Cento系统下docker的安装与卸载

Docker简介

Docker 是一个开源的应用容器引擎，让开发者可以打包他们的应用以及依赖包到一个可移植的容器中，然后发布到任何流行的 Linux 机器上，也可以实现虚拟化。容器是完全使用沙箱机制，相互之间不会有任何接口（类似 iPhone 的 app）。几乎没有性能开销,可以很容易地在机器和数据中心中运行。最重要的是,他们不依赖于任何语言、框架包括系统。 
百度百科

前提

首先，你的Centos的系统一定要是64位的，不管版本是什么。并且内核版本至少是3.10以上。 
用以下命令去查看你的内核版本：

$ uname -r3.10.0-229.el7.x86_64
1
2
1
2

最后，建议你更新你的系统，因为最新内核可能会修复了旧版本的一些bug。

安装

用yum安装

用具有sudo或者root权限的用户登录系统。

确保你的yum包已经更新

$ sudo yum update
1
1

添加yum仓库

$ sudo tee /etc/yum.repos.d/docker.repo <<-'EOF'[dockerrepo]name=Docker Repositorybaseurl=https://yum.dockerproject.org/repo/main/centos/$releasever/enabled=1gpgcheck=1gpgkey=https://yum.dockerproject.org/gpgEOF
1
2
3
4
5
6
7
8
1
2
3
4
5
6
7
8

安装Docker包

$ sudo yum install docker-engine
1
1

• 开启docker deamon

$ sudo service docker start
1
1

验证docker是否成功安装

$ sudo docker run hello-worldUnable to find image 'hello-world:latest' locally    latest: Pulling from hello-world    a8219747be10: Pull complete    91c95931e552: Already exists    hello-world:latest: The image you are pulling has been verified. Important: image verification is a tech preview feature and should not be relied on to provide security.    Digest: sha256:aa03e5d0d5553b4c3473e89c8619cf79df368babd1.7.1cf5daeb82aab55838d    Status: Downloaded newer image for hello-world:latest    Hello from Docker.    This message shows that your installation appears to be working correctly.    To generate this message, Docker took the following steps:     1. The Docker client contacted the Docker daemon.     2. The Docker daemon pulled the "hello-world" image from the Docker Hub.            (Assuming it was not already locally available.)     3. The Docker daemon created a new container from that image which runs the            executable that produces the output you are currently reading.     4. The Docker daemon streamed that output to the Docker client, which sent it            to your terminal.    To try something more ambitious, you can run an Ubuntu container with:     $ docker run -it ubuntu bash    For more examples and ideas, visit:     http://docs.docker.com/userguide/
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

开机自启动

$ sudo chkconfig docker on
1
1

卸载

列出你安装过的包

$ yum list installed | grep dockeryum list installed | grep dockerdocker-engine.x86_64   1.7.1-1.el7 @/docker-engine-1.7.1-1.el7.x86_64.rpm
1
2
3
1
2
3

删除安装包

$ sudo yum -y remove docker-engine.x86_64
1
1

删除镜像/容器等

$ rm -rf /var/lib/docker

Centos7 打开防火墙或关闭防火墙（这一步很重要，否则本机的容器绑定主机端口提供服务时，本机的其它容器无法访问该服务）

sudo firewall-cmd --permanent --zone=trusted --add-interface=docker0
sudo firewall-cmd --permanent --zone=trusted --add-port=xxxx/tcp# xxxx改为你希望的端口号
sudo firewall-cmd --reload

关闭firewall：
systemctl stop firewalld.service #停止firewall
systemctl disable firewalld.service #禁止firewall开机启动
firewall-cmd --state #查看默认防火墙状态（关闭后显示notrunning，开启后显示running）

iptables防火墙（这里iptables已经安装，下面进行配置）vi/etc/sysconfig/iptables #编辑防火墙配置文件# sampleconfiguration for iptables service# you can edit thismanually or use system-config-firewall# please do not askus to add additional ports/services to this default configuration*filter:INPUT ACCEPT [0:0]:FORWARD ACCEPT[0:0]:OUTPUT ACCEPT[0:0]-A INPUT -m state--state RELATED,ESTABLISHED -j ACCEPT-A INPUT -p icmp -jACCEPT-A INPUT -i lo -jACCEPT-A INPUT -p tcp -mstate --state NEW -m tcp --dport 22 -j ACCEPT-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -jACCEPT-A INPUT -p tcp -m state --state NEW -m tcp --dport 8080-j ACCEPT-A INPUT -j REJECT--reject-with icmp-host-prohibited-A FORWARD -jREJECT --reject-with icmp-host-prohibitedCOMMIT:wq! #保存退出
备注：这里使用80和8080端口为例。***部分一般添加到“-A INPUT -p tcp -m state --state NEW -m tcp--dport 22 -j ACCEPT”行的上面或者下面，切记不要添加到最后一行，否则防火墙重启后不生效。systemctlrestart iptables.service #最后重启防火墙使配置生效systemctlenable iptables.service #设置防火墙开机启动