- 规划节点
Docker部署节点规划如下表所示:
|----------------|--------|----------|
| IP | 主机名 | 节点 |
| 192.168.100.10 | master | Docker节点 |
- 基础准备
所有节点安装CentOS7.9_2009系统,并配置主机名和网卡。
配置主机名和网卡
bash
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=1f637ed7-8149-4c10-b9ec-ef4e8ac4a489
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.100.10
NETMASK=255.255.255.0
GATEWAY=192.168.100.2
DNS1=8.8.8.8
[root@localhost ~]# hostnamectl set-hostname master
[root@localhost ~]# su
[root@master ~]# hostnamectl
Static hostname: master
Icon name: computer-vm
Chassis: vm
Machine ID: 9f42b0fc9dda47ff94338acf8052f2ef
Boot ID: 90afd45aef1b4c8b862038f2cb0fa1bb
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-1160.el7.x86_64
Architecture: x86-64
[root@master ~]#
(一) 在线安装docker
1.检测、配置安装环境
查看linux版本,是否符合>centos 7
bash
[root@master ~]# uname -r
3.10.0-1160.el7.x86_64
查看网络是否通畅
安装gcc,gcc-c++编译器
bash
[root@master ~]# ping www.baidu.com
[root@master ~]# yum -y install gcc-c++
安装device-mapper-persistent-data和lvm2工具
bash
[root@master ~]# yum install yum-utils device-mapper-persistent-data lvm2
换阿里云的源
bash
[root@master ~]# yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum 索引重建,提高安装速度
bash
[root@master ~]# yum makecache fast
安装docker
bash
[root@master ~]# yum install -y docker-ce docker-ce-cli containerd.io
启动
bash
[root@master ~]# systemctl start docker
检测版本
运行hello-world
(二)离线安装Docker
卸载Docker
bash
[root@master ~]# yum remove docker-ce docker-ce-cli containerd.io
[root@master ~]# rm -rf /var/lib/docker/
1. 基础环境配置
(1)配置YUM源
将提供的压缩包Docker.tar.gz上传至/root目录并解压。
bash
[root@master ~]# tar -zxvf Docker.tar.gz
配置本地YUM源。
bash
[root@master ~]# mkdir /opt/centos
[root@master ~]# mount /dev/sr0 /opt/centos/
mount: /dev/sr0 is write-protected, mounting read-only
[root@master ~]# mv /etc/yum.repos.d/* /media/
[root@master ~]# vi /etc/yum.repos.d/local.repo
[root@master ~]# cat /etc/yum.repos.d/local.repo
[centos]
name=centos
baseurl=file:///opt/centos
gpgcheck=0
enabled=1
[Docker]
name=docker
baseurl=file:///root/Docker
gpgcheck=0
enabled=1
(2)配置防火墙及SELinux
配置防火墙及SELinux,示例代码如下:
bash
[root@master ~]# systemctl stop firewalld && systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@master ~]# iptables -F
[root@master ~]# iptables -X
[root@master ~]# iptables -Z
[root@master ~]# iptables-save
# Generated by iptables-save v1.4.21 on Thu Mar 21 04:06:14 2024
*filter
:INPUT ACCEPT [20:1280]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [11:968]
COMMIT
# Completed on Thu Mar 21 04:06:14 2024
[root@master ~]# vi /etc/selinux/config
[root@master ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
(4)开启路由转发
bash
[root@master ~]# cat >> /etc/sysctl.conf << EOF
> net.ipv4.ip_forward=1
> net.bridge.bridge-nf-call-ip6tables = 1
> net.bridge.bridge-nf-call-iptables = 1
> EOF
[root@master ~]# modprobe br_netfilter
[root@master ~]# sysctl -p
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
2. Docker引擎安装
(1)安装依赖包
yum-utils提供了yum-config-manager的依赖包,device-mapper-persistent-data和lvm2are需要 devicemapper存储驱动。
bash
[root@master ~]# yum install -y yum-utils device-mapper-persistent-data
(2)安装docker-ce
随着Docker的不断流行与发展,Docker组织也开启了商业化之路,Docker从17.03版本之后分为CE (CommunityEdition)和EE(EnterpriseEdition)两个版本。
Docker EE专为企业的发展和IT团队建立,为企业提供最安全的容器平台,以应用为中心的平台,有专 门的团队支持,可在经过认证的操作系统和云提供商中使用,并可运行来自DockerStore的经过认证的容器 和插件。
Docker CE是免费的Docker产品的新名称,Docker CE包含了完整的Docker平台,非常适合开发人员 和运维团队构建容器APP。此处安装指定版本的Docker CE。
bash
[root@master ~]# yum install docker-ce docker-ce-cli containerd.io -y
3. 启动Docker
启动Docker并设置开机自启。
bash
[root@master ~]# systemctl daemon-reload
[root@master ~]# systemctl restart docker
[root@master ~]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
查看Docker的系统信息。