关闭selinux,若为红帽系产品
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config下载文件
华为docker版本仓库:
https://mirrors.huaweicloud.com/docker-ce/linux/static/stable/x86_64/
https://mirrors.huaweicloud.com/docker-ce/linux/static/stable/aarch64/
aarch64
wget https://mirrors.huaweicloud.com/docker-ce/linux/static/stable/aarch64/docker-28.4.0.tgz
tar xzvf docker-28.4.0.tgz
sudo mv docker/* /usr/local/bin/
sudo chmod +x /usr/local/bin/docker*
mkdir /etc/docker/x86
wget https://mirrors.huaweicloud.com/docker-ce/linux/static/stable/x86_64/docker-28.4.0.tgz
tar xzvf docker-28.4.0.tgz
sudo mv docker/* /usr/local/bin/
sudo chmod +x /usr/local/bin/docker*
mkdir /etc/docker/设置docker数据数据目录以及镜像站
设置的数据目录为/data/docker,设置默认网段为172.31.254.1/24
# 创建正确的配置文件
sudo tee /etc/docker/daemon.json << 'EOF'
{
"bip":"172.31.254.1/24",
"data-root": "/data/docker",
"registry-mirrors": [
"https://registry.docker-cn.com",
"http://hub-mirror.c.163.com",
"https://dockerhub.azk8s.cn",
"https://mirror.ccs.tencentyun.com",
"https://registry.cn-hangzhou.aliyuncs.com",
"https://docker.mirrors.ustc.edu.cn",
"https://docker.m.daocloud.io"
]
}
EOF创建system服务
cat >> /etc/systemd/system/docker.service <<EOF
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/local/bin/dockerd --default-ulimit nofile=65535:65535
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target
EOFsystemctl daemon-reload
systemctl start docker
systemctl enable dockerdocker-compose
curl -L "https://1ms.run/install/docker-compose/latest/$(uname -s)/$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
提供CDN加速/云存储服务