Tag Archives: docker

Dind (Docker in Docker) on Atomic host

I am preparing for Red Hat Docker exam 276, while preparation I came to know about docker in docker term which is called as Dind. It’s not a part of exam content. However I started digging more on it and I found some useful blogs on net to get start with it. In this article I am going to share the steps which I have followed to see the working on Dind.

Checking the docker version present on atomic host by default :

-bash-4.2# docker version
Client:
Version: 1.10.3
API version: 1.22
Package version: docker-common-1.10.3-59.el7.x86_64
Go version: go1.6.2
Git commit: 429be27-unsupported
Built: Fri Nov 18 17:03:44 2016
OS/Arch: linux/amd64

Server:
Version: 1.10.3
API version: 1.22
Package version: docker-common-1.10.3-59.el7.x86_64
Go version: go1.6.2
Git commit: 429be27-unsupported
Built: Fri Nov 18 17:03:44 2016
OS/Arch: linux/amd64

Started a new container using ding image.

-bash-4.2# docker run –privileged -t -i jpetazzo/dind
Unable to find image ‘jpetazzo/dind:latest’ locally
Trying to pull repository registry.access.redhat.com/jpetazzo/dind …
unknown: Not Found
Trying to pull repository docker.io/jpetazzo/dind …
latest: Pulling from docker.io/jpetazzo/dind
16da43b30d89: Pull complete
1840843dafed: Pull complete
91246eb75b7d: Pull complete
7faa681b41d7: Pull complete
97b84c64d426: Pull complete
a1bc5a98c1dc: Pull complete
ce58583abd90: Pull complete
66270626f481: Pull complete
Digest: sha256:63a7c4b0f69fbc21755e677f85532ce327e0240aedf6afa0421ca1f3a66dbf2e
Status: Downloaded newer image for docker.io/jpetazzo/dind:latest
ln: failed to create symbolic link ‘/sys/fs/cgroup/systemd/name=systemd’: Operation not permitted
INFO[0001] libcontainerd: new containerd process, pid: 72
ERRO[0002] devmapper: Udev sync is not supported. This will lead to data loss and unexpected behavior. Install a more recent version of libdevmapper or select a different storage driver. For more information, see https://docs.docker.com/engine/reference/commandline/daemon/#daemon-storage-driver-option
ERRO[0002] ‘overlay’ not found as a supported filesystem on this host. Please ensure kernel is new enough and has overlay support loaded.
INFO[0002] Graph migration to content-addressability took 0.00 seconds
INFO[0002] Loading containers: start.
WARN[0002] Running modprobe bridge br_netfilter failed with message: modprobe: ERROR: ../libkmod/libkmod.c:556 kmod_search_moddep() could not open moddep file ‘/lib/modules/3.10.0-514.2.2.el7.x86_64/modules.dep.bin’
modprobe: ERROR: ../libkmod/libkmod.c:556 kmod_search_moddep() could not open moddep file ‘/lib/modules/3.10.0-514.2.2.el7.x86_64/modules.dep.bin’
, error: exit status 1
WARN[0002] Running modprobe nf_nat failed with message: `modprobe: ERROR: ../libkmod/libkmod.c:556 kmod_search_moddep() could not open moddep file ‘/lib/modules/3.10.0-514.2.2.el7.x86_64/modules.dep.bin’`, error: exit status 1
WARN[0002] Running modprobe xt_conntrack failed with message: `modprobe: ERROR: ../libkmod/libkmod.c:556 kmod_search_moddep() could not open moddep file ‘/lib/modules/3.10.0-514.2.2.el7.x86_64/modules.dep.bin’`, error: exit status 1
INFO[0002] Default bridge (docker0) is assigned with an IP address 172.18.0.0/16. Daemon option –bip can be used to set a preferred IP address

INFO[0002] Loading containers: done.
INFO[0002] Daemon has completed initialization
INFO[0002] Docker daemon commit=7392c3b graphdriver=vfs version=1.12.5
INFO[0002] API listen on /var/run/docker.sock

Check the docker version inside it.

root@0d97538dcb4d:/# docker version
Client:
Version: 1.12.5
API version: 1.24
Go version: go1.6.4
Git commit: 7392c3b
Built: Fri Dec 16 02:30:42 2016
OS/Arch: linux/amd64

Server:
Version: 1.12.5
API version: 1.24
Go version: go1.6.4
Git commit: 7392c3b
Built: Fri Dec 16 02:30:42 2016
OS/Arch: linux/amd64

I am into the container now and I can run the docker commands inside container. Isn’t it cool ?

root@0d97538dcb4d:/# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

Let’s try to spawn a new container inside a container.

While trying to spawn a new container I ran out of space issue.

root@0d97538dcb4d:/# docker run -t -i mysql bash
ERRO[0403] Handler for POST /v1.24/containers/create returned error: No such image: mysql:latest
Unable to find image ‘mysql:latest’ locally
latest: Pulling from library/mysql
75a822cd7888: Pull complete
b8d5846e536a: Pull complete
b75e9152a170: Pull complete
832e6b030496: Pull complete
fe4a6c835905: Pull complete
c3f247e29ab1: Extracting [==================================================>] 19.02 kB/19.02 kB
21be3e562071: Download complete
c7399d6bf033: Downloading [=====================================> ] 57.31 MB/76.98 MB
c7399d6bf033: Downloading [==================================================>] 76.98 MB/76.98 MB
3835a628a92f: Download complete
530d0fb19b13: Download complete
ERRO[0549] Download failed: write /var/lib/docker/tmp/GetImageBlob883713982: no space left on device
ERRO[0549] Not continuing with pull after error: write /var/lib/docker/tmp/GetImageBlob883713982: no space left on device
docker: write /var/lib/docker/tmp/GetImageBlob883713982: no space left on device.
See ‘docker run –help’.

Checked the filesystem utilization inside container. Found that /etc/hosts has not such space left.

~~~
root@0d97538dcb4d:/# df -Ph
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/docker-253:0-5137701-f6e4b3a3f41c934e95188beb881a8fa964bcdcdef7bd86f46dfb8c3740905410 10G 456M 9.6G 5% /
tmpfs 1.9G 0 1.9G 0% /dev
tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup
/dev/mapper/rhelah-root 3.0G 2.3G 779M 75% /etc/hosts
shm 64M 0 64M 0% /dev/shm
~~~

I fixed the issue by expanding the root filesystem on host atomic machine. After that I was able to see the expanded filesystem space inside the container.

~~~
root@0d97538dcb4d:/# df -Ph
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/docker-253:0-5137701-f6e4b3a3f41c934e95188beb881a8fa964bcdcdef7bd86f46dfb8c3740905410 10G 456M 9.6G 5% /
tmpfs 1.9G 0 1.9G 0% /dev
tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup
/dev/mapper/rhelah-root 8.0G 2.3G 5.8G 28% /etc/hosts
shm 64M 0 64M 0% /dev/shm
~~~

Let’s try to start the second citizen container again. This time I am able to start the nested container successfully and I am into new nested container.

root@0d97538dcb4d:/# docker run -t -i mysql bash
ERRO[0917] Handler for POST /v1.24/containers/create returned error: No such image: mysql:latest
Unable to find image ‘mysql:latest’ locally
latest: Pulling from library/mysql
75a822cd7888: Pull complete
b8d5846e536a: Pull complete
b75e9152a170: Pull complete
832e6b030496: Pull complete
fe4a6c835905: Pull complete
c3f247e29ab1: Pull complete
21be3e562071: Pull complete
c7399d6bf033: Pull complete
ccdaeae6c735: Pull complete
3835a628a92f: Pull complete
530d0fb19b13: Pull complete
Digest: sha256:de1570492c641112fdb94db9c788f6a400f71f25a920da95ec88c3848450ed57
Status: Downloaded newer image for mysql:latest
root@bb8d6a3218ab:/#

Let’s switch to base atomic machine and see how many containers we are seeing in output.

We are seeing only one container. Second container is running inside this container.

-bash-4.2# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0d97538dcb4d jpetazzo/dind “wrapdocker” About an hour ago Up About an hour compassionate_borg

Let’s login into this container and then see the second running container. Great we are able to see nested container.

-bash-4.2# docker exec -it 0d97538dcb4d bash

root@0d97538dcb4d:/# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
bb8d6a3218ab mysql “docker-entrypoint.sh” About an hour ago Up About an hour 3306/tcp gloomy_hawking

Let’s check some network settings about this setup. As you may already know by default installation of atomic host creates a docker bridge and first class container got the IP address in that default range.

In my case atomic host is having this docker0 linux bridge.

-bash-4.2# ip a show docker0
3: docker0: mtu 1500 qdisc noqueue state UP
link/ether 02:42:5a:45:6e:46 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:5aff:fe45:6e46/64 scope link
valid_lft forever preferred_lft forever

Inspecting the IP address of first class container. It’s range of docker0.

-bash-4.2# docker inspect -f ‘{{.NetworkSettings.IPAddress}}’ 0d97538dcb4d
172.17.0.2

Let’s login into container and then see the interfaces assigned to it.

-bash-4.2# docker exec -it 0d97538dcb4d bash
root@0d97538dcb4d:/# ip a
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: docker0: mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:d5:03:ab:de brd ff:ff:ff:ff:ff:ff
inet 172.18.0.1/16 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:d5ff:fe03:abde/64 scope link
valid_lft forever preferred_lft forever
4: veth2b9b80a@if3: mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 62:60:f4:0a:07:f3 brd ff:ff:ff:ff:ff:ff
inet6 fe80::6060:f4ff:fe0a:7f3/64 scope link
valid_lft forever preferred_lft forever
96: eth0@if97: mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::42:acff:fe11:2/64 scope link
valid_lft forever preferred_lft forever

We can see that it’s having another docker0 linux bridge which is having subnet range “172.18.0.1/16” now this will be used to provide the DHCP ip address to second class or nested containers.

root@0d97538dcb4d:/# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
bb8d6a3218ab mysql “docker-entrypoint.sh” About an hour ago Up About an hour 3306/tcp gloomy_hawking
root@0d97538dcb4d:/# docker inspect -f ‘{{.NetworkSettings.IPAddress}}’ bb8d6a3218ab
172.18.0.2

This IP address will not be reachable from atomic host.

-bash-4.2# ping 172.18.0.2
PING 172.18.0.2 (172.18.0.2) 56(84) bytes of data.
^C
— 172.18.0.2 ping statistics —
3 packets transmitted, 0 received, 100% packet loss, time 2003ms

Obviously you would be able to reach “172.17.0.2” from atomic host because of masquerading rule.

-bash-4.2# iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DOCKER all — anywhere anywhere ADDRTYPE match dst-type LOCAL

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DOCKER all — anywhere !loopback/8 ADDRTYPE match dst-type LOCAL

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all — 172.17.0.0/16 anywhere

Chain DOCKER (2 references)
target prot opt source destination
RETURN all — anywhere anywhere

How to link containers in RHEL Atomic ?

In this article I am going to link two containers. It will help to provide connectivity between the containers. I would suggest you to refer the link to know more about linking container.

Step 1 : I have run the new container using below command port 8080 is exposed to host port 8080.

-bash-4.2# docker run –name job1 -p 8080:8080 -it rhel

We can verify the same using below.

-bash-4.2# docker port job1
8080/tcp -> 0.0.0.0:8080

Step 2 : Check the status of docker and networking configuration from host.

-bash-4.2# docker ps
CONTAINER ID        IMAGE                                   COMMAND             CREATED             STATUS              PORTS                    NAMES
de3bdc15e436        registry.access.redhat.com/rhel:7.1-4   “/usr/bin/bash”     2 minutes ago       Up 2 minutes        0.0.0.0:8080->8080/tcp   job1

After starting the container ip address is showing in output bridge to which docker interfaces will be connected.

-bash-4.2# ifconfig -a
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
inet 172.17.42.1  netmask 255.255.0.0  broadcast 0.0.0.0
inet6 fe80::5484:7aff:fefe:9799  prefixlen 64  scopeid 0x20<link>
ether 56:84:7a:fe:97:99  txqueuelen 0  (Ethernet)
RX packets 7  bytes 460 (460.0 B)
RX errors 0  dropped 0  overruns 0  frame 0
TX packets 16  bytes 2018 (1.9 KiB)
TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

In iptables as well we can see the new rule has been added in FORWARD chain.

-bash-4.2# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     tcp  —  anywhere             172.17.0.2           tcp dpt:webcache
ACCEPT     all  —  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     all  —  anywhere             anywhere
ACCEPT     all  —  anywhere             anywhere

Step 3 : Lets start another container(job2) by linking to already running container (job1).

-bash-4.2# docker run –name job2 –link job1:job1 -it rhel

Inside that container we can check the environment information and we will find the settings for job1 container these are for communication between the containers.

[root@62609febed2b /]# printenv | grep -i job1
JOB1_PORT=tcp://172.17.0.2:8080
JOB1_PORT_8080_TCP_PORT=8080
JOB1_PORT_8080_TCP=tcp://172.17.0.2:8080
JOB1_NAME=/job2/job1
JOB1_ENV_container=docker
JOB1_PORT_8080_TCP_PROTO=tcp
JOB1_PORT_8080_TCP_ADDR=172.17.0.2

We can also find the entry added in output of /etc/hosts.

[root@62609febed2b /]# cat /etc/hosts | grep -i job1
172.17.0.2      job1

Step 4 : We can see the new rule has been added for container job2 in host iptables.

-bash-4.2# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     tcp  —  172.17.0.2           172.17.0.3           tcp spt:webcache
ACCEPT     tcp  —  172.17.0.3           172.17.0.2           tcp dpt:webcache
ACCEPT     tcp  —  anywhere             172.17.0.2           tcp dpt:webcache
ACCEPT     all  —  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     all  —  anywhere             anywhere
ACCEPT     all  —  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

As we are not exposing any port hence nothing is shown in below output.

-bash-4.2# docker port job2

Check the output of bridge to see the interfaces of docker which are connected to bridge.

-bash-4.2# brctl show
bridge name     bridge id               STP enabled     interfaces
docker0         8000.56847afe9799       no              veth953e475
vetha66139a

Step 5 : As I was testing this inside Atomic RHEL host, containers were not having ping command hence to verify the work I have followed the below workaround to make the ping command work inside the container.

Installed iputils.x86_64 0:20121221-6.el7 package.

[root@62609febed2b /]# mkdir -p /opt/ping
[root@62609febed2b /]# cp /usr/bin/ping /opt/ping/
[root@62609febed2b /]# /opt/ping/ping job1
PING job1 (172.17.0.2) 56(84) bytes of data.
64 bytes from job1 (172.17.0.2): icmp_seq=1 ttl=64 time=0.300 ms
64 bytes from job1 (172.17.0.2): icmp_seq=2 ttl=64 time=0.076 ms

How to use dockerfiles to create container ?

In this article I am going to show how to create image from the dockerfile. A dockerfile is a text document that contains all the commands you would normally execute manually in order to build a Docker image.

Step 1 : I have created docker file in one a directory test2.

-bash-4.2# pwd
/root/test2

-bash-4.2# cat Dockerfile
## Setting environment and working directory
FROM rhel
MAINTAINER vickygup1
RUN yum update -y
RUN yum install httpd -y
RUN yum clean all
WORKDIR /tmp
ENV Hello version1

You may refer the article to know more about the syntax of Dockerfile.

Step 2 : Bit explanation on my dockerfile. I am going to install the httpd package and change my working directory to /tmp and adding one environment variable. Dockerfile help us to avoid issuing the command everytime while running container.

Step 3 : From the dockerfile I am going to create one image and using that image I will run container.

-bash-4.2# docker build -t local/demo1:tag1 .
Sending build context to Docker daemon  2.56 kB
Sending build context to Docker daemon
Step 0 : FROM rhel
—> 10acc31def5d
Step 1 : MAINTAINER vickygup1
—> Running in fc8ae3eed0e4
—> 586f56caa630
Removing intermediate container fc8ae3eed0e4
Step 2 : RUN yum update -y
—> Running in bafdd145ba46
Loaded plugins: product-id, subscription-manager
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/os/repodata/bacb8858a00f81e427cee86b6714f411a78fb4b0-comps-rhel-x86_64-server-7.                       xml.gz: [Errno 14] curl#6 – “Could not resolve host: cdn.redhat.com; Name or service not known”
Trying other mirror.
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/os/repodata/94782eadb60f106000b4038fcd69b72026903d2ad8fe64bfb39c63c87f8bd706-upd                       ateinfo.xml.gz: [Errno 14] curl#6 – “Could not resolve host: cdn.redhat.com; Name or service not known”
Trying other mirror.
Resolving Dependencies
–> Running transaction check
—> Package subscription-manager.x86_64 0:1.13.19-1.el7 will be updated
—> Package subscription-manager.x86_64 0:1.13.22-1.el7 will be an update
—> Package tzdata.noarch 0:2014j-1.el7 will be updated
—> Package tzdata.noarch 0:2015a-1.el7 will be an update
–> Finished Dependency Resolution

Dependencies Resolved

================================================================================
Package                 Arch      Version          Repository             Size
================================================================================
Updating:
subscription-manager    x86_64    1.13.22-1.el7    rhel-7-server-rpms    795 k
tzdata                  noarch    2015a-1.el7      rhel-7-server-rpms    432 k

Transaction Summary
================================================================================
Upgrade  2 Packages

Total download size: 1.2 M
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
warning: /var/cache/yum/x86_64/7Server/rhel-7-server-rpms/packages/tzdata-2015a-1.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51                       : NOKEY
Public key for tzdata-2015a-1.el7.noarch.rpm is not installed
——————————————————————————–
Total                                              138 kB/s | 1.2 MB  00:08
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Importing GPG key 0xFD431D51:
Userid     : “Red Hat, Inc. (release key 2) <security@redhat.com>”
Fingerprint: 567e 347a d004 4ade 55ba 8a5f 199e 2f91 fd43 1d51
Package    : redhat-release-server-7.1-1.el7.x86_64 (@koji-override-0/7.0)
From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Importing GPG key 0x2FA658E0:
Userid     : “Red Hat, Inc. (auxiliary key) <security@redhat.com>”
Fingerprint: 43a6 e49c 4a38 f4be 9abf 2a53 4568 9c88 2fa6 58e0
Package    : redhat-release-server-7.1-1.el7.x86_64 (@koji-override-0/7.0)
From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Updating   : tzdata-2015a-1.el7.noarch                                    1/4
Updating   : subscription-manager-1.13.22-1.el7.x86_64                    2/4
Cleanup    : tzdata-2014j-1.el7.noarch                                    3/4
Cleanup    : subscription-manager-1.13.19-1.el7.x86_64                    4/4
Verifying  : subscription-manager-1.13.22-1.el7.x86_64                    1/4
Verifying  : tzdata-2015a-1.el7.noarch                                    2/4
Verifying  : tzdata-2014j-1.el7.noarch                                    3/4
Verifying  : subscription-manager-1.13.19-1.el7.x86_64                    4/4

Updated:
subscription-manager.x86_64 0:1.13.22-1.el7    tzdata.noarch 0:2015a-1.el7

Complete!
—> 9ffa51ca1d70
Removing intermediate container bafdd145ba46
Step 3 : RUN yum install httpd -y
—> Running in ea50ad41458f
Loaded plugins: product-id, subscription-manager
Resolving Dependencies
–> Running transaction check
—> Package httpd.x86_64 0:2.4.6-31.el7 will be installed
–> Processing Dependency: httpd-tools = 2.4.6-31.el7 for package: httpd-2.4.6-31.el7.x86_64
–> Processing Dependency: system-logos >= 7.92.1-1 for package: httpd-2.4.6-31.el7.x86_64
–> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-31.el7.x86_64
–> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-31.el7.x86_64
–> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-31.el7.x86_64
–> Running transaction check
—> Package apr.x86_64 0:1.4.8-3.el7 will be installed
—> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed
—> Package httpd-tools.x86_64 0:2.4.6-31.el7 will be installed
—> Package mailcap.noarch 0:2.1.41-2.el7 will be installed
—> Package redhat-logos.noarch 0:70.0.3-4.el7 will be installed
–> Finished Dependency Resolution

Dependencies Resolved

================================================================================
Package           Arch        Version            Repository               Size
================================================================================
Installing:
httpd             x86_64      2.4.6-31.el7       rhel-7-server-rpms      1.2 M
Installing for dependencies:
apr               x86_64      1.4.8-3.el7        rhel-7-server-rpms      103 k
apr-util          x86_64      1.5.2-6.el7        rhel-7-server-rpms       92 k
httpd-tools       x86_64      2.4.6-31.el7       rhel-7-server-rpms       79 k
mailcap           noarch      2.1.41-2.el7       rhel-7-server-rpms       31 k
redhat-logos      noarch      70.0.3-4.el7       rhel-7-server-rpms       13 M

Transaction Summary
================================================================================
Install  1 Package (+5 Dependent packages)

Total download size: 14 M
Installed size: 18 M
Downloading packages:
——————————————————————————–
Total                                               68 kB/s |  14 MB  03:35
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : apr-1.4.8-3.el7.x86_64                                       1/6
Installing : apr-util-1.5.2-6.el7.x86_64                                  2/6
Installing : httpd-tools-2.4.6-31.el7.x86_64                              3/6
Installing : mailcap-2.1.41-2.el7.noarch                                  4/6
Installing : redhat-logos-70.0.3-4.el7.noarch                             5/6
Installing : httpd-2.4.6-31.el7.x86_64                                    6/6
Verifying  : redhat-logos-70.0.3-4.el7.noarch                             1/6
Verifying  : apr-1.4.8-3.el7.x86_64                                       2/6
Verifying  : mailcap-2.1.41-2.el7.noarch                                  3/6
Verifying  : httpd-2.4.6-31.el7.x86_64                                    4/6
Verifying  : apr-util-1.5.2-6.el7.x86_64                                  5/6
Verifying  : httpd-tools-2.4.6-31.el7.x86_64                              6/6

Installed:
httpd.x86_64 0:2.4.6-31.el7

Dependency Installed:
apr.x86_64 0:1.4.8-3.el7                  apr-util.x86_64 0:1.5.2-6.el7
httpd-tools.x86_64 0:2.4.6-31.el7         mailcap.noarch 0:2.1.41-2.el7
redhat-logos.noarch 0:70.0.3-4.el7

Complete!
—> 0aab5f0659d3
Removing intermediate container ea50ad41458f
Step 4 : RUN yum clean all
—> Running in 1d8a1b55646c
Loaded plugins: product-id, subscription-manager
Cleaning repos: rhel-7-server-rpms
Cleaning up everything
—> 168a1a10c352
Removing intermediate container 1d8a1b55646c
Step 5 : WORKDIR /tmp
—> Running in 9d84d8cc5a6c
—> 6c871aee9223
Removing intermediate container 9d84d8cc5a6c
Step 6 : ENV Hello version1
—> Running in a7f0817d03a0
—> 4a16ef98360b
Removing intermediate container a7f0817d03a0
Successfully built 4a16ef98360b

Step 4 : Image has been built successfully we can verify the same by issuing below command.

-bash-4.2# docker images
REPOSITORY                        TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
local/demo1                       tag1                4a16ef98360b        2 minutes ago       270.8 MB

Step 5 : Run the container using image created in step 3 and verify that everything is according to the configuration file.

-bash-4.2# docker run -ti –name check1 4a16ef98360b
[root@a85d0a125bf9 tmp]# pwd
/tmp

In configuration file we have given /tmp as default dir.

We have set one environment variable as well we can check that also.

[root@a85d0a125bf9 tmp]# echo $Hello
version1

How to upgrade Redhat Atomic Host ?

In this article I am going to show how to upgrade the RHEL Atomic Host.

Step 1 : I have installed the RHEL Atomic host on VMware workstation.

Step 2 : Checked the current version using below commands.

-bash-4.2# atomic status -p
============================================================
* DEFAULT ON BOOT
—————————————-
version    7.0.0
timestamp  2014-11-01 20:22:01
id         dcf0c846ff87f251d48439f6c90948f1183654a9b9d46b28c3f5e0f42c1ddf8e.0
osname     rhel-atomic-host
refspec    rhel-atomic-host-beta-ostree:rhel-atomic-host/7/x86_64/standard
============================================================

-bash-4.2# rpm-ostree status
VERSION   ID             OSNAME               REFSPEC
* 7.0.0     dcf0c846ff     rhel-atomic-host     rhel-atomic-host-beta-ostree:rhel-atomic-host/7/x86_64/standard

Step 3 : Registered the system using subscription manager.

-bash-4.2# subscription-manager list

+——————————————-+
Installed Product Status
+——————————————-+
Product Name:   Red Hat Enterprise Linux Server
Product ID:     69
Version:        7.0
Arch:           x86_64
Status:         Subscribed
Status Details:
Starts:         03/05/2015
Ends:           04/03/2015

Product Name:   Red Hat Enterprise Linux Atomic Host Beta
Product ID:     272
Version:        7-Beta
Arch:           x86_64
Status:         Subscribed
Status Details:
Starts:         03/05/2015
Ends:           04/03/2015

Step 4 : Issue the below command to start the upgrade process.

-bash-4.2# atomic upgrade
Updating from: rhel-atomic-host-beta-ostree:rhel-atomic-host/7/x86_64/standard

613 metadata, 3173 content objects fetched; 122756 KiB transferred in 652 seconds
Copying /etc changes: 10 modified, 4 removed, 35 added
Transaction complete; bootconfig swap: yes deployment count change: 1
Changed:

Step 5 : After completion of upgrade rebooted the server and checked the status using below command.

-bash-4.2# atomic status -p
============================================================
* DEFAULT ON BOOT
—————————————-
version    7.0.1
timestamp  2014-12-11 19:27:46
id         18a9998c80adb6986bf3c7c9eb31c1f9d408d074fdac0ee37a6074ea2be218b4.0
osname     rhel-atomic-host
refspec    rhel-atomic-host-beta-ostree:rhel-atomic-host/7/x86_64/standard
============================================================
NON-DEFAULT ROLLBACK TARGET
—————————————-
version    7.0.0
timestamp  2014-11-01 20:22:01
id         dcf0c846ff87f251d48439f6c90948f1183654a9b9d46b28c3f5e0f42c1ddf8e.0
osname     rhel-atomic-host
refspec    rhel-atomic-host-beta-ostree:rhel-atomic-host/7/x86_64/standard
============================================================

Step 6 : I can see the newer version of docker as well.

-bash-4.2# docker version
Client version: 1.3.2
Client API version: 1.15
Go version (client): go1.3.1
Git commit (client): 39fa2fa/1.3.2
OS/Arch (client): linux/amd64
Server version: 1.3.2
Server API version: 1.15
Go version (server): go1.3.1
Git commit (server): 39fa2fa/1.3.2

How to share volumes or contents between containers ?

In this article I am going to show you how to share the contents between containers. Contents can be shared between containers using the volumes Below are my setup details. –> Redhat Atomic Host –> Creating two container using same volume.

Step 1 : I have created new container with name vicky3.

Atomic# docker run -i -v /var/volume1 -name vicky3 -t rhel /bin/bash

After issuing the above new prompt will come. In /var of container you can see the volume (volume1) shown as directory.

bash-4.2# cd var/ adm/      db/       games/    kerberos/ local/    log/      nis/      preserve/ spool/    volume1/ cache/    empty/    gopher/   lib/      lock      mail/     opt/      run/      tmp/      yp/

Step 2 : I went into volume1 directory and create new files inside it.

bash-4.2# touch file1

bash-4.2# touch file2

Step 3 : Time to create new container using the same volume. This time I have not given any name to container.

Atomic# docker run -i –volumes-from vicky3 -t rhel /bin/bash

I went to same volume volume1 and list the contents. I can see that two files are present which we have created in vicky3 container.

bash-4.2# cd /var/volume1/

bash-4.2# ls file1  file2

Step 4 : I created new file in it from the new container.

bash-4.2# touch file3

I am able to see the new file in vicky3 container as well.

Step 5 : If you want to check the volume contents on atomic host, you need to go to below path.

Atomic# ls /var/lib/docker/vfs/dir/85b51dad82f897941aaadc9c6131545d3292681184f796404350eeeb4abc32ed/*
file1  file2  file3

#### Now question arises Whats the use of volume in container.

  1. You want to be able to share a directory between containers
  2. You intend on writing large amounts of data to a directory, for example, for a database.

You may refer the below link for more information. http://www.projectatomic.io/docs/docker-image-author-guidance/

Glimpse of Docker on RHEL 6.5

In this article I am going to give you the glimpse of docker on RHEL 6.5.

What is package require for docker to work ?
[root@Node1 ~]# rpm -qa | grep -i docker
docker-io-1.1.2-1.el6.x86_64

How to check the containers present on server ?

[root@Node1 ~]# docker ps
CONTAINER ID        IMAGE                        COMMAND                CREATED             STATUS              PORTS               NAMES
d56d999c57d7        newedge/php:latest         /bin/sh -c ‘/usr/sbi   39 hours ago        Up 39 hours         80/tcp              bobtest-0009
a68eefe8c623        newedge/php:latest         /bin/sh -c ‘/usr/sbi   39 hours ago        Up 39 hours         80/tcp              bobtest-000a
ccb79870cc00        newedge/php:latest         /bin/sh -c ‘/usr/sbi   39 hours ago        Up 39 hours         80/tcp              bobtest-0008
e33f88d8ba5e        newedge/php:latest         /bin/sh -c ‘/usr/sbi   39 hours ago        Up 39 hours         80/tcp              bobtest-0007
f8d95a56cd49        newedge/php:latest         /bin/sh -c ‘/usr/sbi   39 hours ago        Up 39 hours         80/tcp              bobtest-0005
a8638b084e1e        newedge/php:latest         /bin/sh -c ‘/usr/sbi   39 hours ago        Up 39 hours         80/tcp              bobtest-0006
ecb9405c3726        newedge/php:latest         /bin/sh -c ‘/usr/sbi   39 hours ago        Up 39 hours         80/tcp              bobtest-0004
824d680b8d89        newedge/php:latest         /bin/sh -c ‘/usr/sbi   39 hours ago        Up 39 hours         80/tcp              bobtest-0003
112ca55c81f8        newedge/php:latest         /bin/sh -c ‘/usr/sbi   39 hours ago        Up 39 hours         80/tcp              bobtest-0002
b4ce44ba885a        newedge/php:latest         /bin/sh -c ‘/usr/sbi   39 hours ago        Up 39 hours         80/tcp              bobtest-0001
269ff3ce3e84        newedge/memcached:latest   /usr/bin/memcached –   40 hours ago        Up 40 hours         11211/tcp           memcached

How to check the process running in docker ?

[root@Node1 ~]# docker top d56d999c57d7
UID                 PID                 PPID                C                   STIME               TTY                 TIME                CMD
root                6384                7025                0                   Oct08               ?                   00:00:07            /usr/sbin/httpd -k start -D FOREGROUND
apache              6472                6384                0                   Oct08               ?                   00:00:02            /usr/sbin/httpd -k start -D FOREGROUND
apache              6473                6384                0                   Oct08               ?                   00:00:02            /usr/sbin/httpd -k start -D FOREGROUND
apache              6474                6384                0                   Oct08               ?                   00:00:02            /usr/sbin/httpd -k start -D FOREGROUND
apache              6475                6384                0                   Oct08               ?                   00:00:02            /usr/sbin/httpd -k start -D FOREGROUND
apache              6476                6384                0                   Oct08               ?                   00:00:02            /usr/sbin/httpd -k start -D FOREGROUND
apache              6477                6384                0                   Oct08               ?                   00:00:02            /usr/sbin/httpd -k start -D FOREGROUND
apache              6478                6384                0                   Oct08               ?                   00:00:02            /usr/sbin/httpd -k start -D FOREGROUND
apache              6479                6384                0                   Oct08               ?                   00:00:02            /usr/sbin/httpd -k start -D FOREGROUND

How to check the version of docker ?

[root@Node1 ~]# docker version
Client version: 1.1.2
Client API version: 1.13
Go version (client): go1.2.2
Git commit (client): d84a070/1.1.2
Server version: 1.1.2
Server API version: 1.13
Go version (server): go1.2.2
Git commit (server): d84a070/1.1.2

How to check the container information ?

[root@Node1 ~]# docker info
Containers: 11
Images: 106
Storage Driver: devicemapper
Pool Name: docker-253:3-835603-pool
Data file: /var/lib/docker/devicemapper/devicemapper/data
Metadata file: /var/lib/docker/devicemapper/devicemapper/metadata
Data Space Used: 3881.9 Mb
Data Space Total: 102400.0 Mb
Metadata Space Used: 6.1 Mb
Metadata Space Total: 2048.0 Mb
Execution Driver: native-0.2
Kernel Version: 2.6.32-431.29.2.el6.x86_64

How to list the images ?

[root@Node1 ~]# docker images
REPOSITORY            TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
ubuntu                13.10               195eb90b5349        3 months ago        184.6 MB
ubuntu                10.04               3db9c44f4520        5 months ago        183 MB
ubuntu                lucid               3db9c44f4520        5 months ago        183 MB