离线部署docker实战

比奇堡派大星与海绵宝宝

已于 2025-06-24 14:26:52 修改

阅读量275

点赞数 10

CC 4.0 BY-SA版权

分类专栏： Linux 文章标签： docker linux 云原生

于 2025-06-24 14:22:15 首次发布

本文链接：https://blog.csdn.net/weixin_41789843/article/details/148870495

Linux 专栏收录该内容

2 篇文章

订阅专栏

前言：

最近某个项目上需要部署docker环境，但是客户是离线环境，无法联网使用apt ，只能离线安装，便写这篇文章作为留念，并附上联网环境下的一件部署脚本

基础环境

os	         ubunut22.04	
docker版本	  26.1.4

下载docker
在docker 官网上下载你需要的docker版本，本次部署选择26.1.4 的版本。下载链接：https://download.docker.com/linux/static/stable/x86_64/

安装docker

解压缩

解压docker 的压缩包，并将解压后的内容复制到/usr/bin 目录下

tar zxvf docker-26.1.4.tgz   
scp docker/* /usr/bin

设置开机自启

在/lib/systemd/system 下创建docker.service 文件, docker.sock 和containerd.service 文件
docker.service

[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target docker.socket firewalld.service containerd.service time-set.target
Wants=network-online.target containerd.service
Requires=docker.socket

[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutStartSec=0
RestartSec=2
Restart=always


# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
# Both the old, and new location are accepted by systemd 229 and up, so using the old location
# to make them work for either version of systemd.
StartLimitBurst=3

# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
# this option work for either version of systemd.
StartLimitInterval=60s

# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNPROC=infinity
LimitCORE=infinity

# Comment TasksMax if your systemd version does not support it.
# Only systemd 226 and above support this option.
TasksMax=infinity

# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes

# kill only the docker process, not all processes in the cgroup
KillMode=process
OOMScoreAdjust=-500

[Install]
WantedBy=multi-user.target

docker.socket
[Unit]
Description=Docker Socket for the API
PartOf=docker.service

[Socket]
ListenStream=/var/run/docker.sock
SocketMode=0660
SocketUser=root
SocketGroup=root

[Install]
WantedBy=sockets.target

containerd.service

# Copyright The containerd Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

[Unit]
Description=containerd container runtime
Documentation=https://containerd.io
After=network.target local-fs.target

[Service]
ExecStartPre=-/sbin/modprobe overlay
ExecStart=/usr/bin/containerd

Type=notify
Delegate=yes
KillMode=process
Restart=always
RestartSec=5
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNPROC=infinity
LimitCORE=infinity
LimitNOFILE=infinity
# Comment TasksMax if your systemd version does not supports it.
# Only systemd 226 and above support this version.
TasksMax=infinity
OOMScoreAdjust=-999

[Install]
WantedBy=multi-user.target

创建/run/containerd 目录

mkdir /run/containerd

设置服务的开机自启动

systemctl daemon-reload 
systemctl enable --now docker.socket && systemctl enable --now containerd.service && systemctl enable --now docker.service

一键安装

#!/bin/bash

set -e

DEFAULT_VERSION="26.1.4"

# 提示用户输入版本
read -p "请输入要安装的 Docker 版本（默认: ${DEFAULT_VERSION}）： " DOCKER_VERSION
DOCKER_VERSION=${DOCKER_VERSION:-$DEFAULT_VERSION}
echo ">>> 使用 Docker 版本: $DOCKER_VERSION"

# 自动检测架构
ARCH=$(uname -m)
case "$ARCH" in
  x86_64) ARCH_NAME="x86_64" ;;
  aarch64) ARCH_NAME="aarch64" ;;
  *)
    echo "不支持的架构: $ARCH"
    exit 1
    ;;
esac
echo ">>> 检测到系统架构: $ARCH_NAME"

# 下载 Docker 二进制包
WORKDIR="/tmp/docker-install"
DOWNLOAD_URL="https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/static/stable/${ARCH_NAME}/docker-${DOCKER_VERSION}.tgz"
mkdir -p "$WORKDIR"
cd "$WORKDIR"

echo ">>> 正在从清华源下载 Docker 二进制包..."
curl -LO "$DOWNLOAD_URL"

echo ">>> 解压并安装 Docker 可执行文件..."
tar -xzf "docker-${DOCKER_VERSION}.tgz"
cp docker/* /usr/bin/

# 配置 Docker daemon.json
echo ">>> 配置 /etc/docker/daemon.json ..."
mkdir -p /etc/docker
cat > /etc/docker/daemon.json <<EOF
{
  "registry-mirrors": ["https://docker.m.daocloud.io"],
  "data-root": "/data/docker"
}
EOF

mkdir -p /data/docker

# 写入 systemd 文件
echo ">>> 创建 systemd 服务文件..."

cat > /lib/systemd/system/docker.service <<EOF
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target docker.socket firewalld.service containerd.service time-set.target
Wants=network-online.target containerd.service
Requires=docker.socket

[Service]
Type=notify
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
ExecReload=/bin/kill -s HUP \$MAINPID
TimeoutStartSec=0
RestartSec=2
Restart=always
StartLimitBurst=3
StartLimitInterval=60s
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
Delegate=yes
KillMode=process
OOMScoreAdjust=-500

[Install]
WantedBy=multi-user.target
EOF

cat > /lib/systemd/system/docker.socket <<EOF
[Unit]
Description=Docker Socket for the API
PartOf=docker.service

[Socket]
ListenStream=/var/run/docker.sock
SocketMode=0660
SocketUser=root
SocketGroup=root

[Install]
WantedBy=sockets.target
EOF

cat > /lib/systemd/system/containerd.service <<EOF
[Unit]
Description=containerd container runtime
Documentation=https://containerd.io
After=network.target local-fs.target

[Service]
ExecStartPre=-/sbin/modprobe overlay
ExecStart=/usr/bin/containerd

Type=notify
Delegate=yes
KillMode=process
Restart=always
RestartSec=5
LimitNPROC=infinity
LimitCORE=infinity
LimitNOFILE=infinity
TasksMax=infinity
OOMScoreAdjust=-999

[Install]
WantedBy=multi-user.target
EOF

echo ">>> 创建 /run/containerd"
mkdir -p /run/containerd

echo ">>> 重载 systemd 守护进程"
systemctl daemon-reload

echo ">>> 启用并启动服务"
systemctl enable --now docker.socket
systemctl enable --now containerd.service
systemctl enable --now docker.service

echo ">>> 检查 Docker 服务状态"
systemctl is-active --quiet docker && echo "✔ Docker 启动成功"
systemctl is-active --quiet containerd && echo "✔ containerd 启动成功"

echo "✅ Docker $DOCKER_VERSION 已安装，配置了镜像加速器并设置为开机自启。"