Here I’d like to introduce to you a one of most impressive virtualization technology of the last several years — Docker.
Docker represents a new level of virtual technique — a container. It based on host operating system and is able to use kernel features. Each container can run a different software, such as Apache, nginx, tomcat, etc, as well as virtual machines and guest operating systems. Unlike of traditional virtualization, like Oracle VM or VmWare, where you need to install a guest operating system, containers use host resources.
You could say «Why should I use Docker instead of running apps directly at host?», but the reason is quite simple — you can run as many containers as your hardware allows, but all those application will be completely isolated from each other and host system. Also you can use a lot of Docker hosts to create a cloud for you needs.
There are two versions of Docker engine — free one, which is included in all Linux distros, and commercially supported, which also includes DataCenter Components — Universal Control Plane and Docker Trusted Registry.
In this document I want to show how to deploy Docker infrastructure to several nodes (including Universal Control Plane and Docker Trusted Registry), how to join them in the cluster, how to use networks, attach drives and etc.
To follow me you will need to get a free 30 days trial of Docker DataCenter subscription to be able to perform all of those tasks. It won’t take a lot of time to register, don’t be afraid they don’t need you credit card info :-). Here is a link to this subscription.
So, what I am going to implement:
- Docker Management Node (OEL 7.2 + Universal Control Plane);
- Docker Trusted Registry node (OEL 7.2 + DTR);
- Docker Node #1 (OEL 7.2);
- Docker Node #2 (OEL 7.2);
- Docker Node #3 (OEL 7.2);
In my environment all nodes are virtualized. Yes, you’ve heard me correctly — D
ocker can work under virtualization. If you want, call it Virtualized Virtuality 🙂 . Base operating system for all nodes is Oracle Enterprise Linux 7.2 Minimal install, updated. I’ve made one install, updated OS and cloned VM. Don’t forget to rename nodes and use static IP addresses or fix them by modifying DHCP server settings.
Afterwards we need to install a commercially supported Docker engine over all nodes like it is described in this document:
$ sudo rpm --import "https://sks-keyservers.net/pks/lookup?op=get&search=0xee6d536cf7dc86e2d7d56f59a178ac6c6238f52e"
$ sudo yum install -y yum-utils
$ sudo yum-config-manager --add-repo https://packages.docker.com/1.10/yum/repo/main/centos/7
$ sudo yum install docker-engine
These steps take very small time and afterwards you have to enable docker service and start it:
[nikolai@manage ~]$ sudo systemctl enable docker.service
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[nikolai@manage ~]$ sudo systemctl start docker.service
Now we are ready to test our docker engine:
[nikolai@manage ~]$ sudo docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
03f4658f8b78: Pull complete
a3ed95caeb02: Pull complete
Status: Downloaded newer image for hello-world:latest
Hello from Docker.
This message shows that your installation appears to be working correctly.
Now, after we have repeated these steps at each five node, those nodes are already prepared to act as Docker node.
Next step is to create a Docker Trusted Registry, it can be run as a part of management node in a container, but now I want to install it in a dedicated VM.
Docker Trusted Registry
Here is a link to DTR Installation Manual
[nikolai@registry ~]$ sudo bash -c "$(sudo docker run docker/trusted-registry install)"
[sudo] password for nikolai:
Unable to find image 'docker/trusted-registry:latest' locally
latest: Pulling from docker/trusted-registry
9943fffae777: Pulling fs layer
fb15e825cb68: Pulling fs layer
b9583a207297: Pulling fs layer
a3ed95caeb02: Pulling fs layer
096a3ccb9299: Pulling fs layer
74309891f4fa: Pulling fs layer
b31c2cbfb14f: Pulling fs layer
d88e02f80f43: Pulling fs layer
fdd38322a273: Pulling fs layer
Manual says, you need to login, but in my case it worked without this step. But there is no problem to create an account at https://hub.docker.com/
Be patient, it could take time to download DTR image. After script complete download and install you can observe installed images:
[nikolai@registry ~]$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker/trusted-registry-nginx 1.4.3 30c3e0e1531b 2 weeks ago 425.9 MB
docker/trusted-registry-index 1.4.3 833b2d69f62b 2 weeks ago 399.8 MB
docker/trusted-registry-garant 1.4.3 1735f0f1ddad 2 weeks ago 200.9 MB
docker/trusted-registry-log-aggregator 1.4.3 98c702fe7d60 2 weeks ago 199.7 MB
docker/trusted-registry-admin-server 1.4.3 2366f0ce8ab6 2 weeks ago 245.5 MB
docker/trusted-registry 1.4.3 b154ec352fb3 2 weeks ago 291.8 MB
docker/trusted-registry latest b154ec352fb3 2 weeks ago 291.8 MB
docker/trusted-registry-distribution v2.2.1 719c5341b035 3 months ago 844.1 MB
hello-world latest 690ed74de00f 5 months ago 960 B
postgres 9.4.1 1d563e78b1d0 10 months ago 213.9 MB
Size is quite huge, but images are being downloaded compressed. Let’s take a look at running containers, used for DTR:
[nikolai@registry ~]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
baae8a84a7b9 docker/trusted-registry-garant:1.4.3 "garant /config/garan" 13 minutes ago Up 13 minutes docker_trusted_registry_auth_server
1d1533cacfc0 docker/trusted-registry-log-aggregator:1.4.3 "log-aggregator" 13 minutes ago Up 13 minutes docker_trusted_registry_log_aggregator
353153ec9c92 docker/trusted-registry-admin-server:1.4.3 "server" 13 minutes ago Up 13 minutes 80/tcp docker_trusted_registry_admin_server
5d147b50ac71 docker/trusted-registry-nginx:1.4.3 "watcher" 13 minutes ago Up 13 minutes 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp docker_trusted_registry_load_balancer
d02d284afdd0 docker/trusted-registry-index:1.4.3 "server" 13 minutes ago Up 13 minutes docker_trusted_registry_registry_index
c451118abd56 postgres:9.4.1 "/docker-entrypoint.s" 14 minutes ago Up 14 minutes 5432/tcp docker_trusted_registry_postgres
It will remind you to upload license file, fill in domain value and create administrator account. Now we are ready to take a look at Docker Trusted Registry Console — open a browser and type in your registry node name. In my case URL is http://registry.docker.
In couple of days I’ll write the second post, regarding to installation procedure of Universal Control Plane.