baicai

白菜

一个勤奋的代码搬运工!
HomeArchives白菜

Install Docker

#Docker#Debian22
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
The article provides instructions on how to install Docker on Debian GNU/Linux 11. It includes steps for updating the software sources, installing Docker and related applications, checking the Docker status and information, verifying the installation, configuring a mirror accelerator, cleaning up Docker objects, viewing container IP addresses, modifying the Docker startup directory, debugging images, and checking program dynamic library dependencies. It also includes references to Docker's official installation documentation and explanations of various configurations in the docker-daemon.json file.

Operating Environment

  Operating System: Debian GNU/Linux 11 (bullseye)
            Kernel: Linux 5.10.0-18-amd64
      Architecture: x86-64

Install via Debian Official Software Repository#

# Update the software sources and install docker and related applications
    sudo apt update && sudo apt install -y docker docker.io docker-compose

# Check the status of Docker
    sudo systemctl status docker
# View Docker information
    sudo docker info
# Verify if the installation was successful    
    sudo docker run hello-world

Mirror Accelerator#

Visit https://cr.console.aliyun.com/cn-hangzhou/instances/mirrors to obtain your own Aliyun mirror accelerator address.

Modify /etc/docker/daemon.json

sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
  "max-concurrent-downloads": 3,
  "max-concurrent-uploads": 3,
  "max-download-attempts": 3,
  "registry-mirrors": ["https://modify-to-your-own.mirror.aliyuncs.com","https://hub-mirror.c.163.com","https://registry.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker

Clean Up Docker Objects#

The prune command is used to remove unused Docker objects.

# Delete all images that are not tagged and not used by containers:
$ docker image prune

# Delete all images not used by containers:
$ docker image prune -af

# Delete all stopped containers:
$ docker container prune

# Delete all unused volumes:
$ docker volume prune

# Delete all networks:
$ docker network prune

# Delete all Docker resources:
$ docker system prune

View Container IP#

# View the IP of all containers
$ docker inspect --format='{{.Name}} - {{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' $(docker ps -aq)

# View the network configuration of a specific container, including network and IP
$ docker inspect containerId

# View the IP of a container
$ docker exec -it containerId ip addr

Modify Docker Startup Directory#

Because the /var partition is small when installing the system, the path after Docker starts needs to be changed to /home/docker. The /etc/docker/daemon.json file is the Docker configuration file, which is not available by default and needs to be created manually.

The specific steps are as follows:

  1. Set the /etc/docker/daemon.json file.
    Content reference:
{
"data-root":"/home/docker"
}
  1. After creating and modifying the daemon.json file, make it take effect.
# a. Reload the configuration file after modification
sudo systemctl daemon-reload

# b. Restart the Docker service
sudo systemctl restart docker.service

# c. Check the status
sudo systemctl status docker -l

# d. View the service
sudo docker info

Debugging Images#

# Use --entrypoint to enter the container (add -it option to directly enter the container)
docker run -it --entrypoint /bin/bash --name container_name image:v30.2.9

View Dynamic Library Dependency of Programs#

# ldd (Debian GLIBC 2.36-9+deb12u1) 2.36
# Copyright (C) 2022 Free Software Foundation, Inc.
# This is free software; see the source for copying conditions.  There is NO
# warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
# Written by Roland McGrath and Ulrich Drepper.
ldd --version

# Determine which shared library files a command requires to ensure that the specified command can run reliably in an isolated system
ldd /bin/bash

References#

Docker Official Installation Documentation:
https://docs.docker.com/engine/install/debian/

Explanation of docker-daemon.json Configuration#

{
"api-cors-header":"", // Set CORS headers in the engine API
"authorization-plugins":[], // Load authorization plugins
"bridge":"", // Attach containers to a bridge
"cgroup-parent":"", // Set the parent cgroup for all containers
"cluster-store":"", // URL of the distributed storage backend
"cluster-store-opts":{}, // Set cluster store options (default map [])
"cluster-advertise":"", // Address or interface name to advertise
"debug": true, // Enable debug mode (default false)
"default-gateway":"", // Default IPv4 gateway for containers
"default-gateway-v6":"", // Default IPv6 gateway for containers
"default-runtime":"runc", // Default OCI runtime for containers (default "runc")
"default-ulimits":{}, // Default ulimits for containers (default [])
"dns": ["192.168.1.1"], // Set the DNS addresses for containers, can be viewed in the /etc/resolv.conf file of the container
"dns-opts": [], // Additional options for the container /etc/resolv.conf file
"dns-search": [], // Set the search domains for containers, when the search domain is set to .example.com, DNS will search for both host and host.example.com when searching for a host. Note: If not set, Docker will default to the /etc/resolv.conf on the host.
"exec-opts": [], // Execution options for the runtime
"exec-root":"", // Root directory for execution state files (default "/var/run/docker")
"fixed-cidr":"", // Fixed IPv4 subnet for IPAM
"fixed-cidr-v6":"", // Fixed IPv6 subnet for IPAM
"data-root":"/var/lib/docker", // Root path used by the Docker runtime (default "/var/lib/docker")
"group": "", // Group for UNIX sockets (default "docker")
"hosts": [], // Set the hosts for containers
"icc": false, // Enable inter-container communication (default true)
"ip":"0.0.0.0", // Default IP when binding container ports (default 0.0.0.0)
"iptables": false, // Enable adding iptables rules (default true)
"ipv6": false, // Enable IPv6 networking
"ip-forward": false, // Enable net.ipv4.ip_forward (default true)
"ip-masq":false, // Enable IP masquerading (default true)
"labels":["nodeName=node-121"], // Labels for the Docker host, useful feature, for example, define: --label nodeName=host-121
"live-restore": true, // Enable Docker's live restore while containers are still running
"log-driver":"", // Default log driver for containers (default "json-file")
"log-level":"", // Set the log level ("debug", "info", "warn", "error", "fatal") (default "info")
"max-concurrent-downloads":3, // Set the maximum concurrent downloads per request (default 3)
"max-concurrent-uploads":5, // Set the maximum concurrent uploads per push (default 5)
"mtu": 0, // Set the container network MTU
"oom-score-adjust":-500, // Set the oom_score_adj for the daemon (default -500)
"pidfile": "", // PID file for the Docker daemon
"raw-logs": false, // Enable full timestamp mechanism
"selinux-enabled": false, // Enable SELinux support (default false)
"storage-driver":"", // Storage driver to use
"swarm-default-advertise-addr":"", // Interface to use for default address or cluster advertise address
"tls": true, // Enable TLS authentication (default false)
"tlscacert": "", // Path to the CA certificate file (default ~/.docker/ca.pem)
"tlscert": "", // Path to the TLS certificate file (default ~/.docker/cert.pem)
"tlskey": "", // Path to the TLS key file (default ~/.docker/key.pem)
"tlsverify": true, // Use TLS and verify the remote (default false)
"userland-proxy":false, // Use userland proxy for loopback traffic (default true)
"userns-remap":"", // User/Group setting for user namespace
"bip":"192.168.88.0/22", // Specify the bridge IP
"registry-mirrors": ["https://192.498.89.232:89"], // Set the mirror accelerator
"insecure-registries": ["192.168.0.123:12312"], // Set private registry addresses to http
"storage-opts": [
"overlay2.override_kernel_check=true",
"overlay2.size=15G"
], // Storage driver options
"log-opts": {
"max-file": "3",
"max-size": "10m",
}, // Default log driver options for containers
"iptables": false // Enable adding iptables rules (default true)
}
Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.