NOTES: epel has another package called docker (which is a KDE docking application and is not related to this). So, you will get an error performing these steps, if you have that package already installed.
UPDATE-1: Docker version-0.6.1 is released. Upgrade instructions are available here
UPDATE-2: Docker version-0.6.2 is released.
Docker.io is the lightweight "container engine + image repository" built on top of LXC (linux lightweight containers) to ship any application.
At the core of docker.io there are
Follow these instructions to get docker.io installed on your system.
0. Install centos 6.x
1. Disable selinux as it interferes with functionality of LXC
3. Setup hop5.in repository
4. Install docker-io package
5. See the package is installed correctly
6. Add cgroup filesystem to /etc/fstab , so that docker will work correctly
Per "Peter Zimmerman" a reboot is needed to actually mount /sys/fs/cgroup (due to the kernel doesn't have cgroup support). So, the above mount step is not really needed. As its used only upon reboot.
7. Reboot the system ; make sure to select "3.10.5-3.el6.x86_64" kernel version while booting.
8. Once system is up and running, make sure you are on right kernel
10. Print hello world from a centos 6.4 container.
11. Ping from inside the container
CREDITS: Thanks to sciurus for doing the hardwork in creating the spec file for kernel-ml-aufs.
UPDATE-1: Docker version-0.6.1 is released. Upgrade instructions are available here
UPDATE-2: Docker version-0.6.2 is released.
Docker.io is the lightweight "container engine + image repository" built on top of LXC (linux lightweight containers) to ship any application.
At the core of docker.io there are
- an application "/usr/bin/docker"
- set of pre-created operating-system/application images hosted with "docker.io"
- AUFS (Another Union filesystem) to take care of snapshots, diffs, ro/rw requirements
- LXC (Linux lightweight containers)
- cgroups (for resource management and namespacing)
Follow these instructions to get docker.io installed on your system.
0. Install centos 6.x
1. Disable selinux as it interferes with functionality of LXC
[root@localhost ~]# cat /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - SELinux is fully disabled. SELINUX=disabled # SELINUXTYPE= type of policy in use. Possible values are: # targeted - Only targeted network daemons are protected. # strict - Full SELinux protection. SELINUXTYPE=targeted2. Download and setup Fedora EPEL Repository
sudo yum install http://ftp.riken.jp/Linux/fedora/epel/6/i386/epel-release-6-8.noarch.rpm
3. Setup hop5.in repository
cd /etc/yum.repos.d sudo wget http://www.hop5.in/yum/el6/hop5.repo
4. Install docker-io package
[root@localhost ~]# yum install docker-io Loaded plugins: fastestmirror, security Loading mirror speeds from cached hostfile * base: centos.excellmedia.net * epel: kartolo.sby.datautama.net.id * extras: centos.excellmedia.net * updates: centos.excellmedia.net Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package docker-io.x86_64 0:0.5.3-4.el6 will be installed --> Processing Dependency: lxc >= 0.8.0 for package: docker-io-0.5.3-4.el6.x86_64 --> Processing Dependency: kernel-ml-aufs >= 3.10.5 for package: docker-io-0.5.3-4.el6.x86_64 --> Running transaction check ---> Package kernel-ml-aufs.x86_64 0:3.10.5-3.el6 will be installed ---> Package lxc.x86_64 0:0.8.0-3.el6 will be installed --> Processing Dependency: liblxc.so.0()(64bit) for package: lxc-0.8.0-3.el6.x86_64 --> Running transaction check ---> Package lxc-libs.x86_64 0:0.8.0-3.el6 will be installed --> Finished Dependency Resolution Dependencies Resolved ============================================================================================ Package Arch Version Repository Size ============================================================================================ Installing: docker-io x86_64 0.5.3-4.el6 hop5 1.2 M Installing for dependencies: kernel-ml-aufs x86_64 3.10.5-3.el6 hop5 33 M lxc x86_64 0.8.0-3.el6 hop5 81 k lxc-libs x86_64 0.8.0-3.el6 hop5 75 k Transaction Summary ============================================================================================ Install 4 Package(s) Total download size: 34 M Installed size: 159 M Is this ok [y/N]: y Downloading Packages: (1/4): docker-io-0.5.3-4.el6.x86_64.rpm | 1.2 MB 00:03 (2/4): kernel-ml-aufs-3.10.5-3.el6.x86_64.rpm | 33 MB 00:33 (3/4): lxc-0.8.0-3.el6.x86_64.rpm | 81 kB 00:00 (4/4): lxc-libs-0.8.0-3.el6.x86_64.rpm | 75 kB 00:00 -------------------------------------------------------------------------------------------- Total 896 kB/s | 34 MB 00:39 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Installing : lxc-libs-0.8.0-3.el6.x86_64 1/4 Installing : lxc-0.8.0-3.el6.x86_64 2/4 Installing : kernel-ml-aufs-3.10.5-3.el6.x86_64 3/4 Installing : docker-io-0.5.3-4.el6.x86_64 4/4 Verifying : kernel-ml-aufs-3.10.5-3.el6.x86_64 1/4 Verifying : lxc-0.8.0-3.el6.x86_64 2/4 Verifying : lxc-libs-0.8.0-3.el6.x86_64 3/4 Verifying : docker-io-0.5.3-4.el6.x86_64 4/4 Installed: docker-io.x86_64 0:0.5.3-4.el6 Dependency Installed: kernel-ml-aufs.x86_64 0:3.10.5-3.el6 lxc.x86_64 0:0.8.0-3.el6 lxc-libs.x86_64 0:0.8.0-3.el6 Complete! [root@localhost ~]#
5. See the package is installed correctly
[root@localhost ~]# docker -h Usage of docker: -D=false: Debug mode -H=[unix:///var/run/docker.sock]: tcp://host:port to bind/connect to or unix://path/to/socket to use -api-enable-cors=false: Enable CORS requests in the remote api. -b="": Attach containers to a pre-existing network bridge. Use 'none' to disable container networking -d=false: Daemon mode -dns="": Set custom dns servers -g="/var/lib/docker": Path to graph storage base dir. -p="/var/run/docker.pid": File containing process PID -r=false: Restart previously running containers
6. Add cgroup filesystem to /etc/fstab , so that docker will work correctly
[root@localhost ~]# echo "none /sys/fs/cgroup cgroup defaults 0 0" >> /etc/fstab
[root@localhost ~]# mount /sys/fs/cgroup
Per "Peter Zimmerman" a reboot is needed to actually mount /sys/fs/cgroup (due to the kernel doesn't have cgroup support). So, the above mount step is not really needed. As its used only upon reboot.
7. Reboot the system ; make sure to select "3.10.5-3.el6.x86_64" kernel version while booting.
8. Once system is up and running, make sure you are on right kernel
[root@localhost ~]# uname -r 3.10.5-3.el6.x86_64 [root@localhost ~]# grep aufs /proc/filesystems nodev aufs9. Start the docker.io in daemon mode (in a different terminal)
[root@localhost ~]# docker -d 2013/08/21 07:47:07 WARNING: Your kernel does not support cgroup swap limit. 2013/08/21 07:47:07 Listening for HTTP on /var/run/docker.sock (unix)
10. Print hello world from a centos 6.4 container.
[root@localhost ~]# docker run centos:6.4 echo "hello world" 2013/08/21 07:48:41 POST /v1.4/containers/create 2013/08/21 07:48:41 POST /v1.4/containers/c6bc9e80097e/start 2013/08/21 07:48:41 POST /v1.4/containers/c6bc9e80097e/attach?logs=1&stderr=1&stdout=1&stream=1 hello world
11. Ping from inside the container
[root@localhost ~]# docker -dns '8.8.8.8' run centos:6.4 ping -c 3 yahoo.com 2013/08/21 08:02:15 POST /v1.4/containers/create 2013/08/21 08:02:15 POST /v1.4/containers/c40a1244f9bc/start 2013/08/21 08:02:15 POST /v1.4/containers/c40a1244f9bc/attach?logs=1&stderr=1&stdout=1&stream=1 PING yahoo.com (98.138.253.109) 56(84) bytes of data. 64 bytes from ir1.fp.vip.ne1.yahoo.com (98.138.253.109): icmp_seq=1 ttl=48 time=323 ms 64 bytes from ir1.fp.vip.ne1.yahoo.com (98.138.253.109): icmp_seq=2 ttl=48 time=329 ms 64 bytes from ir1.fp.vip.ne1.yahoo.com (98.138.253.109): icmp_seq=3 ttl=49 time=302 ms --- yahoo.com ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2304ms rtt min/avg/max/mdev = 302.032/318.318/329.656/11.807 ms
TROUBLESHOOTING
"DNS/Networking Errors inside the docker"
[root@localhost ~]# docker -dns="8.8.8.8" run centos:6.4 yum install hiphop-php 2013/08/21 07:53:05 POST /v1.4/containers/create 2013/08/21 07:53:05 POST /v1.4/containers/6d9fef14bd1a/start 2013/08/21 07:53:05 POST /v1.4/containers/6d9fef14bd1a/attach?logs=1&stderr=1&stdout=1&stream=1 Loaded plugins: fastestmirror Error: Cannot retrieve repository metadata (repomd.xml) for repository: base. Please verify its path and try again Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=6&arch=x86_64&repo=os error was 14: PYCURL ERROR 6 - "Couldn't resolve host 'mirrorlist.centos.org'"
Please issue the following commands, so that docker and its environment will be reset and above issue will be taken care of.
pkill docker
iptables -t nat -F
ifconfig docker0 down
brctl delbr docker0
docker -d
Posts
"epel has another package called docker (which is a KDE docking application and is not related to this). So, you will get an error performing these steps, if you have that package already installed." - what do you think about renaming docker from docker.io to lxc-docker to avoid this error. This is done already for debian: https://github.com/dotcloud/docker/tree/master/packaging/debian If you use kernel, docker spec from: https://github.com/sciurus/docker-rhel-rpm we can make pull request to @sciurus repo or ask him to do this.
ReplyDeleteActually, that note isn't valid anymore as the package is "docker-io", the reason why it isn't lxc-docker is due to branding issues (i don't work for docker). I feel docker.io is more than just LXC. So, i prefer to keep it without lxc- prefix. But, if people prefer lxc-* , i can add Provides section.
DeleteI am aware of @sciurus repo as i have originally created kernel rpm from that repo. In his repo, he just pulls a binary which is compiled by docker guys. But, i am building the binary from source to keep it compatible with golang that i have.
Thank you for this excellent work. This Blog helped me with my first docker-steps. One suggestion. It costs me a lot of time that mounting of /sys/fs/cgroups is not possible during point 6 in your list. After 6(a) you have to reboot the system. After this reboot /sys/fs/cgroups exists an then mount ist done.
ReplyDeleteThanks. I have updated the blog to make mount of /sys/fs/cgroups optional (before reboot).
DeleteThank you for this article Naresh.
ReplyDeleteI've converted your article into a Vagrantfile which, once booted, will have docker ready to go: https://gist.github.com/andreiashu/7122585
Thanks Andrei for Vagrant support
DeleteThanks for providing this centos docker repository it really helped me to get started.
ReplyDeleteMaybe I just overlooked it but can you add a init script.
Here is my version of the init script, feel free to adapt and use it:
https://gist.github.com/chilicat/7121314
And here is a openstack version which will give the nova group pemrissions to execute docker:
https://gist.github.com/chilicat/7195118
thanks again
Daniel
Thanks Daniel. I'll try to add this initscript with next build.
DeleteI am getting this error, when I try to install docker-io thru yum:
ReplyDeletehop5/primary_db | 87 kB 00:00
http://www.hop5.in/yum/el6/repodata/68c97ab6e2529b1afc8da34b0da1878055b63b1fd2b5cf255ee4510245bbc0bd-primary.sqlite.bz2: [Errno -3] Error performing checksum
Trying other mirror.
Error: failure: repodata/68c97ab6e2529b1afc8da34b0da1878055b63b1fd2b5cf255ee4510245bbc0bd-primary.sqlite.bz2 from hop5: [Errno 256] No more mirrors to try.
Any idea, what is wrong and how to resolve it?
Hello,
DeleteIt could possibly due to network maint by my ISP. Try again now
curl -I http://www.hop5.in/yum/el6/repodata/68c97ab6e2529b1afc8da34b0da1878055b63b1fd2b5cf255ee4510245bbc0bd-primary.sqlite.bz2
HTTP/1.1 200 OK
Server: nginx/1.4.3
Date: Sat, 30 Nov 2013 04:12:24 GMT
Content-Type: text/plain
Content-Length: 89289
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 19 Oct 2013 10:51:48 GMT
Etag: "52626444.15cc9"
Accept-Ranges: bytes