docker on RHEL 7


Paywall protected walkthrough:


Currently supported for non-mission critical workloads

Installing Docker


Give docker plenty of space

Typical install uses /var/lib/docker

Create a separate partition with ~ 100GB

installing docker

# subscription-manager register --username=rhnuser --password=rhnpasswd
# subscription-manager list --available  Find pool ID for RHEL subscription
# subscription-manager attach --pool=pool_id
# subscription-manager repos --enable=rhel-7-server-extras-rpms
# subscription-manager repos --enable=rhel-7-server-optional-rpms
# yum install docker docker-registry

RUNNING DOCKER

Start the Docker daemon:

systemctl  start docker
systemctl enable docker

Run Docker commands:

docker --help

Running Docker as NON-ROOT 

Docker binds to Unix socket as show:
$ ls -l /var/run/docker.sock
srw-rw----. 1 root docker 0 Aug 10 20:56 /var/run/docker.sock

Add non-root user to 'docker' group:
usermod -a -G docker jshepher

Beware docker does not contain


- Only run images from a trusted source
- Run applications on an Enterprise quality host
- Install updates regularly
- Drop privileges as soon as possible
- Run as non-root whenever possible
- Watch your logs
- setenforce 1

Docker images

A template for running containers
Contains all files for application to run

https://docs.docker.com/terms/images/docker-filesystems-generic.png

docker containers

A docker image running processes
Typically a single application

Can modify image in memory

DEMO

Uses RHEL7 image from hub.docker.com
Run process and exit: 
 docker run rhel7 echo "Hello World"
List docker containers: 
 docker ps
Run and attach to a process:
docker run -i -t rhel7 bash

DEMO

Layering images
docker run -i -t rhel7 bash
Make a change
touch test.txt
View the running container
docker ps
ID             IMAGE    COMMAND    NAMES
40280fb7d4a6   rhel7:0  /bin/bash  angry_archimedes0
Commit the change to a new image
docker commit angry_archimedes0 rhel7/test
Run a container from the new image
docker run -i -t rhel7/test

CLEANING UP

$ crontab -l
30 17 * * * dockerclean  
$ which dockerclean
alias dockerclean='dockercleancontainers && dockercleanimages' 
$ which dockercleancontainers
alias dockercleancontainers='docker ps -a -notrunc| grep '\''Exit'\'' | awk '\''{print $1}'\'' | xargs -L 1 -r docker rm' 
$ which dockercleanimages
alias dockercleanimages='docker images -a --no-trunc | grep none | awk '\''{print $3}'\'' | xargs -L 1 -r docker rmi'

Introduction to docker

By Jason Shepherd

Made with Slides.com

Introduction to docker

  • 1,522

More from Jason Shepherd