Install Docker CE 17.03.2 on Cen
2018-04-09 本文已影响172人
寺院的研究僧
在CentOS 6.6 内核2.6 上装Docker CE 17.03.2, 总算跑起来,主要有两点
1.需要升级kernel到3.10,如果需要overlay存储方式需要升到kernel4.4版本
2.Docker 二进制方式安装
3.cAdvisor选择v0.27.4版本
大体流程如下
0.check
uname -sr
Linux 2.6.32-504.el6.x86_64
cat /etc/issue
CentOS release 6.9 (Final)
wget https://raw.githubusercontent.com/moby/moby/master/contrib/check-config.sh
bash check-config.sh
modprobe nf_nat
modprobe iptable_nat
1. create docker group
sudo groupadd docker
sudo gpasswd -a root docker
sudo usermod -aG docker root
newgrp - docker
2. add cgroup into /etc/fstab
cat <<EOF >>/etc/fstab
none /sys/fs/cgroup cgroup defaults 0 0
EOF
3. modify sysctl
cat <<EOF >>/etc/sysctl.conf
net.ipv4.ip_forward=1
net.ipv4.ip_local_port_range=32768 65535
EOF
sysctl -p
4. update kernel to 3.10 with aufs patch
install aufs patch to avoid cgroup device bus error and iptables related issue
wget http://www.hop5.in/yum/el6/kernel-ml-aufs-3.10.5-3.el6.x86_64.rpm
wget http://www.hop5.in/yum/el6/kernel-ml-aufs-devel-3.10.5-3.el6.x86_64.rpm
rpm -ivh kernel-ml-aufs-3.10.5-3.el6.x86_64.rpm
rpm -ivh kernel-ml-aufs-devel-3.10.5-3.el6.x86_64.rpm
5. update kernel to 4.4
wget https://mirrors.tuna.tsinghua.edu.cn/elrepo/kernel/el6/x86_64/RPMS/kernel-lt-4.4.151-1.el6.elrepo.x86_64.rpm
wget https://mirrors.tuna.tsinghua.edu.cn/elrepo/kernel/el6/x86_64/RPMS/kernel-lt-devel-4.4.151-1.el6.elrepo.x86_64.rpm
rpm -ivh kernel-lt-4.4.151-1.el6.elrepo.x86_64.rpm
rpm -ivh kernel-lt-devel-4.4.151-1.el6.elrepo.x86_64.rpm
or
wget https://mirrors.tuna.tsinghua.edu.cn/elrepo/kernel/el6/x86_64/RPMS/kernel-ml-4.18.4-1.el6.elrepo.x86_64.rpm
wget https://mirrors.tuna.tsinghua.edu.cn/elrepo/kernel/el6/x86_64/RPMS/kernel-ml-devel-4.18.4-1.el6.elrepo.x86_64.rpm
rpm -ivh kernel-ml-4.18.4-1.el6.elrepo.x86_64.rpm
rpm -ivh kernel-ml-devel-4.18.4-1.el6.elrepo.x86_64.rpm
6. switch kernel to 4.4 and reboot
sed -i 's/^default=1/default=0/' /etc/grub.conf
7. install Docker CE 17.03.2
wget https://mirrors.aliyun.com/docker-ce/linux/static/stable/x86_64/docker-17.03.2-ce.tgz
tar -zxvf docker-17.03.2-ce.tgz
mv -f docker/* /usr/bin
8. create docker daemon settting /etc/docker/daemon.json
mkdir -p /etc/docker
cat <<EOF >/etc/docker/daemon.json
{
"hosts": [
"tcp://0.0.0.0:2375",
"unix:///var/run/docker.sock"
],
"debug": true,
"log-driver": "json-file",
"log-level": "false",
"experimental": true,
"metrics-addr": "0.0.0.0:1337",
"selinux-enabled": false,
"registry-mirrors": [
"https://registry.docker-cn.com",
"http://f631e5c5.m.daocloud.io"
],
"insecure-registries":[
"gcr.io",
"quay.io",
"registry.cn-hangzhou.aliyuncs.com",
"10.194.11.253",
"10.194.11.253:5000",
"registry.dev.crfchina.com:5000"
],
"exec-opts": [
"native.cgroupdriver=cgroupfs"
],
"graph": "/localdisk/docker/graph",
"storage-driver": "overlay2",
"storage-opts": [ "overlay2.override_kernel_check=true" ],
"live-restore": false
}
EOF
9.create service docker
/etc/init.d/docker or /etc/rc.d/init.d/docker
cat <<EOF >/etc/init.d/docker
#!/bin/sh
#
# /etc/rc.d/init.d/docker
#
# Daemon for docker.com
#
# chkconfig: 2345 95 95
# description: Daemon for docker.com
### BEGIN INIT INFO
# Provides: docker
# Required-Start: $network cgconfig
# Required-Stop:
# Should-Start:
# Should-Stop:
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: start and stop docker
# Description: Daemon for docker.com
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
prog="dockerd"
exec="/usr/bin/$prog"
pidfile="/var/run/$prog.pid"
lockfile="/var/lock/subsys/$prog"
logfile="/var/log/$prog.log"
[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
[ -e /etc/sysconfig/$prog-storage ] && . /etc/sysconfig/$prog-storage
prestart() {
service cgconfig status > /dev/null
if [[ $? != 0 ]]; then
service cgconfig start
fi
}
start() {
if [ ! -x $exec ]; then
if [ ! -e $exec ]; then
echo "Docker executable $exec not found"
else
echo "You do not have permission to execute the Docker executable $exec"
fi
exit 5
fi
check_for_cleanup
if ! [ -f $pidfile ]; then
prestart
printf "Starting $prog:\t"
echo "\n$(date)\n" >> $logfile
$exec --pidfile=$pidfile &>> $logfile &
pid=$!
touch $lockfile
# wait up to 10 seconds for the pidfile to exist. see
# https://github.com/docker/docker/issues/5359
tries=0
while [ ! -f $pidfile -a $tries -lt 10 ]; do
sleep 1
tries=$((tries + 1))
done
success
echo
else
failure
echo
printf "$pidfile still exists...\n"
exit 7
fi
}
stop() {
echo -n $"Stopping $prog: "
killproc -p $pidfile -d 300 $prog
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
stop
start
}
reload() {
restart
}
force_reload() {
restart
}
rh_status() {
status -p $pidfile $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
check_for_cleanup() {
if [ -f ${pidfile} ]; then
/bin/ps -fp $(cat ${pidfile}) > /dev/null || rm ${pidfile}
fi
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
restart
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
exit 2
esac
exit $?
EOF
10. start and enable docker service
chmod a+x /etc/init.d/docker
chkconfig --add /etc/init.d/docker
chkconfig docker on
service docker start
service docker status
以下步骤不是必须
11. start cAdvisor container
docker run --restart=always --volume=/:/rootfs:ro --volume=/var/run:/var/run:rw --volume=/sys:/sys:ro --volume=/var/lib/docker/:/var/lib/docker:ro --publish=4033:8080 --detach=true --name=cadvisor google/cadvisor:v0.27.4
12. install Python 2.7.13 and docker-compose
yum install -y openssl openssl-devel
wget --no-check-certificate https://www.python.org/ftp/python/2.7.13/Python-2.7.13.tgz
tar -zxvf Python-2.7.13.tgz
cd Python-2.7.13
./configure
make && make install
wget https://bootstrap.pypa.io/get-pip.py
/usr/local/bin/python get-pip.py
pip install --upgrade pip -i http://mirrors.aliyun.com/pypi/simple/ --trusted-host=mirrors.aliyun.com
pip install --upgrade docker-compose -i http://mirrors.aliyun.com/pypi/simple/ --trusted-host=mirrors.aliyun.com
13. reference
http://www.cnblogs.com/cuizhipeng/p/4380653.html
http://seanlook.com/2014/10/26/docker-installed-centos6-successfully/
14.后续
依然会有cgroup的错误
[root@localhost Python-2.7.13]# /etc/init.d/cgconfig status
Stopped
[root@localhost Python-2.7.13]# /etc/init.d/cgconfig start
Starting cgconfig service: Error: cannot mount cpuset to /cgroup/cpuset: Device or resource busy
/sbin/cgconfigparser; error loading /etc/cgconfig.conf: Cgroup mounting failed
Failed to parse /etc/cgconfig.conf or /etc/cgconfig.d [FAILED]
[root@localhost Python-2.7.13]#
cgroup讲解
https://wiki.archlinux.org/index.php/cgroups
mkdir -p /cgroup/cpuacct /cgroup/memory /cgroup/devices /cgroup/freezer net_cls /cgroup/blkio
cat /etc/cgconfig.conf |tail|grep "="|awk '{print "mount -t cgroup -o",$1,$1,$NF}' | bash
/etc/init.d/cgconfig restart
/etc/init.d/docker restart
sudo cgcreate -g memory,cpu,blkio,cpuset:userlimited
cgconfigparser -l /etc/cgconfig.conf
