在一个平台上运行的应用迁移到另一个平台上而不用担心运行环境的变化导致应用无法正常运行的情况。更轻松的维护和扩展 Docker 使用的分层存储以及镜像的技术使得应用重复部分的复用更为容易也使得应用的维护更新更加简单基于基础镜像进一步扩展镜像也变得非常简单。此外Docker 团队同各个开源项目团队一起维护了一大批高质量的官方镜像 (opens new window)既可以直接在生产环境使用又可以作为基础进一步定制大大的降低了应用服务的镜像制作成本。对比传统虚拟机总结特性容器虚拟机启动秒级分钟级硬盘使用一般为 MB一般为 GB性能接近原生弱于系统支持量单机支持上千个容器一般几十个 2.docker的基本概念 2.1 Docker 镜像我们都知道操作系统分为内核和用户空间。对于 Linux 而言内核启动后会挂载 root 文件系统为其提供用户空间支持。而 Docker 镜像Image就相当于是一个 root 文件系统。比如官方镜像 ubuntu:18.04 就包含了完整的一套 Ubuntu 18.04 最小系统的 root 文件系统。 Docker 镜像是一个特殊的文件系统除了提供容器运行时所需的程序、库、资源、配置等文件外还包含了一些为运行时准备的一些配置参数如匿名卷、环境变量、用户等。镜像不包含任何动态数据其内容在构建之后也不会被改变。分层存储因为镜像包含操作系统完整的 root 文件系统其体积往往是庞大的因此在 Docker 设计时就充分利用 Union FS (opens new window)的技术将其设计为分层存储的架构。所以严格来说镜像并非是像一个 ISO 那样的打包文件镜像只是一个虚拟的概念其实际体现并非由一个文件组成而是由一组文件系统组成或者说由多层文件系统联合组成。镜像构建时会一层层构建前一层是后一层的基础。每一层构建完就不会再发生改变后一层上的任何改变只发生在自己这一层。比如删除前一层文件的操作实际不是真的删除前一层的文件而是仅在当前层标记为该文件已删除。在最终容器运行的时候虽然不会看到这个文件但是实际上该文件会一直跟随镜像。因此在构建镜像的时候需要额外小心每一层尽量只包含该层需要添加的东西任何额外的东西应该在该层构建结束前清理掉。分层存储的特征还使得镜像的复用、定制变的更为容易。甚至可以用之前构建好的镜像作为基础层然后进一步添加新的层以定制自己所需的内容构建新的镜像。 2.2 Docker 容器镜像Image和容器Container的关系就像是面向对象程序设计中的类和实例一样镜像是静态的定义容器是镜像运行时的实体。容器可以被创建、启动、停止、删除、暂停等。容器的实质是进程但与直接在宿主执行的进程不同容器进程运行于属于自己的独立的命名空间 (opens new window)。因此容器可以拥有自己的 root 文件系统、自己的网络配置、自己的进程空间甚至自己的用户 ID 空间。容器内的进程是运行在一个隔离的环境里使用起来就好像是在一个独立于宿主的系统下操作一样。这种特性使得容器封装的应用比直接在宿主运行更加安全。也因为这种隔离的特性很多人初学 Docker 时常常会混淆容器和虚拟机。前面讲过镜像使用的是分层存储容器也是如此。每一个容器运行时是以镜像为基础层在其上创建一个当前容器的存储层我们可以称这个为容器运行时读写而准备的存储层为容器存储层。容器存储层的生存周期和容器一样容器消亡时容器存储层也随之消亡。因此任何保存于容器存储层的信息都会随容器删除而丢失。按照 Docker 最佳实践的要求容器不应该向其存储层内写入任何数据容器存储层要保持无状态化。所有的文件写入操作都应该使用数据卷Volume、或者绑定宿主目录在这些位置的读写会跳过容器存储层直接对宿主或网络存储发生读写其性能和稳定性更高。数据卷的生存周期独立于容器容器消亡数据卷不会消亡。因此使用数据卷后容器删除或者重新运行之后数据却不会丢失。 2.3 Docker Registry 镜像构建完成后可以很容易的在当前宿主机上运行但是如果需要在其它服务器上使用这个镜像我们就需要一个集中的存储、分发镜像的服务Docker Registry 就是这样的服务。一个 Docker Registry 中可以包含多个仓库Repository每个仓库可以包含多个标签Tag每个标签对应一个镜像。通常一个仓库会包含同一个软件不同版本的镜像而标签就常用于对应该软件的各个版本。我们可以通过仓库名:标签的格式来指定具体是这个软件哪个版本的镜像。如果不给出标签将以 latest 作为默认标签。以 Ubuntu 镜像 (opens new window)为例ubuntu 是仓库的名字其内包含有不同的版本标签如16.04, 18.04。我们可以通过 ubuntu:16.04或者 ubuntu:18.04 来具体指定所需哪个版本的镜像。如果忽略了标签比如 ubuntu那将视为 ubuntu:latest。仓库名经常以两段式路径形式出现比如 jwilder/nginx-proxy前者往往意味着 Docker Registry 多用户环境下的用户名后者则往往是对应的软件名。但这并非绝对取决于所使用的具体 Docker Registry 的软件或服务。 Docker Registry 公开服务 Docker Registry 公开服务是开放给用户使用、允许用户管理镜像的 Registry 服务。一般这类公开服务允许用户免费上传、下载公开的镜像并可能提供收费服务供用户管理私有镜像。最常使用的 Registry 公开服务是官方的 Docker Hub (opens new window)这也是默认的 Registry并拥有大量的高质量的官方镜像 (opens new window)。除此以外还有 Red Hat 的 Quay.io (opens new window)Google 的 Google Container Registry (opens new window)Kubernetes (opens new window)的镜像使用的就是这个服务代码托管平台 GitHub (opens new window)推出的 ghcr.io (opens new window)。由于某些原因在国内访问这些服务可能会比较慢。国内的一些云服务商提供了针对 Docker Hub 的镜像服务Registry Mirror这些镜像服务被称为加速器。常见的有阿里云加速器 (opens new window)、DaoCloud 加速器 (opens new window)等。使用加速器会直接从国内的地址下载 Docker Hub 的镜像比直接从 Docker Hub 下载速度会提高很多。在安装 Docker 一节中有详细的配置方法。国内也有一些云服务商提供类似于 Docker Hub 的公开服务。比如网易云镜像服务 (opens new window)、DaoCloud 镜像市场 (opens new window)、阿里云镜像库 (opens new window)等。私有 Docker Registry 除了使用公开服务外用户还可以在本地搭建私有 Docker Registry。Docker 官方提供了 Docker Registry (opens new window)镜像可以直接使用做为私有 Registry 服务。在私有仓库一节中会有进一步的搭建私有 Registry 服务的讲解。开源的 Docker Registry 镜像只提供了 Docker Registry API (opens new window)的服务端实现足以支持 docker 命令不影响使用。但不包含图形界面以及镜像维护、用户管理、访问控制等高级功能。除了官方的 Docker Registry 外还有第三方软件实现了 Docker Registry API甚至提供了用户界面以及一些高级功能。比如Harbor (opens new window)和 Sonatype Nexus。 3.docker的安装 3.1 Docker 安装准备官方网址: https://www.docker.com/ 帮助文档链接: https://docs.docker.com/ docker 镜像: https://hub.docker.com/ OS系统版本选择: Docker 目前已经支持多种操作系统的安装运行比如Ubuntu、CentOS、Redhat、Debian、Fedora甚至是还支持了Mac和Windows在linux系统上需要内核版本在3.10或以上 Docker版本选择: docker版本号之前一直是0.X版本或1.X版本但是从2017年3月1号开始改为每个季度发布一次稳定版其版本号规则也统一变更为YY.MM例如17.09表示是2017年9月份发布的 Docker之前没有区分版本但是2017年推出(将docker更名为)新的项目Mobygithub地址: https://github.com/moby/mobyMoby项目属于Docker项目的全新上游Docker将是一个隶属于的Moby的子产品而且之后的版本之后开始区分为 CEDocker Community Edition社区版本和 EEDocker Enterprise Edition企业收费版CE社区版本和EE企业版本都是每个季度发布一个新版本但是EE版本提供后期安全维护1年而CE版本是4个月。 3.2 主机初始化 3.2.1 设置ip地址 Rocky 9和CentOS Stream 9 # Rocky 9和CentOS Stream 9默认支持修改网卡名。 [rootrocky9 ~]# grep plugins /etc/NetworkManager/NetworkManager.conf #pluginskeyfile,ifcfg-rh # 因为网卡命名方式默认是keyfile默认不支持修改网卡名既然官方已经默认是keyfile那这里就不去更改网卡名了。[rootrocky9 ~]# ETHNAMEip addr | awk -F[ :] /^2/{print $3}[rootrocky9 ~]# nmcli con delete ${ETHNAME} nmcli connection add type ethernet con-name ${ETHNAME} ifname ${ETHNAME} ipv4.method manual ipv4.address 172.31.0.9/21 ipv4.gateway 172.31.0.2 ipv4.dns 223.5.5.5,180.76.76.76 autoconnect yes nmcli con reload nmcli con up ${ETHNAME} # 172.31.0.9/21中172.31.0.9是ip地址21是子网位数172.31.0.2是网关地址223.5.5.5, 180.76.76.76都是DNS根据自己的需求修改。[rootrocky9 ~]# ip addr 1: lo: LOOPBACK,UP,LOWER_UP mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens160: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc mq state UP group default qlen 1000link/ether 00:0c:29:37:62:95 brd ff:ff:ff:ff:ff:ffaltname enp3s0inet 172.31.0.9/21 brd 172.31.7.255 scope global noprefixroute ens160valid_lft forever preferred_lft foreverinet6 fe80::51ca:fd5d:3552:677d/64 scope link noprefixroute valid_lft forever preferred_lft forever # 可以看到ip地址已修改。Rocky 8、CentOS Stream 8和CentOS 7 # Rocky 8、CentOS Stream 8和CentOS 7支持修改网卡名。 [rootrocky8 ~]# grep plugins /etc/NetworkManager/NetworkManager.conf #pluginsifcfg-rh # 因为网卡命名方式默认是ifcfg-rh支持修改网卡名。# 修改网卡名称配置文件 [rootrocky8 ~]# sed -ri.bak /^GRUB_CMDLINE_LINUX/s$ net.ifnames0 biosdevname0 /etc/default/grub [rootrocky8 ~]# grub2-mkconfig -o /boot/grub2/grub.cfg Generating grub configuration file ... done# 修改网卡文件名 [rootrocky8 ~]# ETHNAMEip addr | awk -F[ :] /^2/{print $3} [rootrocky8 ~]# mv /etc/sysconfig/network-scripts/ifcfg-${ETHNAME} /etc/sysconfig/network-scripts/ifcfg-eth0[rootrocky8 ~]# shutdown -r now[rootrocky8 ~]# nmcli dev DEVICE TYPE STATE CONNECTION eth0 ethernet connected Wired connection 1 lo loopback unmanaged -- # 可以看到CONNECTION的名字是Wired connection 1要改名才可以下面设置。[rootrocky8 ~]# ETHNAMEip addr | awk -F[ :] /^2/{print $3}[rootrocky8 ~]# nmcli connection modify Wired connection 1 con-name ${ETHNAME} [rootrocky8 ~]# nmcli dev DEVICE TYPE STATE CONNECTION eth0 ethernet connected eth0 lo loopback unmanaged -- # 修改ip地址 [rootrocky8 ~]# nmcli con delete ${ETHNAME} nmcli connection add type ethernet con-name ${ETHNAME} ifname ${ETHNAME} ipv4.method manual ipv4.address 172.31.0.8/21 ipv4.gateway 172.31.0.2 ipv4.dns 223.5.5.5,180.76.76.76 autoconnect yes nmcli con reload nmcli dev up eth0 # 172.31.0.8/21中172.31.0.8是ip地址21是子网位数172.31.0.2是网关地址223.5.5.5, 180.76.76.76都是DNS根据自己的需求修改。[rootrocky8 ~]# ip addr 1: lo: LOOPBACK,UP,LOWER_UP mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc mq state UP group default qlen 1000link/ether 00:0c:29:6f:65:d3 brd ff:ff:ff:ff:ff:ffaltname enp3s0altname ens160inet 172.31.0.8/21 brd 172.31.7.255 scope global noprefixroute eth0valid_lft forever preferred_lft foreverinet6 fe80::e9c9:aa93:4a58:2cc2/64 scope link noprefixroute valid_lft forever preferred_lft forever # 重启系统后可以看到网卡名已经修改成eth0ip地址也已修改。Ubuntu # Ubuntu先启用root用户并设置密码 raymondubuntu2204:~$ cat set_root_login.sh #!/bin/bashread -p 请输入密码: PASSWORD echo ${PASSWORD} |sudo -S sed -ri s#(PermitRootLogin )prohibit-password\1yes /etc/ssh/sshd_config sudo systemctl restart sshd sudo -S passwd root -EOF ${PASSWORD} ${PASSWORD} EOFraymondubuntu2204:~$ bash set_root_login.sh 请输入密码: 123456 [sudo] password for raymond: New password: Retype new password: passwd: password updated successfullyraymondubuntu2204:~$ rm -rf set_root_login.sh# 使用root登陆修改网卡名 rootubuntu2204:~# sed -ri.bak /^GRUB_CMDLINE_LINUX/s$net.ifnames0 biosdevname0 /etc/default/grub rootubuntu2204:~# grub-mkconfig -o /boot/grub/grub.cfg Sourcing file /etc/default/grub Sourcing file /etc/default/grub.d/init-select.cfg Generating grub configuration file ... Found linux image: /boot/vmlinuz-5.15.0-88-generic Found initrd image: /boot/initrd.img-5.15.0-88-generic Warning: os-prober will not be executed to detect other bootable partitions. Systems on them will not be added to the GRUB boot configuration. Check GRUB_DISABLE_OS_PROBER documentation entry. done# Ubuntu 20.04设置ip地址 rootubuntu2004:~# cat /etc/netplan/00-installer-config.yaml -EOF network:version: 2renderer: networkdethernets:eth0:dhcp4: nodhcp6: noaddresses: [172.31.0.20/21] gateway4: 172.31.0.2nameservers:addresses: [223.5.5.5, 180.76.76.76] EOF # 说明Ubuntu20.04网卡配置文件是00-installer-config.yaml172.31.0.20/21中172.31.0.20是ip地址21是子网位数172.31.0.2是网关地址223.5.5.5, 180.76.76.76都是DNS根据自己的需求修改。# Ubuntu 18.04设置ip地址 rootubuntu1804:~# cat /etc/netplan/01-netcfg.yaml -EOF network:version: 2renderer: networkdethernets:eth0:dhcp4: nodhcp6: noaddresses: [172.31.0.18/21] gateway4: 172.31.0.2nameservers:addresses: [223.5.5.5, 180.76.76.76] EOF # 说明Ubuntu18.04网卡配置文件是01-netcfg.yaml172.31.0.18/21中172.31.0.18是ip地址21是子网位数172.31.0.2是网关地址223.5.5.5, 180.76.76.76都是DNS根据自己的需求修改。rootubuntu2004:~# shutdown -r nowrootubuntu2004:~# ip addr 1: lo: LOOPBACK,UP,LOWER_UP mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc fq_codel state UP group default qlen 1000link/ether 00:0c:29:e5:98:6f brd ff:ff:ff:ff:ff:ffinet 172.31.0.20/21 brd 172.31.7.255 scope global eth0valid_lft forever preferred_lft foreverinet6 fe80::20c:29ff:fee5:986f/64 scope link valid_lft forever preferred_lft forever # 重启系统后可以看到网卡名已经修改成eth0ip地址也已修改。# Ubuntu 22.04设置ip地址 rootubuntu2204:~# cat /etc/netplan/00-installer-config.yaml -EOF network:version: 2renderer: networkdethernets:eth0:dhcp4: nodhcp6: noaddresses: [172.31.0.22/21]routes:- to: defaultvia: 172.31.0.2nameservers:addresses: [223.5.5.5, 180.76.76.76] EOF # 说明Ubuntu18.04网卡配置文件是00-installer-config.yaml172.31.0.22/21中172.31.0.22是ip地址21是子网位数172.31.0.2是网关地址Ubuntu 22.04设置网关地址的方法发生了改变参考上面的方法223.5.5.5, 180.76.76.76都是DNS根据自己的需求修改。rootubuntu2204:~# shutdown -r now# 重启后使用新设置的ip登陆 rootubuntu2204:~# ip addr 1: lo: LOOPBACK,UP,LOWER_UP mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc fq_codel state UP group default qlen 1000link/ether 00:0c:29:a7:be:f2 brd ff:ff:ff:ff:ff:ffaltname enp2s1altname ens33inet 172.31.0.22/21 brd 172.31.7.255 scope global eth0valid_lft forever preferred_lft foreverinet6 fe80::20c:29ff:fea7:bef2/64 scope link valid_lft forever preferred_lft forever # 重启系统后可以看到网卡名已经修改成eth0ip地址也已修改。3.2.2 配置镜像源 Rocky 8和9 MIRRORmirrors.sjtug.sjtu.edu.cn sed -i.bak -e s|^mirrorlist|#mirrorlist|g -e s|^#baseurlhttp://dl.rockylinux.org/$contentdir|baseurlhttps://${MIRROR}/rocky|g /etc/yum.repos.d/[Rr]ocky*.repodnf clean all dnf makecacheCentOS Stream 9 cat update_mirror.pl #!/usr/bin/perluse strict; use warnings; use autodie;# 要修改镜像源请去修改url变量 my $url mirrors.aliyun.com; my $mirrors https://$url/centos-stream;if (ARGV 1) {die Usage: $0 filename1 filename2 ...\n; }while (my $filename shift ARGV) {my $backup_filename $filename . .bak;rename $filename, $backup_filename;open my $input, , $backup_filename;open my $output, , $filename;while ($input) {s/^metalink/# metalink/;if (m/^name/) {my (undef, $repo, $arch) split /-/;$repo ~ s/^\s|\s$//g;($arch defined $arch ? lc($arch) : ) ~ s/^\s|\s$//g;if ($repo ~ /^Extras/) {$_ . baseurl${mirrors}/SIGs/\$releasever-stream/extras . ($arch eq source ? /${arch}/ : /\$basearch/) . extras-common\n;} else {$_ . baseurl${mirrors}/\$releasever-stream/$repo . ($arch eq source ? / : /\$basearch/) . ($arch ne ? ${arch}/tree/ : os) . \n;}}print $output $_;} }rpm -q perl /dev/null || { echo -e \\033[01;31m 安装perl工具,请稍等...\033[0m;yum -y install perl ; }perl ./update_mirror.pl /etc/yum.repos.d/centos*.repodnf clean all dnf makecacheCentOS Stream 8 MIRRORmirrors.aliyun.com sed -i.bak -e s|^mirrorlist|#mirrorlist|g -e s|^#baseurlhttp://mirror.centos.org/$contentdir|baseurlhttps://${MIRROR}/centos|g /etc/yum.repos.d/CentOS-*.repodnf clean all dnf makecacheCentOS 7 MIRRORmirrors.aliyun.com sed -i.bak -e s|^mirrorlist|#mirrorlist|g -e s|^#baseurlhttp://mirror.centos.org|baseurlhttps://${MIRROR}|g /etc/yum.repos.d/CentOS-*.repoyum clean all yum makecacheUbuntu 22.04和20.04 MIRRORmirrors.aliyun.com OLD_MIRRORsed -rn s^deb http(.*)://(.*)/ubuntu/? $(lsb_release -cs) main.*\2p /etc/apt/sources.listsed -i.bak s/${OLD_MIRROR}/${MIRROR}/g /etc/apt/sources.listapt updateUbuntu 18.04 MIRRORmirrors.aliyun.com OLD_MIRRORsed -rn s^deb http(.*)://(.*)/ubuntu/? $(lsb_release -cs) main.*\2p /etc/apt/sources.listsed -i.bak s/${OLD_MIRROR}/${MIRROR}/g /etc/apt/sources.listSECURITY_MIRRORsed -rn s^deb http(.*)://(.*)/ubuntu $(lsb_release -cs)-security main.*\2p /etc/apt/sources.listsed -i.bak s/${SECURITY_MIRROR}/${MIRROR}/g /etc/apt/sources.listapt update3.2.3 关闭防火墙 # Rocky和CentOS systemctl disable --now firewalld# CentOS 7 systemctl disable --now NetworkManager# Ubuntu systemctl disable --now ufw3.2.4 禁用SELinux #CentOS setenforce 0 sed -i s#SELINUXenforcing#SELINUXdisabled#g /etc/selinux/config#Ubuntu Ubuntu没有安装SELinux不用设置3.2.5 设置时区 ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime echo Asia/Shanghai /etc/timezone#Ubuntu还要设置下面内容 cat /etc/default/locale -EOF LC_TIMEen_DK.UTF-8 EOF3.3 基于镜像仓库安装docker 3.3.1 在 Ubuntu 上安装 Docker 官方文档: https://docs.docker.com/engine/install/ubuntu/ Ubuntu 18.04、20.04、22.04 安装 docker # step 1: 安装必要的一些系统工具 rootubuntu2204:~# apt update rootubuntu2204:~# apt -y install apt-transport-https ca-certificates curl software-properties-common# step 2: 安装GPG证书 rootubuntu2204:~# curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -# Step 3: 写入软件源信息 rootubuntu2204:~# add-apt-repository deb [archamd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu/ $(lsb_release -cs) stable Repository: deb [archamd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu/ jammy stable Description: Archive for codename: jammy components: stable More info: https://mirrors.aliyun.com/docker-ce/linux/ubuntu/ Adding repository. Press [ENTER] to continue or Ctrl-c to cancel. # 在Ubuntu 22.04上会出现这这个提示按回车继续或“Ctrl-c”取消。# 在下面命令中加上“-y”选项就没有上面的提示了 rootubuntu2204:~# add-apt-repository -y deb [archamd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu/ $(lsb_release -cs) stable Repository: deb [archamd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu/ jammy stable Description: Archive for codename: jammy components: stable More info: https://mirrors.aliyun.com/docker-ce/linux/ubuntu/ Adding repository. Adding deb entry to /etc/apt/sources.list.d/archive_uri-https_mirrors_aliyun_com_docker-ce_linux_ubuntu_-jammy.list Adding disabled deb-src entry to /etc/apt/sources.list.d/archive_uri-https_mirrors_aliyun_com_docker-ce_linux_ubuntu_-jammy.list Hit:1 https://mirrors.aliyun.com/ubuntu jammy InRelease Hit:2 https://mirrors.aliyun.com/ubuntu jammy-updates InRelease Hit:3 https://mirrors.aliyun.com/ubuntu jammy-backports InRelease Hit:4 https://mirrors.aliyun.com/ubuntu jammy-security InRelease Get:5 https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy InRelease [48.8 kB] Get:6 https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packages [23.0 kB] Fetched 71.8 kB in 3s (22.9 kB/s) Reading package lists... Done W: https://mirrors.aliyun.com/docker-ce/linux/ubuntu/dists/jammy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.# Step 4: 更新Docker-CE镜像源 rootubuntu2204:~# apt update# 安装指定版本的Docker-CE: # Step 5: 查找Docker-CE的版本: rootubuntu2204:~# apt-cache madison docker-cedocker-ce | 5:24.0.7-1~ubuntu.22.04~jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:24.0.6-1~ubuntu.22.04~jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:24.0.5-1~ubuntu.22.04~jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:24.0.4-1~ubuntu.22.04~jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:24.0.3-1~ubuntu.22.04~jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:24.0.2-1~ubuntu.22.04~jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:24.0.1-1~ubuntu.22.04~jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:24.0.0-1~ubuntu.22.04~jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:23.0.6-1~ubuntu.22.04~jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:23.0.5-1~ubuntu.22.04~jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:23.0.4-1~ubuntu.22.04~jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:23.0.3-1~ubuntu.22.04~jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:23.0.2-1~ubuntu.22.04~jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:23.0.1-1~ubuntu.22.04~jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:23.0.0-1~ubuntu.22.04~jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:20.10.24~3-0~ubuntu-jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:20.10.23~3-0~ubuntu-jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:20.10.22~3-0~ubuntu-jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:20.10.21~3-0~ubuntu-jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:20.10.20~3-0~ubuntu-jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:20.10.19~3-0~ubuntu-jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:20.10.18~3-0~ubuntu-jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:20.10.17~3-0~ubuntu-jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:20.10.16~3-0~ubuntu-jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:20.10.15~3-0~ubuntu-jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:20.10.14~3-0~ubuntu-jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packagesdocker-ce | 5:20.10.13~3-0~ubuntu-jammy | https://mirrors.aliyun.com/docker-ce/linux/ubuntu jammy/stable amd64 Packages# Step 6: 安装指定版本的Docker-CE: (VERSION例如上面的5:24.0.7-1~ubuntu.22.04~jammy) rootubuntu2204:~# apt -y install docker-ce5:24.0.7-1~ubuntu.22.04~jammy docker-ce-cli5:24.0.7-1~ubuntu.22.04~jammy# Step7: 把Docker服务设为开机启动并立即启动服务 rootubuntu2204:~# systemctl enable --now docker# 查看docker版本 rootubuntu2204:~# docker version Client: Docker Engine - CommunityVersion: 24.0.7API version: 1.43Go version: go1.20.10Git commit: afdd53bBuilt: Thu Oct 26 09:07:41 2023OS/Arch: linux/amd64Context: defaultServer: Docker Engine - CommunityEngine:Version: 24.0.7API version: 1.43 (minimum version 1.12)Go version: go1.20.10Git commit: 311b9ffBuilt: Thu Oct 26 09:07:41 2023OS/Arch: linux/amd64Experimental: falsecontainerd:Version: 1.6.26GitCommit: 3dd1e886e55dd695541fdcd67420c2888645a495runc:Version: 1.1.10GitCommit: v1.1.10-0-g18a0cb0docker-init:Version: 0.19.0GitCommit: de40ad0# 查看docker信息 rootubuntu2204:~# docker info Client: Docker Engine - CommunityVersion: 24.0.7Context: defaultDebug Mode: falsePlugins:buildx: Docker Buildx (Docker Inc.)Version: v0.11.2Path: /usr/libexec/docker/cli-plugins/docker-buildxcompose: Docker Compose (Docker Inc.)Version: v2.21.0Path: /usr/libexec/docker/cli-plugins/docker-composeServer:Containers: 0Running: 0Paused: 0Stopped: 0Images: 0Server Version: 24.0.7Storage Driver: overlay2Backing Filesystem: extfsSupports d_type: trueUsing metacopy: falseNative Overlay Diff: trueuserxattr: falseLogging Driver: json-fileCgroup Driver: systemdCgroup Version: 2Plugins:Volume: localNetwork: bridge host ipvlan macvlan null overlayLog: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslogSwarm: inactiveRuntimes: runc io.containerd.runc.v2Default Runtime: runcInit Binary: docker-initcontainerd version: 3dd1e886e55dd695541fdcd67420c2888645a495runc version: v1.1.10-0-g18a0cb0init version: de40ad0Security Options:apparmorseccompProfile: builtincgroupnsKernel Version: 5.15.0-88-genericOperating System: Ubuntu 22.04.3 LTSOSType: linuxArchitecture: x86_64CPUs: 2Total Memory: 1.883GiBName: ubuntu2204ID: fc2d51bd-9fb6-425b-8d4c-aa595e8d2697Docker Root Dir: /var/lib/dockerDebug Mode: falseExperimental: falseInsecure Registries:127.0.0.0/8Live Restore Enabled: false# 查看docker相关文件 rootubuntu2204:~# dpkg -L docker-ce /. /etc /etc/default /etc/default/docker /etc/docker /etc/init.d /etc/init.d/docker /lib /lib/systemd /lib/systemd/system /lib/systemd/system/docker.service /lib/systemd/system/docker.socket /usr /usr/bin /usr/bin/docker-proxy /usr/bin/dockerd /usr/libexec /usr/libexec/docker /usr/libexec/docker/docker-init /usr/share /usr/share/doc /usr/share/doc/docker-ce /usr/share/doc/docker-ce/README.md /usr/share/doc/docker-ce/changelog.Debian.gz解决WARNING: No swap limit support报警提示 rootubuntu2004:~# docker info ... WARNING: No swap limit support # Ubuntu 20.04和18.04安装完docker查看docker信息的时候最后一行会出现WARNING: No swap limit support报警提示rootubuntu2004:~# vim /etc/default/grub ... GRUB_CMDLINE_LINUXnet.ifnames0 biosdevname0 swapaccount1 # 在此行最后面加上“swapaccount1”参数#也可以sed直接替换 rootubuntu2004:~# sed -ri /^GRUB_CMDLINE_LINUX/s$ swapaccount1 /etc/default/grubrootubuntu2004:~# update-grub rootubuntu2004:~# rebootrootubuntu2004:~# docker info Client: Docker Engine - CommunityVersion: 24.0.7Context: defaultDebug Mode: falsePlugins:buildx: Docker Buildx (Docker Inc.)Version: v0.11.2Path: /usr/libexec/docker/cli-plugins/docker-buildxcompose: Docker Compose (Docker Inc.)Version: v2.21.0Path: /usr/libexec/docker/cli-plugins/docker-composeServer:Containers: 0Running: 0Paused: 0Stopped: 0Images: 0Server Version: 24.0.7Storage Driver: overlay2Backing Filesystem: extfsSupports d_type: trueUsing metacopy: falseNative Overlay Diff: trueuserxattr: falseLogging Driver: json-fileCgroup Driver: cgroupfsCgroup Version: 1Plugins:Volume: localNetwork: bridge host ipvlan macvlan null overlayLog: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslogSwarm: inactiveRuntimes: io.containerd.runc.v2 runcDefault Runtime: runcInit Binary: docker-initcontainerd version: 3dd1e886e55dd695541fdcd67420c2888645a495runc version: v1.1.10-0-g18a0cb0init version: de40ad0Security Options:apparmorseccompProfile: builtinKernel Version: 5.4.0-166-genericOperating System: Ubuntu 20.04.6 LTSOSType: linuxArchitecture: x86_64CPUs: 2Total Memory: 1.894GiBName: ubuntu2004ID: faa38ca4-7036-4279-a7c3-55be37ea1ecaDocker Root Dir: /var/lib/dockerDebug Mode: falseExperimental: falseInsecure Registries:127.0.0.0/8Live Restore Enabled: false# 重启后再次查看就没有WARNING: No swap limit support报警提示3.3.2 在 Rocky和CentOS 上安装 Docker 官方文档: https://docs.docker.com/install/linux/docker-ce/centos/ # step 1: 安装必要的一些系统工具 [rootrocky9 ~]# yum -y install yum-utils# Step 2: 添加软件源信息 [rootrocky9 ~]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo# Step 3: 更新Docker-CE镜像源 [rootrocky9 ~]# yum clean all 22 files removed [rootrocky9 ~]# yum makecache# 安装指定版本的Docker-CE: # Step 4: 查找Docker-CE的版本: [rootrocky9 ~]# yum list docker-ce.x86_64 --showduplicates Last metadata expiration check: 0:00:12 ago on Mon 08 Jan 2024 04:16:58 PM CST. Available Packages docker-ce.x86_64 3:20.10.15-3.el9 docker-ce-stable docker-ce.x86_64 3:20.10.16-3.el9 docker-ce-stable docker-ce.x86_64 3:20.10.17-3.el9 docker-ce-stable docker-ce.x86_64 3:20.10.18-3.el9 docker-ce-stable docker-ce.x86_64 3:20.10.19-3.el9 docker-ce-stable docker-ce.x86_64 3:20.10.20-3.el9 docker-ce-stable docker-ce.x86_64 3:20.10.21-3.el9 docker-ce-stable docker-ce.x86_64 3:20.10.22-3.el9 docker-ce-stable docker-ce.x86_64 3:20.10.23-3.el9 docker-ce-stable docker-ce.x86_64 3:20.10.24-3.el9 docker-ce-stable docker-ce.x86_64 3:23.0.0-1.el9 docker-ce-stable docker-ce.x86_64 3:23.0.1-1.el9 docker-ce-stable docker-ce.x86_64 3:23.0.2-1.el9 docker-ce-stable docker-ce.x86_64 3:23.0.4-1.el9 docker-ce-stable docker-ce.x86_64 3:23.0.5-1.el9 docker-ce-stable docker-ce.x86_64 3:23.0.6-1.el9 docker-ce-stable docker-ce.x86_64 3:24.0.0-1.el9 docker-ce-stable docker-ce.x86_64 3:24.0.1-1.el9 docker-ce-stable docker-ce.x86_64 3:24.0.2-1.el9 docker-ce-stable docker-ce.x86_64 3:24.0.3-1.el9 docker-ce-stable docker-ce.x86_64 3:24.0.4-1.el9 docker-ce-stable docker-ce.x86_64 3:24.0.5-1.el9 docker-ce-stable docker-ce.x86_64 3:24.0.6-1.el9 docker-ce-stable docker-ce.x86_64 3:24.0.7-1.el9 docker-ce-stable# Step5: 安装指定版本的Docker-CE: (VERSION例如上面的24.0.7) [rootrocky9 ~]# yum -y install docker-ce-24.0.7 docker-ce-cli-24.0.7# Step6: 把Docker服务设为开机启动并立即启动服务 [rootrocky9 ~]# systemctl enable --now docker# 查看docker版本 [rootrocky9 ~]# docker version Client: Docker Engine - CommunityVersion: 24.0.7API version: 1.43Go version: go1.20.10Git commit: afdd53bBuilt: Thu Oct 26 09:09:13 2023OS/Arch: linux/amd64Context: defaultServer: Docker Engine - CommunityEngine:Version: 24.0.7API version: 1.43 (minimum version 1.12)Go version: go1.20.10Git commit: 311b9ffBuilt: Thu Oct 26 09:07:45 2023OS/Arch: linux/amd64Experimental: falsecontainerd:Version: 1.6.26GitCommit: 3dd1e886e55dd695541fdcd67420c2888645a495runc:Version: 1.1.10GitCommit: v1.1.10-0-g18a0cb0docker-init:Version: 0.19.0GitCommit: de40ad0# 查看docker信息 [rootrocky9 ~]# docker info Client: Docker Engine - CommunityVersion: 24.0.7Context: defaultDebug Mode: falsePlugins:buildx: Docker Buildx (Docker Inc.)Version: v0.11.2Path: /usr/libexec/docker/cli-plugins/docker-buildxcompose: Docker Compose (Docker Inc.)Version: v2.21.0Path: /usr/libexec/docker/cli-plugins/docker-composeServer:Containers: 0Running: 0Paused: 0Stopped: 0Images: 0Server Version: 24.0.7Storage Driver: overlay2Backing Filesystem: xfsSupports d_type: trueUsing metacopy: falseNative Overlay Diff: trueuserxattr: falseLogging Driver: json-fileCgroup Driver: systemdCgroup Version: 2Plugins:Volume: localNetwork: bridge host ipvlan macvlan null overlayLog: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslogSwarm: inactiveRuntimes: io.containerd.runc.v2 runcDefault Runtime: runcInit Binary: docker-initcontainerd version: 3dd1e886e55dd695541fdcd67420c2888645a495runc version: v1.1.10-0-g18a0cb0init version: de40ad0Security Options:seccompProfile: builtincgroupnsKernel Version: 5.14.0-362.8.1.el9_3.x86_64Operating System: Rocky Linux 9.3 (Blue Onyx)OSType: linuxArchitecture: x86_64CPUs: 2Total Memory: 1.692GiBName: rocky9ID: caedc431-b566-4ec4-8f8e-4df65e6a657fDocker Root Dir: /var/lib/dockerDebug Mode: falseExperimental: falseInsecure Registries:127.0.0.0/8Live Restore Enabled: false# 查看docker相关文件 [rootrocky9 ~]# rpm -ql docker-ce /etc/docker /usr/bin/docker-proxy /usr/bin/dockerd /usr/lib/.build-id /usr/lib/.build-id/3e /usr/lib/.build-id/3e/25ff43da6eb38f0f2eab2aec6f97c9dd164d33 /usr/lib/.build-id/71 /usr/lib/.build-id/71/14030d8d1e2108a93658f6e3f2d1553bbae16d /usr/lib/systemd/system/docker.service /usr/lib/systemd/system/docker.socket /usr/libexec/docker/docker-init3.4 基于二进制包安装docker 本方法适用于无法上网或无法通过包安装方式安装的主机上安装docker 安装文档: https://docs.docker.com/install/linux/docker-ce/binaries/ 二进制安装下载路径 https://download.docker.com/linux/ https://mirrors.aliyun.com/docker-ce/linux/static/stable/x86_64/ [rootrocky9-2 ~]# yum -y install wget[rootrocky9-2 ~]# wget https://mirrors.aliyun.com/docker-ce/linux/static/stable/x86_64/docker-24.0.7.tgz[rootrocky9-2 ~]# tar xf docker-24.0.7.tgz [rootrocky9-2 ~]# mv docker/* /usr/bin/[rootrocky9-2 ~]# cat /lib/systemd/system/docker.service -EOF [Unit] DescriptionDocker Application Container Engine Documentationhttps://docs.docker.com Afternetwork-online.target firewalld.service Wantsnetwork-online.target[Service] Typenotify # the default is not to use systemd for cgroups because the delegate issues still # exists and systemd currently does not support the cgroup feature set required # for containers run by docker ExecStart/usr/bin/dockerd -H unix://var/run/docker.sock ExecReload/bin/kill -s HUP \$MAINPID # Having non-zero Limit*s causes performance problems due to accounting overhead # in the kernel. We recommend using cgroups to do container-local accounting. LimitNOFILEinfinity LimitNPROCinfinity LimitCOREinfinity # Uncomment TasksMax if your systemd version supports it. # Only systemd 226 and above support this version. #TasksMaxinfinity TimeoutStartSec0 # set delegate yes so that systemd does not reset the cgroups of docker containers Delegateyes # kill only the docker process, not all processes in the cgroup KillModeprocess # restart the docker process if it exits prematurely Restarton-failure StartLimitBurst3 StartLimitInterval60s[Install] WantedBymulti-user.target EOF[rootrocky9-2 ~]# systemctl daemon-reload systemctl enable --now docker# 查看docker版本 [rootrocky9-2 ~]# docker version Client:Version: 24.0.7API version: 1.43Go version: go1.20.10Git commit: afdd53bBuilt: Thu Oct 26 09:04:00 2023OS/Arch: linux/amd64Context: defaultServer: Docker Engine - CommunityEngine:Version: 24.0.7API version: 1.43 (minimum version 1.12)Go version: go1.20.10Git commit: 311b9ffBuilt: Thu Oct 26 09:05:28 2023OS/Arch: linux/amd64Experimental: falsecontainerd:Version: v1.7.6GitCommit: 091922f03c2762540fd057fba91260237ff86acbrunc:Version: 1.1.9GitCommit: v1.1.9-0-gccaecfcdocker-init:Version: 0.19.0GitCommit: de40ad0# 查看docker信息 [rootrocky9-2 ~]# docker info Client:Version: 24.0.7Context: defaultDebug Mode: falseServer:Containers: 0Running: 0Paused: 0Stopped: 0Images: 0Server Version: 24.0.7Storage Driver: overlay2Backing Filesystem: xfsSupports d_type: trueUsing metacopy: falseNative Overlay Diff: trueuserxattr: falseLogging Driver: json-fileCgroup Driver: systemdCgroup Version: 2Plugins:Volume: localNetwork: bridge host ipvlan macvlan null overlayLog: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslogSwarm: inactiveRuntimes: io.containerd.runc.v2 runcDefault Runtime: runcInit Binary: docker-initcontainerd version: 091922f03c2762540fd057fba91260237ff86acbrunc version: v1.1.9-0-gccaecfcinit version: de40ad0Security Options:seccompProfile: builtincgroupnsKernel Version: 5.14.0-362.8.1.el9_3.x86_64Operating System: Rocky Linux 9.3 (Blue Onyx)OSType: linuxArchitecture: x86_64CPUs: 2Total Memory: 1.692GiBName: rocky9-2ID: c13f9ec7-b3fc-4258-a3cc-950f70f37f71Docker Root Dir: /var/lib/dockerDebug Mode: falseExperimental: falseInsecure Registries:127.0.0.0/8Live Restore Enabled: falseProduct License: Community Engine[rootrocky9-2 ~]# pstree -p |grep docker|-dockerd(11293)--containerd(11300)--{containerd}(11301)| |-{dockerd}(11294)| |-{dockerd}(11295)| |-{dockerd}(11296)| |-{dockerd}(11297)| |-{dockerd}(11298)| |-{dockerd}(11309)| |-{dockerd}(11310)| |-{dockerd}(11311)| -{dockerd}(11312)3.5 docker 镜像加速配置 docker 镜像官方的下载站点是: https://hub.docker.com/ 从国内下载官方的镜像站点有时候会很慢因此可以更改docker配置文件添加一个加速器可以通过加速器达到加速下载镜像的目的国内有许多公司都提供了docker 加速镜像比如: 阿里云腾讯云网易云以下以阿里云为例 3.5.1 阿里云获取镜像加速地址及其它镜像加速浏览器打开https://cr.console.aliyun.com/注册或登录阿里云账号点击左侧的镜像加速器将会得到一个专属的加速地址而且下面有使用配置说明: 图1-4 阿里云获取镜像加速地址 Docker Hub 镜像加速器列表镜像加速器镜像加速器地址专属加速器其它加速Docker 中国官方镜像https://registry.docker-cn.comDocker HubDaoCloud 镜像站https://docker.m.daocloud.ioDocker HubAzure 中国镜像https://dockerhub.azk8s.cnDocker Hub、GCR、Quay科大镜像站https://docker.mirrors.ustc.edu.cnDocker Hub、GCR、Quay阿里云https://your_code.mirror.aliyuncs.com需登录系统分配Docker Hub七牛云https://reg-mirror.qiniu.comDocker Hub、GCR、Quay网易云https://hub-mirror.c.163.comDocker Hub腾讯云https://mirror.ccs.tencentyun.comDocker Hub 3.5.2 docker 镜像加速配置安装升级Docker客户端推荐安装1.10.0以上版本的Docker客户端参考文档docker-ce 配置镜像加速器针对Docker客户端版本大于 1.10.0 的用户您可以通过修改daemon配置文件/etc/docker/daemon.json来使用加速器 [rootrocky9 ~]# mkdir -p /etc/docker [rootrocky9 ~]# tee /etc/docker/daemon.json -EOF {registry-mirrors: [https://l6strdex.mirror.aliyuncs.com,https://docker.mirrors.ustc.edu.cn,https://docker.m.daocloud.io,https://registry.docker-cn.com,https://dockerhub.azk8s.cn,https://reg-mirror.qiniu.com,https://hub-mirror.c.163.com,https://mirror.ccs.tencentyun.com] } EOF[rootrocky9 ~]# systemctl daemon-reload systemctl restart docker[rootrocky9 ~]# docker info |tail -n 11Registry Mirrors:https://l6strdex.mirror.aliyuncs.com/https://docker.mirrors.ustc.edu.cn/https://docker.m.daocloud.io/https://registry.docker-cn.com/https://dockerhub.azk8s.cn/https://reg-mirror.qiniu.com/https://hub-mirror.c.163.com/https://mirror.ccs.tencentyun.com/Live Restore Enabled: false3.6 一键安装 docker 脚本 Shell脚本源码地址 Giteehttps://gitee.com/raymond9/shell Githubhttps://github.com/raymond999999/shell 可以去上面的Gitee或Github代码仓库拉取脚本。 3.6.1 基于镜像仓库一键安装docker脚本 [rootrocky9 ~]# cat install_docker_v2.sh #!/bin/bash # #******************************************************************************************************** #Author: Raymond #QQ: 88563128 #Date: 2024-01-09 #FileName: install_docker_v2.sh #URL: raymond.blog.csdn.net #Description: install_docker for CentOS 7 CentOS Stream 8/9 Ubuntu 18.04/20.04/22.04 Rocky 8/9 #Copyright (C): 2024 All rights reserved #******************************************************************************************************** COLORecho -e \\033[01;31m END\033[0m DOCKER_VERSION24.0.7 DOCKER_MAIN_VERSIONecho ${DOCKER_VERSION} | awk -F. {print $1} URLmirrors.aliyun.comos(){OS_IDsed -rn /^NAME/s.*([[:alpha:]]).*$\1p /etc/os-releaseOS_RELEASE_VERSIONsed -rn /^VERSION_ID/s.*?([0-9])\.?.*?\1p /etc/os-release }ubuntu_install_docker(){dpkg -s docker-ce /dev/null ${COLOR}Docker已安装退出${END} exit${COLOR}开始安装Docker依赖包请稍等...${END}apt update /dev/nullapt -y install apt-transport-https ca-certificates curl software-properties-common /dev/nullcurl -fsSL https://${URL}/docker-ce/linux/ubuntu/gpg | sudo apt-key add - /dev/nulladd-apt-repository -y deb [archamd64] https://${URL}/docker-ce/linux/ubuntu $(lsb_release -cs) stable /dev/null apt update /dev/null${COLOR}Docker有以下版本${END}apt-cache madison docker-ce${COLOR}10秒后即将安装Docker-${DOCKER_VERSION}版本......${END}${COLOR}如果想安装其它Docker版本请按Ctrlc键退出修改版本再执行${END}sleep 10${COLOR}开始安装Docker请稍等...${END}if [ ${DOCKER_MAIN_VERSION} 18 -o ${DOCKER_MAIN_VERSION} 19 -o ${DOCKER_MAIN_VERSION} 20 ];thenapt -y install docker-ce5:${DOCKER_VERSION}~3-0~ubuntu-$(lsb_release -cs) docker-ce-cli5:${DOCKER_VERSION}~3-0~ubuntu-$(lsb_release -cs) /dev/null || { ${COLOR}apt源失败请检查apt配置${END};exit; }elseapt -y install docker-ce5:${DOCKER_VERSION}-1~ubuntu.$(lsb_release -rs)~$(lsb_release -cs) docker-ce-cli5:${DOCKER_VERSION}-1~ubuntu.$(lsb_release -rs)~$(lsb_release -cs) /dev/null || { ${COLOR}apt源失败请检查apt配置${END};exit; }fi }centos_install_docker(){rpm -q docker-ce /dev/null ${COLOR}Docker已安装退出${END} exit${COLOR}开始安装Docker依赖包请稍等...${END}yum -y install yum-utils /dev/nullyum-config-manager --add-repo https://${URL}/docker-ce/linux/centos/docker-ce.repo /dev/nullyum clean all /dev/nullyum makecache /dev/null${COLOR}Docker有以下版本${END}yum list docker-ce.x86_64 --showduplicates${COLOR}10秒后即将安装:Docker-${DOCKER_VERSION}版本......${END}${COLOR}如果想安装其它Docker版本请按Ctrlc键退出修改版本再执行${END}sleep 10${COLOR}开始安装Docker请稍等...${END}yum -y install docker-ce-${DOCKER_VERSION} docker-ce-cli-${DOCKER_VERSION} /dev/null || { ${COLOR}yum源失败请检查yum配置${END};exit; } }mirror_accelerator(){mkdir -p /etc/dockertee /etc/docker/daemon.json -EOF {registry-mirrors: [https://l6strdex.mirror.aliyuncs.com,https://docker.mirrors.ustc.edu.cn,https://docker.m.daocloud.io,https://registry.docker-cn.com,https://dockerhub.azk8s.cn,https://reg-mirror.qiniu.com,https://hub-mirror.c.163.com,https://mirror.ccs.tencentyun.com] } EOFsystemctl daemon-reloadsystemctl enable --now docker /dev/nullsystemctl is-active docker /dev/null ${COLOR}Docker 服务启动成功${END} || { ${COLOR}Docker 启动失败${END};exit; }docker version ${COLOR}Docker 安装成功${END} || ${COLOR}Docker 安装失败${END} }set_alias(){echo alias rmidocker images -qa|xargs docker rmi -f ~/.bashrcecho alias rmcdocker ps -qa|xargs docker rm -f ~/.bashrc }set_swap_limit(){if [ ${OS_RELEASE_VERSION} 18 -o ${OS_RELEASE_VERSION} 20 ];then${COLOR}设置Docker的WARNING: No swap limit support警告${END}sed -ri /^GRUB_CMDLINE_LINUX/s$ swapaccount1 /etc/default/grubupdate-grub /dev/null${COLOR}10秒后机器会自动重启!${END}sleep 10rebootfi }main(){osif [ ${OS_ID} CentOS -o ${OS_ID} Rocky ] /dev/null;thencentos_install_dockerelseubuntu_install_dockerfimirror_acceleratorset_aliasset_swap_limit }main3.6.2 基于二进制包一键安装docker脚本 [rootrocky9 ~]# cat install_docker_binary_v2.sh #!/bin/bash # #************************************************************************************************************* #Author: Raymond #QQ: 88563128 #Date: 2024-01-09 #FileName: install_docker_binary_v2.sh #URL: raymond.blog.csdn.net #Description: install_docker_binary CentOS 7 CentOS Stream 8/9 Ubuntu 18.04/20.04/22.04 Rocky 8/9 #Copyright (C): 2021 All rights reserved #************************************************************************************************************* SRC_DIR/usr/local/src COLORecho -e \\033[01;31m END\033[0m URLhttps://mirrors.aliyun.com/docker-ce/linux/static/stable/x86_64/ DOCKER_FILEdocker-24.0.7.tgzos(){OS_IDsed -rn /^NAME/s.*([[:alpha:]]).*$\1p /etc/os-releaseOS_RELEASE_VERSIONsed -rn /^VERSION_ID/s.*?([0-9])\.?.*?\1p /etc/os-release }check_file (){cd ${SRC_DIR}if [ ${OS_ID} CentOS -o ${OS_ID} Rocky ] /dev/null;thenrpm -q wget /dev/null || { ${COLOR}安装wget工具请稍等...${END};yum -y install wget /dev/null; }fiif [ ! -e ${DOCKER_FILE} ];then${COLOR}缺少${DOCKER_FILE}文件,如果是离线包,请把文件放到${SRC_DIR}目录下${END}${COLOR}开始下载Docker二进制安装包${END}wget ${URL}${DOCKER_FILE} || { ${COLOR}Docker二进制安装包下载失败${END}; exit; } else${COLOR}相关文件已准备好${END}fi }install(){ [ -f /usr/bin/docker ] { ${COLOR}Docker已存在安装失败${END};exit; }${COLOR}开始安装Docker请稍等...${END}tar xf ${DOCKER_FILE} mv docker/* /usr/bin/cat /lib/systemd/system/docker.service -EOF [Unit] DescriptionDocker Application Container Engine Documentationhttps://docs.docker.com Afternetwork-online.target firewalld.service Wantsnetwork-online.target[Service] Typenotify # the default is not to use systemd for cgroups because the delegate issues still # exists and systemd currently does not support the cgroup feature set required # for containers run by docker ExecStart/usr/bin/dockerd -H unix://var/run/docker.sock ExecReload/bin/kill -s HUP \$MAINPID # Having non-zero Limit*s causes performance problems due to accounting overhead # in the kernel. We recommend using cgroups to do container-local accounting. LimitNOFILEinfinity LimitNPROCinfinity LimitCOREinfinity # Uncomment TasksMax if your systemd version supports it. # Only systemd 226 and above support this version. #TasksMaxinfinity TimeoutStartSec0 # set delegate yes so that systemd does not reset the cgroups of docker containers Delegateyes # kill only the docker process, not all processes in the cgroup KillModeprocess # restart the docker process if it exits prematurely Restarton-failure StartLimitBurst3 StartLimitInterval60s[Install] WantedBymulti-user.target EOFmkdir -p /etc/dockertee /etc/docker/daemon.json -EOF {registry-mirrors: [https://l6strdex.mirror.aliyuncs.com,https://docker.mirrors.ustc.edu.cn,https://docker.m.daocloud.io,https://registry.docker-cn.com,https://dockerhub.azk8s.cn,https://reg-mirror.qiniu.com,https://hub-mirror.c.163.com,https://mirror.ccs.tencentyun.com] } EOFecho alias rmidocker images -qa|xargs docker rmi -f ~/.bashrcecho alias rmcdocker ps -qa|xargs docker rm -f ~/.bashrcsystemctl daemon-reloadsystemctl enable --now docker /dev/nullsystemctl is-active docker /dev/null ${COLOR}Docker 服务启动成功${END} || { ${COLOR}Docker 启动失败${END};exit; }docker version ${COLOR}Docker 安装成功${END} || ${COLOR}Docker 安装失败${END} }set_swap_limit(){if [ ${OS_RELEASE_VERSION} 18 -o ${OS_RELEASE_VERSION} 20 ];then${COLOR}设置Docker的WARNING: No swap limit support警告${END}sed -ri /^GRUB_CMDLINE_LINUX/s$ swapaccount1 /etc/default/grubupdate-grub /dev/null${COLOR}10秒后机器会自动重启!${END}sleep 10rebootfi }main(){oscheck_fileinstallset_swap_limit }mainStartLimitBurst3 StartLimitInterval60s [Install] WantedBymulti-user.target EOF mkdir -p /etc/docker tee /etc/docker/daemon.json -‘EOF’ { “registry-mirrors”: [ “https://l6strdex.mirror.aliyuncs.com”, “https://docker.mirrors.ustc.edu.cn”, “https://docker.m.daocloud.io”, “https://registry.docker-cn.com”, “https://dockerhub.azk8s.cn”, “https://reg-mirror.qiniu.com”, “https://hub-mirror.c.163.com”, “https://mirror.ccs.tencentyun.com” ] } EOF echo ‘alias rmi“docker images -qa|xargs docker rmi -f”’ ~/.bashrc echo ‘alias rmc“docker ps -qa|xargs docker rm -f”’ ~/.bashrc systemctl daemon-reload systemctl enable --now docker /dev/null systemctl is-active docker /dev/null C O L O R D o c k e r 服务启动成功 {COLOR}Docker 服务启动成功 COLORDocker服务启动成功{END} || { C O L O R D o c k e r 启动失败 {COLOR}Docker 启动失败 COLORDocker启动失败{END};exit; } docker version C O L O R D o c k e r 安装成功 {COLOR}Docker 安装成功 COLORDocker安装成功{END} || C O L O R D o c k e r 安装失败 {COLOR}Docker 安装失败 COLORDocker安装失败{END} } set_swap_limit(){ if [ ${OS_RELEASE_VERSION} “18” -o ${OS_RELEASE_VERSION} “20” ];then C O L O R ′ 设置 D o c k e r 的 W A R N I N G : N o s w a p l i m i t s u p p o r t 警告 ′ {COLOR}设置Docker的WARNING: No swap limit support警告 COLOR′设置Docker的WARNING:Noswaplimitsupport警告′{END} sed -ri ‘/^GRUB_CMDLINE_LINUX/s“$ swapaccount1”’ /etc/default/grub update-grub /dev/null C O L O R 10 秒后机器会自动重启 ! {COLOR}10秒后机器会自动重启! COLOR10秒后机器会自动重启!{END} sleep 10 reboot fi } main(){ os check_file install set_swap_limit } main

查看全文

http://www.pierceye.com/news/617420/