0. Install Docker
Docker is divided into two major versions: CE and EE. CE is the community edition (free, support period is 7 months), EE is the enterprise edition, which emphasizes security, is paid for use, and has a support period of 24 months.
Docker CE is divided into three update channels: stable test and nightly.
The official website has installation guides for various environments. Here we mainly introduce the installation of Docker CE on CentOS.
1.CentOS installation Docker
Docker CE supports the 64-bit version of CentOS 7, and requires the kernel version to be no less than 3.10. CentOS 7 meets the minimum kernel requirements, so we install Docker on CentOS 7.
Prepare the environment:
1.1. Uninstall (optional)
If you have installed an older version of Docker before, you can uninstall it using the following command:
\: Indicates the splicing of commands, which means that this command is too long to be written in one line. Adding \ tells the system that this command has not ended and you have to continue reading. . In the future, if we encounter a command that is too long, or if it is more readable by changing the line, we can add a \
yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-selinux \
docker-engine-selinux \
docker-engine \
docker-ce
If docker is not installed on your computer, there is no need to execute this command.
1.2. Install docker
First, everyone needs to connect the virtual machine to the Internet and install the yum tool.
yum install -y yum-utils \
device-mapper-persistent-data \
lvm2 --skip-broken
Then update the local image source: when installing docker, the default is to go to a foreign website to download online, which is relatively slow.
# Set the docker image source to Alibaba Cloud's warehouse, so that the installation of docker will be much faster.
yum-config-manager \
--add-repo \
https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sed -i 's/download.docker.com/mirrors.aliyun.com\/docker-ce/g' /etc/yum.repos.d/docker-ce.repo
yum makecache fast
Then enter the command:
yum install -y docker-ce
docker-ce is a community free version. Wait a moment and docker will be installed successfully.
1.3. Start docker
Docker applications need to use various ports and modify the firewall settings one by one. It’s very troublesome, so I suggest you turn off the firewall directly! (The enterprise cannot be closed directly)
Before starting docker, be sure to turn off the firewall! !
Before starting docker, be sure to turn off the firewall! !
Before starting docker, be sure to turn off the firewall! !
# Close systemctl stop firewalld # Disable starting the firewall at boot systemctl disable firewalld
Start docker via command:
systemctl start docker # Start docker service systemctl stop docker # Stop docker service systemctl restart docker # Restart docker service
Then enter the command to view the docker version:
docker -v
As shown in the picture:
1.4. Configure image acceleration
The Internet speed of docker’s official image warehouse is poor. We need to set up a domestic image service:
Refer to Alibaba Cloud’s mirror acceleration documentation: https://cr.console.aliyun.com/cn-hangzhou/instances/mirrors
# Create a folder
sudo mkdir -p /etc/docker
# Create a new daemon.json file in the docker directory, and then output the following content to this file
# In this way, future image downloads will be downloaded from Alibaba Cloud.
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://3p9z8xoz.mirror.aliyuncs.com"]
}
EOF
# Reload file
sudo systemctl daemon-reload
# Restart docker
sudo systemctl restart docker
2.CentOS7 installation DockerCompose
2.1.Download
Under Linux, you need to download it through the command:
# Installation curl -L https://github.com/docker/compose/releases/download/1.23.1/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose
If the download speed is slow or the download fails, you can use the docker-compose file provided in the pre-course material:
You can also upload it to the /usr/local/bin/ directory.
2.2. Modify file permissions
Modify file permissions:
# Modify permissions chmod +x /usr/local/bin/docker-compose #turns green to indicate that the file can be executed ll
2.3.Base auto-completion command:
# Complete the command. After configuration, you will be prompted when using DockerCompose in the future, which is more convenient. curl -L https://raw.githubusercontent.com/docker/compose/1.29.1/contrib/completion/bash/docker-compose > /etc/bash_completion.d/docker-compose
If an error occurs here, you need to modify your hosts file: the reason is that the domain name cannot be resolved.
echo "199.232.68.133 raw.githubusercontent.com" >> /etc/hosts
Execute the above command again and the execution is successful.
3.Docker image warehouse
Building a mirror warehouse can be achieved based on the DockerRegistry officially provided by Docker.
Official website address: https://hub.docker.com/_/registry
3.1. Simplified version of the mirror warehouse
Docker’s official Docker Registry is a basic version of the Docker image warehouse, which has complete functions of warehouse management, but does not have a graphical interface.
The construction method is relatively simple, the commands are as follows:
docker run -d \
--restart=always \
--name registry \
-p 5000:5000 \
-v registry-data:/var/lib/registry \
registry
The command mounts a data volume registry-data to the /var/lib/registry directory in the container, which is the directory where the private image library stores data.
Visit http://YourIp:5000/v2/_catalog to view the images included in the current private image service
3.2. Version with graphical interface (use this version as an example)
Take the version with a graphical interface as an example. This is not officially provided but is developed by third-party individuals based on the official Docker Registry.
Use DockerCompose to deploy DockerRegistry with a graphical interface. The command is as follows:
The DockerCompose command is placed in the yml file of DockerCompose.
version: '3.0'
services:
registry: #registryservice
image: registry #image name
volumes: #Mounted data volumes
- ./registry-data:/var/lib/registry
ui: # Graphical interface service
image: joxit/docker-registry-ui:static
ports: #Port number
- 8080:80
environment: #Environment variables
- REGISTRY_TITLE=Chuanzhi Education Private Warehouse #Title after service deployment: write whatever you want
#Configure the address of the REGISTRY service. Because the ui service depends on the REGISTRY service, you have to tell it the address of the REGISTRY.
# The url format is, service name: port number, 5000 is the port of REGISTRY, registry is the service name, in DockerCompose
# Multiple services use service names to access each other. 5000 is only the internal access port between the two of them, and we cannot access it because
# It is not exposed, we can only access it using 8080
- REGISTRY_URL=http://registry:5000
depends_on: #Depends on the registry service. When deploying in the future, start the registry first and then start the UI.
-registry
Remove the annotated version:
version: '3.0'
services:
registry:
image: registry
volumes:
- ./registry-data:/var/lib/registry
ui:
image: joxit/docker-registry-ui:static
ports:
- 8080:80
environment:
- REGISTRY_TITLE= Chuanzhi Education Private Warehouse
- REGISTRY_URL=http://registry:5000
depends_on:
-registry
Before executing this command, you must also configure Docker’s trusted address. See 3.3 for details.
test:
-
Create a new folder:
mkdir registry-ui -
Create a new docker-compose.yml file to save the above configuration:
touch docker-compose.yml
-
Copy the above commands into the docker-compose.yml file
-
Create and execute the container:
docker-compose up -d
-
Check the log for successful startup:
docker-compose logs -f
-
Enter the address in the browser to access:
192.168.10.161:8080
Display 0 images: means there are no images
3.3. Configure Docker trust address
Our private server uses the http protocol, which is not trusted by Docker by default, so we need to make a configuration:
# Open the file to be modified vi /etc/docker/daemon.json #Add content: "insecure-registries":["http://192.168.10.161:8080"] # reload systemctl daemon-reload # Restart docker systemctl restart docker
