In this 3-article series, we will discuss about Docker, is an open-source lightweight virtualization tool
which runs at top of Operating System level, allowing users to create, run and deploy applications, encapsulated into small containers.
Step 1 - Install deps, add docker Repo and setup Docker:
# yum install -y yum-utils device-mapper-persistent-data lvm2 # yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo # yum update # yum install docker-ce docker-ce-cli --nobest -y # systemctl enable docker --now
Step 2 - Install docker-compose binary:
# newest_version="$(curl -s https://api.github.com/repos/docker/compose/releases/latest | grep -Po '"tag_name": "\K.*?(?=")')" # curl -L "https://github.com/docker/compose/releases/download/${newest_version}/docker-compose-$(uname -s)-$(uname -m)" -o /bin/docker-compose # chmod +x /bin/docker-compose # curl -L https://raw.githubusercontent.com/docker/compose/$(docker-compose version --short)/contrib/completion/bash/docker-compose -o /etc/bash_completion.d/docker-compose # docker-compose version
Step 1 - Create Project Folder:
# mkdir /opt/docker-PROJECT
Step 2 - Create Project Docker Compose-File:
# vim /opt/docker-PROJECT/docker_compose.yml
DEMO - Docker Compose File:
version: "3.2" services: # ---------------------------------------------------------------------------- pihole: image: IMAGE/IMAGE:latest container_name: "PROJECT-main" volumes: - /opt/docker-PROJECT/DOCKERHOST/:/etc/CONTAINER/ - /etc/localtime:/etc/localtime:ro environment: - VARIABLE1=value_xy - VARIABLE2=value_xy #ports: # - 53:53/tcp # - 53:53/udp # - 67:67/udp # - 81:80 #networks: # - local restart: always network_mode: "host" # ------------------------------------------------------------------------------ #networks: # local: # driver: bridge
Step 3 - Start / Stop Docker Compose Projects:
# docker-compose -f /opt/docker-PROJECT/docker_compose.yml up -d # docker-compose -f /opt/docker-PROJECT/docker_compose.yml down
Enabling access to files protected by SELinux
In order to give a container access to files protected by SELinux, you need to use one of the following volume options: z or Z.
z(lower): relabels the content you’re mounting into the container, and makes it shareable between containers.
Z(upper): relabels the content you’re mounting into the container, and makes it private. So, mounting this file in another container won’t work.
http://jaormx.github.io/2018/selinux-and-docker-notes/
This type of Linux containers are proven to be fast, portable and secure. The processes that run in a Docker container are always isolated from the main host, preventing outside tampering.
Part 2: How to Deploy and Run Applications into Docker Containers on CentOS/RHEL 7/6
https://www.linuxtechi.com/install-use-docker-compose-to-deploy-containers-in-centos7/
This tutorial provides a starting point on how to install Docker, create and run Docker containers on CentOS/RHEL 7/6, but barley scratches the surface of Docker.
https://www.tecmint.com/install-docker-and-learn-containers-in-centos-rhel-7-6/