DOCKER-2
(INSTALL & BEGIN)
Now we need to install docker,
Below are the pre installation considerations,
1. Swap
should be off
2. Internet
access
3. Few rpm’s
I am working with CentOS 7.9
[root@centos7-i2 ~]# swapoff –a
[root@centos7-i2 ~]# vi /etc/fstab
#
#
/etc/fstab
#
Created by anaconda on Sat Feb 20 17:12:32 2021
#
#
Accessible filesystems, by reference, are maintained under '/dev/disk'
#
See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root
/ xfs defaults 0 0
UUID=e7b57144-0ce9-47e7-8366-accb226788c0
/boot xfs defaults 0 0
#/dev/mapper/centos-swap swap swap defaults 0 0
Comment the swap partition
Disable Network manager (Optional)
# systemctl stop NetworkManager;systemctl disable
NetworkManager
Removed
symlink /etc/systemd/system/multi-user.target.wants/NetworkManager.service.
Removed
symlink /etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service.
Removed symlink /etc/systemd/system/network-online.target.wants/NetworkManager-wait-online.service.
Enable Internet,
# vi /etc/resolv.conf
nameserver 192.168.137.1
nameserver 8.8.8.8
nameserver 8.8.4.4
# vi /etc/sysconfig/network-scripts/ifcfg-ens33
#add below at end
DNS1="192.168.137.1"
DNS2="8.8.8.8"
DNS3="8.8.4.4"
Now mount the CentOS DVD to install required RPM’s.
# mkdir -p /mnt/disc
# mount /dev/sr0
/mnt/disc
# vi /etc/yum.repos.d/CentOS-Media.repo
[InstallMedia]
name=DVD for CentOS7
gpgcheck=0
enabled=1
baseurl=file:///mnt/disc/
# yum clean all;yum repolist enabled;yum update
Yum update will take time and approx 1.1GB of data,
[root@centos-docker1 ~]# yum install -y yum-utils device-mapper-persistent-data lvm2
Remove all previous instances,
# yum remove docker \
docker-client
\
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
# yum install -y yum-utils
Now we can proceed for docker installation, need to configure yum repo to direct install from internet
# yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
*** If you completed yum update on CentOS 7.9 then directly jump to “yum install docker-ce docker-ce-cli”
=========================================
If some required packages missing then below will help
=========================================
[root@centos7-i2 ~]# yum install https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm
https://centos.pkgs.org/7/centos-extras-x86_64/
Binary Package
http://mirror.centos.org/centos/7/extras/x86_64/Packages/slirp4netns-0.4.3-4.el7_8.x86_64.rpm
# yum install
https://vault.centos.org/centos/7.8.2003/extras/x86_64/Packages/container-selinux-2.107-1.el7_6.noarch.rpm
# yum install
http://mirror.centos.org/centos/7/extras/x86_64/Packages/slirp4netns-0.4.3-4.el7_8.x86_64.rpm
# yum install
http://mirror.centos.org/centos/7/extras/x86_64/Packages/fuse3-libs-3.6.1-4.el7.x86_64.rpm
# yum install
http://mirror.centos.org/centos/7/extras/x86_64/Packages/fuse-overlayfs-0.7.2-6.el7_8.x86_64.rpm
# yum install https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm
========================================================
========================================================
Continue ………
# yum install docker-ce docker-ce-cli
Loaded
plugins: fastestmirror, langpacks
docker-ce-stable | 3.5
kB 00:00
(1/2):
docker-ce-stable/7/x86_64/updateinfo | 55 B
00:00
(2/2):
docker-ce-stable/7/x86_64/primary_db | 70 kB
00:00
Loading
mirror speeds from cached hostfile
* base: centos.mirrors.estointernet.in
* extras: centos.mirrors.estointernet.in
* updates: centos.mirrors.estointernet.in
Resolving
Dependencies
-->
Running transaction check
--->
Package docker-ce.x86_64 3:20.10.12-3.el7 will be installed
-->
Processing Dependency: container-selinux >= 2:2.74 for package:
3:docker-ce-
20.10.12-3.el7.x86_64
====================O/P Truncated=======================
setools-libs x86_64 3.3.8-4.el7 base 620 k
systemd x86_64 219-78.el7_9.5 updates 5.1 M
systemd-libs x86_64 219-78.el7_9.5 updates 419 k
systemd-python x86_64 219-78.el7_9.5 updates 146 k
systemd-sysv x86_64 219-78.el7_9.5 updates 97 k
Transaction
Summary
================================================================================
Install 2 Packages (+ 8 Dependent packages)
Upgrade 3 Packages (+24 Dependent packages)
Total
download size: 114 M
Is
this ok [y/d/N]: y
====================O/P Truncated=======================
(35/37):
systemd-219-78.el7_9.5.x86_64.rpm
| 5.1 MB 00:00:04
(36/37):
glib2-2.56.1-9.el7_9.x86_64.rpm
| 2.5 MB 00:00:08
(37/37):
selinux-policy-targeted-3.13.1-268.el7_9.2.noarch.rpm
| 7.0 MB 00:00:07
--------------------------------------------------------------------------------------------------------------------------------------
Total
2.9 MB/s | 114 MB 00:00:39
Retrieving
key from https://download.docker.com/linux/centos/gpg
Importing
GPG key 0x621E9F35:
Userid
: "Docker Release (CE rpm) <docker@docker.com>"
Fingerprint: 060a 61c5 1b55 8a7f 742b 77aa
c52f eb6b 621e 9f35
From
: https://download.docker.com/linux/centos/gpg
Is
this ok [y/N]: y
====================O/P Truncated=======================
Installed:
docker-ce.x86_64 3:20.10.12-3.el7
docker-ce-cli.x86_64 1:20.10.12-3.el7
Dependency
Installed:
container-selinux.noarch 2:2.119.2-1.911c772.el7_8 containerd.io.x86_64
0:1.4.12-3.1.el7
docker-ce-rootless-extras.x86_64
0:20.10.12-3.el7
docker-scan-plugin.x86_64 0:0.12.0-3.el7
fuse-overlayfs.x86_64 0:0.7.2-6.el7_8 fuse3-libs.x86_64 0:3.6.1-4.el7
lz4.x86_64 0:1.8.3-1.el7
slirp4netns.x86_64 0:0.4.3-4.el7_8
Updated:
centos-release.x86_64
0:7-9.2009.1.el7.centos
dracut.x86_64 0:033-572.el7
initscripts.x86_64 0:9.49.53-1.el7_9.1
Dependency
Updated:
cryptsetup.x86_64 0:2.0.3-6.el7
cryptsetup-libs.x86_64 0:2.0.3-6.el7
cryptsetup-python.x86_64 0:2.0.3-6.el7
dracut-config-rescue.x86_64 0:033-572.el7
dracut-network.x86_64 0:033-572.el7
glib2.x86_64 0:2.56.1-9.el7_9
kmod.x86_64 0:20-28.el7
libgudev1.x86_64 0:219-78.el7_9.5
libseccomp.x86_64 0:2.3.1-4.el7
libselinux.x86_64 0:2.5-15.el7
libselinux-python.x86_64 0:2.5-15.el7
libselinux-utils.x86_64 0:2.5-15.el7
libsemanage.x86_64 0:2.5-14.el7 libsemanage-python.x86_64
0:2.5-14.el7
libsepol.x86_64 0:2.5-10.el7
policycoreutils.x86_64 0:2.5-34.el7
policycoreutils-python.x86_64
0:2.5-34.el7
selinux-policy.noarch 0:3.13.1-268.el7_9.2
selinux-policy-targeted.noarch
0:3.13.1-268.el7_9.2
setools-libs.x86_64 0:3.3.8-4.el7
systemd.x86_64 0:219-78.el7_9.5
systemd-libs.x86_64 0:219-78.el7_9.5
systemd-python.x86_64 0:219-78.el7_9.5 systemd-sysv.x86_64 0:219-78.el7_9.5
Complete!
# systemctl start docker;systemctl status docker
Job
for docker.service failed because the control process exited with error code.
See "systemctl status docker.service" and "journalctl -xe"
for details.
●
docker.service - Docker Application Container Engine
Loaded: loaded
(/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
Active: activating (auto-restart) (Result:
exit-code) since Sun 2022-01-23 16:15:21 IST; 82ms ago
Docs: https://docs.docker.com
Process: 17663 ExecStart=/usr/bin/dockerd -H
fd:// --containerd=/run/containerd/containerd.sock (code=exited,
status=1/FAILURE)
Main PID: 17663 (code=exited, status=1/FAILURE)
Jan
23 16:15:21 centos7-i2 systemd[1]: Unit docker.service entered failed state.
Jan 23 16:15:21 centos7-i2 systemd[1]: docker.service failed.
[root@centos7-i2 ~]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[root@centos7-i2 ~]# systemctl start docker;systemctl
status docker
Job
for docker.service failed because the control process exited with error code.
See "systemctl status docker.service" and "journalctl -xe"
for details.
●
docker.service - Docker Application Container Engine
Loaded: loaded
(/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: activating (auto-restart) (Result:
exit-code) since Sun 2022-01-23 16:16:34 IST; 78ms ago
Docs: https://docs.docker.com
Process: 17970 ExecStart=/usr/bin/dockerd -H
fd:// --containerd=/run/containerd/containerd.sock (code=exited,
status=1/FAILURE)
Main PID: 17970 (code=exited, status=1/FAILURE)
Jan
23 16:16:34 centos7-i2 systemd[1]: docker.service: main process exited,
code=exited, status=1/FAILURE
Jan
23 16:16:34 centos7-i2 systemd[1]: Failed to start Docker Application Container
Engine.
Jan
23 16:16:34 centos7-i2 systemd[1]: Unit docker.service entered failed state.
Jan
23 16:16:34 centos7-i2 systemd[1]: docker.service failed.
[root@centos7-i2
~]# service docker restart
Redirecting
to /bin/systemctl restart docker.service
Job
for docker.service failed because the control process exited with error code.
See "systemctl status docker.service" and "journalctl -xe"
for details.
[root@centos7-i2 ~]# journalctl -xe
Jan
23 16:18:13 centos7-i2 dockerd[18361]:
time="2022-01-23T16:18:13.357693743+05:30" level=info
msg="Loading containers: start."
Jan
23 16:18:13 centos7-i2 firewalld[888]: 2022-01-23 16:18:13 ERROR: INVALID_TYPE:
structure size mismatch 16 != 13
Jan 23 16:18:13 centos7-i2 firewalld[888]: 2022-01-23 16:18:13 ERROR: COMMAND_FAILED: '/sbin/iptables -t filter -C FORWARD -j DOCKER-I
Jan
23 16:18:14 centos7-i2 dockerd[18361]:
time="2022-01-23T16:18:14.338675640+05:30" level=info
msg="Default bridge (docker0) is assi
Jan
23 16:18:14 centos7-i2 firewalld[888]: 2022-01-23 16:18:14 ERROR:
COMMAND_FAILED: '/sbin/iptables -t nat -C DOCKER -i docker0 -j R
Jan
23 16:18:14 centos7-i2 firewalld[888]: 2022-01-23 16:18:14 ERROR:
COMMAND_FAILED: '/sbin/iptables -D FORWARD -i docker0 -o docker0
Jan
23 16:18:14 centos7-i2 firewalld[888]: 2022-01-23 16:18:14 ERROR: INVALID_ZONE:
docker
Jan
23 16:18:14 centos7-i2 dockerd[18361]:
time="2022-01-23T16:18:14.552234846+05:30" level=warning
msg="unmountAndDeactivate: open /v
Jan
23 16:18:14 centos7-i2 dockerd[18361]:
time="2022-01-23T16:18:14.626043607+05:30" level=error
msg="Failed to get event" error="rpc
Jan
23 16:18:14 centos7-i2 dockerd[18361]:
time="2022-01-23T16:18:14.626383098+05:30" level=info
msg="Waiting for containerd to be rea
Jan
23 16:18:14 centos7-i2 dockerd[18361]:
time="2022-01-23T16:18:14.631182235+05:30" level=warning
msg="Error while testing if contai
Jan
23 16:18:14 centos7-i2 dockerd[18361]: failed to start daemon: Error
initializing network controller: Error creating default "brid
Jan
23 16:18:14 centos7-i2 systemd[1]: docker.service: main process exited,
code=exited, status=1/FAILURE
Jan
23 16:18:14 centos7-i2 systemd[1]: Failed to start Docker Application Container
Engine.
--
Subject: Unit docker.service has failed
--
Defined-By: systemd
--
Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
--
Unit docker.service has failed.
--
--
The result is failed.
Jan
23 16:18:14 centos7-i2 systemd[1]: Unit docker.service entered failed state.
Jan 23 16:18:14 centos7-i2 systemd[1]: docker.service failed.
Seems something is preventing docker to start,
Need to check below
1. Swap
2. Firewall
3. SELinux
[root@centos7-i2 ~]# cat /etc/fstab |grep -i swap
#/dev/mapper/centos-swap swap swap defaults 0 0
[root@centos7-i2 ~]# systemctl stop firewalld
[root@centos7-i2 ~]# systemctl disable firewalld
Removed
symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.
[root@centos7-i2 ~]# sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
[root@centos7-i2 ~]# systemctl start docker;systemctl
status docker
●
docker.service - Docker Application Container Engine
Loaded: loaded
(/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: active (running) since Sun 2022-01-23 16:24:14 IST; 51ms ago
Docs: https://docs.docker.com
Main PID: 47681 (dockerd)
Memory: 36.7M
CGroup: /system.slice/docker.service
└─47681 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
[root@centos7-i2 ~]# docker version
Client:
Docker Engine - Community
Version: 20.10.12
API version: 1.41
Go version: go1.16.12
Git commit: e91ed57
Built: Mon Dec 13 11:45:41 2021
OS/Arch: linux/amd64
Context: default
Experimental: true
Server:
Docker Engine - Community
Engine:
Version:
20.10.12
API version: 1.41 (minimum version 1.12)
Go version: go1.16.12
Git commit: 459d0df
Built: Mon Dec 13 11:44:05 2021
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.4.12
GitCommit:
7b11cfaabd73bb80907dd23182b9347b4245eb5d
runc:
Version: 1.0.2
GitCommit: v1.0.2-0-g52b36a2
docker-init:
Version: 0.19.0
GitCommit: de40ad0
List available docker commands,
[root@centos7-i2 ~]# docker
Usage: docker [OPTIONS] COMMAND
A self-sufficient runtime for containers
Options:
--config string Location of client config files (default
"/root/.docker")
-c, --context string Name of the context to use to connect to
the daemon (overrides DOCKER_HOST env var and
default context set
with "docker context use")
-D, --debug Enable debug mode
-H, --host list Daemon socket(s) to connect to
-l, --log-level string Set the logging level
("debug"|"info"|"warn"|"error"|"fatal")
(default "info")
--tls Use TLS; implied by --tlsverify
--tlscacert string Trust certs signed only by this CA (default
"/root/.docker/ca.pem")
--tlscert string Path to TLS certificate file (default
"/root/.docker/cert.pem")
--tlskey string Path to TLS key file (default
"/root/.docker/key.pem")
--tlsverify Use TLS and verify the remote
-v, --version Print version information and quit
Management
Commands:
app*
Docker App (Docker Inc., v0.9.1-beta3)
builder
Manage builds
buildx*
Build with BuildKit (Docker Inc., v0.6.3-docker)
config
Manage Docker configs
container
Manage containers
context
Manage contexts
image
Manage images
manifest
Manage Docker image manifests and manifest lists
network
Manage networks
node
Manage Swarm nodes
plugin
Manage plugins
scan*
Docker Scan (Docker Inc., v0.8.0)
secret
Manage Docker secrets
service
Manage services
stack
Manage Docker stacks
swarm
Manage Swarm
system
Manage Docker
trust
Manage trust on Docker images
volume Manage volumes
Commands:
attach
Attach local standard input, output, and error streams to a running
container
build
Build an image from a Dockerfile
commit
Create a new image from a container's changes
cp
Copy files/folders between a container and the local filesystem
create
Create a new container
diff
Inspect changes to files or directories on a container's filesystem
events
Get real time events from the server
exec
Run a command in a running
container
export
Export a container's filesystem as a tar archive
history
Show the history of an image
images
List images
import
Import the contents from a tarball to create a filesystem image
info Display system-wide information
inspect
Return low-level information on Docker objects
kill
Kill one or more running containers
load
Load an image from a tar archive or STDIN
login
Log in to a Docker registry
logout
Log out from a Docker registry
logs
Fetch the logs of a container
pause
Pause all processes within one or more containers
port
List port mappings or a specific mapping for the container
ps
List containers
pull Pull an image or a repository from a
registry
push
Push an image or a repository to a registry
rename
Rename a container
restart
Restart one or more containers
rm
Remove one or more containers
rmi
Remove one or more images
run
Run a command in a new container
save
Save one or more images to a tar archive (streamed to STDOUT by default)
search
Search the Docker Hub for images
start
Start one or more stopped containers
stats Display a live stream of container(s)
resource usage statistics
stop
Stop one or more running containers
tag
Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
top
Display the running processes of a container
unpause
Unpause all processes within one or more containers
update
Update configuration of one or more containers
version
Show the Docker version information
wait Block until one or more containers stop, then print their exit codes
Run 'docker COMMAND --help' for more information on a command.
To get more help with docker, check out our guides at https://docs.docker.com/go/guides/
Searching desired container,
[root@centos7-i2 ~]# docker search nginx
[root@centos7-i2 ~]# docker search centos
Installation of desired container,
[root@centos7-i2 ~]# docker run ubuntu
Unable to find image 'ubuntu:latest' locally
latest: Pulling from library/ubuntu
f3ef4ff62e0d: Pull complete
Digest: sha256:a0d9e826ab87bd665cfc640598a871b748b4b70a01a4f3d174d4fb02adad07a9
Status: Downloaded newer image for ubuntu:latest
WARNING: IPv4 forwarding is
disabled. Networking will not work.
[root@centos7-i2 ~]# vi /etc/sysctl.conf
#
sysctl settings are defined through files in
#
/usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
#
Vendors settings live in /usr/lib/sysctl.d/.
#
To override a whole file, create a new file with the same in
#
/etc/sysctl.d/ and put new settings there. To override
#
only specific settings, add a file with a lexically later
#
name in /etc/sysctl.d/ and put new settings there.
#
#
For more information, see sysctl.conf(5) and sysctl.d(5).
net.ipv4.ip_forward=1 # add this line
[root@centos7-i2 ~]# systemctl restart network
[root@centos7-i2 ~]# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1
Check the running docker containers,
[root@centos7-i2 ~]# docker ps
CONTAINER ID IMAGE COMMAND
CREATED STATUS PORTS
NAMES
Check all docker containers,
[root@centos7-i2 ~]# docker ps -a
CONTAINER
ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fdd1dd0482c0 ubuntu
"bash" 2 minutes
ago Exited (0) 2 minutes ago competent_varahamihira
8eeaf46c3b96 hello-world
"/hello" 23 hours
ago Exited (0) 23 hours ago fervent_meninsky
[root@centos7-i2 ~]# docker rm fdd1dd0482c0
fdd1dd0482c0
[root@centos7-i2 ~]# docker ps -a
CONTAINER
ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8eeaf46c3b96 hello-world "/hello" 23 hours ago Exited (0) 23 hours ago fervent_meninsky
[root@centos7-i2 ~]# docker run ubuntu
[root@centos7-i2 ~]# docker ps -a
CONTAINER
ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4fdd2745b16f ubuntu
"bash" 32 seconds
ago Exited (0) 30 seconds ago heuristic_ellis
8eeaf46c3b96 hello-world
"/hello" 23 hours
ago Exited (0) 23 hours ago fervent_meninsky
Great . For other Linux flavors like RHEL, would it work in same fashion ?
ReplyDelete