インストール
公式に従って CentOS 9 Stream の自VPSへインストール
- Set up the repository
sudo yum install -y yum-utils sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
- Install Docker Engine, containerd, and Docker Compose
sudo yum install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
dockerグループが自動で作られる。dockerグループに所属するユーザーはまだいない。
- Start Docker
sudo systemctl start docker
- Verify that the Docker Engine installation is successful by running the
hello-worldimage.
sudo docker run hello-world
こんな出力がなされればOK
Hello from Docker!
This message shows that your installation appears to be working correctly.To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bashShare images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/For more examples and ideas, visit:
https://docs.docker.com/get-started/
Manage Docker as a non-root user
- Create the
dockergroup
dockerグループがすでにあるかを確認
cat /etc/group | grep docker
さきの手順でdockerグループが作られていれば、以下のような1行が出力されるはず。987 の部分は環境によって異なる
docker:x:987:
出力されなければ、手動でdockerグループを作る
sudo groupadd docker
- Add your user to the
dockergroup
sudo usermod -aG docker lmtak
ここではdockerグループにユーザーlmtakを追加した
- Log out and log back in so that your group membership is re-evaluated
ログアウト→ログインするか、su で自ユーザーにログインしてもよい
su - lmtak
- Verify that you can run
dockercommands withoutsudo
sudoなしでdockerコマンドが実行できればOK
docker run hello-world
さきと同じ出力がなされるはず
Hello from Docker!
This message shows that your installation appears to be working correctly.To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bashShare images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/For more examples and ideas, visit:
https://docs.docker.com/get-started/
- Configure Docker to start on boot with systemd
OS起動時に、docker.service と containerd.service がサービス自動起動させる
sudo systemctl enable docker.service sudo systemctl enable containerd.service
イメージ
ls -laF /var/lib/docker
total 52
drwx--x--- 12 root root 4096 Feb 27 09:27 ./
drwxr-xr-x. 29 root root 4096 Aug 30 07:43 ../
drwx--x--x 4 root root 4096 Aug 30 07:43 buildkit/
drwx--x--- 5 root root 4096 Feb 27 09:31 containers/
- rw------- 1 root root 36 Aug 30 07:43 engine-id
drwx------ 3 root root 4096 Aug 30 07:43 image/
drwxr-x--- 3 root root 4096 Aug 30 07:43 network/
drwx--x--- 10 root root 4096 Feb 27 09:31 overlay2/
drwx------ 4 root root 4096 Aug 30 07:43 plugins/
drwx------ 2 root root 4096 Feb 27 09:27 runtimes/
drwx------ 2 root root 4096 Aug 30 07:43 swarm/
drwx------ 2 root root 4096 Feb 27 09:27 tmp/
drwx-----x 2 root root 4096 Feb 27 09:27 volumes/
containers の中身
ls -laF /var/lib/docker/containers
total 20
drwx--x--- 5 root root 4096 Feb 27 09:31 ./
drwx--x--- 12 root root 4096 Feb 27 09:27 ../
drwx--x--- 4 root root 4096 Feb 27 09:31 44a7142a6f691dd8904d9b5e85f55d7d5b6bf118aca6fef7c5b66988c6d44242/
drwx--x--- 4 root root 4096 Feb 27 09:28 45518d82aeabfa2e6e14bd0233e0969316366c06b380a6a0344fcb9da2de9c25/
drwx--x--- 4 root root 4096 Feb 27 09:27 7ab49285e28f943ccf4316b8dec38b2e5245d1ab8d68971871d50ed781d83d01/
ハッシュだと分かりにくいがしかたない
ls -laF /var/lib/docker/containers/44a71...
total 44
drwx--x--- 4 root root 4096 Feb 27 09:31 ./
drwx--x--- 5 root root 4096 Feb 27 09:31 ../
- rw-r----- 1 root root 2348 Feb 27 09:31 44a7142a6f691dd8904d9b5e85f55d7d5b6bf118aca6fef7c5b66988c6d44242-json.log
drwx------ 2 root root 4096 Feb 27 09:31 checkpoints/
- rw------- 1 root root 2506 Feb 27 09:31 config.v2.json
- rw------- 1 root root 1462 Feb 27 09:31 hostconfig.json
- rw-r--r-- 1 root root 13 Feb 27 09:31 hostname
- rw-r--r-- 1 root root 174 Feb 27 09:31 hosts
drwx--x--- 2 root root 4096 Feb 27 09:31 mounts/
- rw-r--r-- 1 root root 99 Feb 27 09:31 resolv.conf
- rw-r--r-- 1 root root 71 Feb 27 09:31 resolv.conf.hash
cat /var/lib/docker/containers/44a71.../44a71....json.log
{"log":"\n","stream":"stdout","time":"2024-02-27T00:31:50.423961874Z"}
{"log":"Hello from Docker!\n","stream":"stdout","time":"2024-02-27T00:31:50.424012277Z"}
{"log":"This message shows that your installation appears to be working correctly.\n","stream":"stdout","time":"2024-02-27T00:31:50.424015811Z"}
{"log":"\n","stream":"stdout","time":"2024-02-27T00:31:50.424018274Z"}
{"log":"To generate this message, Docker took the following steps:\n","stream":"stdout","time":"2024-02-27T00:31:50.424020338Z"}
{"log":" 1. The Docker client contacted the Docker daemon.\n","stream":"stdout","time":"2024-02-27T00:31:50.424022476Z"}
{"log":" 2. The Docker daemon pulled the \"hello-world\" image from the Docker Hub.\n","stream":"stdout","time":"2024-02-27T00:31:50.424025148Z"}
{"log":" (amd64)\n","stream":"stdout","time":"2024-02-27T00:31:50.424027409Z"}
{"log":" 3. The Docker daemon created a new container from that image which runs the\n","stream":"stdout","time":"2024-02-27T00:31:50.424029426Z"}
{"log":" executable that produces the output you are currently reading.\n","stream":"stdout","time":"2024-02-27T00:31:50.424031541Z"}
{"log":" 4. The Docker daemon streamed that output to the Docker client, which sent it\n","stream":"stdout","time":"2024-02-27T00:31:50.424033591Z"}
{"log":" to your terminal.\n","stream":"stdout","time":"2024-02-27T00:31:50.424035697Z"}
{"log":"\n","stream":"stdout","time":"2024-02-27T00:31:50.424037695Z"}
{"log":"To try something more ambitious, you can run an Ubuntu container with:\n","stream":"stdout","time":"2024-02-27T00:31:50.424039628Z"}
{"log":" $ docker run -it ubuntu bash\n","stream":"stdout","time":"2024-02-27T00:31:50.424041831Z"}
{"log":"\n","stream":"stdout","time":"2024-02-27T00:31:50.424043876Z"}
{"log":"Share images, automate workflows, and more with a free Docker ID:\n","stream":"stdout","time":"2024-02-27T00:31:50.42404584Z"}
{"log":" https://hub.docker.com/\n","stream":"stdout","time":"2024-02-27T00:31:50.424048005Z"}
{"log":"\n","stream":"stdout","time":"2024-02-27T00:31:50.424050021Z"}
{"log":"For more examples and ideas, visit:\n","stream":"stdout","time":"2024-02-27T00:31:50.424051941Z"}
{"log":" https://docs.docker.com/get-started/\n","stream":"stdout","time":"2024-02-27T00:31:50.424054006Z"}
{"log":"\n","stream":"stdout","time":"2024-02-27T00:31:50.424056099Z"}
hello-worldイメージを実行したときの画面出力と同じものだ。1行1JSONオブジェクトのログとして保存されている
