openEuler22.03LTS系统升级docker至26.1.4以支持启用ip6tables功能

本文记录了openEuler22.03LTS将docker升级由18.09.0升级至26.1.4的过程(当前docker最新版本为27.5.1,生产环境为保障稳定性,选择升级到上一个大版本26的最新小版本)。

一、现有环境

1、系统版本
bash 复制代码
[root@localhost opt]# cat /etc/os-release 
NAME="openEuler"
VERSION="22.03 LTS"
ID="openEuler"
VERSION_ID="22.03"
PRETTY_NAME="openEuler 22.03 LTS"
ANSI_COLOR="0;31"
2、docker版本
bash 复制代码
[root@localhost opt]# docker --version
Docker version 18.09.0, build 4ca0e26

二、升级准备

1、卸载现有版本
bash 复制代码
[root@localhost opt]# yum  remove docker -y      
Dependencies resolved.
=========================================================================================================================================================================================================================================
 Package                                                   Architecture                                       Version                                                          Repository                                           Size
=========================================================================================================================================================================================================================================
Removing:
 docker-engine                                             x86_64                                             2:18.09.0-335.oe2203                                             @update                                             160 M

Transaction Summary
=========================================================================================================================================================================================================================================
Remove  1 Package

Freed space: 160 M
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                                                                                                                 1/1 
  Running scriptlet: docker-engine-2:18.09.0-335.oe2203.x86_64                                                                                                                                                                       1/1 
Removed /etc/systemd/system/multi-user.target.wants/docker.service.

  Erasing          : docker-engine-2:18.09.0-335.oe2203.x86_64                                                                                                                                                                       1/1 
  Running scriptlet: docker-engine-2:18.09.0-335.oe2203.x86_64                                                                                                                                                                       1/1 
  Verifying        : docker-engine-2:18.09.0-335.oe2203.x86_64                                                                                                                                                                       1/1 

Removed:
  docker-engine-2:18.09.0-335.oe2203.x86_64                                                                                                                                                                                              

Complete!
2、从docker官网下载目标软件包

下载链接:

docker-26.1.4官网下载

下载实作

bash 复制代码
[root@localhost opt]# wget https://download.docker.com/linux/static/stable/x86_64/docker-26.1.4.tgz
--2025-02-07 13:45:27--  https://download.docker.com/linux/static/stable/x86_64/docker-26.1.4.tgz
正在解析主机 download.docker.com (download.docker.com)... 3.170.229.46, 3.170.229.96, 3.170.229.111, ...
正在连接 download.docker.com (download.docker.com)|3.170.229.46|:443... 已连接。
已发出 HTTP 请求,正在等待回应... 200 OK
长度:73759281 (70M) [application/x-tar]
正在保存至: "docker-26.1.4.tgz"

docker-26.1.4.tgz                                        100%[=====================================================================================================================================>]  70.34M   245KB/s  用时 4m 41s  

2025-02-07 13:50:09 (256 KB/s) - 已保存 "docker-26.1.4.tgz" [73759281/73759281])
[root@localhost opt]# ll
..
-rw-r--r--. 1 root root  71M  6月 18  2024 docker-26.1.4.tgz

三、升级软件

1、解压软件包
bash 复制代码
[root@localhost opt]# tar -xzvf docker-26.1.4.tgz 
docker/
docker/docker-init
docker/docker-proxy
docker/docker
docker/containerd-shim-runc-v2
docker/runc
docker/ctr
docker/dockerd
docker/containerd
[root@localhost opt]# ll docker
总用量 190M
-rwxr-xr-x. 1 AAAA AAAA  38M  6月  5  2024 containerd
-rwxr-xr-x. 1 AAAA AAAA  12M  6月  5  2024 containerd-shim-runc-v2
-rwxr-xr-x. 1 AAAA AAAA  19M  6月  5  2024 ctr
-rwxr-xr-x. 1 AAAA AAAA  37M  6月  5  2024 docker
-rwxr-xr-x. 1 AAAA AAAA  68M  6月  5  2024 dockerd
-rwxr-xr-x. 1 AAAA AAAA 692K  6月  5  2024 docker-init
-rwxr-xr-x. 1 AAAA AAAA 1.9M  6月  5  2024 docker-proxy
-rwxr-xr-x. 1 AAAA AAAA  15M  6月  5  2024 runc
2、复制文件到/usr/bin目录
bash 复制代码
[root@localhost opt]# cp docker/* /usr/bin
3、编写service文件
bash 复制代码
[root@localhost opt]# vi docker.service
...
[root@localhost opt]# cat docker.service 
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target

[Service]
Environment="HTTP_PROXY=http://192.168.80.1:50691"
Environment="HTTPS_PROXY=http://192.168.80.1:50691"
Type=notify
EnvironmentFile=-/etc/sysconfig/docker
EnvironmentFile=-/etc/sysconfig/docker-storage
EnvironmentFile=-/etc/sysconfig/docker-network
Environment=GOTRACEBACK=crash

ExecStart=/usr/bin/dockerd $OPTIONS \
                           $DOCKER_STORAGE_OPTIONS \
                           $DOCKER_NETWORK_OPTIONS \
                           $INSECURE_REGISTRY
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process

Restart=on-failure 
StartLimitBurst=3 
StartLimitInterval=60s 

[Install]
WantedBy=multi-user.target
4、将service文件复制到相应文件夹
bash 复制代码
[root@localhost opt]# chmod 644 docker.service
[root@localhost opt]# cp docker.service /usr/lib/systemd/system/docker.service
5、启动服务
bash 复制代码
[root@localhost opt]# systemctl daemon-reload
[root@localhost opt]# systemctl start docker
[root@localhost opt]# systemctl enable docker
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.
6、验证版本
bash 复制代码
[root@localhost opt]# docker --version
Docker version 26.1.4, build 5650f9b
[root@localhost opt]# docker version
Client:
 Version:           26.1.4
 API version:       1.45
 Go version:        go1.21.11
 Git commit:        5650f9b
 Built:             Wed Jun  5 11:27:57 2024
 OS/Arch:           linux/amd64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          26.1.4
  API version:      1.45 (minimum version 1.24)
  Go version:       go1.21.11
  Git commit:       de5c9cf
  Built:            Wed Jun  5 11:29:25 2024
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          v1.7.18
  GitCommit:        ae71819c4f5e67bb4d5ae76a6b735f29cc25774e
 runc:
  Version:          1.1.12
  GitCommit:        v1.1.12-0-g51d5e94
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

升级成功。

四、验证启用ip6tables功能

本次升级旨在解决openEuler22.03LTS原生docker不支持ip6tables的问题,,(docker engine 的版本从20.10.2及以上才开始支持ip6tables,这里ip6tables指由docker自动配置 IPv6 的防火墙规则。)

低版本docker引擎配置启用ip6tables,会出现以下报错日志无法启动

....systemd[1]: Starting Docker Application Container Engine...

...dockerd[5597]: unable to configure the Docker daemon with file /etc/docker/daemon.jso>

...systemd[1]: docker.service: Main process exited, code=exited, status=1/FAILURE

...systemd[1]: docker.service: Failed with result 'exit-code'.

...: Failed to start Docker Application Container Engine.

...: Starting Docker Application Container Engine...

测试配置启用ip6tables并重启服务

bash 复制代码
[root@localhost opt]# vi /etc/docker/daemon.json
[root@localhost opt]# cat /etc/docker/daemon.json
{
    "ipv6": true,
    "fixed-cidr-v6": "2001:db8:1::/64",
    "experimental":true,
    "ip6tables": true
}
[root@localhost opt]# systemctl restart docker

正常通过。

相关推荐
对你无可奈何1 分钟前
高可用环境下Nginx服务管理脚本优化实践
linux·运维·nginx
前端白袍28 分钟前
性能优化:服务器性能影响网站加载速度分析
运维·服务器·性能优化
无聊的烤苕皮37 分钟前
RHCE(RHCSA复习:npm、dnf、源码安装实验)
linux·npm·云计算·dnf·rhcsa
xxxx1234451 小时前
Linux驱动开发-①pinctrl 和 gpio 子系统②并发和竞争③内核定时器
linux·驱动开发·单片机
stone08231 小时前
ABAP语言的动态编程(4) - 综合案例:管理费用明细表
linux·运维·服务器
厂里英才1 小时前
docker无法正常拉取镜像问题的解决
linux·docker
mljy.1 小时前
Linux《进度条》
linux
顾林海1 小时前
解锁Android应用进程启动:从代码到原理深度剖析
android·linux·操作系统
ღ星ღ2 小时前
网络编程基础
运维·服务器·网络
过客WZX2 小时前
Ubuntu24.04下管理自己的ssh连接
运维·服务器·ssh