Docker – Marcello Morettoni

Before you start

Check the requirements:
https://docs.docker.com/engine/installation/linux/oracle/#install-docker

Remove all the packages already installed by default:

yum remove docker

yum remove docker-engine

yum remove docker-engine-selinux

[root@cybel ~]# yum remove docker
Loaded plugins: langpacks, ulninfo
No Match for argument: docker
No Packages marked for removal
[root@cybel ~]# yum remove docker-engine
Loaded plugins: langpacks, ulninfo
No Match for argument: docker-engine
No Packages marked for removal
[root@cybel ~]# yum remove docker-engine-selinux
Loaded plugins: langpacks, ulninfo
Resolving Dependencies
–> Running transaction check
—> Package selinux-policy-targeted.noarch 0:3.13.1-102.0.2.el7 will be erased
–> Finished Dependency Resolution

Dependencies Resolved

================================================================================
Package                   Arch     Version               Repository       Size
================================================================================
Removing:
selinux-policy-targeted   noarch   3.13.1-102.0.2.el7    @anaconda/7.3    15 M

Transaction Summary
================================================================================
Remove 1 Package

Installed size: 15 M
Is this ok [y/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Erasing    : selinux-policy-targeted-3.13.1-102.0.2.el7.noarch            1/1
Verifying : selinux-policy-targeted-3.13.1-102.0.2.el7.noarch            1/1

Removed:
selinux-policy-targeted.noarch 0:3.13.1-102.0.2.el7

Complete!
[root@cybel ~]#

Ensure that you are using Unbreakable Enterprise Kernel Release 4 (UEK R4):

[root@cybel ~]# uname -a
Linux cybel.qlab.com 4.1.12-61.1.18.el7uek.x86_64 #2 SMP Fri Nov 4 15:48:30 PDT 2016 x86_64 x86_64 x86_64 GNU/Linux

[root@cybel ~]# rpm -qa | grep uek
kernel-uek-firmware-4.1.12-61.1.18.el7uek.noarch
kernel-uek-4.1.12-61.1.18.el7uek.x86_64
kernel-uek-devel-4.1.12-61.1.18.el7uek.x86_64

If this is not your case, please check https://docs.oracle.com/cd/E37670_01/E75728/html/section_kfy_f2z_fp2.html

Ensure that your UEK R3 repo on /etc/yum.repos.d/public-yum-ol7.repo is disabled, setting “enabled” to 0. Also, enable the UEK R4:

[ol7_UEKR3]
name=Latest Unbreakable Enterprise Kernel Release 3 for Oracle Linux $releasever ($basearch)
baseurl=http://yum.oracle.com/repo/OracleLinux/OL7/UEKR3/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpgcheck=1
enabled=0

[ol7_UEKR4]
name=Latest Unbreakable Enterprise Kernel Release 4 for Oracle Linux $releasever ($basearch)
baseurl=http://yum.oracle.com/repo/OracleLinux/OL7/UEKR4/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpgcheck=1
enabled=1

Enable your Addons on /etc/yum.repos.d/public-yum-ol7.repo:

[ol7_addons]
name=Oracle Linux $releasever Add ons ($basearch)
baseurl=http://yum.oracle.com/repo/OracleLinux/OL7/addons/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpgcheck=1
enabled=1

*if you want to download an updated version of the repo list, just download it here: http://yum.oracle.com/public-yum-ol7.repo

Installing

[root@cybel ~]# yum install docker-engine

Check if you are retrieving the packages from the right repo:

[root@cybel ~]# yum install docker-engine
Loaded plugins: langpacks, ulninfo
ol7_UEKR4                                                                    | 1.2 kB 00:00:00
ol7_addons                                                                   | 1.2 kB 00:00:00
ol7_latest                                                                   | 1.4 kB 00:00:00
(1/2): ol7_addons/x86_64/updateinfo                                          | 30 kB 00:00:00
(2/2): ol7_addons/x86_64/primary                                             | 71 kB 00:00:00
ol7_addons                                                                                  232/232

Install the btrfs-progs package:

[root@cybel ~]# yum install btrfs-progs

Create the btrfs filesystem. On my example I have another disk for it, but only one. You can use more disks. You can check more details about it here: https://docs.docker.com/engine/userguide/storagedriver/btrfs-driver/#image-layering-and-sharing-with-btrfs

[root@cybel ~]# mkfs.btrfs /dev/sdb
btrfs-progs v4.4.1
See http://btrfs.wiki.kernel.org for more information.

WARNING: The skinny-metadata mkfs default feature will work with the current kernel, but it is not compatible with older kernels supported on this OS. You can disable it with -O ^skinny-metadata option in mkfs.btrfs
Label:              (null)
UUID:               0c275194-a1fb-400a-98d2-eba6a5676415
Node size:          16384
Sector size:        4096
Filesystem size:    16.00GiB
Block group profiles:
Data:             single            8.00MiB
Metadata:         DUP               1.01GiB
System:           DUP              12.00MiB
SSD detected:       no
Incompat features: extref, skinny-metadata
Number of devices: 1
Devices:
ID        SIZE PATH
1    16.00GiB /dev/sdb

Check it:

[root@cybel ~]# blkid /dev/sdb
/dev/sdb: UUID=”0c275194-a1fb-400a-98d2-eba6a5676415″ UUID_SUB=”af287357-c1ee-405e-b843-ae33d839fd7e” TYPE=”btrfs”

My UUID is 0c275194-a1fb-400a-98d2-eba6a5676415. You need this ID to continue the mount.

Create the file /etc/systemd/system/var-lib-docker.mount and replace my UUID by yours.

[Unit]
Description = Docker Image Store

[Mount]
What = UUID=0c275194-a1fb-400a-98d2-eba6a5676415
Where = /var/lib/docker
Type = btrfs

[Install]
WantedBy = multi-user.target

Create the folder:

[root@cybel ~]# mkdir /var/lib/docker

Enable the mount:

[root@cybel ~]# systemctl enable var-lib-docker.mount
Created symlink from /etc/systemd/system/multi-user.target.wants/var-lib-docker.mount to /etc/systemd/system/var-lib-docker.mount.

*If you want you can stop or start the mount, using systemctl stop var-lib-docker.mount or systemctl start var-lib-docker.mount

Specify that the /var/lib/docker file system by using the var-lib-docker.mount target before starting the docker service:

[root@cybel ~]# vim /etc/systemd/system/docker.service.d/var-lib-docker-mount.conf

And add the content below:

[Unit]
Requires=var-lib-docker.mount
After=var-lib-docker.mount

Start the Docker:

[root@cybel ~]# systemctl start docker

Enable the Docker:

[root@cybel ~]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.

Check the Docker:

[root@cybel ~]# systemctl status docker
● docker.service – Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/docker.service.d
└─docker-sysconfig.conf, var-lib-docker-mount.conf
Active: active (running) since Fri 2017-05-05 09:11:05 EDT; 23s ago
Docs: https://docs.docker.com
Main PID: 5378 (dockerd)
CGroup: /system.slice/docker.service
├─5378 /usr/bin/dockerd –selinux-enabled
└─5382 docker-containerd -l unix:///var/run/docker/libcontainerd/docker-containerd.sock –shim docker-containerd-shim –metrics-interval=0 –start-timeout 2m –state-dir /var/run/docker/libcontaine…

May 05 09:11:04 cybel.qlab.com dockerd[5378]: time=”2017-05-05T09:11:04.578141907-04:00″ level=info msg=”Graph migration to content-addressability took 0.00 seconds”
May 05 09:11:04 cybel.qlab.com dockerd[5378]: time=”2017-05-05T09:11:04.578536439-04:00″ level=warning msg=”mountpoint for pids not found”
May 05 09:11:04 cybel.qlab.com dockerd[5378]: time=”2017-05-05T09:11:04.578740133-04:00″ level=info msg=”Loading containers: start.”
May 05 09:11:04 cybel.qlab.com dockerd[5378]: time=”2017-05-05T09:11:04.607237601-04:00″ level=info msg=”Firewalld running: true”
May 05 09:11:04 cybel.qlab.com dockerd[5378]: time=”2017-05-05T09:11:04.877415812-04:00″ level=info msg=”Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option –bi…ed IP address”
May 05 09:11:05 cybel.qlab.com dockerd[5378]: time=”2017-05-05T09:11:05.087530769-04:00″ level=info msg=”Loading containers: done.”
May 05 09:11:05 cybel.qlab.com dockerd[5378]: time=”2017-05-05T09:11:05.087643281-04:00″ level=info msg=”Daemon has completed initialization”
May 05 09:11:05 cybel.qlab.com dockerd[5378]: time=”2017-05-05T09:11:05.087659843-04:00″ level=info msg=”Docker daemon” commit=ac13b2b graphdriver=btrfs version=1.12.6
May 05 09:11:05 cybel.qlab.com dockerd[5378]: time=”2017-05-05T09:11:05.094327712-04:00″ level=info msg=”API listen on /var/run/docker.sock”
May 05 09:11:05 cybel.qlab.com systemd[1]: Started Docker Application Container Engine.
Hint: Some lines were ellipsized, use -l to show in full.

[root@cybel ~]# docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 1.12.6
Storage Driver: btrfs
Build Version: Btrfs v4.4.1
Library Version: 101
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: overlay bridge null host
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Security Options: seccomp selinux
Kernel Version: 4.1.12-61.1.18.el7uek.x86_64
Operating System: Oracle Linux Server 7.3
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 5.576 GiB
Name: cybel.qlab.com
ID: ZJWT:7WHS:RVPV:6GE5:Q747:BLBH:5OCU:QQV5:EAFT:NMVY:Y5CK:IMZO
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Insecure Registries:
127.0.0.0/8

[root@cybel ~]# docker version
Client:
Version:      1.12.6
API version: 1.24
Go version:   go1.6.4
Git commit:   ac13b2b
Built:        Wed Mar 22 02:52:47 2017
OS/Arch:      linux/amd64

Server:
Version:      1.12.6
API version: 1.24
Go version:   go1.6.4
Git commit:   ac13b2b
Built:        Wed Mar 22 02:52:47 2017
OS/Arch:      linux/amd64

[root@cybel ~]# docker stats –no-stream
CONTAINER           CPU %               MEM USAGE / LIMIT   MEM %               NET I/O             BLOCK I/O           PIDS
[root@cybel ~]#

Run the Hello World:

[root@cybel ~]# docker run hello-world

Run something else:

[root@cybel ~]# docker run -it ubuntu bash
Unable to find image ‘ubuntu:latest’ locally
latest: Pulling from library/ubuntu

aafe6b5e13de: Pull complete
0a2b43a72660: Pull complete
18bdd1e546d2: Pull complete
8198342c3e05: Pull complete
f56970a44fd4: Pull complete
Digest: sha256:f3a61450ae43896c4332bda5e78b453f4a93179045f20c8181043b26b5e79028
Status: Downloaded newer image for ubuntu:latest
root@3c620e2be1fa:/#

Open another shell and check your container running:

[root@cybel ~]# docker stats –no-stream
CONTAINER CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
3c620e2be1fa 0.00% 4.082 MiB / 5.576 GiB 0.07% 648 B / 648 B 3.654 MB / 0 B 0

[root@cybel ~]# docker run -it httpd:alpine
Unable to find image ‘httpd:alpine’ locally
alpine: Pulling from library/httpd
627beaf3eaaf: Pull complete
e225632b13fc: Pull complete
09d704230c42: Pull complete
a1f05d6d2879: Pull complete
f9e9b4770efc: Pull complete
Digest: sha256:2b943ffb79a69deb138af7358c37ceb21ab9e2919fa76f72158c541f17ad76d2
Status: Downloaded newer image for httpd:alpine
AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 172.17.0.2. Set the ‘ServerName’ directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 172.17.0.2. Set the ‘ServerName’ directive globally to suppress this message
[Fri May 05 14:41:14.746552 2017] [mpm_event:notice] [pid 1:tid 139710509243208] AH00489: Apache/2.4.25 (Unix) configured — resuming normal operations
[Fri May 05 14:41:14.746621 2017] [core:notice] [pid 1:tid 139710509243208] AH00094: Command line: ‘httpd -D FOREGROUND’

Next steps:

Security with users and groups for management(enabling non-root users for administration)
Play with different images
Using Oracle Container registry

If you want to learn more:

https://docs.oracle.com/cd/E37670_01/E75728/html/pref.html

https://docs.docker.com/engine/installation/

Did you like this article? Please post your feedback. 😉

Category: Docker

Oracle Container Cloud Service: A simple deploy lab

Installing docker on Oracle Linux 7