Fork me on GitHub

CentOS6.6内核升级,安装docker17.06.2-ce

前言


由于笔者所在公司无论是开发、测试环境,还是准生产环境、生产环境,使用的都是CentOS6.6。要想按照新版本的Docker就必须升级Linux内核。因此,此文讲解如何升级Linux内核,以及在升级完内核后,如何安装Docker17.06.2-ce。其他版本的docker笔者没有尝试,应该也是可行的。毕竟内核升级到4.4.132-1了

安装方式一

第一种安装方式,需要联网,因此请确保机器可以连接到互联网

升级Linux内核

  • 查看当前linux内核版本,查看CentOS版本

uname -a

cat /etc/centos-release

1
2
3
4
[root@localhost ~]# uname -a
Linux localhost.localdomain 2.6.32-504.el6.x86_64 #1 SMP Wed Oct 15 04:27:16 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost ~]# cat /etc/centos-release
CentOS release 6.6 (Final)
  • 导入存储库的GPG密钥

rpm –import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org

1
2
3
[root@localhost ~]# rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
curl: (35) SSL connect error
error: https://www.elrepo.org/RPM-GPG-KEY-elrepo.org: import read failed(2).
  • 若你也遇到以上错误,可执行下yum -y update nss

yum -y update nss

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
[root@localhost ~]# yum -y update nss
Loaded plugins: fastestmirror
Setting up Update Process
base | 3.7 kB 00:00
base/primary_db | 4.7 MB 00:01
extras | 3.4 kB 00:00
extras/primary_db | 30 kB 00:00
updates | 3.4 kB 00:00
updates/primary_db | 8.1 MB 00:03
Resolving Dependencies
--> Running transaction check
---> Package nss.x86_64 0:3.16.1-14.el6 will be updated
--> Processing Dependency: nss = 3.16.1-14.el6 for package: nss-sysinit-3.16.1-14.el6.x86_64
--> Processing Dependency: nss(x86-64) = 3.16.1-14.el6 for package: nss-tools-3.16.1-14.el6.x86_64
---> Package nss.x86_64 0:3.28.4-4.el6_9 will be an update
--> Processing Dependency: nss-util >= 3.28.3 for package: nss-3.28.4-4.el6_9.x86_64
--> Processing Dependency: nss-softokn(x86-64) >= 3.14.3-22 for package: nss-3.28.4-4.el6_9.x86_64
--> Processing Dependency: nspr >= 4.13.0 for package: nss-3.28.4-4.el6_9.x86_64
--> Processing Dependency: libnssutil3.so(NSSUTIL_3.24)(64bit) for package: nss-3.28.4-4.el6_9.x86_64
--> Processing Dependency: libnssutil3.so(NSSUTIL_3.21)(64bit) for package: nss-3.28.4-4.el6_9.x86_64
--> Running transaction check
---> Package nspr.x86_64 0:4.10.6-1.el6_5 will be updated
---> Package nspr.x86_64 0:4.13.1-1.el6 will be an update
---> Package nss-softokn.x86_64 0:3.14.3-17.el6 will be updated
---> Package nss-softokn.x86_64 0:3.14.3-23.3.el6_8 will be an update
--> Processing Dependency: nss-softokn-freebl(x86-64) >= 3.14.3-23.3.el6_8 for package: nss-softokn-3.14.3-23.3.el6_8.x86_64
---> Package nss-sysinit.x86_64 0:3.16.1-14.el6 will be updated
---> Package nss-sysinit.x86_64 0:3.28.4-4.el6_9 will be an update
---> Package nss-tools.x86_64 0:3.16.1-14.el6 will be updated
---> Package nss-tools.x86_64 0:3.28.4-4.el6_9 will be an update
---> Package nss-util.x86_64 0:3.16.1-3.el6 will be updated
---> Package nss-util.x86_64 0:3.28.4-1.el6_9 will be an update
--> Running transaction check
---> Package nss-softokn-freebl.x86_64 0:3.14.3-17.el6 will be updated
---> Package nss-softokn-freebl.x86_64 0:3.14.3-23.3.el6_8 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================================================================================================================================
Package Arch Version Repository Size
===============================================================================================================================================================================================
Updating:
nss x86_64 3.28.4-4.el6_9 updates 879 k
Updating for dependencies:
nspr x86_64 4.13.1-1.el6 base 114 k
nss-softokn x86_64 3.14.3-23.3.el6_8 base 262 k
nss-softokn-freebl x86_64 3.14.3-23.3.el6_8 base 168 k
nss-sysinit x86_64 3.28.4-4.el6_9 updates 51 k
nss-tools x86_64 3.28.4-4.el6_9 updates 447 k
nss-util x86_64 3.28.4-1.el6_9 updates 68 k

Transaction Summary
===============================================================================================================================================================================================
Upgrade 7 Package(s)

Total download size: 1.9 M
Downloading Packages:
(1/7): nspr-4.13.1-1.el6.x86_64.rpm | 114 kB 00:00
(2/7): nss-3.28.4-4.el6_9.x86_64.rpm | 879 kB 00:00
(3/7): nss-softokn-3.14.3-23.3.el6_8.x86_64.rpm | 262 kB 00:00
(4/7): nss-softokn-freebl-3.14.3-23.3.el6_8.x86_64.rpm | 168 kB 00:00
(5/7): nss-sysinit-3.28.4-4.el6_9.x86_64.rpm | 51 kB 00:00
(6/7): nss-tools-3.28.4-4.el6_9.x86_64.rpm | 447 kB 00:00
(7/7): nss-util-3.28.4-1.el6_9.x86_64.rpm | 68 kB 00:00
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 986 kB/s | 1.9 MB 00:02
warning: rpmts_HdrFromFdno: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Importing GPG key 0xC105B9DE:
Userid : CentOS-6 Key (CentOS 6 Official Signing Key) <centos-6-key@centos.org>
Package: centos-release-6-6.el6.centos.12.2.x86_64 (@anaconda-CentOS-201410241409.x86_64/6.6)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Updating : nspr-4.13.1-1.el6.x86_64 1/14
Updating : nss-util-3.28.4-1.el6_9.x86_64 2/14
Updating : nss-softokn-freebl-3.14.3-23.3.el6_8.x86_64 3/14
Updating : nss-softokn-3.14.3-23.3.el6_8.x86_64 4/14
Updating : nss-sysinit-3.28.4-4.el6_9.x86_64 5/14
Updating : nss-3.28.4-4.el6_9.x86_64 6/14
Updating : nss-tools-3.28.4-4.el6_9.x86_64 7/14
Cleanup : nss-tools-3.16.1-14.el6.x86_64 8/14
Cleanup : nss-sysinit-3.16.1-14.el6.x86_64 9/14
Cleanup : nss-3.16.1-14.el6.x86_64 10/14
Cleanup : nss-softokn-3.14.3-17.el6.x86_64 11/14
Cleanup : nss-util-3.16.1-3.el6.x86_64 12/14
Cleanup : nspr-4.10.6-1.el6_5.x86_64 13/14
Cleanup : nss-softokn-freebl-3.14.3-17.el6.x86_64 14/14
Verifying : nss-tools-3.28.4-4.el6_9.x86_64 1/14
Verifying : nss-3.28.4-4.el6_9.x86_64 2/14
Verifying : nss-softokn-3.14.3-23.3.el6_8.x86_64 3/14
Verifying : nss-softokn-freebl-3.14.3-23.3.el6_8.x86_64 4/14
Verifying : nspr-4.13.1-1.el6.x86_64 5/14
Verifying : nss-util-3.28.4-1.el6_9.x86_64 6/14
Verifying : nss-sysinit-3.28.4-4.el6_9.x86_64 7/14
Verifying : nss-sysinit-3.16.1-14.el6.x86_64 8/14
Verifying : nspr-4.10.6-1.el6_5.x86_64 9/14
Verifying : nss-softokn-3.14.3-17.el6.x86_64 10/14
Verifying : nss-util-3.16.1-3.el6.x86_64 11/14
Verifying : nss-3.16.1-14.el6.x86_64 12/14
Verifying : nss-softokn-freebl-3.14.3-17.el6.x86_64 13/14
Verifying : nss-tools-3.16.1-14.el6.x86_64 14/14

Updated:
nss.x86_64 0:3.28.4-4.el6_9

Dependency Updated:
nspr.x86_64 0:4.13.1-1.el6 nss-softokn.x86_64 0:3.14.3-23.3.el6_8 nss-softokn-freebl.x86_64 0:3.14.3-23.3.el6_8 nss-sysinit.x86_64 0:3.28.4-4.el6_9 nss-tools.x86_64 0:3.28.4-4.el6_9
nss-util.x86_64 0:3.28.4-1.el6_9

Complete!
  • 再次尝试导入GPG密钥就OK了

rpm –import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org

1
2
[root@localhost ~]# rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
[root@localhost ~]#
  • 安装ELRepo

rpm -Uvh http://www.elrepo.org/elrepo-release-6-8.el6.elrepo.noarch.rpm

1
2
3
4
[root@localhost ~]# rpm -Uvh http://www.elrepo.org/elrepo-release-6-8.el6.elrepo.noarch.rpm
Retrieving http://www.elrepo.org/elrepo-release-6-8.el6.elrepo.noarch.rpm
Preparing... ########################################### [100%]
1:elrepo-release ########################################### [100%]
  • 安装新内核

yum –enablerepo=elrepo-kernel install kernel-lt -y

不建议 yum –enablerepo=elrepo-kernel install -y kernel-ml( ml=mainline)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
[root@localhost ~]# yum --enablerepo=elrepo-kernel install kernel-lt -y
Loaded plugins: fastestmirror
Setting up Install Process
Determining fastest mirrors
* base: mirrors.aliyun.com
* elrepo: mirrors.tuna.tsinghua.edu.cn
* elrepo-kernel: mirrors.tuna.tsinghua.edu.cn
* extras: mirrors.aliyun.com
* updates: centos.ustc.edu.cn
elrepo | 2.9 kB 00:00
elrepo/primary_db | 718 kB 00:00
elrepo-kernel | 2.9 kB 00:00
elrepo-kernel/primary_db | 22 kB 00:00
Resolving Dependencies
--> Running transaction check
---> Package kernel-lt.x86_64 0:4.4.132-1.el6.elrepo will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================================================================================================================================
Package Arch Version Repository Size
===============================================================================================================================================================================================
Installing:
kernel-lt x86_64 4.4.132-1.el6.elrepo elrepo-kernel 39 M

Transaction Summary
===============================================================================================================================================================================================
Install 1 Package(s)

Total download size: 39 M
Installed size: 178 M
Downloading Packages:
kernel-lt-4.4.132-1.el6.elrepo.x86_64.rpm | 39 MB 00:11
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Warning: RPMDB altered outside of yum.
Installing : kernel-lt-4.4.132-1.el6.elrepo.x86_64 1/1
Verifying : kernel-lt-4.4.132-1.el6.elrepo.x86_64 1/1

Installed:
kernel-lt.x86_64 0:4.4.132-1.el6.elrepo

Complete!
  • 编辑grub.conf文件,修改Grub引导顺序

vi /etc/grub.conf (这里踩了个坑,我改了/etc/grub.conf文件,但是貌似一直没有生效,后来发现原来用的是/boot/grub/grub.conf,这个得事先观察下是否存在这个/boot/grub/grub.conf),一般情况应该都是使用/etc/grub.conf。但无论如何安装内核都是去操作/etc/grub.conf文件的,如果grub启动用的是/boot/grub/grub.conf,那么请将/etc/grub.conf文件内新安装的内核的启动引导配置复制到/boot/grub/grub.conf文件内。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
# all kernel and initrd paths are relative to /boot/, eg.
# root (hd0,0)
# kernel /vmlinuz-version ro root=/dev/mapper/VolGroup-LogVol00
# initrd /initrd-[generic-]version.img
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS (4.4.132-1.el6.elrepo.x86_64)
root (hd0,0)
kernel /vmlinuz-4.4.132-1.el6.elrepo.x86_64 ro root=/dev/mapper/VolGroup-LogVol00 rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto KEYBOARDTYPE=pc KEYTABLE=us rd_LVM_LV=VolGroup/LogVol00 rd_NO_DM rhgb quiet
initrd /initramfs-4.4.132-1.el6.elrepo.x86_64.img
title CentOS 6 (2.6.32-504.el6.x86_64)
root (hd0,0)
kernel /vmlinuz-2.6.32-504.el6.x86_64 ro root=/dev/mapper/VolGroup-LogVol00 rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto KEYBOARDTYPE=pc KEYTABLE=us rd_LVM_LV=VolGroup/LogVol00 rd_NO_DM rhgb quiet
initrd /initramfs-2.6.32-504.el6.x86_64.img

将default=1改为default=0,确保默认启动新的内核。一般新安装的内核会在第一个位置(从0开始),所以设置default=0

安装Docker

笔者这里用的是二进制安装包来安装

  • 下载安装,配置国内中科大docker镜像源

下面给出中科大与阿里云的docker二进制安装包

curl -O http://mirrors.ustc.edu.cn/docker-ce/linux/static/stable/x86_64/docker-17.06.2-ce.tgz

tar -xzvf docker-17.06.2-ce.tgz && cp docker/* /usr/bin && rm -rf docker

mkdir -p /etc/docker && echo “{\”registry-mirrors\”: [\”https://docker.mirrors.ustc.edu.cn\”]}” > /etc/docker/daemon.json

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
[root@localhost ~]# curl -O http://mirrors.ustc.edu.cn/docker-ce/linux/static/stable/x86_64/docker-17.06.2-ce.tgz
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 28.3M 100 28.3M 0 0 3618k 0 0:00:08 0:00:08 --:--:-- 3726k
[root@localhost ~]# ll
total 29032
-rw-------. 1 root root 1038 May 22 20:46 anaconda-ks.cfg
-rw-r--r--. 1 root root 29704322 May 24 23:46 docker-17.06.2-ce.tgz
-rw-r--r--. 1 root root 8823 May 22 20:46 install.log
-rw-r--r--. 1 root root 3384 May 22 20:45 install.log.syslog
[root@localhost ~]# tar -xzvf docker-17.06.2-ce.tgz && cp docker/* /usr/bin && rm -rf docker
docker/
docker/docker-runc
docker/docker
docker/docker-containerd-ctr
docker/docker-containerd
docker/docker-proxy
docker/docker-containerd-shim
docker/dockerd
docker/docker-init

[root@localhost ~]# mkdir -p /etc/docker && echo "{\"registry-mirrors\": [\"https://docker.mirrors.ustc.edu.cn\"]}" > /etc/docker/daemon.json
[root@localhost ~]# ls /etc/docker/
daemon.json key.json
  • 如果我们此时启动dockerd,提示我们升级到3.10.0内核版本或升级到更新的内核版本,这个重启下就好了,不用担心
1
2
3
4
5
6
[root@localhost ~]# dockerd 
WARN[0000] could not change group /var/run/docker.sock to docker: group docker not found
WARN[0000] libcontainerd: makeUpgradeProof could not open /var/run/docker/libcontainerd/containerd
INFO[0000] libcontainerd: new containerd process, pid: 13659
WARN[0000] containerd: low RLIMIT_NOFILE changing to max current=1024 max=4096
FATA[0001] Your Linux kernel version 2.6.32-504.el6.x86_64 is not supported for running docker. Please upgrade your kernel to 3.10.0 or newer.
  • 给dockerd设置自动启动

echo “nohup dockerd > /var/log/dockerd.log & 2>&1” >> /etc/rc.local

1
2
[root@localhost ~]# echo "nohup dockerd > /var/log/dockerd.log 2>&1 &" >> /etc/rc.local
[root@localhost ~]#
  • 重启查看内核版本

如果看到内核版本已经是4.4.132啦,那说明grub确实已经引导了新的内核了

1
2
[root@localhost ~]# uname -a
Linux localhost.localdomain 4.4.132-1.el6.elrepo.x86_64 #1 SMP Wed May 16 14:20:29 EDT 2018 x86_64 x86_64 x86_64 GNU/Linux
  • 查看docker info但提示docker没启动成功

此时我们也可以查看docker的日志,我们把日志放在了/var/log/dockerd.log。或者你可以直接运行dockerd。

提示我们cgroup的东东,看来得安装cgroup

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
[root@localhost ~]# docker info
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

[root@localhost ~]# dockerd
WARN[0000] could not change group /var/run/docker.sock to docker: group docker not found
INFO[0000] libcontainerd: new containerd process, pid: 1293
WARN[0000] containerd: low RLIMIT_NOFILE changing to max current=1024 max=4096
INFO[0001] [graphdriver] using prior storage driver: overlay2
INFO[0001] Graph migration to content-addressability took 0.00 seconds
WARN[0001] Your kernel does not support cgroup memory limit
WARN[0001] Unable to find cpu cgroup in mounts
WARN[0001] Unable to find blkio cgroup in mounts
WARN[0001] Unable to find cpuset cgroup in mounts
WARN[0001] mountpoint for pids not found
Error starting daemon: Devices cgroup isn't mounted
  • 安装cgroup,并配置挂载cgroup,需要重启系统(当然这一步可以在之前重启前就做好,这样系统只要重启一次就好了,我这里只是想分享我的踩坑经历哈,就按我踩坑的顺序写下去了)

yum install -y libcgroup

echo “none /sys/fs/cgroup cgroup defaults 0 0” >> /etc/fstab

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
[root@localhost ~]# yum install -y libcgroup
Loaded plugins: fastestmirror
Setting up Install Process
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* elrepo: mirrors.tuna.tsinghua.edu.cn
* extras: mirrors.aliyun.com
* updates: centos.ustc.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package libcgroup.x86_64 0:0.40.rc1-24.el6_9 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================================================================================================================================
Package Arch Version Repository Size
===============================================================================================================================================================================================
Installing:
libcgroup x86_64 0.40.rc1-24.el6_9 updates 131 k

Transaction Summary
===============================================================================================================================================================================================
Install 1 Package(s)

Total download size: 131 k
Installed size: 331 k
Downloading Packages:
libcgroup-0.40.rc1-24.el6_9.x86_64.rpm | 131 kB 00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : libcgroup-0.40.rc1-24.el6_9.x86_64 1/1
Verifying : libcgroup-0.40.rc1-24.el6_9.x86_64 1/1

Installed:
libcgroup.x86_64 0:0.40.rc1-24.el6_9

Complete!

[root@localhost ~]# echo "none /sys/fs/cgroup cgroup defaults 0 0" >> /etc/fstab
[root@localhost ~]#

一键安装shell脚本

上述一步步比较多,可以整合在一起搞一个shell进行统一处理,因此有了下面的一键安装脚本

笔者希望在别的机器上能一键处理,自己写了个一键安装内核及docker的脚本。这里仅供给大家参考,但由于笔者水平有限,不可能写出非常完美的安装脚本,并不保证在每台机器上都能完美运行。也希望大家多多提建议,我可以改进这个脚本。

curl也可以用来下载如curl -O http://mirrors.ustc.edu.cn/docker-ce/linux/static/stable/x86_64/docker-17.06.2-ce.tgz

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
#!/bin/sh

# 必须要以root帐号或sudo来运行
wget_bin=`which wget`
if [ -z "$wget_bin" ];then
echo "please install wget" >&2
exit 1
fi
# 禁用 fastestmirror 插件
sed -i.backup 's/^enabled=1/enabled=0/' /etc/yum/pluginconf.d/fastestmirror.conf
# 备份
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
# 使用阿里云镜像
wget -O /etc/yum.repos.d/CentOS-Base-aliyun.repo http://mirrors.aliyun.com/repo/Centos-6.repo
# 安装 EPEL 源(用于更新内核)
elrepo="/etc/yum.repos.d/elrepo.repo"
if [ ! -f $elrepo ]; then
yum -y update nss
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
rpm -Uvh http://www.elrepo.org/elrepo-release-6-8.el6.elrepo.noarch.rpm
fi

# 使用阿里云镜像
if [[ ! -f /etc/yum.repos.d/epel.repo.backup ]]; then
mv /etc/yum.repos.d/epel.repo /etc/yum.repos.d/epel.repo.backup 2>/dev/null || :
fi
if [[ ! -f /etc/yum.repos.d/epel-testing.repo.backup ]]; then
mv /etc/yum.repos.d/epel-testing.repo /etc/yum.repos.d/epel-testing.repo.backup 2>/dev/null || :
fi
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel.repo
wget -O /etc/yum.repos.d/epel-testing.repo http://mirrors.aliyun.com/repo/epel-testing.repo
yum clean all
yum makecache

# 安装cgroup,docker依赖它
if [ ! -d "/sys/fs/cgroup" ]; then
yum install -y libcgroup
fi
count=`cat /etc/fstab |grep "/sys/fs/cgroup"|grep -v grep |wc -l`
if [ $count -eq 0 ]; then
echo "none /sys/fs/cgroup cgroup defaults 0 0" >> /etc/fstab
fi

# 找出4.4内核的启动顺序,并自动修改/etc/grub.conf(这里有坑如果是grub配置文件用的是/boot/grub/grub.conf请自行修改)
count=`cat /etc/grub.conf |grep "/vmlinuz-4.4.*" |grep -v grep |wc -l`
if [ $count -eq 0 ]; then
yum --enablerepo=elrepo-kernel install kernel-lt -y
content=`cat /etc/grub.conf |grep title`
target_kernel=4.4
num=0
target=0
while read line
do
echo $line
if [[ "$line" == *"$target_kernel"* ]]; then
target=$num
fi
let num=num+1
done <<< "$content"
sed -i 's/^default\s*=\s*[0-9]/default=$target/g' /etc/grub.conf
fi

sed -i 's/^net\.ipv4\.ip_forward\s*=\s*[0-1]/net\.ipv4\.ip_forward = 1/g' /etc/sysctl.conf
# 仅仅是为了消除dockerd启动时的警告日志
echo "CentOS release 6.x (Final)" > /usr/lib/os-release

# 压轴了,安装docker
dockerd_bin=`which dockerd`
if [ -z "$dockerd_bin" ]; then
if [ ! -f "docker-17.06.2-ce.tgz" ]; then
wget http://mirrors.ustc.edu.cn/docker-ce/linux/static/stable/x86_64/docker-17.06.2-ce.tgz
tar -xzvf docker-17.06.2-ce.tgz && cp docker/* /usr/bin && rm -rf docker
count=`cat /etc/rc.local |grep dockerd | grep -v grep | wc -l`
if [ $count -eq 0 ]; then
echo "nohup dockerd > /var/log/dockerd.log 2>&1 &" >> /etc/rc.local
fi
fi
fi

if [ ! -d "/etc/docker" ]; then
mkdir -p /etc/docker
fi

docker_daemon_file="/etc/docker/daemon.json"
if [ ! -f $docker_daemon_file ]; then
echo "{\"registry-mirrors\": [\"https://docker.mirrors.ustc.edu.cn\"]}" > /etc/docker/daemon.json
fi

执行完记得要重启机器

安装方式二


为什么有安装方式二?这个说来话长,公司内部有几台服务器无法连接外网,只能先下载好安装包。这个我就写简单点了哈。
| 安装包名 | 下载地址 |
| ———————— | ———————————————————— |
| linux4.4.132-1内核安装包 | http://elrepo.org/linux/kernel/el6/x86_64/RPMS/kernel-lt-4.4.132-1.el6.elrepo.x86_64.rpm |
| cgroup安装包 | http://mirror.centos.org/centos/6/updates/x86_64/Packages/libcgroup-0.40.rc1-24.el6_9.x86_64.rpm |
| docker安装包 | http://mirrors.ustc.edu.cn/docker-ce/linux/static/stable/x86_64/docker-17.06.2-ce.tgz |

  • 离线安装内核及cgroup
1
2
3
rpm -ivh kernel-lt-4.4.132-1.el6.elrepo.x86_64.rpm

rpm -ivh libcgroup-0.40.rc1-24.el6_9.x86_64.rpm
  • 挂载cgroup文件系统
1
echo "none                    /sys/fs/cgroup         cgroup   defaults        0 0" >> /etc/fstab
  • 修改grub内核启动顺序

vi /etc/grub.conf(这里有坑,可能会用/boot/grub/grub.conf)

得确定下是否存在 /boot/grub/grub.conf如果存在那么 grub启动用的是这个文件如果不存在用的是/etc/grub.conf安装完内核后,默认会在/etc/grub.conf下添加一条记录把/etc/grub.conf下的添加的新内核的启动记录复制到/boot/grub/grub.conf文件末尾,然后把/boot/grub/grub.conf的 default=0改为default=1

  • 安装docker
1
tar -xzvf  docker-17.06.2-ce.tgz && cp docker/* /usr/bin && rm -rf docker
  • 配置使用国内中科大的镜像
1
2
mkdir -p /etc/docker 
echo -e "{\n\t\"registry-mirrors\": [\"https://docker.mirrors.ustc.edu.cn\"]\n}" > /etc/docker/daemon.json
  • 设置dockerd自动启动
1
echo "nohup dockerd > /var/log/dockerd.log 2>&1 &" >> /etc/rc.local
  • 重启
1
2
3
4
5
reboot 



shutdown -r now

附加注意点


几个常见警告的解决

  • IPv4 forwarding is disabled的警告

vi /etc/sysctl.conf

1
2
3
# Controls IP packet forwarding
net.ipv4.ip_forward = 1
其他配置省略...
  • Could not get operating system name: Error opening /usr/lib/os-release: open /usr/lib/os-release: no such file or directory

echo “CentOS release 6.x (Final)” | tee /usr/lib/os-release

1
2
[root@localhost ~]# echo "CentOS release 6.x (Final)" | tee  /usr/lib/os-release
CentOS release 6.x (Final)

docker exec -it 报错的问题

报的错误是rpc error: code = 2 desc = oci runtime error: exec failed: container_linux.go:262: starting container process caused “open /dev/ptmx: no such file or directory “,我看了下宿主机上是有这个文件,那么应该是容器里没有的原因,目前还没查到原因。不过可以通过启动容器时指定 -v /dev:/dev 映射宿主机/dev来解决

此问题可以在启动容器的时候时候,通过-v /dev:/dev来解决,如:

1
2
docker run -it -d --name mynginx -p 80:80  -v /dev:/dev nginx:alpine
docker run -it -d --name myjdk -v /dev:/dev openjdk:8-jdk-alpine

如果报以下错误则可以执行下yum update

[root@centos ~]# docker run -it alpine:3.7 /bin/sh
Unable to find image ‘alpine:3.7’ locally
3.7: Pulling from library/alpine
ff3a5c916c92: Pull complete
Digest: sha256:e1871801d30885a610511c867de0d6baca7ed4e6a2573d506bbec7fd3b03873f
Status: Downloaded newer image for alpine:3.7
docker: Error response from daemon: mkdir /var/lib/docker/overlay2/3520bc6c5dcc7ba4dc5e2ba1419cd6250c4b6d61797da7487f20d991179ddd05-init/merged/dev/shm: permission denied.
See ‘docker run –help’.

那么请yum update下,注意/etc/grub.conf的内核启动顺序,要改下

提供一个service脚本

可以方便的实现 service dockerd start,service dockerd stop,service dockerd restart

创建一个dockerd文件,赋予可执行权限,并将该文件放到/etc/init.d即可

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
#!/bin/sh
#set -x
BASE_HOME=/var/run
PID_FILE=$BASE_HOME/docker.pid

# dockerd父进程的id,如果docker.pid文件不存在则PID值就为-1
PID=-1
if [ -f $PID_FILE ];then
PID=`cat $PID_FILE`
fi


status(){
if [ $PID -gt -1 ]; then
echo "dockerd is running"
else
echo "dockerd is not running"
fi
}

start() {
if [ $PID -gt -1 ]; then
echo "dockerd has started,the pid is $PID"
return
fi
nohup dockerd > /var/log/dockerd.log 2>&1 &
COUNT=0
NUMBER=0
echo -e "starting...\c"
while [ $COUNT -lt 2 ]; do
echo -e ".\c"
sleep 0.25
if [ -f $PID_FILE ];then
PID=`cat $PID_FILE`
fi
COUNT=`ps -ef |grep $PID|grep -v grep|wc -l`
# dockerd父进程与docker-containerd子进程都启动
if [ $COUNT -ge 2 ]; then
echo -e "\ndockerd has started,the pid is $PID"
return
fi
if [ $NUMBER -gt 20 ]; then
break
fi
NUMBER=$NUMBER+1
done

echo -e "\ndockerd start failed"
}

stop() {
if [ $PID -eq -1 ]; then
echo "dockerd is not running"
return
fi

# PIDS得到的是dockerd父进程及docker-containerd子进程号
# sort -r是为了先杀子进程,再杀父进程
PIDS=`ps -ef|grep $PID|grep -v grep|awk '{print $2}'|sort -r`

for VAR_PID in $PIDS ; do
kill $VAR_PID > /dev/null 2>&1
done

# 因为有dockerd父进程和docker-containerd子进程,因此预先设置COUNT=2
COUNT=2
echo -e "stoping...\c"
while [ $COUNT -gt 0 ]; do
echo -e ".\c"
sleep 0.05
COUNT=`ps -ef |grep $PID |grep -v grep |wc -l`
if [ $COUNT -eq 0 ]; then
echo -e "\ndockerd has been stoped"
break
fi
done
# restart的时候会存在无法启动dockerd进程的问题。(因为PID值还是原先停掉的dockerd进程id)
PID=-1
}

restart() {
stop
start
}

case "$1" in
'start')
start
;;
'stop')
stop
;;
'status')
status
;;
'restart')
restart
;;
*)
echo "usage: $0 {start|stop|restart|status}"
exit 1
;;
esac

总结

踩了好多坑,还是一点点解决了,有点抓狂,有点惊喜;还是得多多总结,多多把遇到的坑,怎么解决的经历整理成文,分享出来,以免更多人踩同样的坑。希望此文对有需要在CentOS6.6或CentOS6.x上安装docker的读者有一些帮助。

参考资料