Docker Linux Installation

From NovaOrdis Knowledge Base
Revision as of 23:47, 23 August 2019 by Ovidiu (talk | contribs) (→‎Installation Verification)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Internal

Overview

Verified with Centos 7.

Prerequisites

A 3.8 kernel or later is required.

RedHat/Centos

https://docs.docker.com/install/linux/docker-ce/centos/

The following sequence is based on the document linked above.

Uninstall Old Docker Versions

yum list installed | grep docker
yum erase ...
yum remove docker \
           docker-client \
           docker-client-latest \
           docker-common \
           docker-latest \
           docker-latest-logrotate \
           docker-logrotate \
           docker-selinux \
           docker-engine-selinux \
           docker-engine

Intall Required yum Utilities

yum install -y yum-utils device-mapper-persistent-data lvm2

Setting a yum Repository

Set up a Docker repository:

yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

This will create /etc/yum.repos.d/docker-ce.repo.

Alternatively, the repository file can be added by hand, in /etc/yum.repos.d, with the following content:

[dockerrepo]
name=Docker Repository
baseurl=https://yum.dockerproject.org/repo/main/centos/7
enabled=1
gpgcheck=1
gpgkey=https://yum.dockerproject.org/gpg

Alternative URL for Centos 6: https://yum.dockerproject.org/repo/main/centos/6 Oracle Linux: https://yum.dockerproject.org/repo/main/oraclelinux/6/

This is an example of how to use an "entitled" RH repository:

Using yum with registry.access.redhat.com Images

Restrict Some Releases

yum-config-manager --disable docker-ce-edge
yum-config-manager --disable docker-ce-test

RedHat

Enable the 'extras' Repository

In installed on RedHat, enable the "extras" repository:

yum-config-manager --enable rhel-7-server-extras-rpms

Enable the "ol7" Repository

Add /etc/yum.repos.d/public-yum-ol7.repo with the following content:

[ol7_developer_EPEL]
name=Oracle Linux $releasever Developement Packages ($basearch)
baseurl=http://yum.oracle.com/repo/OracleLinux/OL7/developer_EPEL/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle-ol7
gpgcheck=1
enabled=1

Import the key:

cd /etc/pki/rpm-gpg/
wget http://public-yum.oracle.com/RPM-GPG-KEY-oracle-ol7

Install

yum install docker-ce

Obsolete:

yum install docker-engine

The yum installation procedure enables the docker server to start at boot:

systemctl is-enabled docker
enabled

If not, enable it:

systemctl enable docker

Start

At this point, /var/lib/docker and /etc/docker are not created. To create and initialize, execute the following. Even if we execute it, we will be able to further configure the storage backend later, as described in Set Up Storage Backend:

systemctl start docker

Set Up Storage Backend

devicemapper Storage Setup

For production use on Red Hat, set up devicemapper storage:

devicemapper Installation

Reboot

docker version

Client:
 Version:      17.03.1-ce
 API version:  1.27
 Go version:   go1.7.5
 Git commit:   c6d412e
 Built:        Fri Mar 24 00:36:45 2017
 OS/Arch:      linux/amd64

Server:
 Version:      17.03.1-ce
 API version:  1.27 (minimum version 1.12)
 Go version:   go1.7.5
 Git commit:   c6d412e
 Built:        Fri Mar 24 00:36:45 2017
 OS/Arch:      linux/amd64
 Experimental: false

RedHat/Centos Post-Install

Post-Install

Docker Installation for OpenShift

Ubuntu

Docker installation on Ubuntu is described here, in order:

A summary is available below. The sequence was used to install 18.03.0-ce on Ubuntu 16.04 xenial.

Setup the repository. As root:

 apt-get update
 apt-get install apt-transport-https ca-certificates curl software-properties-common
 curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
 apt-key fingerprint 0EBFCD88
 add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

Note that $(lsb_release -cs) should return 'xenial' or equivalent. The last command adds the Docker repository in /etc/apt/sources.list.

Install Docker CE. As root:

Update the package index again after setting up the Docker repository:

apt-get update

Then install the latest docker-ce:

apt-get install docker-ce

Test:

docker run hello-world

At this point, docker info may return a warning:

WARNING: No swap limit support

This is addressed by configuring the kernel appropriately. cgroups and swap should be configured in /etc/default/grub, by adding

GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1"

and then

update-grub
reboot

Start at boot:

systemctl enable docker

Post-Install

Warnings

WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled

Fixed by adding the following to /etc/sysctl.conf:

net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1

Non-root Management Access

Configure a user other than "root" to be able to use the docker client to connect to the server. For details on why we needed to do this see Docker Concepts - Client/Server Communication. The installation procedure should have created the 'docker' group already.

useradd -m -g docker -u 994 docker
usermod -aG docker <unprivileged-user-to-operate-docker-server>

Test access for unprivileged user. As that user:

docker run hello-world

Inspect storage backend details.

Installation Verification

Docker Installation Verification

TODO

 yum install --setopt=obsoletes=0  docker-ce-17.03.2.ce-1.el7.centos.x86_64  docker-ce-selinux-17.03.2.ce-1.el7.centos.noarch