本文已参与「新人创作礼」活动， 一起开启掘金创作之路。

1. CentOS 7安装环境

1.1 准备工作

系统版本 CentOS 7 mini

1.1.1 若无法联网

vi /etc/sysconfig/network-scripts/ifcfg-ens33
# 修改 noboot=no 为 noboot=yes
# 重启
shutdown -r now

1.1.2 若无wget

yum install -y wget

1.1.3 修改镜像源

# 备份原有镜像源
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
# 下载并重命名阿里源
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
# 清理并生成新缓存
yum clean all
yum makecache

1.1.4 更新

yum update 

1.1.5 内网穿透

www.cpolar.com/docs 此后就可以远程访问自己搭建的服务器

1.2 docker安装

1.2.1 卸载旧版本

yum remove docker \
           docker-client \
           docker-client-latest \
           docker-common \
           docker-latest \
           docker-latest-logrotate \
           docker-logrotate \
           docker-engine

1.2.1 安装

yum install -y yum-utils
# 使用国内的资源
yum-config-manager \
    --add-repo \
    http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# 更新索引
yum makecache fast
# 安装
yum install docker-ce docker-ce-cli containerd.io

1.2.2 启动docker

# 启动
systemctl start docker
# 查看版本
docker version

1.2.3 运行

docker run hello-world
# 查看本地镜像
docker images

# 没有在本地找到hell-world镜像
Unable to find image 'hello-world:latest' locally
# 从远程拉去镜像
latest: Pulling from library/hello-world
b8dfde127a29: Pull complete 
Digest: sha256:0fe98d7debd9049c50b597ef1f85b7c1e8cc81f59c8d623fcb2250e8bec85b38
Status: Downloaded newer image for hello-world:latest

# 镜像运行结果
Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
    (amd64)
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
 https://hub.docker.com/

For more examples and ideas, visit:
 https://docs.docker.com/get-started/

1.2.4 镜像加速

mkdir -p /etc/docker
tee /etc/docker/daemon.json <<-'EOF'
{
    "registry-mirrors":["https://hub-mirror.c.163.com/"]
}
EOF
systemctl daemon-reload
systemctl restart docker

2. ubuntu 20.04 安装环境

2.1 环境准备

安装环境: ubuntu 20.04桌面版(所有操作在root账号下进行)

apt-get update

2.2 docker安装

# 卸载旧版本
apt-get remove docker docker-engine docker.io containerd runc

# 安装依赖
apt-get install \
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg \
    lsb-release

# 添加阿里源的docker GPG密钥
curl -fsSL http://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | apt-key add -

# 添加阿里镜像源
add-apt-repository "deb [arch=amd64] http://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"

# 安装docker引擎
apt-get update
apt-get install docker-ce docker-ce-cli containerd.io

# 重启docker
service docker restart
# 或者
systemctl restart docker

# 查看docker版本
docker version

# 镜像加速
mkdir -p /etc/docker
tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://hub-mirror.c.163.com/"]
}
EOF
systemctl daemon-reload
systemctl restart docker

# 测试
docker run hello-world

3. docker in docker

Alpine Linux 3.13

docker volume create some-docker-certs-ca
docker volume create some-docker-certs-client
docker run --privileged --name dind -d \
#    --network some-network --network-alias docker \
    -e DOCKER_TLS_CERTDIR=/certs \
    -v some-docker-certs-ca:/certs/ca \
    -v some-docker-certs-client:/certs/client \
    docker:dind

docker exec -it dind /bin/sh

3.1 ssh远程连接

dockerfile

FROM docker:dind
  
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \
        && apk update \
        && apk add --no-cache openssh tzdata \
        && cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
        && sed -i "s/#PermitRootLogin.*/PermitRootLogin yes/g" /etc/ssh/sshd_config \
        && ssh-keygen -t dsa -P "" -f /etc/ssh/ssh_host_dsa_key \
        && ssh-keygen -t rsa -P "" -f /etc/ssh/ssh_host_rsa_key \
        && ssh-keygen -t ecdsa -P "" -f /etc/ssh/ssh_host_ecdsa_key \
        && ssh-keygen -t ed25519 -P "" -f /etc/ssh/ssh_host_ed25519_key \
        && echo "root:admin" | chpasswd

RUN sed -i '2 a /usr/sbin/sshd -D &' /usr/local/bin/dockerd-entrypoint.sh
RUN sed -i '3 a echo ***** sshd is run *****' /usr/local/bin/dockerd-entrypoint.sh

docker rmi -f dind:ssh
docker build -f /root/dockerfile/dindssh -t dind:ssh .

docker rm -f dind
docker run --privileged --name dind -d \
    --restart=always \
    -e DOCKER_TLS_CERTDIR=/certs \
    -v some-docker-certs-ca:/certs/ca \
    -v some-docker-certs-client:/certs/client \
    -p 2222:22 \
    dind:ssh