Docker

From SME Server
Revision as of 12:45, 9 September 2014 by RequestedDeletion (talk | contribs)
Jump to navigationJump to search
Warning.png Work in Progress:
This page is a Work in Progress. The contents off this page may be in flux, please have a look at this page history the to see list of changes.


Placeholder for anything to do with Docker (https://docker.com)

Important.png Note:
All info is based on SME Server 9 only.

Your host server must have internet access.

All testing below has been done on a virtual SME9 under Virtualbox. Yes, Docker also run on VM's :-)

By NO means this is an official thing or even applicable at all. Tinkering phase only here!


About

Docker logo.png

Docker is an open-source project that automates the deployment of applications inside software containers, providing that way an additional layer of abstraction and automatization of operating system–level virtualization on Linux. Docker uses resource isolation features of the Linux kernel such as cgroups and kernel namespaces to allow independent "containers" to run within a single Linux instance, avoiding the overhead of starting virtual machines.


Why Docker on SME Server?

Docker containers hold one or more applications (and all it's dependecies) and can be started and stopped at will. The containers, when activated, use the Linux kernel namespaces and are operating isolated from the rest of your server, except for storage/mount points and networking, depending on the configuration of the container. Some applications require special PHP versions or other modifications to your server settings that are not desirable and may effect yum updates and upgrades. Docker containers is a way to have such an application packed with all it's dependencies and run it isolated. You can have multiple containers running, depending on your server hardware capacity.

Examples:

  • ownCloud running in a container with a higher version of PHP then SME Server provides
  • A postgres application running in a container without having to install Postgres on SME Server
  • Service on demand, you can start/start (even scripted) a container when you need the service within the container
  • Move containers from one SME Server to another (Back-up or production) without installing the application itself
  • Time based service e.g. cron jobs. Only have an application running when you need it.
  • Keep SME Server's stock stability, security and flexibility, yet run exotic applications


Considerations

  • Storage of image library (local/NAS)
  • Storage of Docker application data (local/NAS)
  • Networking e.g. bridged with host, new bridge with host or port mapping
  • Stand alone all-in-on docker or linked containers
  • Security
  • Only use TRUSTED repo's with images. Who build the image, what's in it?
  • Naming convention of images to identify source(person or repo), SME version, application and version. e.g.:
owncloud-7.0.1-smeserver-9.0-john
wordpress-3.9.1-smeserver-8.1-mary
ehour-1.4.1-smeserver-9.0-richard
sharedfolders-2.1.1-smeserver-9.0-fws
frontaccounting-3.2.1-smeserver-8.1-contribsorg
  • Verification (checksum) of available images
  • Setting up trusted docker repo's
  • disable docker repo's enabled by default at installation and come up with a command that enables them a la Yum


Challenges

  • How to interact with localhost PAM or LDAP from within a container?
  • Many more...


Installation

Docker requires some RPM's that are not available in the default upstream repo's. So we need to enable the epel repo first. See epel

Then we can install Docker and it's dependencies:

yum install docker-io --enablerepo=epel
ln -s /etc/rc.d/init.d/e-smith-service /etc/rc7.d/S95docker
chkconfig docker on
service docker start

and then

docker

to see the available command line options. But first and foremost read the excellent Docker documentation


  • Note: Although we've linked the docker as service in runlevel 7, it will not pick up the config files /etc/sysconfig/docker. So Shipyard will not be able to connect to docker. Why?


Using a Docker image

By default, there are pre-build images available from the official Docker Hub. In our examples we will use the pre-build centos6 image.

To get a list of all available centos images you can use:

docker search centos

You will be flooded with available images from the Docker hub. This is because everyone can have a free account on Docker hub and create one repository for him/herself. We limit our testing to the official Centos repo. With all the other images, you are on your own and usage is at your own risk.

By default, downloaded images from the Docker hub to your local server will be places in /var/lib/docker. If you want to store these images elsewhere, then you can create a symbolic link from that storage location pointing to /var/lib/docker.

  • Note: See if we can change this default location in another way, config file?

Downloading a docker image

To download the centos6 image to your local server, issue the following command as root:

docker pull centos:centos6

where the syntax is 'centos' as the main repository and 'centos6' the specific version. Would you issue only 'docker pull centos', then all centos version will be downloaded. So be specific.

Once the image has been downloaded, you can check your local images by issuing:

docker images


Running a docker container

Now that we have downloaded the centos6 image it's time to give it a spin. To start the cento6 container we can issue the follwoing command:

docker run -t -i centos:centos6 bash

This will tell docker to run the centos6 container interactiveley from the local centos repo and start bash. After a few seconds you will be presented with the bash prompt inside the centos6 container:

bash-4.1#

and to check if we are really inside the centos6 container we can display the release version:

cat /etc/redhat-release

which will result in:

CentOS release 6.5 (Final)

From here you can use the normal commands like yum etc.

To exit the container you give the normal 'exit' command, which will stop the centos6 container and bring you back to the prompt of your local server.

To run a container in the background, you need to issue to docker run command with the -d flag instead of the -i flag


Building your own images

  • Notes

Manual, or.. https://github.com/docker/fig


Setting up a (Private) Docker repository

TBA


Docker notes

Loose notes:

docker=service
access=public
status=enabled


Shipyard web GUI

Shipyard is a separate GUI project hosted on Github. It will allow you to manage Docker instances and images from your browser. It is not required to use and run Docker containers, for all Docker commands can be issued from the command line.

For Shipyard to be able to connect to the Docker deamon, the file /etc/sysconfig/docker has to be adjusted to enable socket support and TCP.

Templated /etc/sysconfig/docker based on below db settings

/etc/sysconfig/docker:

other_args="-H tcp://127.0.0.1:4243 -H unix:///var/run/docker.sock"

127.0.0.1 (localhost) or 0.0.0.0 (public) based on db key shipyard Access

The restart the Docker deamon:

service docker restart

For Shipyard to be able to manage (multiple) hosts, each and every hosts will need to have shipyard-agent installed.


Installation

Shipyard can be installed as a Docker application itself. We will use this way of installing Shipyard.

Issue the follwoing command as root:

docker run -i -t -v /var/run/docker.sock:/docker.sock shipyard/deploy setup

This will make Docker pull the various layers and images and combine it into fully functional webserver with the Shipyard application installed.

Loose notes:

shipyard=service
TCPPort=4243
access=public
status=enabled


Shipyard agent

About


Installation

TBA

Loose notes

shipyard-agent=service
TCPPort=8000;4500
access=public
status=enabled


Related articles of interest


Things to do