690e0010aa
= _includes/install-script.md, engine/install/linux-postinstall.md = - Remove "Rootless mode is currently available as an experimental feature." Close issue 12050 = engine/security/rootless.md = == "Prerequiresites" section == - Remove information about old distros (Debian 9, CentOS 7.5-7.6) == "Distribution-specific hint" section == - Tabified (`<div class="tab-content" />`) == "Known limitations" section == - Kernel 5.11 supports rootless overlayfs, without the Ubuntu/Debian patch. == "Install" section == - Promote RPM/DEB installation over TGZ installation. See docker/roadmap issue 188 == "Uninstall" section == - Add "Uninstall" section. Close issue 12053 == "Usage" section == - Added more information about systemd - Move `nsenter` tips to "Tips for debugging" subsection under "Troubleshooting" section == "Best practice" section == - Remove guide for `lxc-user-nic` network driver due to immaturity. Will be brought back in future. See rootless-containers/rootlesskit issue 138 . == "Troubleshooting" section == - Add a guide for "can't open lock file /run/xtables.lock: Permission denied" (SELinux). See moby/moby issue 41230 - Add a guide for "failed to register layer: ApplyLayer exit status 1 ..." (NFS). Close docker/for-linux issue 1172 - Improve guides for slirp4netns. - Remove v19.03 information (e.g., "cgroup v2 is unsupported, use cgroup v1") Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
3.4 KiB
Install using the convenience script
Docker provides convenience scripts at get.docker.com
and test.docker.com for installing edge and
testing versions of Docker Engine - Community into development environments quickly and
non-interactively. The source code for the scripts is in the
docker-install repository.
Using these scripts is not recommended for production
environments, and you should understand the potential risks before you use
them:
- The scripts require
rootorsudoprivileges to run. Therefore, you should carefully examine and audit the scripts before running them. - The scripts attempt to detect your Linux distribution and version and configure your package management system for you. In addition, the scripts do not allow you to customize any installation parameters. This may lead to an unsupported configuration, either from Docker's point of view or from your own organization's guidelines and standards.
- The scripts install all dependencies and recommendations of the package manager without asking for confirmation. This may install a large number of packages, depending on the current configuration of your host machine.
- The script does not provide options to specify which version of Docker to install, and installs the latest version that is released in the "edge" channel.
- Do not use the convenience script if Docker has already been installed on the host machine using another mechanism.
This example uses the script at get.docker.com to
install the latest release of Docker Engine - Community on Linux. To install the latest
testing version, use test.docker.com instead. In
each of the commands below, replace each occurrence of get with test.
Warning
:
Always examine scripts downloaded from the internet before
running them locally. {:.warning}
$ curl -fsSL https://get.docker.com -o get-docker.sh
$ sudo sh get-docker.sh
<output truncated>
If you would like to use Docker as a non-root user, you should now consider adding your user to the "docker" group with something like:
sudo usermod -aG docker <your-user>
Remember to log out and back in for this to take effect!
Warning
:
Adding a user to the "docker" group grants them the ability to run containers which can be used to obtain root privileges on the Docker host. Refer to Docker Daemon Attack Surface for more information. {:.warning}
Docker Engine - Community is installed. It starts automatically on DEB-based distributions. On
RPM-based distributions, you need to start it manually using the appropriate
systemctl or service command. As the message indicates, non-root users can't
run Docker commands by default.
Note
:
To install Docker without root privileges, see Run the Docker daemon as a non-root user (Rootless mode).
Upgrade Docker after using the convenience script
If you installed Docker using the convenience script, you should upgrade Docker using your package manager directly. There is no advantage to re-running the convenience script, and it can cause issues if it attempts to re-add repositories which have already been added to the host machine.