Docker 要求 CentOS 系统的内核版本高于 3.10 ，查看本页面的前提条件来验证你的CentOS 版本是否支持 Docker 。

通过 uname -r 命令查看你当前的内核版本

[root@localhost /]# uname -r3.10.0-327.el7.x86_64

Docker 软件包和依赖包已经包含在默认的 CentOS-Extras 软件源里，安装命令如下:

yum -y install docker

启动docker:

[root@localhost /]# systemctl start dockerJob for docker.service failed because the control process exited with error code. See "systemctl status docker.service" and "journalctl -xe" for details.

查看具体错误信息：

[root@localhost /]# systemctl status docker.service● docker.service - Docker Application Container Engine   Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)   Active: failed (Result: exit-code) since 五 2018-04-20 06:50:52 CST; 3min 57s ago     Docs: http://docs.docker.com  Process: 44005 ExecStart=/usr/bin/dockerd-current --add-runtime docker-runc=/usr/libexec/docker/docker-runc-current --default-runtime=docker-runc --exec-opt native.cgroupdriver=systemd --userland-proxy-path=/usr/libexec/docker/docker-proxy-current --seccomp-profile=/etc/docker/seccomp.json $OPTIONS $DOCKER_STORAGE_OPTIONS $DOCKER_NETWORK_OPTIONS $ADD_REGISTRY $BLOCK_REGISTRY $INSECURE_REGISTRY $REGISTRIES (code=exited, status=1/FAILURE) Main PID: 44005 (code=exited, status=1/FAILURE)4月 20 06:50:50 localhost.localdomain systemd[1]: Starting Docker Application Container Engine...4月 20 06:50:50 localhost.localdomain dockerd-current[44005]: time="2018-04-20T06:50:50.921964698+08:00" level=warning msg="could not ...ound"4月 20 06:50:50 localhost.localdomain dockerd-current[44005]: time="2018-04-20T06:50:50.927241794+08:00" level=info msg="libcontainerd...4010"4月 20 06:50:51 localhost.localdomain dockerd-current[44005]: time="2018-04-20T06:50:51.936045098+08:00" level=warning msg="overlay2: the b...4月 20 06:50:52 localhost.localdomain dockerd-current[44005]: Error starting daemon: SELinux is not supported with the overlay2 graph ...alse)4月 20 06:50:52 localhost.localdomain systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE4月 20 06:50:52 localhost.localdomain systemd[1]: Failed to start Docker Application Container Engine.4月 20 06:50:52 localhost.localdomain systemd[1]: Unit docker.service entered failed state.4月 20 06:50:52 localhost.localdomain systemd[1]: docker.service failed.Hint: Some lines were ellipsized, use -l to show in full.

可以看出错误信息

Error starting daemon: SELinux is not supported with the overlay2 graph ...alse) 此linux的内核中的SELinux不支持 overlay2 graph driver ，解决方法有两个，要么启动一个新内核，要么就在docker里禁用selinux，--selinux-enabled=false

[root@localhost /]# vi /etc/sysconfig/docker

修改配置：

# Modify these options if you want to change the way the docker daemon runsOPTIONS='--selinux-enabled=false --log-driver=journald --signature-verification=false'if [ -z "${DOCKER_CERT_PATH}" ]; then    DOCKER_CERT_PATH=/etc/dockerfi# Do not add registries in this file anymore. Use /etc/containers/registries.conf# from the atomic-registries package.#

在--selinux-enabled后面添加=false即可！

 

重新启动docker

[root@localhost /]# service docker startRedirecting to /bin/systemctl start docker.service[root@localhost /]# docker infoContainers: 0 Running: 0 Paused: 0 Stopped: 0Images: 0Server Version: 1.13.1Storage Driver: overlay2 Backing Filesystem: xfs Supports d_type: false Native Overlay Diff: falseLogging Driver: journaldCgroup Driver: systemdPlugins:  Volume: local Network: bridge host macvlan null overlaySwarm: inactiveRuntimes: docker-runc runcDefault Runtime: docker-runcInit Binary: docker-initcontainerd version:  (expected: aa8187dbd3b7ad67d8e5e3a15115d3eef43a7ed1)runc version: N/A (expected: 9df8b306d01f59d3a8029be411de015b7304dd8f)init version: N/A (expected: 949e6facb77383876aeff8a6944dde66b3089574)Security Options: seccomp  WARNING: You're not using the default seccomp profile  Profile: /etc/docker/seccomp.jsonKernel Version: 3.10.0-327.el7.x86_64Operating System: CentOS Linux 7 (Core)OSType: linuxArchitecture: x86_64Number of Docker Hooks: 3CPUs: 1Total Memory: 977.9 MiBName: localhost.localdomainID: 2QP3:PYDM:BLLS:P5QS:QGJN:N7GK:DAKV:ZWFG:FW54:FHS4:FCAN:6NR4Docker Root Dir: /var/lib/dockerDebug Mode (client): falseDebug Mode (server): falseRegistry: https://index.docker.io/v1/WARNING: bridge-nf-call-iptables is disabledWARNING: bridge-nf-call-ip6tables is disabledExperimental: falseInsecure Registries: 127.0.0.0/8Live Restore Enabled: falseRegistries: docker.io (secure)

测试运行hello-world

[root@localhost /]# docker run hello-worldUnable to find image 'hello-world:latest' locallyTrying to pull repository docker.io/library/hello-world ... latest: Pulling from docker.io/library/hello-world/usr/bin/docker-current: Get https://registry-1.docker.io/v2/library/hello-world/manifests/sha256:d5c74e6f8efc7bdf42a5e22bd764400692cf82360d86b8c587a7584b03f51520: Get https://auth.docker.io/token?scope=repository%3Alibrary%2Fhello-world%3Apull&service=registry.docker.io: net/http: request canceled (Client.Timeout exceeded while awaiting headers).See '/usr/bin/docker-current run --help'.[root@localhost /]# docker run hello-worldUnable to find image 'hello-world:latest' locallyTrying to pull repository docker.io/library/hello-world ... latest: Pulling from docker.io/library/hello-world9bb5a5d4561a: Pull complete Digest: sha256:f5233545e43561214ca4891fd1157e1c3c563316ed8e237750d59bde73361e77Status: Downloaded newer image for docker.io/hello-world:latestHello from Docker!This message shows that your installation appears to be working correctly.To generate this message, Docker took the following steps: 1. The Docker client contacted the Docker daemon. 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.    (amd64) 3. The Docker daemon created a new container from that image which runs the    executable that produces the output you are currently reading. 4. The Docker daemon streamed that output to the Docker client, which sent it    to your terminal.To try something more ambitious, you can run an Ubuntu container with: $ docker run -it ubuntu bashShare images, automate workflows, and more with a free Docker ID: https://hub.docker.com/For more examples and ideas, visit: https://docs.docker.com/engine/userguide/

启动重启命令：

[hongdada@localhost home]$ systemctl stop docker.service==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units ===Authentication is required to manage system services or units.Authenticating as: rootPassword: ==== AUTHENTICATION COMPLETE ===[hongdada@localhost home]$ systemctl restart docker.service==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units ===Authentication is required to manage system services or units.Authenticating as: rootPassword: ==== AUTHENTICATION COMPLETE ===[hongdada@localhost home]$ systemctl status docker.service● docker.service - Docker Application Container Engine   Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)   Active: active (running) since 五 2018-04-20 08:11:34 CST; 12s ago     Docs: http://docs.docker.com Main PID: 51878 (dockerd-current)   CGroup: /system.slice/docker.service           ├─51878 /usr/bin/dockerd-current --add-runtime docker-runc=/usr/libexec/docker/docker-runc-cu...           └─51883 /usr/bin/docker-containerd-current -l unix:///var/run/docker/libcontainerd/docker-con...