文章

Debian 11 安装 Docker Engine

发表于 更新于
作者 自由博客 8 分钟阅读

卸载旧版本(如果已安装)

1

     sudo apt remove docker docker-engine docker.io containerd runc

安装方法

  1. 使用仓库安装

    • 更新 apt 包索引
    1

    sudo apt update
    • 安装允许 apt 通过 HPPTS 使用仓库的依赖包
    1

    sudo apt install ca-certificates curl gnupg lsb-release
    • 添加 Docker 的官方 GPG 密钥
    1

    curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
    • 配置仓库 添加Docker软件源
    1
2
3
4

    echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://mirrors.aliyun.com/docker-ce/linux/debian \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

    官方地址是国外的 国内访问太慢 建议换成国内的镜像地址 比如阿里的
    把地址 https://download.docker.com/linux/debian
    替换成 https://mirrors.aliyun.com/docker-ce/linux/debian

    1
2
3
4

    echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://mirrors.aliyun.com/docker-ce/linux/debian \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
    • 更新 apt 包索引
    1

    sudo apt update
    • 安装最新版本的 Docker Engine,containerd,Docker Compose
    1

    sudo apt install docker-ce docker-ce-cli containerd.io docker-compose-plugin

  2. 使用 .deb 包手动安装(离线安装)

    官方下载地址太慢 https://download.docker.com/linux/debian/dists
    使用阿里镜像地址 https://mirrors.aliyun.com/docker-ce/linux/debian/dists/
    选择版本 Debian 11 bullseye
    再选 pool
    再选稳定版 stable
    再选 CPU 架构 amd64
    下载相应的版本 例如:

    1
2
3
4
5
6
7

    curl -O https://mirrors.aliyun.com/docker-ce/linux/debian/dists/bullseye/pool/stable/amd64/docker-ce_20.10.16~3-0~debian-bullseye_amd64.deb  
	
curl -O https://mirrors.aliyun.com/docker-ce/linux/debian/dists/bullseye/pool/stable/amd64/docker-ce-cli_20.10.16~3-0~debian-bullseye_amd64.deb  
	
curl -O https://mirrors.aliyun.com/docker-ce/linux/debian/dists/bullseye/pool/stable/amd64/containerd.io_1.6.4-1_amd64.deb  
	
curl -O https://mirrors.aliyun.com/docker-ce/linux/debian/dists/bullseye/pool/stable/amd64/docker-compose-plugin_2.5.0~debian-bullseye_amd64.deb

    安装本地包

    1
2
3
4
5

     sudo dpkg -i docker-ce_20.10.16~3-0~debian-bullseye_amd64.deb \
 docker-ce-cli_20.10.16~3-0~debian-bullseye_amd64.deb \
 docker-compose-plugin_2.5.0~debian-bullseye_amd64.deb \
 containerd.io_1.6.4-1_amd64.deb

验证安装

  • 运行 hello-world 镜像

    1

    sudo docker run hello-world

    打印以下内容 表示安装成功 Hello from Docker!

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

  Unable to find image 'hello-world:latest' locally
  latest: Pulling from library/hello-world
  2db29710123e: Pull complete
  Digest: sha256:80f31da1ac7b312ba29d65080fddf797dd76acfb870e677f390d5acba9741b17
  Status: Downloaded newer image for hello-world:latest

  Hello from Docker!
  This message shows that your installation appears to be working correctly.

  To generate this message, Docker took the following steps:
  1. The Docker client contacted the Docker daemon.
  2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
      (amd64)
  3. The Docker daemon created a new container from that image which runs the
      executable that produces the output you are currently reading.
  4. The Docker daemon streamed that output to the Docker client, which sent it
      to your terminal.

  To try something more ambitious, you can run an Ubuntu container with:
  $ docker run -it ubuntu bash

  Share images, automate workflows, and more with a free Docker ID:
  https://hub.docker.com/

  For more examples and ideas, visit:
  https://docs.docker.com/get-started/

  • 如果提示无法连接到 Docker 守护进程 启动服务后再运行 hello-world 镜像

    1
2

     docker: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?.
See 'docker run --help'.

  • 查看 docker,containerd 服务状态 dead

1
2
3
4
5
6
7
8

sudo systemctl status docker

● docker.service - Docker Application Container Engine
     Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
     Active: inactive (dead)
TriggeredBy: ● docker.socket
       Docs: https://docs.docker.com
  • 启动服务
1

sudo systemctl start docker
  • 再查看服务状态是 running
1
2
3
4
5
6
7
8
9
10
11
12
13

sudo systemctl status docker

● docker.service - Docker Application Container Engine
     Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
     Active: active (running) since Sat 2022-05-14 16:02:45 CST; 2s ago
TriggeredBy: ● docker.socket
       Docs: https://docs.docker.com
   Main PID: 4157 (dockerd)
      Tasks: 9
     Memory: 32.6M
        CPU: 125ms
     CGroup: /system.slice/docker.service
             └─4157 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

以非 root 用户身份管理 Docker

Docker 守护进程绑定到 Unix 套接字而不是 TCP 端口。默认情况下,Unix 套接字归 root 用户所有,其他用户只能使用 sudo. Docker 守护程序始终以 root 用户身份运行。
如果您不想在 docker 命令前加上 sudo,请创建一个名为 Unix 组 docker 并将用户添加到其中。当 Docker 守护进程启动时,它会创建一个可供 docker 组成员访问的 Unix 套接字。
docker 组授予与 root 用户等效的权限。

不加 sudo 会提示拒绝访问 permission denied

1
2
3
4
5

docker run hello-world

docker: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/create": dial unix /var/run/docker.sock: connect: permission denied.
See 'docker run --help'.
  • 创建 docker 组(可跳过)
    安装 docker 后会自动创建 docker 组 但未向其中添加任何用户 需要使用 sudo 来运行 docker 命令
1

sudo groupadd docker
  • 将 xx 用户添加到 docker 组中
1

sudo usermod -aG docker xx
  • 切换用户当前登录所在组(或注销重新登录) 验证不使用 sudo 时是否可以使用 docker 命令
1

newgrp docker

Docker Hub 镜像加速

国内从 DockerHub 拉取镜像太慢 可以使用加速器提升获取 Docker 官方镜像的速度
未加速 52 秒

1
2
3
4
5
6
7
8
9
10
11
12
13

time docker pull debian

Using default tag: latest
latest: Pulling from library/debian
67e8aa6c8bbc: Pull complete
Digest: sha256:6137c67e2009e881526386c42ba99b3657e4f92f546814a33d35b14e60579777
Status: Downloaded newer image for debian:latest
docker.io/library/debian:latest

real    0m51.981s
user    0m0.009s
sys     0m0.046s

配置加速器 以阿里云为例

  1. 登录阿里云
  2. 进入控制台
  3. 搜索 容器镜像服务
  4. 镜像工具
  5. 镜像加速器 查看个人专属加速器地址(每个人的地址都不一样) 并按说明配置镜像加速器
1
2
3
4
5
6
7
8
9
10
11
12

sudo mkdir -p /etc/docker

sudo tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://***.mirror.aliyuncs.com"]
}
EOF

sudo systemctl daemon-reload

sudo systemctl restart docker

或者用网络上已经搭建好的,阿里云听说经常不更新源,导致软件经常不是最新的,在以下任选一个或者全部添加

1
2
3
4
5
6
7
8
9
10
11
12
13

 https://dockerproxy.com
 https://mirror.iscas.ac.cn
 https://docker.nju.edu.cn
 
 
{
    "registry-mirrors": [
        "https://dockerproxy.com",
        "https://mirror.iscas.ac.cn",
        "https://docker.nju.edu.cn"
    ]
}

删除镜像再次拉取 20 秒

1
2
3
4
5
6
7
8
9
10
11
12
13

time docker pull debian

Using default tag: latest
latest: Pulling from library/debian
0e29546d541c: Pull complete
Digest: sha256:2906804d2a64e8a13a434a1a127fe3f6a28bf7cf3696be4223b06276f32f1f2d
Status: Downloaded newer image for debian:latest
docker.io/library/debian:latest

real    0m19.556s
user    0m0.004s
sys     0m0.017s

docker 命令 tab 自动补全

示例 docker run h 按 tab 会自动补全后面的 ello-world
示例 docker r 按 2 下 tab 会自动打印匹配的选项 rename restart rm rmi run

如果不能自动补全 需要安装 bash 自动补全工具 bash-completion

1

sudo apt install bash-completion

docker compose 命令行补全需要安装脚本

1
2
3
4

sudo curl \
    -L https://raw.githubusercontent.com/docker/compose/v2.5.0/contrib/completion/bash/docker-compose \
    -o /etc/bash_completion.d/docker-compose

如果提示

curl: (7) Failed to connect to raw.githubusercontent.com port 443: 拒绝连接

一般是 DNS 问题 无法解析域名 一般手动配置 DNS 即可解决
修改/etc/resolv.conf 修改 DNS 为阿里 DNS 223.5.5.5 或者 114.114.114.114 等等

1

sudo vim /etc/resolv.conf

1

nameserver 223.5.5.5

可惜还是404 截止 2022.05.15 还没有解决?https://github.com/docker/compose/issues/8550

参考资料

  1. https://docs.docker.com/engine/install/debian/
  2. https://docs.docker.com/engine/install/linux-postinstall/
  3. https://docs.docker.com/compose/completion/
操作系统, Armbian
Armbian Docker docker-compose 离线部署docker
本文由作者按照 CC BY 4.0 进行授权