Docker-CE in SUSE
雖然使用zypper添加源也能安裝,不過我在SLES 12sp5 上安裝時發現好多命令還需要自己手動軟連接,乾脆網上找了找文檔,再自己小改下,用二進制部署,也是可以安裝成功的,並且使用方式上沒啥區別。
注意:目前這個辦法我自己還未在生產環境上實驗。ps: 如果經過測試等一系列環境後,上了生產沒啥問題,再刪掉這句話。如果各位在使用上有啥問題,可以評論區騷擾。
參考博客:https://www.cnblogs.com/zerchin/p/13892460.html
參考博客:https://blog.csdn.net/weixin_37623484/article/details/86693214
參考文件: centos7上安裝的docker服務文件
避坑點:suse上的防火牆服務名字和centos7上的不太一樣,需要修改systemd的Afer部分
Download
wget https://download.docker.com/linux/static/stable/x86_64/docker-19.03.15.tgz
Install
Add group for docker
tar -zxvf docker-19.03.15.tgz
cp -r docker/* /usr/bin/
groupadd -r docker
docker
- add
/usr/lib/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
BindsTo=containerd.service
After=network.target containerd.service
Wants=network-online.target
Requires=docker.socket
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always
# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
# Both the old, and new location are accepted by systemd 229 and up, so using the old location
# to make them work for either version of systemd.
StartLimitBurst=3
# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
# this option work for either version of systemd.
StartLimitInterval=60s
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Comment TasksMax if your systemd version does not support it.
# Only systemd 226 and above support this option.
TasksMax=infinity
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
[Install]
WantedBy=multi-user.target
- add
/usr/lib/systemd/system/docker.socket
[Unit]
Description=Docker Socket for the API
PartOf=docker.service
[Socket]
ListenStream=/var/run/docker.sock
SocketMode=0660
SocketUser=root
SocketGroup=docker
[Install]
WantedBy=sockets.target
containerd
- create
/usr/lib/systemd/system/containerd.service
[Unit]
Description=containerd container runtime
Documentation=https://containerd.io
After=network.target
[Service]
ExecStartPre=-/sbin/modprobe overlay
ExecStart=/usr/bin/containerd
Type=notify
Delegate=yes
KillMode=process
Restart=always
RestartSec=5
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNPROC=infinity
LimitCORE=infinity
LimitNOFILE=1048576
# Comment TasksMax if your systemd version does not supports it.
# Only systemd 226 and above support this version.
TasksMax=infinity
OOMScoreAdjust=-999
[Install]
WantedBy=multi-user.target
Config
mkdir -p /etc/docker
cat > /etc/docker/daemon.json <<EOF
{
"exec-opts": [
"native.cgroupdriver=systemd"
],
"registry-mirrors": [
"https://hub-mirror.c.163.com",
"https://mirror.baidubce.com"
],
"insecure-registries": [
"registry.xxx.xxxx.xxx",
"xxxxxx.xxxx.xxxxx.xxxx"
],
"graph": "/var/lib/docker",
"log-driver": "json-file",
"log-opts": {
"max-size": "200m",
"max-file": "5"
},
"storage-driver": "overlay2"
}
EOF
Start
systemctl daemon-reload
systemctl enable docker.service --now