准备
CentOS7.x系统自带的3.10.x内核存在一些Bug,Docker运行不稳定,建议升级内核
- 下载内核源
[root@master ~]# rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm
获取http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm
警告:/var/tmp/rpm-tmp.ABHzQf: 头V4 DSA/SHA1 Signature, 密钥 ID baadae52: NOKEY
准备中... ################################# [100%]
正在升级/安装...
1:elrepo-release-7.0-3.el7.elrepo ################################# [100%]
- 安装最新版本内核
[root@master ~]# yum --enablerepo=elrepo-kernel install -y kernel-lt
已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: ftp.sjtu.edu.cn
* elrepo: mirrors.tuna.tsinghua.edu.cn
* elrepo-kernel: mirrors.tuna.tsinghua.edu.cn
* extras: ftp.sjtu.edu.cn
* updates: ftp.sjtu.edu.cn
elrepo | 3.0 kB 00:00:00
elrepo-kernel | 3.0 kB 00:00:00
(1/2): elrepo/primary_db | 337 kB 00:00:00
(2/2): elrepo-kernel/primary_db | 2.0 MB 00:00:12
正在解决依赖关系
--> 正在检查事务
---> 软件包 kernel-lt.x86_64.0.5.4.95-1.el7.elrepo 将被 安装
--> 解决依赖关系完成
依赖关系解决
=================================================================================================================================================================================================================================================
Package 架构 版本 源 大小
=================================================================================================================================================================================================================================================
正在安装:
kernel-lt x86_64 5.4.95-1.el7.elrepo elrepo-kernel 50 M
事务概要
=================================================================================================================================================================================================================================================
安装 1 软件包
总下载量:50 M
安装大小:227 M
Downloading packages:
警告:/var/cache/yum/x86_64/7/elrepo-kernel/packages/kernel-lt-5.4.95-1.el7.elrepo.x86_64.rpm: 头V4 DSA/SHA1 Signature, 密钥 ID baadae52: NOKEY=============================================================== ] 1.2 MB/s | 50 MB 00:00:00 ETA
kernel-lt-5.4.95-1.el7.elrepo.x86_64.rpm 的公钥尚未安装
kernel-lt-5.4.95-1.el7.elrepo.x86_64.rpm | 50 MB 00:00:38
从 file:///etc/pki/rpm-gpg/RPM-GPG-KEY-elrepo.org 检索密钥
导入 GPG key 0xBAADAE52:
用户ID : "elrepo.org (RPM Signing Key for elrepo.org) <secure@elrepo.org>"
指纹 : 96c0 104f 6315 4731 1e0b b1ae 309b c305 baad ae52
软件包 : elrepo-release-7.0-3.el7.elrepo.noarch (installed)
来自 : /etc/pki/rpm-gpg/RPM-GPG-KEY-elrepo.org
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
警告:RPM 数据库已被非 yum 程序修改。
正在安装 : kernel-lt-5.4.95-1.el7.elrepo.x86_64 1/1
验证中 : kernel-lt-5.4.95-1.el7.elrepo.x86_64 1/1
已安装:
kernel-lt.x86_64 0:5.4.95-1.el7.elrepo
完毕!
- 查看可用内核
[root@master ~]# cat /boot/grub2/grub.cfg |grep menuentry
if [ x"${feature_menuentry_id}" = xy ]; then
menuentry_id_option="--id"
menuentry_id_option=""
export menuentry_id_option
menuentry 'CentOS Linux (5.4.95-1.el7.elrepo.x86_64) 7 (Core)' --class centos --class gnu-linux --class gnu --class os --unrestricted $menuentry_id_option 'gnulinux-3.10.0-1160.el7.x86_64-advanced-8b7cd640-65a6-40a3-a483-a34ec6b66ce8' {
menuentry 'CentOS Linux (3.10.0-1160.el7.x86_64) 7 (Core)' --class centos --class gnu-linux --class gnu --class os --unrestricted $menuentry_id_option 'gnulinux-3.10.0-1160.el7.x86_64-advanced-8b7cd640-65a6-40a3-a483-a34ec6b66ce8' {
menuentry 'CentOS Linux (0-rescue-c5860b2961c54ddc9032f382e49d5efb) 7 (Core)' --class centos --class gnu-linux --class gnu --class os --unrestricted $menuentry_id_option 'gnulinux-0-rescue-c5860b2961c54ddc9032f382e49d5efb-advanced-8b7cd640-65a6-40a3-a483-a34ec6b66ce8' {
- 设置开机从新内核启动
[root@master ~]# grub2-set-default "CentOS Linux (5.4.95-1.el7.elrepo.x86_64) 7 (Core)"
- 查看内核启动项
[root@master ~]# grub2-editenv list
saved_entry=CentOS Linux (5.4.95-1.el7.elrepo.x86_64) 7 (Core)
- 重启系统使内核生效
reboot
- 查看内核版本是否生效
uname -r
安装docker
- 检查docker
which docker
yum -y remove docker docker-client docker-client-latest docker-common docker-latest docker-latest-logrotate docker-logrotate docker-selinux docker-engine-selinux
- 关闭防火墙
如果忘关防火墙了,导致docker运行的服务器无法访问,则先关闭防火墙,再重启docker即可。
systemctl stop firewalld
systemctl disable firewalld.service
第一种方式
- 下载docker包
wget https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-19.03.9-3.el7.x86_64.rpm
- 安装docker
yum -y localinstall docker-ce-19.03.9-3.el7.x86_64.rpm
第二种方式
- 添加仓库
yum -y install yum-utils
#官方源
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
#国内源
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
- 安装docker
yum -y install docker-ce docker-ce-cli containerd.io
- 安装指定版本
k8s报错:this Docker version is not on the list of validated versions: 20.10.3. Latest validated version: 19.03,那就是版本过高了,没有k8s要求就默认装了。
#列出所有可以安装的版本
[root@master ~]# yum list docker-ce.x86_64 --showduplicates | sort -r
已加载插件:fastestmirror, langpacks
已安装的软件包
可安装的软件包
* updates: mirrors.ustc.edu.cn
Loading mirror speeds from cached hostfile
* extras: mirrors.ustc.edu.cn
docker-ce.x86_64 3:20.10.3-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.3-3.el7 @docker-ce-stable
docker-ce.x86_64 3:20.10.2-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.1-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.0-3.el7 docker-ce-stable
......
# docker版本高了安装K8s的时候会报错,所以我这边安装了19.03
yum list docker-ce.x86_64 docker-ce-cli.x86_64 --showduplicates | sort -r | grep 19.03
[root@master ~]# yum list docker-ce.x86_64 docker-ce-cli.x86_64 --showduplicates | sort -r | grep 19.03
docker-ce.x86_64 3:19.03.9-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.8-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.7-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.6-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.5-3.el7 docker-ce-stable
......
docker-ce.x86_64 3:19.03.0-3.el7 docker-ce-stable
docker-ce-cli.x86_64 1:19.03.9-3.el7 docker-ce-stable
docker-ce-cli.x86_64 1:19.03.8-3.el7 docker-ce-stable
docker-ce-cli.x86_64 1:19.03.7-3.el7 docker-ce-stable
docker-ce-cli.x86_64 1:19.03.6-3.el7 docker-ce-stable
......
yum -y install docker-ce-19.03.15 docker-ce-cli-19.03.15 containerd.io
下载安装包命令 yumdownloader docker-ce-19.03.15 docker-ce-cli-19.03.15 containerd.io --resolve --destdir=docker
yum install --downloadonly --downloaddir=docker docker-ce-19.03.15 docker-ce-cli-19.03.15 containerd.io
- 安装docker-compoes
curl -SL https://ghfast.top/https://github.com/docker/compose/releases/download/v2.17.3/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
chmod +x /usr/bin/docker-compose
修改docker目录
mkdir /etc/docker/ /data
cat > /etc/docker/daemon.json << EOF
{
"registry-mirrors": [
"https://dockerhub.azk8s.cn",
"https://docker.mirrors.ustc.edu.cn",
"http://hub-mirror.c.163.com",
"https://h9vtw6kz.mirror.aliyuncs.com"
],
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"storage-driver": "overlay2",
"storage-opts": [
],
"bip": "10.0.0.1/24",
"ipv6": false,
"data-root": "/data/docker",
"log-opts": {
"max-size": "1m",
"max-file": "3"
}
}
EOF
systemctl enable docker
systemctl restart docker
如果已经安装docker参考以下步骤
- 停止docker服务
systemctl stop docker
- 找到docker存储目录,移动到需要更改的位置,我这边已经创建好了/data目录
建议使用cp,不建议mv
find / -name docker -type d
cp -r docker /data
- cp 完成后删除原来的文件
rm -f docker
- 两种方式
- 查找到docker.service服务文件,修改配置文件
find / -name docker.service -type f
vim docker.service
新增ExecStart=/usr/bin/dockerd --graph /data/docker,启动docker服务
systemctl enable docker
systemctl daemon-reload
systemctl start docker
- 重新建立软连接,以及重新reload一下
ln -s /data/docker docker #后面docker为最开始查找到的docker目录,最好写绝对路径
systemctl enable docker
systemctl daemon-reload
systemctl start docker
脚本
升级kernel:update_kernel.sh
部署docker:install_docker.sh
