Ubuntu 22.04 LTS 在線/離線安裝 Docker

Docker 安裝方式

準備環境

root@ubuntu2204:~# hostnamectl
 Static hostname: ubuntu2204
       Icon name: computer-vm
         Chassis: vm
      Machine ID: 06204406df2343f89f6ba6550a356854
         Boot ID: 3142ea12a9e64adbab7b8939935e7698
  Virtualization: vmware
Operating System: Ubuntu 22.04.5 LTS
          Kernel: Linux 5.15.0-43-generic
    Architecture: x86-64
 Hardware Vendor: VMware, Inc.
  Hardware Model: VMware Virtual Platform

# 關閉 swap
root@ubuntu2204:~# swapoff -a
root@ubuntu2204:~# sed -ri.bak 's/.*swap.*/#&/' /etc/fstab

# 更換阿里源
root@ubuntu2204:~# cp /etc/apt/sources.list /etc/apt/sources.list_bak
root@ubuntu2204:~# cat /etc/apt/sources.list
deb https://mirrors.aliyun.com/ubuntu/ jammy main restricted universe multiverse
deb-src https://mirrors.aliyun.com/ubuntu/ jammy main restricted universe multiverse

deb https://mirrors.aliyun.com/ubuntu/ jammy-security main restricted universe multiverse
deb-src https://mirrors.aliyun.com/ubuntu/ jammy-security main restricted universe multiverse

deb https://mirrors.aliyun.com/ubuntu/ jammy-updates main restricted universe multiverse
deb-src https://mirrors.aliyun.com/ubuntu/ jammy-updates main restricted universe multiverse

# deb https://mirrors.aliyun.com/ubuntu/ jammy-proposed main restricted universe multiverse
# deb-src https://mirrors.aliyun.com/ubuntu/ jammy-proposed main restricted universe multiverse

deb https://mirrors.aliyun.com/ubuntu/ jammy-backports main restricted universe multiverse
deb-src https://mirrors.aliyun.com/ubuntu/ jammy-backports main restricted universe multiverse

root@ubuntu2204:~# apt update
root@ubuntu2204:~# apt upgrade -y

在線 APT 安裝

# 卸載 docker 舊版本
root@ubuntu2204:~# for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do sudo apt-get remove $pkg; done
root@ubuntu2204:~# rm /var/lib/docker /var/lib/containerd -rf

# 安裝必要的依賴包
root@ubuntu2204:~# apt install apt-transport-https ca-certificates curl gnupg lsb-release -y

# 添加軟件源的GPG密鑰及docker源（三選一）
# ------------------------------------------------------------------------------------------------------------
# 一：阿里
root@ubuntu2204:~# curl -fsSL http://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
root@ubuntu2204:~# add-apt-repository "deb [arch=$(dpkg --print-architecture)] http://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"

# 二：清華
curl -fsSL https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
add-apt-repository "deb [arch=$(dpkg --print-architecture)] https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu $(lsb_release -cs) stable"

# 三：docker官方
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
add-apt-repository "deb [arch=$(dpkg --print-architecture)] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
# ------------------------------------------------------------------------------------------------------------

# 方式一：選擇安裝最新穩定版
root@ubuntu2204:~# apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y

# 或方式二：選擇安裝指定穩定版, 例如 5:24.0.9-1~ubuntu.22.04~jammy
root@ubuntu2204:~# apt-cache madison docker-ce | awk '{ print $3 }' | less
5:27.3.1-1~ubuntu.22.04~jammy
5:27.3.0-1~ubuntu.22.04~jammy
......
5:25.0.3-1~ubuntu.22.04~jammy
5:25.0.2-1~ubuntu.22.04~jammy
5:25.0.1-1~ubuntu.22.04~jammy
5:25.0.0-1~ubuntu.22.04~jammy
5:24.0.9-1~ubuntu.22.04~jammy
5:24.0.8-1~ubuntu.22.04~jammy
......

root@ubuntu2204:~# VERSION_STRING=5:24.0.9-1~ubuntu.22.04~jammy
root@ubuntu2204:~# apt-get install docker-ce=$VERSION_STRING docker-ce-cli=$VERSION_STRING containerd.io docker-buildx-plugin docker-compose-plugin -y

# 查看docker信息
root@ubuntu2204:~# docker -v
Docker version 24.0.9, build 2936816

root@ubuntu2204:~# docker version
Client: Docker Engine - Community
 Version:           24.0.9
 API version:       1.43
 Go version:        go1.20.13
 Git commit:        2936816
 Built:             Thu Feb  1 00:48:39 2024
 OS/Arch:           linux/amd64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          24.0.9
  API version:      1.43 (minimum version 1.12)
  Go version:       go1.20.13
  Git commit:       fca702d
  Built:            Thu Feb  1 00:48:39 2024
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.7.22
  GitCommit:        7f7fdf5fed64eb6a7caf99b3e12efcf9d60e311c
 runc:
  Version:          1.1.14
  GitCommit:        v1.1.14-0-g2c9f560
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0


root@ubuntu2204:~# ps -ef | grep docker
root        2032       1  0 14:51 ?        00:00:00 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
root        2214     940  0 14:51 pts/0    00:00:00 grep --color=auto docker

# 啟動|停止|查看|開機自啟
root@ubuntu2204:~# systemctl start|stop|status|enable docker

# 測試 docker 是否安裝正確
root@ubuntu2204:~# docker run --rm hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
c1ec31eb5944: Pull complete
Digest: sha256:d211f485f2dd1dee407a80973c8f129f00d54604d2c90732e8e320e5038a0348
Status: Downloaded newer image for hello-world:latest

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
    (amd64)
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
 https://hub.docker.com/

For more examples and ideas, visit:
 https://docs.docker.com/get-started/

若能正常輸出以上信息，則說明安裝成功。

二進制離線安裝

時間：2024-10 下載 Docker docker-24.0.9.tgz 為例

下載 Docker 地址

• 阿里地址【 docker-24.0.9.tgz 】
• 清華大學地址【 docker-24.0.9.tgz 】
• 官方地址【 docker-24.0.6.tgz 】

# 下載 Docker docker-24.0.9.tgz 為例 (當前最新版本 docker-27.3.1.tgz)
root@ubuntu2204:~# wget https://mirrors.aliyun.com/docker-ce/linux/static/stable/x86_64/docker-24.0.9.tgz
root@ubuntu2204:~# tar -xf docker-24.0.9.tgz
root@ubuntu2204:~# cp -a docker/* /usr/local/bin/
root@ubuntu2204:~# docker -v
Docker version 24.0.9, build 2936816
root@ubuntu2204:~# docker -h

# 將docker注冊為 Systemd 的 service
# /usr/lib/systemd/system/docker.service 或 /etc/systemd/system/docker.service
[root@ubuntu2204 ~]# cat > /usr/lib/systemd/system/docker.service <<EOF
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
  
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/local/bin/dockerd -H unix:///var/run/docker.sock --default-ulimit nofile=65536:65536
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
  
[Install]
WantedBy=multi-user.target

EOF


# 如果需要開啟遠程服務ExecStart屬性修改為以下命令：
ExecStart=/usr/local/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --default-ulimit nofile=65536:65536
# -H tcp://0.0.0.0:2375 開啟遠程連接命令
# 測試遠程連接  docker -H DockerHost_ip version

# 添加文件可執行權限
[root@ubuntu2204 ~]# chmod +x /usr/lib/systemd/system/docker.service

# 啟動
[root@ubuntu2204 ~]# systemctl daemon-reload && systemctl start docker

# 啟動|停止|查看|開機自啟
root@ubuntu2204:~# systemctl start|stop|status|enable docker

此時可能會無法啟動報錯信息如下

root@ubuntu2204:~# systemctl daemon-reload && systemctl start docker
Job for docker.service failed because the control process exited with error code.
See "systemctl status docker.service" and "journalctl -xeu docker.service" for details.

root@ubuntu2204:~# systemctl status docker.service
......
Oct 21 17:24:36 ubuntu2204 systemd[1]: docker.service: Scheduled restart job, restart counter is at 3.
Oct 21 17:24:36 ubuntu2204 systemd[1]: Stopped Docker Application Container Engine.
Oct 21 17:24:36 ubuntu2204 systemd[1]: docker.service: Start request repeated too quickly.
Oct 21 17:24:36 ubuntu2204 systemd[1]: docker.service: Failed with result 'exit-code'.
Oct 21 17:24:36 ubuntu2204 systemd[1]: Failed to start Docker Application Container Engine.

root@ubuntu2204:~# journalctl -xeu docker.service
Oct 21 17:32:56 ubuntu2204 dockerd[1001]: time="2024-10-21T17:32:56.838180448+08:00" level=info msg="Starting up"
Oct 21 17:32:56 ubuntu2204 dockerd[1001]: time="2024-10-21T17:32:56.838180448+08:00" level=info msg="Starting up"
Oct 21 17:32:56 ubuntu2204 dockerd[1001]: time="2024-10-21T17:32:56.846181372+08:00" level=warning msg="could not change group /var/run/docker.sock to docker: group docker not found"
Oct 21 17:32:56 ubuntu2204 dockerd[1001]: time="2024-10-21T17:32:56.846351136+08:00" level=info msg="containerd not running, starting managed containerd"
Oct 21 17:32:56 ubuntu2204 dockerd[1001]: time="2024-10-21T17:32:56.847171970+08:00" level=info msg="started new containerd process" address=/var/run/docker/containerd/containerd.sock module=libcontainerd pid=1011
Oct 21 17:32:56 ubuntu2204 dockerd[1011]: time="2024-10-21T17:32:56.861897616+08:00" level=info msg="starting containerd" revision=7c3aca7a610df76212171d200ca3811ff6096eb8 version=v1.7.13
Oct 21 17:32:56 ubuntu2204 dockerd[1011]: time="2024-10-21T17:32:56.879453787+08:00" level=info msg="loading plugin \"io.containerd.warning.v1.deprecations\"..." type=io.containerd.warning.v1
......
Oct 21 17:32:56 ubuntu2204 dockerd[1011]: time="2024-10-21T17:32:56.915675066+08:00" level=info msg=serving... address=/var/run/docker/containerd/containerd.sock
Oct 21 17:32:56 ubuntu2204 dockerd[1011]: time="2024-10-21T17:32:56.915690393+08:00" level=info msg="containerd successfully booted in 0.054759s"
Oct 21 17:32:56 ubuntu2204 dockerd[1001]: time="2024-10-21T17:32:56.922245751+08:00" level=info msg="detected 127.0.0.53 nameserver, assuming systemd-resolved, so using resolv.conf: /run/systemd/resolve/resolv.conf"
Oct 21 17:32:57 ubuntu2204 dockerd[1001]: time="2024-10-21T17:32:57.069029579+08:00" level=info msg="Loading containers: start."
Oct 21 17:32:57 ubuntu2204 dockerd[1001]: time="2024-10-21T17:32:57.131593492+08:00" level=warning msg="failed to find iptables" error="exec: \"iptables\": executable file not found in $PATH"
Oct 21 17:32:57 ubuntu2204 dockerd[1001]: time="2024-10-21T17:32:57.134033772+08:00" level=info msg="stopping event stream following graceful shutdown" error="<nil>" module=libcontainerd namespace=moby
Oct 21 17:32:57 ubuntu2204 dockerd[1001]: time="2024-10-21T17:32:57.134833160+08:00" level=info msg="stopping event stream following graceful shutdown" error="context canceled" module=libcontainerd namespace=plugins.moby
Oct 21 17:32:57 ubuntu2204 dockerd[1001]: time="2024-10-21T17:32:57.134935282+08:00" level=info msg="stopping healthcheck following graceful shutdown" module=libcontainerd
Oct 21 17:32:58 ubuntu2204 dockerd[1001]: failed to start daemon: Error initializing network controller: error obtaining controller instance: failed to create NAT chain DOCKER: Iptables not found
Oct 21 17:32:58 ubuntu2204 systemd[1]: docker.service: Main process exited, code=exited, status=1/FAILUR
.....

原因：這些錯誤表明 Docker 無法找到 iptables 命令，它是用于配置網絡規則和轉發的重要工具。缺少 iptables 可能會導致 Docker 無法初始化網絡控制器，從而無法啟動。
解決方法

# 檢查 iptables 是否已安裝
root@ubuntu2204:~# which iptables
root@ubuntu2204:~# apt-get install iptables  # 或重新安裝：apt-get install --reinstall iptables

# 再次啟動 docker
root@ubuntu2204:~# systemctl start docker
root@ubuntu2204:~# iptables -L -n
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy DROP)
target     prot opt source               destination
DOCKER-USER  all  --  0.0.0.0/0            0.0.0.0/0
DOCKER-ISOLATION-STAGE-1  all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
DOCKER     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain DOCKER (1 references)
target     prot opt source               destination

Chain DOCKER-ISOLATION-STAGE-1 (1 references)
target     prot opt source               destination
DOCKER-ISOLATION-STAGE-2  all  --  0.0.0.0/0            0.0.0.0/0
RETURN     all  --  0.0.0.0/0            0.0.0.0/0

Chain DOCKER-ISOLATION-STAGE-2 (1 references)
target     prot opt source               destination
DROP       all  --  0.0.0.0/0            0.0.0.0/0
RETURN     all  --  0.0.0.0/0            0.0.0.0/0

Chain DOCKER-USER (1 references)
target     prot opt source               destination
RETURN     all  --  0.0.0.0/0            0.0.0.0/0

# 測試 Docker 是否安裝正確
root@ubuntu2204:~# docker run --rm hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
c1ec31eb5944: Pull complete
Digest: sha256:d211f485f2dd1dee407a80973c8f129f00d54604d2c90732e8e320e5038a0348
Status: Downloaded newer image for hello-world:latest

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
    (amd64)
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
 https://hub.docker.com/

For more examples and ideas, visit:
 https://docs.docker.com/get-started/

若能正常輸出以上信息，則說明安裝成功。

添加 docker 鏡像加速

# 每次修改 daemon.json 后，必須重載配置及重啟 docker
root@ubuntu2204:~# mkdir -p /etc/docker
root@ubuntu2204:~# tee /etc/docker/daemon.json <<-'EOF'
{
    "registry-mirrors": [
        "https://dockerpull.com",
        "https://docker.anyhub.us.kg",
        "https://dockerhub.jobcher.com",
        "https://dockerhub.icu",
        "https://docker.awsl9527.cn"
    ]
}
EOF

root@ubuntu2204:~# systemctl daemon-reload && sudo systemctl restart docker
root@ubuntu2204:~# docker info | grep "Registry Mirrors" -A 1