1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
 __________________
< 不解释了,快上船 >
 ------------------
    \
     \
      \
                    ##        .
              ## ## ##       ==
           ## ## ## ##      ===
       /""""""""""""""""___/ ===
  ~~~ {~~ ~~~~ ~~~ ~~~~ ~~ ~ /  ===- ~~~
       \______ o          __/
        \    \        __/
          \____\______/

安装docker

前人之述备矣,Get Docker CE for Debian

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
sudo apt-get update
sudo apt-get install \
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg2 \
    software-properties-common
curl -fsSL https://download.docker.com/linux/$(. /etc/os-release; echo "$ID")/gpg | sudo apt-key add -
sudo apt-key fingerprint 0EBFCD88
sudo add-apt-repository \
    "deb [arch=amd64] https://download.docker.com/linux/$(. /etc/os-release; echo "$ID") \
    $(lsb_release -cs) \
    stable"
sudo apt-get update
sudo apt-get install docker-ce docker-compose

使用

普通用户直接使用docker命令

把用户添加到docker用户组,并重启服务

1
2
3
sudo groupadd docker
sudo gpasswd -a ${USER} docker
sudo systemctl restart docker

镜像加速

编辑文件/etc/docker/daemon.json

1
2
3
{
  "registry-mirrors": ["https://docker.mirrors.ustc.edu.cn"]
}

京东云上 容器中不能下载文件

问题详情

能ping通外网主机,但是不能下载文件。云主机的MTU和Docker的MTU不一致,京东云默认1450,docker默认1500

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc pfifo_fast state UP group default qlen 1000
    link/ether ga:16:3e:7a:99:a5 brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.3/20 brd 192.168.15.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 ge80::f816:3eff:fe7a:99a5/64 scope link 
       valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 02:42:5b:42:44:04 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever

解决方法

针对docker自带的bridge网络

有以下几种方法

  1. 编辑文件/etc/docker/daemon.json
1
2
3
4
{
  "registry-mirrors": ["https://docker.mirrors.ustc.edu.cn"],
  "mtu": 1450
}
  1. 也可以通过添加启动参数来设置mtu,编辑文件/etc/default/docker
1
DOCKER_OPTS="--mtu=1450"
  1. 直接修改网络设备docker0(没测试过,宿主机重启会失效)
1
sudo ifconfig docker0 mtu 1450

按照以上任意方法设置以后,重启docker服务。

除第三个方法以外,docker0的mtu没有变化。但是使用命令查看bridge网络,会发现已有相应的mtu设置。

1
docker network inspect bridge

显示结果如下

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
[
    {
        "Name": "bridge",
        "Id": "bc44c8f821dfa752ea8bc02f00bfde2694656f14da5cbed6c8ee2623e1a92cf5",
        "Created": "2018-02-04T02:59:42.646771801+08:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.17.0.0/16",
                    "Gateway": "172.17.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {},
        "Options": {
            "com.docker.network.bridge.default_bridge": "true",
            "com.docker.network.bridge.enable_icc": "true",
            "com.docker.network.bridge.enable_ip_masquerade": "true",
            "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
            "com.docker.network.bridge.name": "docker0",
            "com.docker.network.driver.mtu": "1450"
        },
        "Labels": {}
    }
]

针对docker-compose创建的网络

docker-composer会另外创建网络,而不使用默认的bridge网络,因此也要设置一下mtu,截取docker-compose.yml部分内容如下

1
2
3
4
networks:
  default:
    driver_opts:
      com.docker.network.driver.mtu: 1450

参考文章