15.2.3 安装步骤与版本管理

安装步骤与版本管理#

安装原理草图（仓库拉取与运行时组件）



<div class="diagram-block"><img alt="flowchart" src="data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSI2ODAiIGhlaWdodD0iODkyIiB2aWV3Qm94PSIwIDAgNjgwIDg5MiI+PGRlZnM+PGxpbmVhckdyYWRpZW50IGlkPSJub2RlRmlsbCIgeDE9IjAlIiB5MT0iMCUiIHgyPSIxMDAlIiB5Mj0iMTAwJSI+PHN0b3Agb2Zmc2V0PSIwJSIgc3RvcC1jb2xvcj0iI2ZmZmFmMSIgLz48c3RvcCBvZmZzZXQ9IjEwMCUiIHN0b3AtY29sb3I9IiNmMWU3ZDMiIC8+PC9saW5lYXJHcmFkaWVudD48bWFya2VyIGlkPSJhcnJvdyIgbWFya2VyV2lkdGg9IjEyIiBtYXJrZXJIZWlnaHQ9IjEyIiByZWZYPSIxMCIgcmVmWT0iNiIgb3JpZW50PSJhdXRvIiBtYXJrZXJVbml0cz0ic3Ryb2tlV2lkdGgiPjxwYXRoIGQ9Ik0gMCAwIEwgMTIgNiBMIDAgMTIgeiIgZmlsbD0iIzhiNmEzZiIgLz48L21hcmtlcj48L2RlZnM+PHJlY3QgeD0iMCIgeT0iMCIgd2lkdGg9IjY4MCIgaGVpZ2h0PSI4OTIiIHJ4PSIxOCIgZmlsbD0iI2ZjZjhmMiIgLz48cGF0aCBkPSJNIDM0MC4wIDk0LjAgTCAzNDAuMCAxMzguMCBMIDM0MC4wIDEzOC4wIEwgMzQwLjAgMTgyLjAiIGZpbGw9Im5vbmUiIHN0cm9rZT0iIzhiNmEzZiIgc3Ryb2tlLXdpZHRoPSIyLjgiIHN0cm9rZS1saW5lY2FwPSJyb3VuZCIgc3Ryb2tlLWxpbmVqb2luPSJyb3VuZCIgbWFya2VyLWVuZD0idXJsKCNhcnJvdykiIC8+PHBhdGggZD0iTSAzNDAuMCAyNDguMCBMIDM0MC4wIDI5Mi4wIEwgMTE4LjAgMjkyLjAgTCAxMTguMCAzMzYuMCIgZmlsbD0ibm9uZSIgc3Ryb2tlPSIjOGI2YTNmIiBzdHJva2Utd2lkdGg9IjIuOCIgc3Ryb2tlLWxpbmVjYXA9InJvdW5kIiBzdHJva2UtbGluZWpvaW49InJvdW5kIiBtYXJrZXItZW5kPSJ1cmwoI2Fycm93KSIgLz48cGF0aCBkPSJNIDM0MC4wIDI0OC4wIEwgMzQwLjAgMjkyLjAgTCAzNDAuMCAyOTIuMCBMIDM0MC4wIDMzNi4wIiBmaWxsPSJub25lIiBzdHJva2U9IiM4YjZhM2YiIHN0cm9rZS13aWR0aD0iMi44IiBzdHJva2UtbGluZWNhcD0icm91bmQiIHN0cm9rZS1saW5lam9pbj0icm91bmQiIG1hcmtlci1lbmQ9InVybCgjYXJyb3cpIiAvPjxwYXRoIGQ9Ik0gMzQwLjAgMjQ4LjAgTCAzNDAuMCAyOTIuMCBMIDU2Mi4wIDI5Mi4wIEwgNTYyLjAgMzM2LjAiIGZpbGw9Im5vbmUiIHN0cm9rZT0iIzhiNmEzZiIgc3Ryb2tlLXdpZHRoPSIyLjgiIHN0cm9rZS1saW5lY2FwPSJyb3VuZCIgc3Ryb2tlLWxpbmVqb2luPSJyb3VuZCIgbWFya2VyLWVuZD0idXJsKCNhcnJvdykiIC8+PHBhdGggZD0iTSAxMTguMCA0MDIuMCBMIDExOC4wIDUyMy4wIEwgMzQwLjAgNTIzLjAgTCAzNDAuMCA2NDQuMCIgZmlsbD0ibm9uZSIgc3Ryb2tlPSIjOGI2YTNmIiBzdHJva2Utd2lkdGg9IjIuOCIgc3Ryb2tlLWxpbmVjYXA9InJvdW5kIiBzdHJva2UtbGluZWpvaW49InJvdW5kIiBtYXJrZXItZW5kPSJ1cmwoI2Fycm93KSIgLz48cGF0aCBkPSJNIDM0MC4wIDQwMi4wIEwgMzQwLjAgNDQ2LjAgTCAzNDAuMCA0NDYuMCBMIDM0MC4wIDQ5MC4wIiBmaWxsPSJub25lIiBzdHJva2U9IiM4YjZhM2YiIHN0cm9rZS13aWR0aD0iMi44IiBzdHJva2UtbGluZWNhcD0icm91bmQiIHN0cm9rZS1saW5lam9pbj0icm91bmQiIG1hcmtlci1lbmQ9InVybCgjYXJyb3cpIiAvPjxwYXRoIGQ9Ik0gNTYyLjAgNDAyLjAgTCA1NjIuMCA2MDAuMCBMIDM0MC4wIDYwMC4wIEwgMzQwLjAgNzk4LjAiIGZpbGw9Im5vbmUiIHN0cm9rZT0iIzhiNmEzZiIgc3Ryb2tlLXdpZHRoPSIyLjgiIHN0cm9rZS1saW5lY2FwPSJyb3VuZCIgc3Ryb2tlLWxpbmVqb2luPSJyb3VuZCIgbWFya2VyLWVuZD0idXJsKCNhcnJvdykiIC8+PHBhdGggZD0iTSAzNDAuMCA1NTYuMCBMIDM0MC4wIDYwMC4wIEwgMzQwLjAgNjAwLjAgTCAzNDAuMCA2NDQuMCIgZmlsbD0ibm9uZSIgc3Ryb2tlPSIjOGI2YTNmIiBzdHJva2Utd2lkdGg9IjIuOCIgc3Ryb2tlLWxpbmVjYXA9InJvdW5kIiBzdHJva2UtbGluZWpvaW49InJvdW5kIiBtYXJrZXItZW5kPSJ1cmwoI2Fycm93KSIgLz48cGF0aCBkPSJNIDM0MC4wIDcxMC4wIEwgMzQwLjAgNzU0LjAgTCAzNDAuMCA3NTQuMCBMIDM0MC4wIDc5OC4wIiBmaWxsPSJub25lIiBzdHJva2U9IiM4YjZhM2YiIHN0cm9rZS13aWR0aD0iMi44IiBzdHJva2UtbGluZWNhcD0icm91bmQiIHN0cm9rZS1saW5lam9pbj0icm91bmQiIG1hcmtlci1lbmQ9InVybCgjYXJyb3cpIiAvPjxyZWN0IHg9IjI1MC4wIiB5PSIyOC4wIiB3aWR0aD0iMTgwIiBoZWlnaHQ9IjY2IiByeD0iMTYiIGZpbGw9InVybCgjbm9kZUZpbGwpIiBzdHJva2U9IiNiNThjNTUiIHN0cm9rZS13aWR0aD0iMiIgLz48dGV4dCB4PSIzNDAuMCIgeT0iNjYuMCIgdGV4dC1hbmNob3I9Im1pZGRsZSIgZm9udC1mYW1pbHk9Ik1pY3Jvc29mdCBZYUhlaSBVSSwgUGluZ0ZhbmcgU0MsIE5vdG8gU2FucyBDSksgU0MsIEFyaWFsLCBzYW5zLXNlcmlmIiBmb250LXNpemU9IjE2IiBmb250LXdlaWdodD0iNjAwIiBmaWxsPSIjMmYzZjUyIj48dHNwYW4geD0iMzQwLjAiIGR5PSIwIj5PU+WMheeuoeeQhuWZqCBhcHQveXVtPC90c3Bhbj48L3RleHQ+PHJlY3QgeD0iMjUwLjAiIHk9IjE4Mi4wIiB3aWR0aD0iMTgwIiBoZWlnaHQ9IjY2IiByeD0iMTYiIGZpbGw9InVybCgjbm9kZUZpbGwpIiBzdHJva2U9IiNiNThjNTUiIHN0cm9rZS13aWR0aD0iMiIgLz48dGV4dCB4PSIzNDAuMCIgeT0iMjIwLjAiIHRleHQtYW5jaG9yPSJtaWRkbGUiIGZvbnQtZmFtaWx5PSJNaWNyb3NvZnQgWWFIZWkgVUksIFBpbmdGYW5nIFNDLCBOb3RvIFNhbnMgQ0pLIFNDLCBBcmlhbCwgc2Fucy1zZXJpZiIgZm9udC1zaXplPSIxNiIgZm9udC13ZWlnaHQ9IjYwMCIgZmlsbD0iIzJmM2Y1MiI+PHRzcGFuIHg9IjM0MC4wIiBkeT0iMCI+RG9ja2Vy5a6Y5pa55LuT5bqTPC90c3Bhbj48L3RleHQ+PHJlY3QgeD0iMjguMCIgeT0iMzM2LjAiIHdpZHRoPSIxODAiIGhlaWdodD0iNjYiIHJ4PSIxNiIgZmlsbD0idXJsKCNub2RlRmlsbCkiIHN0cm9rZT0iI2I1OGM1NSIgc3Ryb2tlLXdpZHRoPSIyIiAvPjx0ZXh0IHg9IjExOC4wIiB5PSIzNzQuMCIgdGV4dC1hbmNob3I9Im1pZGRsZSIgZm9udC1mYW1pbHk9Ik1pY3Jvc29mdCBZYUhlaSBVSSwgUGluZ0ZhbmcgU0MsIE5vdG8gU2FucyBDSksgU0MsIEFyaWFsLCBzYW5zLXNlcmlmIiBmb250LXNpemU9IjE2IiBmb250LXdlaWdodD0iNjAwIiBmaWxsPSIjMmYzZjUyIj48dHNwYW4geD0iMTE4LjAiIGR5PSIwIj5kb2NrZXItY2U8L3RzcGFuPjwvdGV4dD48cmVjdCB4PSIyNTAuMCIgeT0iMzM2LjAiIHdpZHRoPSIxODAiIGhlaWdodD0iNjYiIHJ4PSIxNiIgZmlsbD0idXJsKCNub2RlRmlsbCkiIHN0cm9rZT0iI2I1OGM1NSIgc3Ryb2tlLXdpZHRoPSIyIiAvPjx0ZXh0IHg9IjM0MC4wIiB5PSIzNzQuMCIgdGV4dC1hbmNob3I9Im1pZGRsZSIgZm9udC1mYW1pbHk9Ik1pY3Jvc29mdCBZYUhlaSBVSSwgUGluZ0ZhbmcgU0MsIE5vdG8gU2FucyBDSksgU0MsIEFyaWFsLCBzYW5zLXNlcmlmIiBmb250LXNpemU9IjE2IiBmb250LXdlaWdodD0iNjAwIiBmaWxsPSIjMmYzZjUyIj48dHNwYW4geD0iMzQwLjAiIGR5PSIwIj5kb2NrZXItY2UtY2xpPC90c3Bhbj48L3RleHQ+PHJlY3QgeD0iNDcyLjAiIHk9IjMzNi4wIiB3aWR0aD0iMTgwIiBoZWlnaHQ9IjY2IiByeD0iMTYiIGZpbGw9InVybCgjbm9kZUZpbGwpIiBzdHJva2U9IiNiNThjNTUiIHN0cm9rZS13aWR0aD0iMiIgLz48dGV4dCB4PSI1NjIuMCIgeT0iMzc0LjAiIHRleHQtYW5jaG9yPSJtaWRkbGUiIGZvbnQtZmFtaWx5PSJNaWNyb3NvZnQgWWFIZWkgVUksIFBpbmdGYW5nIFNDLCBOb3RvIFNhbnMgQ0pLIFNDLCBBcmlhbCwgc2Fucy1zZXJpZiIgZm9udC1zaXplPSIxNiIgZm9udC13ZWlnaHQ9IjYwMCIgZmlsbD0iIzJmM2Y1MiI+PHRzcGFuIHg9IjU2Mi4wIiBkeT0iMCI+Y29udGFpbmVyZC5pbzwvdHNwYW4+PC90ZXh0PjxyZWN0IHg9IjI1MC4wIiB5PSI2NDQuMCIgd2lkdGg9IjE4MCIgaGVpZ2h0PSI2NiIgcng9IjE2IiBmaWxsPSJ1cmwoI25vZGVGaWxsKSIgc3Ryb2tlPSIjYjU4YzU1IiBzdHJva2Utd2lkdGg9IjIiIC8+PHRleHQgeD0iMzQwLjAiIHk9IjY4Mi4wIiB0ZXh0LWFuY2hvcj0ibWlkZGxlIiBmb250LWZhbWlseT0iTWljcm9zb2Z0IFlhSGVpIFVJLCBQaW5nRmFuZyBTQywgTm90byBTYW5zIENKSyBTQywgQXJpYWwsIHNhbnMtc2VyaWYiIGZvbnQtc2l6ZT0iMTYiIGZvbnQtd2VpZ2h0PSI2MDAiIGZpbGw9IiMyZjNmNTIiPjx0c3BhbiB4PSIzNDAuMCIgZHk9IjAiPmRvY2tlcmQg5pyN5YqhPC90c3Bhbj48L3RleHQ+PHJlY3QgeD0iMjUwLjAiIHk9IjQ5MC4wIiB3aWR0aD0iMTgwIiBoZWlnaHQ9IjY2IiByeD0iMTYiIGZpbGw9InVybCgjbm9kZUZpbGwpIiBzdHJva2U9IiNiNThjNTUiIHN0cm9rZS13aWR0aD0iMiIgLz48dGV4dCB4PSIzNDAuMCIgeT0iNTI4LjAiIHRleHQtYW5jaG9yPSJtaWRkbGUiIGZvbnQtZmFtaWx5PSJNaWNyb3NvZnQgWWFIZWkgVUksIFBpbmdGYW5nIFNDLCBOb3RvIFNhbnMgQ0pLIFNDLCBBcmlhbCwgc2Fucy1zZXJpZiIgZm9udC1zaXplPSIxNiIgZm9udC13ZWlnaHQ9IjYwMCIgZmlsbD0iIzJmM2Y1MiI+PHRzcGFuIHg9IjM0MC4wIiBkeT0iMCI+ZG9ja2VyIOWuouaIt+errzwvdHNwYW4+PC90ZXh0PjxyZWN0IHg9IjI1MC4wIiB5PSI3OTguMCIgd2lkdGg9IjE4MCIgaGVpZ2h0PSI2NiIgcng9IjE2IiBmaWxsPSJ1cmwoI25vZGVGaWxsKSIgc3Ryb2tlPSIjYjU4YzU1IiBzdHJva2Utd2lkdGg9IjIiIC8+PHRleHQgeD0iMzQwLjAiIHk9IjgzNi4wIiB0ZXh0LWFuY2hvcj0ibWlkZGxlIiBmb250LWZhbWlseT0iTWljcm9zb2Z0IFlhSGVpIFVJLCBQaW5nRmFuZyBTQywgTm90byBTYW5zIENKSyBTQywgQXJpYWwsIHNhbnMtc2VyaWYiIGZvbnQtc2l6ZT0iMTYiIGZvbnQtd2VpZ2h0PSI2MDAiIGZpbGw9IiMyZjNmNTIiPjx0c3BhbiB4PSIzNDAuMCIgZHk9IjAiPmNvbnRhaW5lcmQg6L+Q6KGM5pe2PC90c3Bhbj48L3RleHQ+PC9zdmc+" /></div>

安装前准备（清理旧版 + 更新依赖）

# 1) 停止旧服务
sudo systemctl stop docker 2>/dev/null || true

# 2) 卸载旧包（CentOS/RHEL）
sudo yum remove -y docker* containerd* runc* || true

# 3) 卸载旧包（Ubuntu/Debian）
sudo apt remove -y docker* containerd* runc* || true

# 4) 更新系统与依赖
# CentOS/RHEL
sudo yum update -y

# Ubuntu/Debian
sudo apt update && sudo apt upgrade -y

# 5) 时间同步与DNS（示例：Ubuntu）
sudo timedatectl set-ntp true
cat /etc/resolv.conf

说明：清理旧包避免版本冲突；NTP 与 DNS 可减少镜像拉取超时与证书校验失败。

基于官方仓库安装（推荐方式，含版本选择）
CentOS/RHEL

# 1) 依赖与仓库
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

# 2) 查看可用版本（按版本降序）
yum list docker-ce --showduplicates | sort -r | head -n 5

# 3) 安装指定版本（示例：20.10.24）
sudo yum install -y docker-ce-20.10.24 docker-ce-cli-20.10.24 containerd.io

# 4) 启动服务与开机自启
sudo systemctl start docker
sudo systemctl enable docker

Ubuntu/Debian

# 1) 依赖与仓库
sudo apt install -y ca-certificates curl gnupg lsb-release
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker.gpg] \
https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | \
sudo tee /etc/apt/sources.list.d/docker.list

# 2) 更新索引并查看可用版本
sudo apt update
apt-cache madison docker-ce | head -n 5

# 3) 安装指定版本（示例：20.10.24）
sudo apt install -y docker-ce=5:20.10.24~3-0~ubuntu-$(lsb_release -cs) \
docker-ce-cli=5:20.10.24~3-0~ubuntu-$(lsb_release -cs) containerd.io

# 4) 启动服务与开机自启
sudo systemctl start docker
sudo systemctl enable docker

版本管理与锁定（生产必做）

# CentOS/RHEL：安装锁定插件并锁定版本
sudo yum install -y yum-plugin-versionlock
sudo yum versionlock add docker-ce docker-ce-cli containerd.io

# Ubuntu/Debian：版本锁定
sudo apt-mark hold docker-ce docker-ce-cli containerd.io

# 查看锁定状态
# CentOS/RHEL
yum versionlock list
# Ubuntu/Debian
apt-mark showhold

说明：锁定版本可避免自动升级引入 API/存储驱动不兼容。

升级/降级示例（含回滚思路）

# 升级示例（先解锁->升级->再锁定）
# Ubuntu/Debian
sudo apt-mark unhold docker-ce docker-ce-cli containerd.io
sudo apt update
sudo apt install -y docker-ce=5:20.10.25~3-0~ubuntu-$(lsb_release -cs) \
docker-ce-cli=5:20.10.25~3-0~ubuntu-$(lsb_release -cs) containerd.io
sudo apt-mark hold docker-ce docker-ce-cli containerd.io

# 降级示例（回滚到旧版本）
sudo apt install -y docker-ce=5:20.10.24~3-0~ubuntu-$(lsb_release -cs) \
docker-ce-cli=5:20.10.24~3-0~ubuntu-$(lsb_release -cs) containerd.io

# 回滚后验证版本
docker version --format 'Client: {{.Client.Version}} / Server: {{.Server.Version}}'

说明：升级前备份 /etc/docker/daemon.json，必要时备份 /var/lib/docker。

安装验证与命令解释

# 查看服务状态（active 表示正常）
sudo systemctl status docker

# 查看版本（客户端/服务端）
docker version

# 运行测试容器（hello-world）
docker run --rm hello-world

# 解释：
# --rm：容器退出后自动删除

常见安装问题排错（带命令与定位方法）
仓库不可达 / DNS 问题

# 检查 DNS 解析与连通性
nslookup download.docker.com
curl -I https://download.docker.com

# 临时切换 DNS（示例）
echo "nameserver 8.8.8.8" | sudo tee /etc/resolv.conf

containerd/runc 版本冲突

# 卸载冲突包并重装
sudo yum remove -y containerd.io runc
sudo yum install -y containerd.io

服务启动失败

# 查看日志定位
sudo journalctl -u docker --no-pager -n 200

# 常见：配置语法错误
sudo cat /etc/docker/daemon.json
sudo dockerd --validate --config-file=/etc/docker/daemon.json

练习（动手验证）
1. 安装指定版本 Docker 并锁定版本；输出 docker version 结果。
2. 卸载并回滚到上一个版本，验证 hello-world 可运行。
3. 手动修改 /etc/docker/daemon.json 为错误 JSON，观察 systemctl start docker 报错并通过 journalctl 定位。