# docker目录规划及配置

大空间都在/home的情况下，要把/var/lib/docker镜像缓存ln到/home目录下。

# 创建账号

useradd docker
sed -i '$adocker ALL=(ALL) NOPASSWD:ALL' /etc/sudoers

# 创建目录

su - docker
mkdir -p /home/docker/script \
	/home/docker/data \
	/home/docker/lib/docker \
	/home/docker/logs \
	/home/docker/conf \
	/home/docker/dockerfile \
	/home/docker/tools
sudo ln -s /home/docker/lib/docker /var/lib/docker

# 安装docker

cd /home/docker/tools
#centos 8 begin
wget https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm
sudo yum localinstall containerd.io-1.2.6-3.3.el7.x86_64.rpm
# centos 8 end
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
sudo systemctl start docker 
sudo systemctl enable docker
docker run hello-world

# 配置防火墙

ip addr
sudo systemctl start firewalld
sudo systemctl enable firewalld
sudo firewall-cmd --permanent --zone=trusted --add-interface=docker0 #docker网卡名为docker0
#或信任网段
sudo firewall-cmd --permanent --zone=trusted --add-source=172.0.0.0/8

sudo firewall-cmd --reload
#firewall-cmd --permanent --zone=public --remove-port=81/tcp

← docker集群搭建和应用示例