centos7.9离线安装docker

#docker 官方下载地址
https://download.docker.com/linux/static/stable/
#进入网站后根据自己服务器架构选择对应安装包下载

#解压安装包
[qds@kubernetes ~]$ tar -zxvf docker-23.0.3.tgz 
docker/
docker/docker-proxy
docker/containerd-shim-runc-v2
docker/ctr
docker/docker
docker/docker-init
docker/runc
docker/dockerd
docker/containerd
[qds@kubernetes ~]$ 

#拷贝安装包到系统路径下
[qds@kubernetes ~]$ sudo cp -r docker/* /usr/bin/

dockerd 启动

应用生产环境极不推荐，测试环境无所谓。

dockerd &

systemctl 管理docker需要编写三个配置文件，粘贴下列配置信息即可。

• docker.service
• docker.socket
• containerd.service

配置信息

/usr/lib/systemd/system/docker.service

Unit

Description=Docker Application Container Engine

Documentation=https://docs.docker.com

After=network-online.target docker.socket firewalld.service containerd.service time-set.target

Wants=network-online.target containerd.service

Requires=docker.socket

Service

Type=notify

the default is not to use systemd for cgroups because the delegate issues still

exists and systemd currently does not support the cgroup feature set required

for containers run by docker

ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --data-root /docker/data

ExecReload=/bin/kill -s HUP $MAINPID

TimeoutStartSec=0

RestartSec=2

Restart=always

Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.

Both the old, and new location are accepted by systemd 229 and up, so using the old location

to make them work for either version of systemd.

StartLimitBurst=3

Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.

Both the old, and new name are accepted by systemd 230 and up, so using the old name to make

this option work for either version of systemd.

StartLimitInterval=60s

Having non-zero Limit*s causes performance problems due to accounting overhead

in the kernel. We recommend using cgroups to do container-local accounting.

LimitNOFILE=infinity

LimitNPROC=infinity

LimitCORE=infinity

Comment TasksMax if your systemd version does not support it.

Only systemd 226 and above support this option.

TasksMax=infinity

set delegate yes so that systemd does not reset the cgroups of docker containers

Delegate=yes

kill only the docker process, not all processes in the cgroup

KillMode=process

OOMScoreAdjust=-500

Install

WantedBy=multi-user.target

/usr/lib/systemd/system/docker.socket

Unit

Description=Docker Socket for the API

Socket

If /var/run is not implemented as a symlink to /run, you may need to

specify ListenStream=/var/run/docker.sock instead.

ListenStream=/var/run/docker.sock

SocketMode=0660

SocketUser=root

SocketGroup=docker

Install

WantedBy=sockets.target

/usr/lib/systemd/system/containerd.service

/usr/lib/systemd/system/containerd.service

Copyright The containerd Authors.

Licensed under the Apache License, Version 2.0 (the "License");

you may not use this file except in compliance with the License.

You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software

distributed under the License is distributed on an "AS IS" BASIS,

WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

See the License for the specific language governing permissions and

limitations under the License.

Unit

Description=containerd container runtime

Documentation=https://containerd.io

After=network.target local-fs.target

Service

ExecStartPre=-/sbin/modprobe overlay

ExecStart=/usr/bin/containerd

Type=notify

Delegate=yes

KillMode=process

Restart=always

RestartSec=5

Having non-zero Limit*s causes performance problems due to accounting overhead

in the kernel. We recommend using cgroups to do container-local accounting.

LimitNPROC=infinity

LimitCORE=infinity

LimitNOFILE=infinity

Comment TasksMax if your systemd version does not supports it.

Only systemd 226 and above support this version.

TasksMax=infinity

OOMScoreAdjust=-999

Install

WantedBy=multi-user.target

重新加载systemctl配置文件

[qds@kubernetes ~]$ sudo systemctl daemon-reload

创建docker用户组

[qds@kubernetes ~]$ sudo groupadd docker 

将操作用户添加到docker组

[qds@kubernetes ~]$ sudo usermod -aG docker qds

知识扩展

-a|--append ：把用户追加到某些组中，仅与-G选项一起使用。

-G|--groups：修改用户的附加组，会覆盖之前的附加组。

-g|--gid：修改用户的主组（pid）

配置自启动、启动服务

[qds@kubernetes ~]$ sudo systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[qds@kubernetes ~]$ sudo systemctl enable containerd
Created symlink from /etc/systemd/system/multi-user.target.wants/containerd.service to /usr/lib/systemd/system/containerd.service.
[qds@kubernetes ~]$ sudo systemctl start docker

打印docker版本验证服务状态 (示例)

[qds@kubernetes ~]$ docker version
Client:
 Version:           23.0.3
 API version:       1.42
 Go version:        go1.19.7
 Git commit:        3e7cbfd
 Built:             Tue Apr  4 22:02:08 2023
 OS/Arch:           linux/amd64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          23.0.3
  API version:      1.42 (minimum version 1.12)
  Go version:       go1.19.7
  Git commit:       59118bf
  Built:            Tue Apr  4 22:05:02 2023
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          v1.6.20
  GitCommit:        2806fc1057397dbaeefbea0e4e17bddfbd388f38
 runc:
  Version:          1.1.5
  GitCommit:        v1.1.5-0-gf19387a
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad