1. Installation
1.1, one-click installation (recommended)
implement:
1 | curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun |
or
1 | curl -sSL https://get.daocloud.io/docker | sh |
You can use the domestic mirror to install with one click.
1.2, command line installation
If the one-click installation method fails, it may be due to uninstall residues, an incompatible old version installed, etc. You can use the following method to install using the command line.
1.2.1, CentOS
1 | # Uninstall Docker
sudo yum remove docker \
docker-client \
docker-client-latest\
docker-common \
docker-latest\
docker-latest-logrotate \
docker-logrotate \
docker-engine
# Install Docker
yum install docker
systemctl start docker
systemctl enable docker |
1.2.2, Ubuntu
1 | sudo apt-get remove docker docker-engine docker.io containerd runc |
Ubuntu can try to execute the above command, and then use one-key installation again.
1.3, pagoda installation
Install the Pagoda panel 7.9.0 or higher, because the Docker module is not integrated below Pagoda 7.8.0.
First install the happy version:
Install Pagoda 7.9.0 Enterprise Edition
https://blog.tsinbei.com/archives/293/
Note: It is best to support the genuine pagoda if you have the ability!
After the installation or upgrade is complete, in the panel settings, unhide the Docker module (hidden by default):
If Docker is not installed, you can click to install it with one click.
For subsequent demonstrations, if there is no special configuration that needs to be started with the command line, the Docker module of the pagoda panel will be used as an example.
1.4, Tencent Cloud Docker image
When purchasing Lightweight Application Server from Tencent Cloud, you can choose Docker CE system image. After the creation is complete, the system comes with Docker service.
Tencent Cloud Offers:
Popular discounted products:
[[Tencent Cloud] 618 purchasing season is coming! Explosive cloud servers start at 18 yuan, participate in the event and enjoy multiple gifts][4]
[[Tencent Cloud-Exclusive] Featured Explosive Cloud Products, Large Vouchers Waiting for You][6]
[[Tencent Cloud] Overseas 1-core 2G servers are as low as 70% off, half-price renewal coupons are limited to free! ][8]
[[Tencent Cloud] Exclusive benefits for promoters, there is no threshold for new customers to receive vouchers with a total value of up to 2860 yuan, each type of voucher is limited to 500, first come first served. ][10]
Other recommended products:
[[Tencent Cloud] Lightweight new users go to the cloud benefits, 2-core 2G4M as low as 50 yuan/year, seize the good opportunity to go to the cloud! ][12]
2. Replace the source
Reference article:
Server Optimization (2) Replacing Software Sources
https://blog.tsinbei.com/archives/237/
It is recommended to use the intranet mirror software source:
Comparison of domestic software sources
https://blog.tsinbei.com/archives/238/
3. Open the API
edit
/usr/lib/systemd/system/docker.service
1 | [Service] Type=notify # the default is not to use systemd for cgroups because the delegate issues still # exists and systemd currently does not support the cgroup feature set required # for containers run by docker ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock ExecReload=/bin/kill -s HUP $MAINPID TimeoutSec=0 RestartSec=2 Restart=always |
Change the start command (ExecStart) to:
1 | ExecStart=/usr/bin/dockerd -H fd:// -H 0.0.0.0:2375 --containerd=/run/containerd/containerd.sock |
You can connect to the Docker service through IP:2375.
4, reverse proxy
Docker containers can be accessed in two ways.
The Docker intranet uses the network segment by default: 172.17.0.1/16, the IP of the host machine is 172.17.0.1, the IP of container 1 is 172.17.0.2, and so on.
Most containers have a default running port, such as 8080, so in the host machine, you can directly use container IP: container port to access;
But if you want to serve externally, you need to map the port to the host machine. Generally, it will be set during creation and can be customized, such as 10001, so that you can use host IP:host port to access. After the firewall unblocks the port, it can also be accessed using the public network IP+port.
Configuring SSL for most containers is cumbersome and needs to be restarted, and even does not support SSL. Therefore, I use NGINX reverse proxy to bind a domain name to the business and add an SSL certificate, which is convenient and fast.
The configuration method is as follows:
Add a website normally, choose pure static for PHP version, and choose any directory. It is recommended to set them all to the same one, such as /www/wwwroot/docker_site/.
Add reverse proxy:
The target URL is http://127.0.0.1:mapped port or http://172.xx.0.x:container port, and the others can be left as default.
SSL certificate and other configurations are the same as other websites.
This completes a reverse proxy of the Docker service.
Docker Website (2) Install and Using
Comments