Introduction to Docker

Docker An open source application container engine that allows developers to package their applications and dependencies into a portable container and then publish them to any popular application. Linux Virtualization can also be achieved on machines. Containers are completely sandboxed with no interfaces (similar to each other) app for the iPhone. With almost no performance overhead, it is easy to run in machine and data centers. Most importantly, they do not depend on any language, framework, or system.  
Baidu Encyclopedia

premise

First, your Centos system must be 64-bit, regardless of the version. And the kernel version is at least 3.10 or more.  
Use the following commands to view your kernel version:

$ uname -r
3.10.0-229.el7.x86_64

• 1
• 2

• 1
• 2

Finally, it is recommended that you update your system, because the latest kernel may fix some bug s in the old version.

install

Installation with yum

Log in with users with sudo or root privileges.

Make sure your yum package is updated

$ sudo yum update

• 1

• 1

Adding yum warehouse

$ sudo tee /etc/yum.repos.d/docker.repo <<-'EOF'
[dockerrepo]
name=Docker Repository
baseurl=https://yum.dockerproject.org/repo/main/centos/$releasever/
enabled=1
gpgcheck=1
gpgkey=https://yum.dockerproject.org/gpg
EOF

• 1
• 2
• 3
• 4
• 5
• 6
• 7
• 8

• 1
• 2
• 3
• 4
• 5
• 6
• 7
• 8

Install the Docker package

$ sudo yum install docker-engine

• 1

• 1

• Open docker deamon

$ sudo service docker start

• 1

• 1

Verify that docker was successfully installed

$ sudo docker run hello-world
Unable to find image 'hello-world:latest' locally
    latest: Pulling from hello-world
    a8219747be10: Pull complete
    91c95931e552: Already exists
    hello-world:latest: The image you are pulling has been verified. Important: image verification is a tech preview feature and should not be relied on to provide security.
    Digest: sha256:aa03e5d0d5553b4c3473e89c8619cf79df368babd1.7.1cf5daeb82aab55838d
    Status: Downloaded newer image for hello-world:latest
    Hello from Docker.
    This message shows that your installation appears to be working correctly.

    To generate this message, Docker took the following steps:
     1. The Docker client contacted the Docker daemon.
     2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
            (Assuming it was not already locally available.)
     3. The Docker daemon created a new container from that image which runs the
            executable that produces the output you are currently reading.
     4. The Docker daemon streamed that output to the Docker client, which sent it
            to your terminal.

    To try something more ambitious, you can run an Ubuntu container with:
     $ docker run -it ubuntu bash

    For more examples and ideas, visit:
     http://docs.docker.com/userguide/

• 1
• 2
• 3
• 4
• 5
• 6
• 7
• 8
• 9
• 10
• 11
• 12
• 13
• 14
• 15
• 16
• 17
• 18
• 19
• 20
• 21
• 22
• 23
• 24
• 25

• 1
• 2
• 3
• 4
• 5
• 6
• 7
• 8
• 9
• 10
• 11
• 12
• 13
• 14
• 15
• 16
• 17
• 18
• 19
• 20
• 21
• 22
• 23
• 24
• 25

Start-up self-start

$ sudo chkconfig docker on

• 1

• 1

uninstall

List the packages you installed

$ yum list installed | grep docker
yum list installed | grep docker
docker-engine.x86_64   1.7.1-1.el7 @/docker-engine-1.7.1-1.el7.x86_64.rpm

• 1
• 2
• 3

• 1
• 2
• 3

Delete installation packages

$ sudo yum -y remove docker-engine.x86_64

• 1

• 1

Delete mirrors/containers, etc.

$ rm -rf /var/lib/docker

Centos7 opens or closes the firewall (this is an important step, otherwise when the local container binds to the host port to provide services, other local containers cannot access the service)

sudo firewall-cmd --permanent --zone=trusted --add-interface=docker0
Sudo firewall-cmd -- permanent -- zone = trusted -- add-port = XXXX / tcp# xxxxx to the port number you want
sudo firewall-cmd --reload

Close firewall:
System CTL stop firewalld. service # stop firewall
System CTL disable firewalld. service # disable firewall boot
firewall-cmd --state # View the default firewall status (not running after closing, running after opening)

Iptables firewall (where iptables are installed, configure below)
vi/etc/sysconfig/iptables# Edit firewall configuration file
# sampleconfiguration for iptables service
# you can edit thismanually or use system-config-firewall
# please do not askus to add additional ports/services to this default configuration
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT[0:0]
:OUTPUT ACCEPT[0:0]
-A INPUT -m state--state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -jACCEPT
-A INPUT -i lo -jACCEPT
-A INPUT -p tcp -mstate --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -jACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 8080-j ACCEPT
-A INPUT -j REJECT--reject-with icmp-host-prohibited
-A FORWARD -jREJECT --reject-with icmp-host-prohibited
COMMIT
 wq! # Save and Exit
Note: Ports 80 and 8080 are used as examples. The *** section is generally added above or below the line'-A INPUT-p TCP-M state-state NEW-m tcp-dport 22-j ACCEPT', and be sure not to add it to the last line, otherwise the firewall will not take effect after reboot.
System CTL restart iptables. service # Finally restart the firewall to make the configuration effective
 System ctlenable iptables. service # Set up firewall boot