当前位置：首页 > news >正文

Centos7.9 离线安装docker

news 文章来源：https://blog.csdn.net/qq_50247813/article/details/144547002 2025/5/9 10:10:25

实验环境：

[root@192 ~]# cat /etc/system-release
CentOS Linux release 7.9.2009 (Core)

下载二进制压缩包

a. 官网下载地址：

https://download.docker.com/linux/static/stable/x86_64/

b. 阿里云下载地址

https://mirrors.aliyun.com/docker-ce/linux/static/stable/x86_64/

选择目前最新的安装包下载

下载后上传到服务器上

https://mirrors.aliyun.com/docker-ce/linux/static/stable/x86_64/docker-27.4.0.tgz

所有二进制包功能介绍

将压缩包解压

[root@192 ~]# ll
total 74000
-rw-r--r--. 1 root root 75773499 Dec 18 07:29 docker-27.4.0.tgz
[root@192 ~]# tar -zxvf docker-27.4.0.tgz
docker/
docker/runc
docker/containerd
docker/docker-init
docker/dockerd
docker/containerd-shim-runc-v2
docker/docker-proxy
docker/docker
docker/ctr
[root@192 ~]# ls -1 docker
containerd
containerd-shim-runc-v2
ctr
docker
dockerd
docker-init
docker-proxy
runc

containerd：containerd 是一个开源的容器运行时，它作为 Docker 的守护进程被广泛使用。它是行业标准的容器运行时，负责管理容器的整个生命周期，包括创建容器、运行容器、存储和网络等。
containerd-shim-runc-v2：containerd-shim 是 containerd 的一部分，它作为容器运行时的父进程存在，负责与容器的标准输入输出进行交互。containerd-shim-runc-v2 特别指的是与 runC 集成的版本，runC 是一个轻量级的容器运行时，符合 OCI (Open Container Initiative) 标准。
ctr：ctr 是 containerd 的低级命令行界面，它提供了一组命令来直接与 containerd 进行交互，如创建容器、运行容器、管理镜像等。ctr 是一个更接近底层的工具，通常用于调试或高级用例。
docker：docker 是 Docker 命令行界面的二进制文件，用户通过它与 Docker 引擎交互，执行如构建镜像、运行容器、管理网络和卷等操作。
dockerd：dockerd 是 Docker 守护进程的二进制文件，它是 Docker 架构的核心，负责管理 Docker 对象，包括镜像、容器、网络和卷。dockerd 接收来自 Docker CLI 的请求并处理这些请求。
docker-init：docker-init 是 Docker 在早期版本中使用的初始化系统，用于在容器启动时设置环境变量和执行初始化操作。在 Docker 的较新版本中，docker-init 的功能被集成到了 dockerd 中。
docker-proxy：docker-proxy 是 Docker 启动的临时代理进程，它负责将容器内部的网络请求转发到宿主机的特定端口，从而允许容器访问外部网络服务。
runc：runc 是一个轻量级的命令行工具，用于根据 OCI 标准创建和运行容器。它是许多容器运行时和容器管理平台的底层组件，包括 containerd 和 Docker。

安装部署docker

[root@192 docker]# ls
containerd  containerd-shim-runc-v2  ctr  docker  dockerd  docker-init  docker-proxy  runc
[root@192 docker]# cp * /usr/bin/

1. containerd 配置启动文件

containerd.service 文件直接拿github上containerd项目中的文件拿过来用

github地址： https://github.com/containerd/containerd/blob/main/containerd.service
gitee地址：  https://gitee.com/hackerwjz/containerd/blob/main/containerd.service

*note：

以下 containerd.service我改动了一下二进制启动文件路径，因为我把二进制文件都放到了 /usr/bin/ 下面，而下载的
containerd.service文件默认启动位置在ExecStart=/usr/local/bin/containerd
只需要将启动位置修改为 ExecStart=/usr/bin/containerd即可

cat > /usr/lib/systemd/system/containerd.service << EOF
# Copyright The containerd Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.[Unit]
Description=containerd container runtime
Documentation=https://containerd.io
After=network.target local-fs.target dbus.service[Service]
ExecStartPre=-/sbin/modprobe overlay
ExecStart=/usr/bin/containerdType=notify
Delegate=yes
KillMode=process
Restart=always
RestartSec=5# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNPROC=infinity
LimitCORE=infinity# Comment TasksMax if your systemd version does not supports it.
# Only systemd 226 and above support this version.
TasksMax=infinity
OOMScoreAdjust=-999[Install]
WantedBy=multi-user.targetEOF

重新加载systemd配置，并启动containerd

[root@192 docker]# systemctl daemon-reload
[root@192 docker]# systemctl enable containerd --now
Created symlink from /etc/systemd/system/multi-user.target.wants/containerd.service to /usr/lib/systemd/system/containerd.service.
[root@192 docker]# systemctl status containerd
● containerd.service - containerd container runtimeLoaded: loaded (/usr/lib/systemd/system/containerd.service; enabled; vendor preset: disabled)Active: active (running) since Thu 2024-12-19 04:37:06 CST; 11min agoDocs: https://containerd.ioMain PID: 4671 (containerd)CGroup: /system.slice/containerd.service└─4671 /usr/bin/containerdDec 19 04:37:06 192.168.25.142 containerd[4671]: time="2024-12-19T04:37:06.195745383+08:00" level=info msg=serving... address=/run/containerd/containerd.sock.ttrpc
Dec 19 04:37:06 192.168.25.142 containerd[4671]: time="2024-12-19T04:37:06.195808476+08:00" level=info msg=serving... address=/run/containerd/containerd.sock
Dec 19 04:37:06 192.168.25.142 systemd[1]: Started containerd container runtime.
Dec 19 04:37:06 192.168.25.142 containerd[4671]: time="2024-12-19T04:37:06.196645507+08:00" level=info msg="Start subscribing containerd event"
Dec 19 04:37:06 192.168.25.142 containerd[4671]: time="2024-12-19T04:37:06.196798483+08:00" level=info msg="Start recovering state"
Dec 19 04:37:06 192.168.25.142 containerd[4671]: time="2024-12-19T04:37:06.196969326+08:00" level=info msg="Start event monitor"
Dec 19 04:37:06 192.168.25.142 containerd[4671]: time="2024-12-19T04:37:06.197012345+08:00" level=info msg="Start snapshots syncer"
Dec 19 04:37:06 192.168.25.142 containerd[4671]: time="2024-12-19T04:37:06.197039963+08:00" level=info msg="Start cni network conf syncer for default"
Dec 19 04:37:06 192.168.25.142 containerd[4671]: time="2024-12-19T04:37:06.197045185+08:00" level=info msg="Start streaming server"
Dec 19 04:37:06 192.168.25.142 containerd[4671]: time="2024-12-19T04:37:06.197953750+08:00" level=info msg="containerd successfully booted in 0.101189s"

2. dockerd配置启动文件

docker.service文件可以直接拿github上docker项目中的文件来用

github地址：https://github.com/moby/moby/blob/master/contrib/init/systemd/docker.service
gitee地址： https://gitee.com/Yao_weijie/moby/blob/master/contrib/init/systemd/docker.service

Tips：
在dockerd启动时会将/var/run/docker.sock
套接字文件加入到docker组，所以在docker启动时最好创建一下。不创建也不影响启动；创建docker组的主要目的是可以将非root用户加入到docker组，以便普通用户可以有权限使用docker命令，而非调用sudo

[root@192 ~]# groupadd -g 995 docker
[root@192 ~]# getent group docker
docker:x:995:

cat > /usr/lib/systemd/system/docker.service << EOF
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target docker.socket firewalld.service containerd.service time-set.target
Wants=network-online.target containerd.service
Requires=docker.socket[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutStartSec=0
RestartSec=2
Restart=always# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
# Both the old, and new location are accepted by systemd 229 and up, so using the old location
# to make them work for either version of systemd.
StartLimitBurst=3# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
# this option work for either version of systemd.
StartLimitInterval=60s# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNPROC=infinity
LimitCORE=infinity# Comment TasksMax if your systemd version does not support it.
# Only systemd 226 and above support this option.
TasksMax=infinity# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes# kill only the docker process, not all processes in the cgroup
KillMode=process
OOMScoreAdjust=-500[Install]
WantedBy=multi-user.targetEOF

*note：
由于docker.service里面有Requires=docker.socket 强依赖，所以在启动docker服务前一定要激活 systemd 套接字单元 docker.socket，如果是使用rpm包安装的docker，会自动创建/lib/systemd/system/docker.socket文件，由于我们这里是使用二进制安装的所有需要而外配置一下。

docker.socket 定义了 unix套接字文件路径，权限，启动用户和所属组; 其实如果不想配置 /lib/systemd/system/docker.socket 文件只需要将 Requires=docker.socket 注释掉，但是 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock 需要修改为 ExecStart=/usr/bin/dockerd -H unix:// --containerd=/run/containerd/containerd.sock 及将 fd:// 修改为 unix:// ，及从本地systemd 套接字单元启动修改为从unix套接字路径启动。没有设置unix套接字路径是因为默认会去连接 /run/docker.sock

cat > /lib/systemd/system/docker.socket << EOF
[Unit]
Description=Docker Socket for the API[Socket]
# If /var/run is not implemented as a symlink to /run, you may need to
# specify ListenStream=/var/run/docker.sock instead.
ListenStream=/run/docker.sock
SocketMode=0660
SocketUser=root
SocketGroup=docker[Install]
WantedBy=sockets.targetEOF

重新加载systemd配置，并启动dockerd

[root@192 ~]# systemctl daemon-reload
[root@192 ~]# systemctl enable docker --now
[root@192 ~]# systemctl status docker
● docker.service - Docker Application Container EngineLoaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)Active: active (running) since Thu 2024-12-19 07:15:53 CST; 18min agoDocs: https://docs.docker.comMain PID: 884 (dockerd)Tasks: 8Memory: 78.3MCGroup: /system.slice/docker.service└─884 /usr/bin/dockerd -H unix:// --containerd=/run/containerd/containerd.sockDec 19 07:15:52 192.168.25.142 dockerd[884]: time="2024-12-19T07:15:52.922736046+08:00" level=info msg="[graphdriver] using prior storage driver: overlay2"
Dec 19 07:15:52 192.168.25.142 dockerd[884]: time="2024-12-19T07:15:52.927258298+08:00" level=info msg="Loading containers: start."
Dec 19 07:15:53 192.168.25.142 dockerd[884]: time="2024-12-19T07:15:53.588393525+08:00" level=info msg="Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Dae... IP address"
Dec 19 07:15:53 192.168.25.142 dockerd[884]: time="2024-12-19T07:15:53.729125254+08:00" level=info msg="Loading containers: done."
Dec 19 07:15:53 192.168.25.142 dockerd[884]: time="2024-12-19T07:15:53.767169596+08:00" level=warning msg="WARNING: bridge-nf-call-iptables is disabled"
Dec 19 07:15:53 192.168.25.142 dockerd[884]: time="2024-12-19T07:15:53.767501666+08:00" level=warning msg="WARNING: bridge-nf-call-ip6tables is disabled"
Dec 19 07:15:53 192.168.25.142 dockerd[884]: time="2024-12-19T07:15:53.767633374+08:00" level=info msg="Docker daemon" commit=92a8393 containerd-snapshotter=false storage-driver=...rsion=27.4.0
Dec 19 07:15:53 192.168.25.142 dockerd[884]: time="2024-12-19T07:15:53.768243618+08:00" level=info msg="Daemon has completed initialization"
Dec 19 07:15:53 192.168.25.142 dockerd[884]: time="2024-12-19T07:15:53.860678888+08:00" level=info msg="API listen on /var/run/docker.sock"
Dec 19 07:15:53 192.168.25.142 systemd[1]: Started Docker Application Container Engine.
Hint: Some lines were ellipsized, use -l to show in full.

3. 测试

获取镜像：通过网盘分享的文件：hello-world.tar 链接:
https://pan.baidu.com/s/1jk9VNv60cCzmq8Pi0WHwhQ 提取码: 4ark

[root@192 ~]# docker load -i hello-world.tar
ac28800ec8bb: Loading layer [==================================================>]  14.85kB/14.85kB
Loaded image: hello-world:latest
[root@192 ~]# docker images
REPOSITORY    TAG       IMAGE ID       CREATED         SIZE
hello-world   latest    d2c94e258dcb   19 months ago   13.3kB
[root@192 ~]# docker run hello-worldHello from Docker!
This message shows that your installation appears to be working correctly.To generate this message, Docker took the following steps:1. The Docker client contacted the Docker daemon.2. The Docker daemon pulled the "hello-world" image from the Docker Hub.(amd64)3. The Docker daemon created a new container from that image which runs theexecutable that produces the output you are currently reading.4. The Docker daemon streamed that output to the Docker client, which sent itto your terminal.To try something more ambitious, you can run an Ubuntu container with:$ docker run -it ubuntu bashShare images, automate workflows, and more with a free Docker ID:https://hub.docker.com/For more examples and ideas, visit:https://docs.docker.com/get-started/

Centos7.9 离线安装docker

实验环境：

下载二进制压缩包

所有二进制包功能介绍

安装部署docker

1. containerd 配置启动文件

2. dockerd配置启动文件

3. 测试

相关文章：

Centos7.9 离线安装docker

C语言函数在调用过程中具体是怎么和栈互动的？

【Java中常见的异常及其处理方式】

如何更新项目中的 npm 或 Yarn 依赖包至最新版本

SpringBoot3整合FastJSON2如何配置configureMessageConverters

《Vue3实战教程》2：Vue3快速上手

ubuntu 24.04.1安装FTP流程

多功能护照阅读器港澳通行证阅读机RS232串口主动输出协议，支持和单片机/Linux对接使用

5个用于构建Web应用程序的Go Web框架

Qt中的异步相关类

浅谈仓颉语言的优劣

Linux 显示系统活动进程状态命令 ps 详细介绍

scala中正则表达式的使用

数据分析和AI丨知识图谱，AI革命中数据集成和模型构建的关键推动者

cocos creator制作2dTop-down游戏（虚拟摇杆、地图加载）

SQL Server 批量插入数据的方式汇总及优缺点分析

linux上抓包RoCEv2

【机器学习与数据挖掘实战】案例04：基于K-Means算法的信用卡高风险客户识别

UDP网络编程套接

期权VIX指数构建与择时应用

QT笔记- QClipboard剪切板对QByteArray数据的复制与粘贴

Python使用PyMySQL操作MySQL完整指南

IAR中如何而将定义的数组放在指定的位置

使用skywalking，grafana实现从请求跟踪、指标收集和日志记录的完整信息记录

Ubuntu 20.04 24.04 双网卡 Bond 配置指南

深度学习之目标检测篇——残差网络与FPN结合

2024-2030全球及中国埋线针行业研究及十五五规划分析报告

穷举vs暴搜vs深搜vs回溯vs剪枝专题一＞子集

MES系统工作流的单元测试方案

2.学习TypeScript 编译选项配置