Docker

Manually

Install docker using official document

Install Docker Engine on CentOS
Instructions for installing Docker Engine on CentOS
sudo dnf remove docker \
                  docker-client \
                  docker-client-latest \
                  docker-common \
                  docker-latest \
                  docker-latest-logrotate \
                  docker-logrotate \
                  docker-engine
sudo yum install -y yum-utils
yum list docker-ce --showduplicates | sort -r
sudo yum-config-manager \
    --add-repo \
    https://download.docker.com/linux/centos/docker-ce.repo
    #https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install docker-ce docker-ce-cli containerd.io
sudo systemctl enable docker
sudo systemctl start docker

Docker machine

Install docker using docker machine

Installation

curl -L https://github.com/docker/machine/releases/download/v0.16.2/docker-machine-`uname -s`-`uname -m` >/tmp/docker-machine &&
chmod +x /tmp/docker-machine &&
sudo cp /tmp/docker-machine /usr/local/bin/docker-machine
Releases · docker/machine
Machine management for a container-centric world. Contribute to docker/machine development by creating an account on GitHub.
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to github-production-release-asset-2e65be.s3.amazonaws.com:443

In this case, you need to ensure you can access amazonaws as well, for me, I use proxy(Trojan), Or you can download mannually, and excute command in above order.

Unable to query docker version: Get https://xxx:2376/v1.15/version: dial tcp xxx:2376: connect: no route to host
firewall-cmd --new-zone=docker --permanent
firewall-cmd --reload
firewall-cmd --zone=docker --add-source=192.168.126.133/24 --permanent
firewall-cmd --zone=docker --add-port=2376/tcp  --permanent
firewall-cmd --reload
Waiting for SSH to be available...
SSH免密码
主节点上生成密钥对,分发到各个节点上去 * 在主节点上执行ssh-keygen -t rsa一路回车,生成无密码的密钥对。 ssh-keygen -t rsa * 将公钥添加到认证文件中 cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys * 设置authorized_keys的访问权限 chmod 600 ~/.ssh/authorized_keys * scp文件到所有datenode节点 scp ~/.ssh/authorized_keys root@node1:~/.ssh/ scp ~/.ssh/au…

Docker machine CLI

Docker machine command for docker management

docker/
|-- machine/
|   |-- command completion
|   |-- active
|   |-- config
|   |-- env
|   |-- help
|   |-- inspect
|   |-- ip
|   |-- kill
|   |-- ls
|   |-- provision
|   |-- regenerate-certs
|   |-- restart
|   |-- rm
|   |-- scp
|   |-- ssh
|   |-- start
|   |-- status
|   |-- stop
|   |-- upgrade
|   `-- url
`-- known issue
# completion
sudo curl -L https://raw.githubusercontent.com/docker/machine/v0.12.2/contrib/completion/bash/docker-machine.bash -o /etc/bash_completion.d/docker-machine
# See which machine is “active” (a machine is considered active if the DOCKER_HOST environment variable points to it).
docker-machine ls
echo $DOCKER_HOST
docker-machine active
# config
# http://docs.docker.oeynet.com/machine/reference/config/
# docker-machine create -d genric --help
docker-machine create -d generic --generic-ip-address 192.168.126.135 --generic-ssh-key ~/.ssh/id_rsa --generic-ssh-user=root master
# env
# http://docs.docker.oeynet.com/machine/reference/env/
#  inspect
docker-machine inspect docker1
docker-machine inspect --format='{{.Driver.IPAddress}}' docker1
#  ip
docker-machine ip docker1 docker3
# kill
# http://docs.docker.oeynet.com/machine/reference/kill/
#  ls
docker-machine ls -t 1
# provision
# http://docs.docker.oeynet.com/machine/reference/provision/
#  regenerate-certs
docker-machine regenerate-certs docker1
#  restart
# docker-machine restart docker1
#  rm
docker-machine rm baz
# scp
# http://docs.docker.oeynet.com/machine/reference/scp/
#  ssh
docker-machine ssh docker1
#  start
docker-machine start docker1
#  status
docker-machine status docker1
#  stop
docker-machine stop docker1
#  upgrade
docker-machine upgrade docker1
#  url
docker-machine url docker1

Drivers:

Machine drivers
Reference for drivers Docker Machine supports

Docker registry

Install a docker registry for images management

docker run -d -p 5001:5000 --restart always --name registry registry:2
Deploy a registry server
Explains how to deploy a registry

https

ACME Client Implementations
Last updated: Nov 23, 2020 | See all Documentation Let’s Encrypt uses the ACME protocol to verify that you control a given domain name and to issue you a certificate. To get a Let’s Encrypt certificate, you’ll need to choose a piece of ACME client software to use.The ACME clients …

Nginx:

proxy_set_header  X-Real-IP         $remote_addr; # pass on real client's IP
proxy_set_header  X-Forwarded-For   $proxy_add_x_forwarded_for;
proxy_set_header  X-Forwarded-Proto $scheme;

Check registry images

https://registry.ourdark.org/v2/_catalog

https://registry.ourdark.org/v2/hello/tags/list