Docker

From Wiki [en] OpenMandriva
Jump to: navigation, search

Docker is a utility to pack, ship and run any application as a lightweight container.

Installation

Install the docker package package.

# sudo urpmi docker

Next enable and start docker.service and verify operation:

# sudo systemctl enable docker.service
# sudo systemctl start docker.service
# sudo docker info

If you want to be able to run docker as a regular user, add yourself to the docker group:

# gpasswd -a user docker

Then re-login or to make your current user session aware of this new group, you can use:

$ newgrp docker

Configuration

Docker 0.9.0 -- 1.2.x and LXC

Since version 0.9.0 Docker provides a new way to start containers without relying on a LXC library called libcontainer.

The lxc exec driver and the -lxc-conf option may also be removed in the near future, [1]

Hence, you will not be able to use lxc-attach with containers managed by Docker 0.9.0+ by default. It is required to make Docker daemon run with -e lxc as an argument.

You can create a file named lxc.conf under /etc/systemd/system/docker.service.d/ with the following contents:

[Service]
ExecStart=
ExecStart=/usr/bin/docker -d -e lxc

Images

OpenMandriva Linux

x86_64

The following command pulls the openmandriva/cooker x86_64 image.

# docker pull openmandriva/cooker

Skype

Run Skype in docker container Source: https://github.com/OpenMandrivaAssociation/docker-skype

# docker pull openmandriva/skype
# docker run -it --rm --volume /usr/local/bin:/target openmandriva/skype:latest install
# /usr/local/bin/skype-wrapper skype

Debian

Build Debian image with debootstrap from the contrib repo:

# mkdir wheezy-chroot
# debootstrap wheezy ./wheezy-chroot http://http.debian.net/debian/
# cd wheezy-chroot
# tar cpf - . | docker import - debian
# docker run -t -i --rm debian /bin/bash

Useful tips

To grab the IP address of a running container:

# docker inspect --format 'Template:.NetworkSettings.IPAddress' <container-name OR id>
# 172.17.0.37

Troubleshooting

Docker info errors out

If running docker info gives an error that looks like this:

 FATA[0000] Get http:///var/run/docker.sock/v1.17/info: read unix /var/run/docker.sock: connection reset by peer. Are you trying to connect to a TLS-enabled daemon without TLS? 

then you might not have the bridge module loaded. You can check for it by running lsmod | grep bridge. If it is not loaded, you can try to load it with modprobe or simply reboot (a reboot might be required if you have upgraded your kernel recently without rebooting and the bridge module was built for the more recent kernel.)

See this issue on GitHub for more information.

Deleting Docker Images in a BTRFS Filesystem

Deleting docker images in a btrfs filesystem leaves the images in var/lib/docker/btrfs/subvolumes/ with a size of 0. When you try to delete this you get a permission error.

 # docker rm bab4ff309870
 # rm -Rf /var/lib/docker/btrfs/subvolumes/*
 rm: cannot remove '/var/lib/docker/btrfs/subvolumes/85122f1472a76b7519ed0095637d8501f1d456787be1a87f2e9e02792c4200ab': Operation not permitted

This is caused by btrfs which created subvolumes for the docker images. So the correct command to delete them is:

 # btrfs subvolume delete /var/lib/docker/btrfs/subvolumes/85122f1472a76b7519ed0095637d8501f1d456787be1a87f2e9e02792c4200ab

docker0 Bridge gets no IP / no internet access in containers

Docker enables IP forwarding by itself, but by default systemd overrides the respective sysctl setting. The following disables this override (for all interfaces):

# cat >/etc/systemd/network/ipforward.network <<EOF
[Network]
IPForward=kernel
EOF

Finally restart the systemd-networkd and docker services.