Docker 是一个基于Go语言实现的开源应用容器引擎,让开发者可以打包他们的应用以及依赖包到一个可移植的镜像中,然后发布到任何主流的操作系统中(如Linux、Windows),也可以实现轻量级虚拟化。
Docker的构想是要实现“Build, Ship and Run Any App, Anywhere”,即通过对应用的封装、分发、部署、运行生命周期进行管理,达到应用级别的“一次封装,到处运行”。(类似Java的JVM概念,一次打包,处处运行,但是JVM只能用于Java应用,docker可以运行绝大部分应用。)
for pkg in docker.io docker-doc docker-compose podman-docker containerd runc; do sudo apt remove $pkg; done
sudo apt update && sudo apt install ca-certificates curl gnupg
curl -fsSL http://mirrors.aliyun.com/docker-ce/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/trusted.gpg.d/docker.gpg
dpkg --print-architecture用以打印当前系统的架构信息,例如amd64、i386、arm64等;lsb_release -cs用以打印当前系统的发行版代号,deepin20.9的代号为apricot并不包含在源内,由于deepin20.9目前是基于debain10的,所以采用buter。sudo sh -c 'echo "deb [arch=amd64] http://mirrors.aliyun.com/docker-ce/linux/debian buster stable" > /etc/apt/sources.list.d/docker.list'
sudo apt update && sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
二进制安装的方式适合完全内网、无法访问apt源的情况,换版本也很方便,更换二进制文件即可。
/usr/local/bin 目录/home/zhangsan/apps/docker, 其中的 zhangsan 是用户名,注意替换。--data-root 参数为数据存储目录。[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/local/bin/dockerd --data-root /home/zhangsan/apps/docker
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target
/usr/lib/systemd/system 目录sudo systemctl daemon-reload
sudo systemctl start docker
sudo systemctl enable docker
7.执行以下命令,使普通用户拥有使用docker的权限
sudo groupadd docker
# 替换zhangsan为实际用户名
sudo usermod zhangsan -a -G docker
docker version