openEuler22.03LTS系统升级docker至26.1.4以支持启用ip6tables功能

forestqq2025-02-12 0:09

本文记录了openEuler22.03LTS将docker升级由18.09.0升级至26.1.4的过程(当前docker最新版本为27.5.1,生产环境为保障稳定性,选择升级到上一个大版本26的最新小版本)。

一、现有环境

1、系统版本
bash 复制代码 
[root@localhost opt]# cat /etc/os-release 
NAME="openEuler"
VERSION="22.03 LTS"
ID="openEuler"
VERSION_ID="22.03"
PRETTY_NAME="openEuler 22.03 LTS"
ANSI_COLOR="0;31"
2、docker版本
bash 复制代码 
[root@localhost opt]# docker --version
Docker version 18.09.0, build 4ca0e26

二、升级准备

1、卸载现有版本
bash 复制代码 
[root@localhost opt]# yum  remove docker -y      
Dependencies resolved.
=========================================================================================================================================================================================================================================
 Package                                                   Architecture                                       Version                                                          Repository                                           Size
=========================================================================================================================================================================================================================================
Removing:
 docker-engine                                             x86_64                                             2:18.09.0-335.oe2203                                             @update                                             160 M

Transaction Summary
=========================================================================================================================================================================================================================================
Remove  1 Package

Freed space: 160 M
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                                                                                                                 1/1 
  Running scriptlet: docker-engine-2:18.09.0-335.oe2203.x86_64                                                                                                                                                                       1/1 
Removed /etc/systemd/system/multi-user.target.wants/docker.service.

  Erasing          : docker-engine-2:18.09.0-335.oe2203.x86_64                                                                                                                                                                       1/1 
  Running scriptlet: docker-engine-2:18.09.0-335.oe2203.x86_64                                                                                                                                                                       1/1 
  Verifying        : docker-engine-2:18.09.0-335.oe2203.x86_64                                                                                                                                                                       1/1 

Removed:
  docker-engine-2:18.09.0-335.oe2203.x86_64                                                                                                                                                                                              

Complete!
2、从docker官网下载目标软件包

下载链接:

docker-26.1.4官网下载

下载实作

bash 复制代码 
[root@localhost opt]# wget https://download.docker.com/linux/static/stable/x86_64/docker-26.1.4.tgz
--2025-02-07 13:45:27--  https://download.docker.com/linux/static/stable/x86_64/docker-26.1.4.tgz
正在解析主机 download.docker.com (download.docker.com)... 3.170.229.46, 3.170.229.96, 3.170.229.111, ...
正在连接 download.docker.com (download.docker.com)|3.170.229.46|:443... 已连接。
已发出 HTTP 请求,正在等待回应... 200 OK
长度:73759281 (70M) [application/x-tar]
正在保存至: "docker-26.1.4.tgz"

docker-26.1.4.tgz                                        100%[=====================================================================================================================================>]  70.34M   245KB/s  用时 4m 41s  

2025-02-07 13:50:09 (256 KB/s) - 已保存 "docker-26.1.4.tgz" [73759281/73759281])
[root@localhost opt]# ll
..
-rw-r--r--. 1 root root  71M  6月 18  2024 docker-26.1.4.tgz

三、升级软件

1、解压软件包
bash 复制代码 
[root@localhost opt]# tar -xzvf docker-26.1.4.tgz 
docker/
docker/docker-init
docker/docker-proxy
docker/docker
docker/containerd-shim-runc-v2
docker/runc
docker/ctr
docker/dockerd
docker/containerd
[root@localhost opt]# ll docker
总用量 190M
-rwxr-xr-x. 1 AAAA AAAA  38M  6月  5  2024 containerd
-rwxr-xr-x. 1 AAAA AAAA  12M  6月  5  2024 containerd-shim-runc-v2
-rwxr-xr-x. 1 AAAA AAAA  19M  6月  5  2024 ctr
-rwxr-xr-x. 1 AAAA AAAA  37M  6月  5  2024 docker
-rwxr-xr-x. 1 AAAA AAAA  68M  6月  5  2024 dockerd
-rwxr-xr-x. 1 AAAA AAAA 692K  6月  5  2024 docker-init
-rwxr-xr-x. 1 AAAA AAAA 1.9M  6月  5  2024 docker-proxy
-rwxr-xr-x. 1 AAAA AAAA  15M  6月  5  2024 runc
2、复制文件到/usr/bin目录
bash 复制代码 
[root@localhost opt]# cp docker/* /usr/bin
3、编写service文件
bash 复制代码 
[root@localhost opt]# vi docker.service
...
[root@localhost opt]# cat docker.service 
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target

[Service]
Environment="HTTP_PROXY=http://192.168.80.1:50691"
Environment="HTTPS_PROXY=http://192.168.80.1:50691"
Type=notify
EnvironmentFile=-/etc/sysconfig/docker
EnvironmentFile=-/etc/sysconfig/docker-storage
EnvironmentFile=-/etc/sysconfig/docker-network
Environment=GOTRACEBACK=crash

ExecStart=/usr/bin/dockerd $OPTIONS \
                           $DOCKER_STORAGE_OPTIONS \
                           $DOCKER_NETWORK_OPTIONS \
                           $INSECURE_REGISTRY
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process

Restart=on-failure 
StartLimitBurst=3 
StartLimitInterval=60s 

[Install]
WantedBy=multi-user.target
4、将service文件复制到相应文件夹
bash 复制代码 
[root@localhost opt]# chmod 644 docker.service
[root@localhost opt]# cp docker.service /usr/lib/systemd/system/docker.service
5、启动服务
bash 复制代码 
[root@localhost opt]# systemctl daemon-reload
[root@localhost opt]# systemctl start docker
[root@localhost opt]# systemctl enable docker
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.
6、验证版本
bash 复制代码 
[root@localhost opt]# docker --version
Docker version 26.1.4, build 5650f9b
[root@localhost opt]# docker version
Client:
 Version:           26.1.4
 API version:       1.45
 Go version:        go1.21.11
 Git commit:        5650f9b
 Built:             Wed Jun  5 11:27:57 2024
 OS/Arch:           linux/amd64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          26.1.4
  API version:      1.45 (minimum version 1.24)
  Go version:       go1.21.11
  Git commit:       de5c9cf
  Built:            Wed Jun  5 11:29:25 2024
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          v1.7.18
  GitCommit:        ae71819c4f5e67bb4d5ae76a6b735f29cc25774e
 runc:
  Version:          1.1.12
  GitCommit:        v1.1.12-0-g51d5e94
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

升级成功。

四、验证启用ip6tables功能

本次升级旨在解决openEuler22.03LTS原生docker不支持ip6tables的问题,,(docker engine 的版本从20.10.2及以上才开始支持ip6tables,这里ip6tables指由docker自动配置 IPv6 的防火墙规则。)

低版本docker引擎配置启用ip6tables,会出现以下报错日志无法启动

....systemd[1]: Starting Docker Application Container Engine...

...dockerd[5597]: unable to configure the Docker daemon with file /etc/docker/daemon.jso>

...systemd[1]: docker.service: Main process exited, code=exited, status=1/FAILURE

...systemd[1]: docker.service: Failed with result 'exit-code'.

...: Failed to start Docker Application Container Engine.

...: Starting Docker Application Container Engine...

测试配置启用ip6tables并重启服务

bash 复制代码 
[root@localhost opt]# vi /etc/docker/daemon.json
[root@localhost opt]# cat /etc/docker/daemon.json
{
    "ipv6": true,
    "fixed-cidr-v6": "2001:db8:1::/64",
    "experimental":true,
    "ip6tables": true
}
[root@localhost opt]# systemctl restart docker

正常通过。

相关推荐
时光旅人01号几秒前
Ubuntu 常用指令手册
linux·运维·服务器·深度学习·神经网络·ubuntu
InnovatorX18 分钟前
Linux 下 MySQL 8 搭建教程
linux·mysql·adb
程序猿本员44 分钟前
Linux进程间通信(1)-管道、内存映射
linux·后端
FLGB1 小时前
Jenkins 集成DingDing 推送
运维·jenkins
Wyc724091 小时前
Linux命令基础,创建,输入,输出,查看,查询
linux·运维·服务器
liuyunluoxiao1 小时前
命令行参数和环境变量【Linux操作系统】
linux
海绵波波1072 小时前
【部署】ubuntu部署olmOCR
linux·运维·ubuntu
自由鬼2 小时前
OpenAI定义的Agent新范式如何构建自动化系统
运维·ai·自动化·agent
纪伊路上盛名在2 小时前
vscode中修改快捷键
linux·ide·vscode·编辑器
自律的阿龙2 小时前
Linux练级宝典->多线程
linux·运维·服务器
热门推荐
01从零安装 LLaMA-Factory 微调 Qwen 大模型成功及所有的坑02如何在WPS和Word/Excel中直接使用DeepSeek功能03DeepSeek各版本说明与优缺点分析04Unity图形学之法线贴图原理05DeepSeek RAGFlow构建本地知识库系统06本地部署DeepSeek教程(Mac版本)07Windows 11 安装 Dify 完整指南 非docker环境08如何本地部署AI智能体平台,带你手搓一个AI Agent09本地化部署AI知识库:基于Ollama+DeepSeek+AnythingLLM保姆级教程10KGG转MP3工具|非KGM文件|解密音频