ubuntu环境下docker安装步骤,ubuntudocker
ubuntu环境下docker安装步骤,ubuntudocker
本文是根据docker官方文档翻译,原文:https://docs.docker.com/engine/installation/linux/ubuntulinux/
Docker 支持以下 Ubuntu 系统:
- Ubuntu Xenial 16.04 (LTS)
- Ubuntu Wily 15.10
- Ubuntu Trusty 14.04 (LTS)
- Ubuntu Precise 12.04 (LTS)
本页内容指引你安装使用由Docker管理的正式包和管理包. 使用这些安装包能确保你安装 Docker最新发行包. 如果你想安装并使用Ubuntu管理提供的软件包, 参照Ubuntu文档.
备注: Ubuntu Utopic 14.10 和 15.04 依旧在 Docker’s
APT仓库中,但不再提供官方技术支持.
前提条件
Docker要求是64位Ubuntu(无论哪个版本)。另外,内核必须在最小为3.10。3.10最新版本或更新的版本也行。
3.10之前版本缺少docker运行所需要的特征一些容器。这些老版本的bug,经常导致数据损失。
使用命令: uname -r 来显示内核版本:
$ uname -r
3.11.0-15-generic
备注: 如果你之前安装过Docker 使用的
APT, 确保升级你的APT源 到 Docker新版.
更新APT源
Docker’s APT 仓库 包括 Docker 1.7.1 及更高版本. 为了设定 APT 使用最新仓库的软件包,:
Ubuntu 版本相关的先决条件
- Ubuntu Xenial 16.04 (LTS)
- Ubuntu Wily 15.10
- Ubuntu Trusty 14.04 (LTS)
针对Ubuntu Trusty, Wily, and Xenial, 推荐安装 the linux-image-extra-* 内核包. linux-image-extra-* 包允许你使用 aufs存储驱动.
为了安装 linux-image-extra-* :
Ubuntu Precise 12.04 (LTS)
针对Ubuntu Precise, Docker 要求是 3.13内核. 如果内核版本早于 3.13, 必须更新. 参考如下表格来对比不同包对运行环境的要求:
| Package | Description |
|---|---|
| linux-image-generic-lts-trusty | Generic Linux kernel image. This kernel has AUFS built in. This is required to run Docker. |
| linux-headers-generic-lts-trusty | Allows packages such as ZFS and VirtualBox guest additions which depend on them. If you didn't install the headers for your existing kernel, then you can skip these headers for the"trusty" kernel. If you're unsure, you should include this package for safety. |
| xserver-xorg-lts-trusty | Optional in non-graphical environments without Unity/Xorg. Required when running Docker on machine with a graphical environment. To learn more about the reasons for these packages, read the installation instructions for backported kernels, specifically the LTS Enablement Stack — refer to note 5 under each version. |
| libgl1-mesa-glx-lts-trusty |
为了更新linux内核并且安装附加包, 通过以下步骤:
安装
确保你已经安装过你的Ubuntu版本所需前提要求.
然后, 通过以下步骤安装Docker:
可选配置
下面驱动包含一些可选步骤用来配置Ubuntu环境下Docker.
- Create a docker group
- Adjust memory and swap accounting
- Enable UFW forwarding
- Configure a DNS server for use by Docker
- Configure Docker to start on boot
创建 Docker group
docker 进程(daemon)绑定在 Unix套接字(socket), 而不是TCP端口(port). 由于Unix默认是 socket权限归root用户所有,其他用户可以通过sudo访问. 由此, docker进程通常使用root用户运行.
为了避免每次使用docker命令都不得不使用sudo, 创建名为docker的Unix group并add users to it. 当docker daemon 开始,docker group就会拥有Unix socket 的读写权限(read/writable).
警告: The
dockergroup is equivalent to theroot用户; For details on how this impacts security in your system, 查看Docker Daemon Attack Surface 查看细节.
为了docker group and添加用户user:
Adjust memory and swap accounting
When users run Docker, they may see these messages when working with an image:
WARNING: Your kernel does not support cgroup swap limit. WARNING: Your
kernel does not support swap limit capabilities. Limitation discarded.
To prevent these messages, enable memory and swap accounting on your system. Enabling memory and swap accounting does induce both a memory overhead and a performance degradation even when Docker is not in use. The memory overhead is about 1% of the total available memory. The performance degradation is roughly 10%.
To enable memory and swap on system using GNU GRUB (GNU GRand Unified Bootloader), do the following:
Enable UFW forwarding
If you use UFW (Uncomplicated Firewall) on the same host as you run Docker, you’ll need to do additional configuration. Docker uses a bridge to manage container networking. By default, UFW drops all forwarding traffic. As a result, for Docker to run when UFW is enabled, you must set UFW’s forwarding policy appropriately.
Also, UFW’s default set of rules denies all incoming traffic. If you want to reach your containers from another host allow incoming connections on the Docker port. The Docker port defaults to 2376 if TLS is enabled or 2375 when it is not. If TLS is not enabled, communication is unencrypted. By default, Docker runs without TLS enabled.
To configure UFW and allow incoming connections on the Docker port:
Configure a DNS server for use by Docker
Systems that run Ubuntu or an Ubuntu derivative on the desktop typically use127.0.0.1 as the default nameserver in /etc/resolv.conf file. The NetworkManager also sets up dnsmasq to use the real DNS servers of the connection and sets up nameserver 127.0.0.1 in /etc/resolv.conf.
When starting containers on desktop machines with these configurations, Docker users see this warning:
WARNING: Local (127.0.0.1) DNS resolver found in resolv.conf and containers
can't use it. Using default external servers : [8.8.8.8 8.8.4.4]
The warning occurs because Docker containers can’t use the local DNS nameserver. Instead, Docker defaults to using an external nameserver.
To avoid this warning, you can specify a DNS server for use by Docker containers. Or, you can disable dnsmasq in NetworkManager. Though, disablingdnsmasq might make DNS resolution slower on some networks.
The instructions below describe how to configure the Docker daemon running on Ubuntu 14.10 or below. Ubuntu 15.04 and above use systemd as the boot and service manager. Refer to control and configure Docker with systemd to configure a daemon controlled by systemd.
To specify a DNS server for use by Docker:
Or, as an alternative to the previous procedure, disable dnsmasq in NetworkManager (this might slow your network).
Configure Docker to start on boot
Ubuntu uses systemd as its boot and service manager 15.04 onwards andupstart for versions 14.10 and below.
For 15.04 and up, to configure the docker daemon to start on boot, run
$ sudo systemctl enable docker
For 14.10 and below the above installation method automatically configuresupstart to start the docker daemon on boot
更新Docker
使用apt-get来安装Docker最新版:
$ sudo apt-get upgrade docker-engine
卸载
卸载Docker包:
$ sudo apt-get purge docker-engine
卸载Docker包及依赖:
$ sudo apt-get autoremove --purge docker-engine
上面命令会删除images, containers, volumes, user created configuration files on your host. If you wish to delete all images, containers, and volumes run the following command:
$ rm -rf /var/lib/docker
You must delete the user created configuration files manually.
评论暂时关闭