The Adventures of Greg DevOps Travel Make Lifehack

Installing Docker on Centos 6

04 Aug 2013

If you haven’t checked out docker yet you definitely should! It hype says it’s going to do to application deployment what intermodal containers did to the cargo transportation industry. That’s a tall order, and we’ll see if it lives up to such a lofty goal. Regardless, it is a technology that could solve a lot of problems for Development and Operations teams and it is worth checking out.

Being such a new project it’s built to run on the latest-and-greatest version of a single distribution, Ubuntu. However many of us are working at CentOS/RHEL shops, and to use this technology you’ll need to jump through a few extra hoops to get it deployed.

Docker does its magic via LXC, cgroups, and a layered filesystem called AUFS. LXC is currently included in RHEL kernels, but AUFS is not. You’ll need to install components of both these systems to get docker working on your system.

Upgrading your Kernel
First you’ll need to update your kernel to one that supports AUFS. The one I use is one built by dotcloud. It conflicts with the kernel-firmware package, so remove that first, install the kernel the update your initrd via dracut.
`
rpm -e kernel-firmware
rpm -i http://get.docker.io/kernels/kernel-3.2.40_grsec_dotcloud-4.x86_64.rpm
/sbin/dracut –add-drivers dm-mod –add-drivers linear “” 3.2.40-grsec- dotcloud
`

edit /boot/grub/grub.conf to add a new entry for the 3.2.40 kernel, and append ‘selinux=0’ to the end of your command line. The dotcloud kernel isn’t compiled with selinux support. Then use grub-install /dev/(your boot disk) to install the updated bootloader configuration.

There’s a few other things to do because of the differences in this kernel’s version and configuration vs. a standard RHEL kernel.
`
echo “blacklist evbug” »/etc/modprobe.d/blacklist.conf

plymouthd doesn’t behave properly w/ chroot_caps

echo “kernel.grsecurity.chroot_caps = 0” »/etc/sysctl.conf

If you want to enable this after the system comes up:

echo “sysctl kernel.grsecurity.chroot_caps=1”»/etc/rc.local
`
Be sure ip forwarding is turned on. You can accomplish this via `
echo “net.ipv4.ip_forward = 1” »/etc/sysctl.conf`

You also need to prevent iptables from starting at boot, or modify your iptables rules for docker networking to work.

Be sure your system mounts the /cgroups filesystem at boot. If not, add it to /etc/fstab:
echo "none /cgroup cgroup defaults 0 0" >>/etc/fstab

You should reboot into the new kernel at this point.

Installing the required tools

Next we’re going to build an aufs-utils RPM and install it.. You could just compile it from source, but if you are like me, it’s likely you are doing this for a ton of systems, so much cleaner to build an RPM, and install it on many systems keeping as much as possible under the management of the package management system..

Be sure you have development tools installed.. If not yum groupinstall "Development tools" should do the trick. Next lets build the aufs-utils package and install it.. Here’s how I did it under CentOS6:
`
wget “ftp://ftp.pbone.net/mirror/ftp5.gwdg.de/pub/opensuse/repositories/home%3 A/awk2007%3A/fixes/Fedora_17/src/aufs-util-9999-13.1.src.rpm”
sudo yum install glibc-static
rpmbuild –rebuild aufs-util-9999-13.1.src.rpm
rpm -U (path-to)/aufs-util-9999-13.1.x86_64.rpm
`

You’ll also need to install lxc and lxc-libs - if you have the dag repo set up you can just ‘yum install’ it.. Otherwise, download and install them directly:
`
wget ftp://ftp.univie.ac.at/systems/linux/dag/redhat/el6/en/x86_64/dag/RPMS/lx c-0.8.0-1.el6.rf.x86_64.rpm
wget http://apt.sw.be/redhat/el6/en/x86_64/dag/RPMS/lxc- libs-0.8.0-1.el6.rf.x86_64.rpm
rpm -U lxc-0.8.0-1.el6.rf.x86_64.rpm lxc-libs-0.8.0-1.el6.rf.x86_64.rpm
`

Installing the docker binaries
Finally, we’ll download, install, and test the docker binaries. I tried to get compiling to work, by rebuilding the golang package from fedora on my CentOS box but didn’t get it working - the binaries work just fine:

wget http://get.docker.io/builds/Linux/x86_64/docker-latest.tgz tar xzf docker-latest.tgz cd docker-latest ./docker -d & ./docker run -i -t busybox /bin/sh
The final command should give you a shell prompt from inside a busybox docker container. Hopefully it is all working for you at this point. If you had problems, or have changes to the directions, post them in the comments below!

Related Posts