Before you start
Check the requirements:
https://docs.docker.com/engine/installation/linux/oracle/#install-docker
Remove all the packages already installed by default:
yum remove docker
yum remove docker-engine
yum remove docker-engine-selinux
[root@cybel ~]# yum remove docker
Loaded plugins: langpacks, ulninfo
No Match for argument: docker
No Packages marked for removal
[root@cybel ~]# yum remove docker-engine
Loaded plugins: langpacks, ulninfo
No Match for argument: docker-engine
No Packages marked for removal
[root@cybel ~]# yum remove docker-engine-selinux
Loaded plugins: langpacks, ulninfo
Resolving Dependencies
–> Running transaction check
—> Package selinux-policy-targeted.noarch 0:3.13.1-102.0.2.el7 will be erased
–> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Removing:
selinux-policy-targeted noarch 3.13.1-102.0.2.el7 @anaconda/7.3 15 M
Transaction Summary
================================================================================
Remove 1 Package
Installed size: 15 M
Is this ok [y/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Erasing : selinux-policy-targeted-3.13.1-102.0.2.el7.noarch 1/1
Verifying : selinux-policy-targeted-3.13.1-102.0.2.el7.noarch 1/1
Removed:
selinux-policy-targeted.noarch 0:3.13.1-102.0.2.el7
Complete!
[root@cybel ~]#
Ensure that you are using Unbreakable Enterprise Kernel Release 4 (UEK R4):
[root@cybel ~]# uname -a
Linux cybel.qlab.com 4.1.12-61.1.18.el7uek.x86_64 #2 SMP Fri Nov 4 15:48:30 PDT 2016 x86_64 x86_64 x86_64 GNU/Linux
[root@cybel ~]# rpm -qa | grep uek
kernel-uek-firmware-4.1.12-61.1.18.el7uek.noarch
kernel-uek-4.1.12-61.1.18.el7uek.x86_64
kernel-uek-devel-4.1.12-61.1.18.el7uek.x86_64
If this is not your case, please check https://docs.oracle.com/cd/E37670_01/E75728/html/section_kfy_f2z_fp2.html
Ensure that your UEK R3 repo on /etc/yum.repos.d/public-yum-ol7.repo is disabled, setting “enabled” to 0. Also, enable the UEK R4:
[ol7_UEKR3]
name=Latest Unbreakable Enterprise Kernel Release 3 for Oracle Linux $releasever ($basearch)
baseurl=http://yum.oracle.com/repo/OracleLinux/OL7/UEKR3/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpgcheck=1
enabled=0
[ol7_UEKR4]
name=Latest Unbreakable Enterprise Kernel Release 4 for Oracle Linux $releasever ($basearch)
baseurl=http://yum.oracle.com/repo/OracleLinux/OL7/UEKR4/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpgcheck=1
enabled=1
Enable your Addons on /etc/yum.repos.d/public-yum-ol7.repo:
[ol7_addons]
name=Oracle Linux $releasever Add ons ($basearch)
baseurl=http://yum.oracle.com/repo/OracleLinux/OL7/addons/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpgcheck=1
enabled=1
*if you want to download an updated version of the repo list, just download it here: http://yum.oracle.com/public-yum-ol7.repo
Installing
[root@cybel ~]# yum install docker-engine
Check if you are retrieving the packages from the right repo:
[root@cybel ~]# yum install docker-engine
Loaded plugins: langpacks, ulninfo
ol7_UEKR4 | 1.2 kB 00:00:00
ol7_addons | 1.2 kB 00:00:00
ol7_latest | 1.4 kB 00:00:00
(1/2): ol7_addons/x86_64/updateinfo | 30 kB 00:00:00
(2/2): ol7_addons/x86_64/primary | 71 kB 00:00:00
ol7_addons 232/232
Install the btrfs-progs package:
[root@cybel ~]# yum install btrfs-progs
Create the btrfs filesystem. On my example I have another disk for it, but only one. You can use more disks. You can check more details about it here: https://docs.docker.com/engine/userguide/storagedriver/btrfs-driver/#image-layering-and-sharing-with-btrfs
[root@cybel ~]# mkfs.btrfs /dev/sdb
btrfs-progs v4.4.1
See http://btrfs.wiki.kernel.org for more information.
WARNING: The skinny-metadata mkfs default feature will work with the current kernel, but it is not compatible with older kernels supported on this OS. You can disable it with -O ^skinny-metadata option in mkfs.btrfs
Label: (null)
UUID: 0c275194-a1fb-400a-98d2-eba6a5676415
Node size: 16384
Sector size: 4096
Filesystem size: 16.00GiB
Block group profiles:
Data: single 8.00MiB
Metadata: DUP 1.01GiB
System: DUP 12.00MiB
SSD detected: no
Incompat features: extref, skinny-metadata
Number of devices: 1
Devices:
ID SIZE PATH
1 16.00GiB /dev/sdb
Check it:
[root@cybel ~]# blkid /dev/sdb
/dev/sdb: UUID=”0c275194-a1fb-400a-98d2-eba6a5676415″ UUID_SUB=”af287357-c1ee-405e-b843-ae33d839fd7e” TYPE=”btrfs”
My UUID is 0c275194-a1fb-400a-98d2-eba6a5676415. You need this ID to continue the mount.
Create the file /etc/systemd/system/var-lib-docker.mount and replace my UUID by yours.
[Unit]
Description = Docker Image Store
[Mount]
What = UUID=0c275194-a1fb-400a-98d2-eba6a5676415
Where = /var/lib/docker
Type = btrfs
[Install]
WantedBy = multi-user.target
Create the folder:
[root@cybel ~]# mkdir /var/lib/docker
Enable the mount:
[root@cybel ~]# systemctl enable var-lib-docker.mount
Created symlink from /etc/systemd/system/multi-user.target.wants/var-lib-docker.mount to /etc/systemd/system/var-lib-docker.mount.
*If you want you can stop or start the mount, using systemctl stop var-lib-docker.mount or systemctl start var-lib-docker.mount
Specify that the /var/lib/docker file system by using the var-lib-docker.mount target before starting the docker service:
[root@cybel ~]# vim /etc/systemd/system/docker.service.d/var-lib-docker-mount.conf
And add the content below:
[Unit]
Requires=var-lib-docker.mount
After=var-lib-docker.mount
Start the Docker:
[root@cybel ~]# systemctl start docker
Enable the Docker:
[root@cybel ~]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
Check the Docker:
[root@cybel ~]# systemctl status docker
● docker.service – Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/docker.service.d
└─docker-sysconfig.conf, var-lib-docker-mount.conf
Active: active (running) since Fri 2017-05-05 09:11:05 EDT; 23s ago
Docs: https://docs.docker.com
Main PID: 5378 (dockerd)
CGroup: /system.slice/docker.service
├─5378 /usr/bin/dockerd –selinux-enabled
└─5382 docker-containerd -l unix:///var/run/docker/libcontainerd/docker-containerd.sock –shim docker-containerd-shim –metrics-interval=0 –start-timeout 2m –state-dir /var/run/docker/libcontaine…
May 05 09:11:04 cybel.qlab.com dockerd[5378]: time=”2017-05-05T09:11:04.578141907-04:00″ level=info msg=”Graph migration to content-addressability took 0.00 seconds”
May 05 09:11:04 cybel.qlab.com dockerd[5378]: time=”2017-05-05T09:11:04.578536439-04:00″ level=warning msg=”mountpoint for pids not found”
May 05 09:11:04 cybel.qlab.com dockerd[5378]: time=”2017-05-05T09:11:04.578740133-04:00″ level=info msg=”Loading containers: start.”
May 05 09:11:04 cybel.qlab.com dockerd[5378]: time=”2017-05-05T09:11:04.607237601-04:00″ level=info msg=”Firewalld running: true”
May 05 09:11:04 cybel.qlab.com dockerd[5378]: time=”2017-05-05T09:11:04.877415812-04:00″ level=info msg=”Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option –bi…ed IP address”
May 05 09:11:05 cybel.qlab.com dockerd[5378]: time=”2017-05-05T09:11:05.087530769-04:00″ level=info msg=”Loading containers: done.”
May 05 09:11:05 cybel.qlab.com dockerd[5378]: time=”2017-05-05T09:11:05.087643281-04:00″ level=info msg=”Daemon has completed initialization”
May 05 09:11:05 cybel.qlab.com dockerd[5378]: time=”2017-05-05T09:11:05.087659843-04:00″ level=info msg=”Docker daemon” commit=ac13b2b graphdriver=btrfs version=1.12.6
May 05 09:11:05 cybel.qlab.com dockerd[5378]: time=”2017-05-05T09:11:05.094327712-04:00″ level=info msg=”API listen on /var/run/docker.sock”
May 05 09:11:05 cybel.qlab.com systemd[1]: Started Docker Application Container Engine.
Hint: Some lines were ellipsized, use -l to show in full.
[root@cybel ~]# docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 1.12.6
Storage Driver: btrfs
Build Version: Btrfs v4.4.1
Library Version: 101
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: overlay bridge null host
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Security Options: seccomp selinux
Kernel Version: 4.1.12-61.1.18.el7uek.x86_64
Operating System: Oracle Linux Server 7.3
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 5.576 GiB
Name: cybel.qlab.com
ID: ZJWT:7WHS:RVPV:6GE5:Q747:BLBH:5OCU:QQV5:EAFT:NMVY:Y5CK:IMZO
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Insecure Registries:
127.0.0.0/8
[root@cybel ~]# docker version
Client:
Version: 1.12.6
API version: 1.24
Go version: go1.6.4
Git commit: ac13b2b
Built: Wed Mar 22 02:52:47 2017
OS/Arch: linux/amd64
Server:
Version: 1.12.6
API version: 1.24
Go version: go1.6.4
Git commit: ac13b2b
Built: Wed Mar 22 02:52:47 2017
OS/Arch: linux/amd64
[root@cybel ~]# docker stats –no-stream
CONTAINER CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
[root@cybel ~]#
Run the Hello World:
[root@cybel ~]# docker run hello-world
Run something else:
[root@cybel ~]# docker run -it ubuntu bash
Unable to find image ‘ubuntu:latest’ locally
latest: Pulling from library/ubuntu
aafe6b5e13de: Pull complete
0a2b43a72660: Pull complete
18bdd1e546d2: Pull complete
8198342c3e05: Pull complete
f56970a44fd4: Pull complete
Digest: sha256:f3a61450ae43896c4332bda5e78b453f4a93179045f20c8181043b26b5e79028
Status: Downloaded newer image for ubuntu:latest
root@3c620e2be1fa:/#
Open another shell and check your container running:
[root@cybel ~]# docker stats –no-stream
CONTAINER CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
3c620e2be1fa 0.00% 4.082 MiB / 5.576 GiB 0.07% 648 B / 648 B 3.654 MB / 0 B 0
[root@cybel ~]# docker run -it httpd:alpine
Unable to find image ‘httpd:alpine’ locally
alpine: Pulling from library/httpd
627beaf3eaaf: Pull complete
e225632b13fc: Pull complete
09d704230c42: Pull complete
a1f05d6d2879: Pull complete
f9e9b4770efc: Pull complete
Digest: sha256:2b943ffb79a69deb138af7358c37ceb21ab9e2919fa76f72158c541f17ad76d2
Status: Downloaded newer image for httpd:alpine
AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 172.17.0.2. Set the ‘ServerName’ directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 172.17.0.2. Set the ‘ServerName’ directive globally to suppress this message
[Fri May 05 14:41:14.746552 2017] [mpm_event:notice] [pid 1:tid 139710509243208] AH00489: Apache/2.4.25 (Unix) configured — resuming normal operations
[Fri May 05 14:41:14.746621 2017] [core:notice] [pid 1:tid 139710509243208] AH00094: Command line: ‘httpd -D FOREGROUND’
Next steps:
- Security with users and groups for management(enabling non-root users for administration)
- Play with different images
- Using Oracle Container registry
If you want to learn more:
https://docs.oracle.com/cd/E37670_01/E75728/html/pref.html
https://docs.docker.com/engine/installation/
Did you like this article? Please post your feedback. 😉