Docker Linux Installation: Difference between revisions
(→Ubuntu) |
|||
(44 intermediate revisions by the same user not shown) | |||
Line 12: | Line 12: | ||
=RedHat/Centos= | =RedHat/Centos= | ||
{{External|https://docs.docker.com/install/linux/docker-ce/centos/}} | |||
The following sequence is based on the document linked above. | |||
==Uninstall Old Docker Versions== | |||
yum list installed | grep docker | |||
yum erase ... | |||
yum remove docker \ | |||
docker-client \ | |||
docker-client-latest \ | |||
docker-common \ | |||
docker-latest \ | |||
docker-latest-logrotate \ | |||
docker-logrotate \ | |||
docker-selinux \ | |||
docker-engine-selinux \ | |||
docker-engine | |||
==Intall Required yum Utilities== | |||
yum install -y yum-utils device-mapper-persistent-data lvm2 | |||
==Setting a yum Repository== | ==Setting a yum Repository== | ||
Set up a Docker repository: | |||
< | yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo | ||
This will create /etc/yum.repos.d/docker-ce.repo. | |||
Alternatively, the repository file can be added by hand, in /etc/yum.repos.d, with the following content: | |||
<syntaxhighlight lang='bash'> | |||
[dockerrepo] | [dockerrepo] | ||
name=Docker Repository | name=Docker Repository | ||
Line 24: | Line 55: | ||
gpgcheck=1 | gpgcheck=1 | ||
gpgkey=https://yum.dockerproject.org/gpg | gpgkey=https://yum.dockerproject.org/gpg | ||
</ | </syntaxhighlight> | ||
Alternative URL for Centos 6: https://yum.dockerproject.org/repo/main/centos/6 | Alternative URL for Centos 6: https://yum.dockerproject.org/repo/main/centos/6 | ||
Line 33: | Line 64: | ||
{{Internal|Using yum with registry.access.redhat.com Images#Overview|Using yum with registry.access.redhat.com Images}} | {{Internal|Using yum with registry.access.redhat.com Images#Overview|Using yum with registry.access.redhat.com Images}} | ||
== | ==Restrict Some Releases== | ||
yum-config-manager --disable docker-ce-edge | |||
yum-config-manager --disable docker-ce-test | |||
yum | ==RedHat== | ||
===Enable the 'extras' Repository=== | |||
In installed on RedHat, enable the "extras" repository: | |||
yum-config-manager --enable rhel-7-server-extras-rpms | |||
===Enable the "ol7" Repository=== | |||
Add /etc/yum.repos.d/public-yum-ol7.repo with the following content: | |||
<syntaxhighlight lang='bash'> | |||
[ol7_developer_EPEL] | |||
name=Oracle Linux $releasever Developement Packages ($basearch) | |||
baseurl=http://yum.oracle.com/repo/OracleLinux/OL7/developer_EPEL/$basearch/ | |||
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle-ol7 | |||
gpgcheck=1 | |||
enabled=1 | |||
</syntaxhighlight> | |||
Import the key: | |||
<syntaxhighlight lang='bash'> | |||
cd /etc/pki/rpm-gpg/ | |||
wget http://public-yum.oracle.com/RPM-GPG-KEY-oracle-ol7 | |||
</syntaxhighlight> | |||
==Install== | ==Install== | ||
yum install docker-engine | yum install docker-ce | ||
<font color=darkgray>Obsolete:</font> | |||
<font color=darkgray>yum install docker-engine</font> | |||
The yum installation procedure enables the docker server to start at boot: | The yum installation procedure enables the docker server to start at boot: | ||
Line 53: | Line 113: | ||
systemctl enable docker | systemctl enable docker | ||
==Start== | |||
At this point, /var/lib/docker and /etc/docker are not created. To create and initialize, execute the following. Even if we execute it, we will be able to further configure the storage backend later, as described in [[#Set_Up_Storage_Backend|Set Up Storage Backend]]: | |||
systemctl start docker | |||
==Set Up Storage Backend== | |||
===devicemapper Storage Setup=== | |||
For production use on Red Hat, set up devicemapper storage: | |||
{{Internal|Docker_device-mapper_Storage_Backend#Installation|devicemapper Installation}} | |||
==Reboot== | ==Reboot== | ||
< | <syntaxhighlight lang='bash'> | ||
docker version | docker version | ||
Client: | Client: | ||
Line 76: | Line 149: | ||
OS/Arch: linux/amd64 | OS/Arch: linux/amd64 | ||
Experimental: false | Experimental: false | ||
</ | </syntaxhighlight> | ||
== | ==RedHat/Centos Post-Install== | ||
{{Internal| | {{Internal|#Post-Install|Post-Install}} | ||
=Docker Installation for OpenShift= | =Docker Installation for OpenShift= | ||
Line 99: | Line 172: | ||
apt-get update | apt-get update | ||
apt-get install apt-transport-https ca-certificates curl software-properties-common | apt-get install apt-transport-https ca-certificates curl software-properties-common | ||
curl -fsSL https | curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - | ||
apt-key fingerprint 0EBFCD88 | apt-key fingerprint 0EBFCD88 | ||
add-apt-repository "deb [arch=amd64] https | add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | ||
Note that $(lsb_release -cs) should return 'xenial' or equivalent. The last command adds the Docker repository in /etc/apt/sources.list. | Note that $(lsb_release -cs) should return 'xenial' or equivalent. The last command adds the Docker repository in /etc/apt/sources.list. | ||
Line 118: | Line 191: | ||
docker run hello-world | docker run hello-world | ||
At this point, [[docker info]] may return a warning: | |||
WARNING: No swap limit support | |||
This is addressed by configuring the kernel appropriately. cgroups and swap should be configured in /etc/default/grub, by adding | |||
GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1" | |||
and then | |||
update-grub | |||
reboot | |||
Start at boot: | Start at boot: | ||
Line 123: | Line 209: | ||
systemctl enable docker | systemctl enable docker | ||
Configure a user other than "root" to be able to use the docker client to connect to the server. For details on why we needed to do this see [[Docker_Concepts#Client.2FServer_Communication|Docker Concepts - Client/Server Communication]]. The installation procedure should have created the 'docker' group already | =Post-Install= | ||
==Warnings== | |||
WARNING: bridge-nf-call-iptables is disabled | |||
WARNING: bridge-nf-call-ip6tables is disabled | |||
Fixed by adding the following to [[/etc/sysctl.conf]]: | |||
net.bridge.bridge-nf-call-ip6tables = 1 | |||
net.bridge.bridge-nf-call-iptables = 1 | |||
==Non-root Management Access== | |||
Configure a user other than "root" to be able to use the docker client to connect to the server. For details on why we needed to do this see [[Docker_Concepts#Client.2FServer_Communication|Docker Concepts - Client/Server Communication]]. The installation procedure should have created the 'docker' group already. | |||
useradd -m -g docker -u 994 docker | |||
usermod -aG docker <''unprivileged-user-to-operate-docker-server''> | usermod -aG docker <''unprivileged-user-to-operate-docker-server''> | ||
Line 133: | Line 235: | ||
Inspect [[Docker_Concepts#Storage_Driver.2FBackend|storage backend details]]. | Inspect [[Docker_Concepts#Storage_Driver.2FBackend|storage backend details]]. | ||
==Installation Verification== | |||
{{Internal|Docker Installation Verification|Docker Installation Verification}} | |||
=TODO= | |||
yum install --setopt=obsoletes=0 docker-ce-17.03.2.ce-1.el7.centos.x86_64 docker-ce-selinux-17.03.2.ce-1.el7.centos.noarch |
Latest revision as of 23:47, 23 August 2019
Internal
Overview
Verified with Centos 7.
Prerequisites
A 3.8 kernel or later is required.
RedHat/Centos
The following sequence is based on the document linked above.
Uninstall Old Docker Versions
yum list installed | grep docker
yum erase ...
yum remove docker \ docker-client \ docker-client-latest \ docker-common \ docker-latest \ docker-latest-logrotate \ docker-logrotate \ docker-selinux \ docker-engine-selinux \ docker-engine
Intall Required yum Utilities
yum install -y yum-utils device-mapper-persistent-data lvm2
Setting a yum Repository
Set up a Docker repository:
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
This will create /etc/yum.repos.d/docker-ce.repo.
Alternatively, the repository file can be added by hand, in /etc/yum.repos.d, with the following content:
[dockerrepo]
name=Docker Repository
baseurl=https://yum.dockerproject.org/repo/main/centos/7
enabled=1
gpgcheck=1
gpgkey=https://yum.dockerproject.org/gpg
Alternative URL for Centos 6: https://yum.dockerproject.org/repo/main/centos/6 Oracle Linux: https://yum.dockerproject.org/repo/main/oraclelinux/6/
This is an example of how to use an "entitled" RH repository:
Restrict Some Releases
yum-config-manager --disable docker-ce-edge yum-config-manager --disable docker-ce-test
RedHat
Enable the 'extras' Repository
In installed on RedHat, enable the "extras" repository:
yum-config-manager --enable rhel-7-server-extras-rpms
Enable the "ol7" Repository
Add /etc/yum.repos.d/public-yum-ol7.repo with the following content:
[ol7_developer_EPEL]
name=Oracle Linux $releasever Developement Packages ($basearch)
baseurl=http://yum.oracle.com/repo/OracleLinux/OL7/developer_EPEL/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle-ol7
gpgcheck=1
enabled=1
Import the key:
cd /etc/pki/rpm-gpg/
wget http://public-yum.oracle.com/RPM-GPG-KEY-oracle-ol7
Install
yum install docker-ce
Obsolete:
yum install docker-engine
The yum installation procedure enables the docker server to start at boot:
systemctl is-enabled docker enabled
If not, enable it:
systemctl enable docker
Start
At this point, /var/lib/docker and /etc/docker are not created. To create and initialize, execute the following. Even if we execute it, we will be able to further configure the storage backend later, as described in Set Up Storage Backend:
systemctl start docker
Set Up Storage Backend
devicemapper Storage Setup
For production use on Red Hat, set up devicemapper storage:
Reboot
docker version
Client:
Version: 17.03.1-ce
API version: 1.27
Go version: go1.7.5
Git commit: c6d412e
Built: Fri Mar 24 00:36:45 2017
OS/Arch: linux/amd64
Server:
Version: 17.03.1-ce
API version: 1.27 (minimum version 1.12)
Go version: go1.7.5
Git commit: c6d412e
Built: Fri Mar 24 00:36:45 2017
OS/Arch: linux/amd64
Experimental: false
RedHat/Centos Post-Install
Docker Installation for OpenShift
Ubuntu
Docker installation on Ubuntu is described here, in order:
- https://docs.docker.com/install/linux/docker-ce/ubuntu/
- https://docs.docker.com/install/linux/linux-postinstall/
A summary is available below. The sequence was used to install 18.03.0-ce on Ubuntu 16.04 xenial.
Setup the repository. As root:
apt-get update apt-get install apt-transport-https ca-certificates curl software-properties-common curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - apt-key fingerprint 0EBFCD88 add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
Note that $(lsb_release -cs) should return 'xenial' or equivalent. The last command adds the Docker repository in /etc/apt/sources.list.
Install Docker CE. As root:
Update the package index again after setting up the Docker repository:
apt-get update
Then install the latest docker-ce:
apt-get install docker-ce
Test:
docker run hello-world
At this point, docker info may return a warning:
WARNING: No swap limit support
This is addressed by configuring the kernel appropriately. cgroups and swap should be configured in /etc/default/grub, by adding
GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1"
and then
update-grub reboot
Start at boot:
systemctl enable docker
Post-Install
Warnings
WARNING: bridge-nf-call-iptables is disabled WARNING: bridge-nf-call-ip6tables is disabled
Fixed by adding the following to /etc/sysctl.conf:
net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1
Non-root Management Access
Configure a user other than "root" to be able to use the docker client to connect to the server. For details on why we needed to do this see Docker Concepts - Client/Server Communication. The installation procedure should have created the 'docker' group already.
useradd -m -g docker -u 994 docker
usermod -aG docker <unprivileged-user-to-operate-docker-server>
Test access for unprivileged user. As that user:
docker run hello-world
Inspect storage backend details.
Installation Verification
TODO
yum install --setopt=obsoletes=0 docker-ce-17.03.2.ce-1.el7.centos.x86_64 docker-ce-selinux-17.03.2.ce-1.el7.centos.noarch