Docker #
使用 #
# 停止 docker
systemctl stop docker.socket
安装 #
# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
# Add the repository to Apt sources:
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin docker-compose -y
安装指定版本 docker #
# List the available versions:
apt-cache madison docker-ce | awk '{ print $3 }'
# 5:20.10.16~3-0~ubuntu-jammy
# 5:20.10.15~3-0~ubuntu-jammy
# 5:20.10.14~3-0~ubuntu-jammy
# 5:20.10.13~3-0~ubuntu-jammy
VERSION_STRING=5:20.10.13~3-0~ubuntu-jammy
sudo apt-get install docker-ce=$VERSION_STRING docker-ce-cli=$VERSION_STRING containerd.io docker-compose-plugin
设置镜像源 #
cat << 'EOF' > /etc/docker/daemon.json
{
"experimental": false,
"debug": true,
"registry-mirrors": [
"https://docker.1panel.live",
"https://hub.rat.dev",
"https://docker.anyhub.us.kg",
"https://docker.chenby.cn",
"https://dockerhub.jobcher.com",
"https://docker.awsl9527.cn",
"https://docker.m.daocloud.io"
]
}
EOF
systemctl restart docker
docker compose #
安装 #
# docker compose version
mkdir -p ~/.docker/cli-plugins/
curl -SL "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o ~/.docker/cli-plugins/docker-compose
chmod +x ~/.docker/cli-plugins/docker-compose
docker compose version
docker –privileged #
docker run –privileged=true 和 docker run –privileged 是完全等价的
Setting privileged should modify:
- capabilities: removing any capability restrictions
- devices: the host devices will be visible
- seccomp: removing restrictions on allowed syscalls
- apparmor/selinux: policies aren’t applied
- cgroups: I don’t believe the container is limited within a cgroup
参考:
叶王 © 2013-2024 版权所有。如果本文档对你有所帮助,可以请作者喝饮料。