由于公司需要离线部署Docker,这里将其步骤记录下来。
目标环境Centos7.2。
由于目标环境为公司内网,首先尝试在https://download.docker.com/linux/centos/7/x86_64/stable/Packages/下载Docker RPM包:docker-ce-17.03.2.ce-1.el7.centos.x86_64.rpm,docker-ce-selinux-17.03.2.ce-1.el7.centos.noarch.rpm,安装失败,提示依赖有问题。
多次尝试解决依赖问题失败后,尝试在能连外网的虚拟机上部署同一版本Centos7.2,并使用 yum install --downloadonly --downloaddir=/tmp/docker docker 下载docker的rpm以及相关依赖安装文件到/tmp/docker。
下载成功。
[root@centos7 docker]# ls
container-selinux-2.66-1.el7.noarch.rpm oci-register-machine-0-6.git2b44233.el7.x86_64.rpm
container-storage-setup-0.10.0-1.gitdf0dcd5.el7.noarch.rpm oci-systemd-hook-0.1.16-1.git05bd9a0.el7.x86_64.rpm
docker-1.13.1-68.gitdded712.el7.centos.x86_64.rpm oci-umount-2.3.3-3.gite3c9055.el7.x86_64.rpm
docker-client-1.13.1-68.gitdded712.el7.centos.x86_64.rpm policycoreutils-2.5-22.el7.x86_64.rpm
docker-common-1.13.1-68.gitdded712.el7.centos.x86_64.rpm policycoreutils-python-2.5-22.el7.x86_64.rpm
libgudev1-219-57.el7.x86_64.rpm selinux-policy-3.13.1-192.el7_5.4.noarch.rpm
libselinux-2.5-12.el7.x86_64.rpm selinux-policy-targeted-3.13.1-192.el7_5.4.noarch.rpm
libselinux-python-2.5-12.el7.x86_64.rpm setools-libs-3.3.8-2.el7.x86_64.rpm
libselinux-utils-2.5-12.el7.x86_64.rpm skopeo-containers-0.1.31-1.dev.gitae64ff7.el7.centos.x86_64.rpm
libsemanage-2.5-11.el7.x86_64.rpm systemd-219-57.el7.x86_64.rpm
libsemanage-python-2.5-11.el7.x86_64.rpm systemd-libs-219-57.el7.x86_64.rpm
libsepol-2.5-8.1.el7.x86_64.rpm systemd-python-219-57.el7.x86_64.rpm
lz4-1.7.5-2.el7.x86_64.rpm systemd-sysv-219-57.el7.x86_64.rpm
并将所有rpm包复制到目标环境,并安装rpm -Uvh *.rpm。
[root@centos7 docker]# systemctl status docker.service
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
Active: failed (Result: exit-code) since 二 2018-08-14 14:39:18 CST; 15s ago
Docs: http://docs.docker.com
Process: 8385 ExecStart=/usr/bin/dockerd-current --add-runtime docker-runc=/usr/libexec/docker/docker-runc-current --default-runtime=docker-runc --exec-opt native.cgroupdriver=systemd --userland-proxy-path=/usr/libexec/docker/docker-proxy-current --init-path=/usr/libexec/docker/docker-init-current --seccomp-profile=/etc/docker/seccomp.json $OPTIONS $DOCKER_STORAGE_OPTIONS $DOCKER_NETWORK_OPTIONS $ADD_REGISTRY $BLOCK_REGISTRY $INSECURE_REGISTRY $REGISTRIES (code=exited, status=1/FAILURE)
Main PID: 8385 (code=exited, status=1/FAILURE)
8月 14 14:39:16 centos7.2 systemd[1]: Starting Docker Application Container Engine...
8月 14 14:39:16 centos7.2 dockerd-current[8385]: time="2018-08-14T14:39:16.708427219+08:00" level=warning msg="could n...ound"
8月 14 14:39:16 centos7.2 dockerd-current[8385]: time="2018-08-14T14:39:16.710201736+08:00" level=info msg="libcontain...8392"
8月 14 14:39:18 centos7.2 dockerd-current[8385]: Error starting daemon: SELinux is not supported with the overlay2 gra...alse)
8月 14 14:39:18 centos7.2 systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE
8月 14 14:39:18 centos7.2 systemd[1]: Failed to start Docker Application Container Engine.
8月 14 14:39:18 centos7.2 systemd[1]: Unit docker.service entered failed state.
8月 14 14:39:18 centos7.2 systemd[1]: docker.service failed.
Hint: Some lines were ellipsized, use -l to show in full.
这里启动Docker失败,发现此linux的内核中的SELinux不支持 overlay2 graph driver ,解决方法有两个,要么启动一个新内核,要么就在docker里禁用selinux,--selinux-enabled=false。
这里选择重新编辑docker配置文件:
然后systemctl start docker 就好了。