Docker是一个开源的应用容器引擎,它允许开发者打包他们的应用以及应用的运行环境到一个可移植的容器中。
env
- docker-v19.03.5
- docker-compose-v2.19.0
- 支持systemd系统
download
脚本i_docker.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
| #!/bin/bash
set -eu
#define docker-ce
export docker_version=${1:-docker-19.03.5.tgz}
#下载docker/docker-compose资源
wget -O $docker_version http://172.24.20.1:8000/sh/src/$docker_version
wget -O docker-compose http://172.24.20.1:8000/sh/src/docker-compose-Linux-x86_64
test ! -e $docker_version && echo "not exist!!!" && exit 9
#setup
tar zxf $docker_version && mv docker/* /usr/bin/
chmod +x docker-compose && mv docker-compose /usr/bin/
#iptables
cat > /etc/sysctl.d/docker.conf <<-'EOF'
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF
sysctl --system
#docker_mirrors
test ! -d /etc/docker && mkdir -p /etc/docker
cat >/etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors":["https://jnxt8d8b.mirror.aliyuncs.com"]
}
EOF
#systemd config
cat >/usr/lib/systemd/system/docker.service <<-'EOF'
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H unix://var/run/docker.sock
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
LimitMEMLOCK=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=30
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target
EOF
#start
systemctl daemon-reload && systemctl restart docker && systemctl enable docker.service
#testing
systemctl status docker && docker info
|