The Linux kernel's support for namespaces mostly isolates an application's view of the operating environment, including process trees, network, user IDs and mounted file systems, while the kernel's cgroups provide resource limiting, including the CPU, memory, block I/O, and network. Since version 0.9, Docker includes the libcontainer library as its own way to directly use virtualization facilities provided by the Linux kernel, in addition to using abstracted virtualization interfaces via libvirt, LXC (Linux Containers) and systemd-nspawn.
This blogpost will go into the details of installing a very basic Docker engine on Oracle Linux for testing purposes. Oracle Linux 6 is installed using the official Vagrant distribution for Oracle Linux.
Enable addons
to be able to install Docker using yum you will have to ensure that the yum addons repository is enabled. This can be done by ensuring that you have enabled set to 1 for this channel in the /etc/yum.repos.d/public-yum-ol6.repo file. An example of this change is shown below
[public_ol6_addons] name=Oracle Linux $releasever Add ons ($basearch) baseurl=http://yum.oracle.com/repo/OracleLinux/OL6/addons/$basearch/ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle gpgcheck=1 enabled=1
Install with yum
to install Docker on Oracle Linux 6 you can use yum, docker will be located in the addons channel. Hence the reason why we enabled this in the previous step. Install Docker is simply executing the below command:
yum install docker-engine
This will take care of resolving the dependencies and install the docker engine on Oracle Linux.
Change docker config:
As part of the best practices as described by Oracle you need to change some things to the init script used to start the docker engine. In version 1.5 and later of Docker, the docker service unshares its mount namespace to resolve device busy issues with the device mapper storage driver. However, this configuration breaks autofs in the host system and prevents you from accessing subsequently mounted volumes in Docker containers. The workaround is to stop the Docker service from unsharing its mount namespace.
Edit /etc/init.d/docker and remove the $unshare -m -- parameters from the line that starts the daemon. For example, change the line that reads similar to the following:
"$unshare" -m -- $exec $other_args >> $logfile 2>&1 &
This is part of the start() function in the init script, the more complete example of this part of the script is shown below:
start() {
if [ ! -x $exec ]; then
if [ ! -e $exec ]; then
echo "Docker executable $exec not found"
else
echo "You do not have permission to execute the Docker executable $exec"
fi
exit 5
fi
check_for_cleanup
if ! [ -f $pidfile ]; then
prestart
printf "Starting $prog:\t"
echo "\n$(date)\n" >> $logfile
"$unshare" -m -- $exec $other_args >> $logfile 2>&1 &
pid=$!
touch $lockfile
# wait up to 10 seconds for the pidfile to exist. see
# https://github.com/docker/docker/issues/5359
tries=0
while [ ! -f $pidfile -a $tries -lt 10 ]; do
sleep 1
tries=$((tries + 1))
echo -n '.'
done
if [ ! -f $pidfile ]; then
failure
echo
exit 1
fi
success
echo
else
failure
echo
printf "$pidfile still exists...\n"
exit 7
fi
}
The mentioned line should be removed (commented out) and replaced with the below.
$exec $other_args &>> $logfile &
A word of caution is that you might want to check this part of the script after you do an update of the docker engine. As the init script is part of the docker installation it might be changed when you install a newer version of docker on your system.A good practice is to get a init version in your local repository and use something like chef inspect after an update on your system to ensure the right way of starting is used and you prevent breaking autosf.
Starting docker:
now the installation is completed which means we should be able to start docker on our Oracle Linux instance. You can start docker with the below command:
service docker start
to ensure that the docker engine starts every time we boot the machine we have to ensure that we register it in the right manner. This can be done with the below command:
chkconfig docker on
to check if this is done correctly you should check this with the chkconfig command. This results on our test machine in the below output. You can find docker in the below list and you can notice that it will start automatically.
[root@localhost ~]# chkconfig acpid 0:off 1:off 2:on 3:on 4:on 5:on 6:off blk-availability 0:off 1:on 2:on 3:on 4:on 5:on 6:off cgconfig 0:off 1:off 2:off 3:off 4:off 5:off 6:off cgred 0:off 1:off 2:off 3:off 4:off 5:off 6:off crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off docker 0:off 1:off 2:on 3:on 4:on 5:on 6:off ip6tables 0:off 1:off 2:on 3:on 4:on 5:on 6:off iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off lvm2-monitor 0:off 1:on 2:on 3:on 4:on 5:on 6:off netconsole 0:off 1:off 2:off 3:off 4:off 5:off 6:off netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off network 0:off 1:off 2:on 3:on 4:on 5:on 6:off ntpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off ntpdate 0:off 1:off 2:off 3:off 4:off 5:off 6:off rdisc 0:off 1:off 2:off 3:off 4:off 5:off 6:off restorecond 0:off 1:off 2:off 3:off 4:off 5:off 6:off rsyslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off saslauthd 0:off 1:off 2:off 3:off 4:off 5:off 6:off sendmail 0:off 1:off 2:on 3:on 4:on 5:on 6:off sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off udev-post 0:off 1:on 2:on 3:on 4:on 5:on 6:off vboxadd 0:off 1:off 2:on 3:on 4:on 5:on 6:off vboxadd-service 0:off 1:off 2:on 3:on 4:on 5:on 6:off vboxadd-x11 0:off 1:off 2:off 3:on 4:off 5:on 6:off [root@localhost ~]#
To ensure docker is running you can execute the docker info command, an example of this is shown below and as expected we have nothing running on our docker engine:
[root@localhost ~]# docker info Containers: 0 Running: 0 Paused: 0 Stopped: 0 Images: 0 Server Version: 1.12.6 Storage Driver: devicemapper Pool Name: docker-251:1-1835143-pool Pool Blocksize: 65.54 kB Base Device Size: 10.74 GB Backing Filesystem: ext4 Data file: /dev/loop0 Metadata file: /dev/loop1 Data Space Used: 305.7 MB Data Space Total: 107.4 GB Data Space Available: 31.62 GB Metadata Space Used: 729.1 kB Metadata Space Total: 2.147 GB Metadata Space Available: 2.147 GB Thin Pool Minimum Free Space: 10.74 GB Udev Sync Supported: true Deferred Removal Enabled: false Deferred Deletion Enabled: false Deferred Deleted Device Count: 0 Data loop file: /var/lib/docker/devicemapper/devicemapper/data WARNING: Usage of loopback devices is strongly discouraged for production use. Use `--storage-opt dm.thinpooldev` to specify a custom block storage device. Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata Library Version: 1.02.117-RHEL6 (2016-12-13) Logging Driver: json-file Cgroup Driver: cgroupfs Plugins: Volume: local Network: bridge overlay null host Swarm: inactive Runtimes: runc Default Runtime: runc Security Options: Kernel Version: 4.1.12-61.1.28.el6uek.x86_64 Operating System: Oracle Linux Server 6.9 OSType: linux Architecture: x86_64 CPUs: 2 Total Memory: 1.953 GiB Name: localhost ID: GU6G:JV6O:7Y6R:5F5R:OGEI:5AZG:SOVP:BBFF:4DME:YKDU:24MC:54MK Docker Root Dir: /var/lib/docker Debug Mode (client): false Debug Mode (server): false Registry: https://index.docker.io/v1/ Insecure Registries: 127.0.0.0/8 [root@localhost ~]#
In addition to docker info you can also do a docker version to find out the exact version of the version which is running on the Oracle Linux instance. An example is shown below:
[root@localhost ~]# docker version Client: Version: 1.12.6 API version: 1.24 Go version: go1.6.4 Git commit: 1512168 Built: Wed Jan 11 09:49:56 2017 OS/Arch: linux/amd64 Server: Version: 1.12.6 API version: 1.24 Go version: go1.6.4 Git commit: 1512168 Built: Wed Jan 11 09:49:56 2017 OS/Arch: linux/amd64 [root@localhost ~]#
This basically gives you a really standard and basic installation of Docker which enables you to get started to experiment with Docker on Oracle Linux.
No comments:
Post a Comment