离线安装docker

背景描述

项目需要在研发环境虚拟机上安装docker部署应用。

所在的服务器是一个内网，无法访问到外网环境。

服务器OS版本是 麒麟V10 linux

安装docker

安装包下载

获取所需版本的docker binary包，官方链接https://download.docker.com/linux/static/stable/x86_64/.

我下载的是docker-26.1.4.tgz版本

解压压缩包，并把文件放在/usr/bin/

tar -zxvf docker-26.1.4.tgz 
sudo cp docker/* /usr/bin/

新增用户组 docker。其他用户需要有docker的执行权限，只需将用户加入docker用户组即可

$ sudo groupadd docker
$ sudo usermod -aG docker $USER

编写docker.service文件，放到目录/etc/systemd/system

[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target

启动docker service,并设置开机自启动

$ sudo chmod +x /etc/systemd/system/docker.service
$ sudo systemctl daemon-reload
$ sudo systemctl start docker
$ sudo systemctl enable docker

验证

 sudo systemctl status docker

使用docker ps命令报错

[appadmin@iomapp ~]$ docker ps
permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.45/containers/json": dial unix /var/run/docker.sock: connect: permission denied

检查是否将用户加入docker用户组，并且需要重新登录用户才能生效。

保存镜像进行打包，在另一台服务上使用

docker save -o nginx_latestx86.tar  nginx:lastest

在另一台服务器上，docker加载tar包

docker load -i nginx_latestx86.tar

测试启动nginx镜像，但是启动后访问nginx无反应参考

Docker：解决宿主机无法访问docker容器中nginx服务-CSDN博客