Both sides previous revision Previous revision Next revision | Previous revision |
redhat:docker-redhat:start [2019/02/05 13:48] – michael | redhat:docker-redhat:start [2019/12/23 21:52] (current) – [Installation von Docker und Docker-Compose] michael |
---|
====== Docker auf RHEL / CentOS 7 ====== | ====== Docker auf RHEL / CentOS 7/8 ====== |
**In this 3-article series, we will discuss about Docker**, is an ''open-source lightweight virtualization tool'' which runs at top of Operating System level, allowing users to create, run and deploy applications, encapsulated into small containers. | **In this 3-article series, we will discuss about Docker**, is an ''open-source lightweight virtualization tool'' which runs at top of Operating System level, allowing users to create, run and deploy applications, encapsulated into small containers. |
| |
{{:redhat:docker-redhat:docker-generic-banner.jpg?nolink&500|}} | {{:redhat:docker-redhat:docker-generic-banner.jpg?nolink&500|}} |
| |
---- | |
| |
===== Installation von Docker und Docker-Compose ===== | ===== Installation von Docker und Docker-Compose ===== |
# yum update | # yum update |
| |
# yum install docker-ce docker-ce-cli containerd.io | # yum install docker-ce docker-ce-cli --nobest -y |
| |
# systemctl start docker && systemctl enable docker | # systemctl enable docker --now |
</code> | </code> |
| |
''**Step 2** - Install docker-compose binary:'' <code># newest_version="$(curl -s https://api.github.com/repos/docker/compose/releases/latest | grep -Po '"tag_name": "\K.*?(?=")')" | ''**Step 2** - Install docker-compose binary:'' <code># newest_version="$(curl -s https://api.github.com/repos/docker/compose/releases/latest | grep -Po '"tag_name": "\K.*?(?=")')" |
| |
# curl -L "https://github.com/docker/compose/releases/download/${newest_version}/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose | # curl -L "https://github.com/docker/compose/releases/download/${newest_version}/docker-compose-$(uname -s)-$(uname -m)" -o /bin/docker-compose |
# chmod +x /usr/local/bin/docker-compose | # chmod +x /bin/docker-compose |
| |
# curl -L https://raw.githubusercontent.com/docker/compose/$(docker-compose version --short)/contrib/completion/bash/docker-compose -o /etc/bash_completion.d/docker-compose | # curl -L https://raw.githubusercontent.com/docker/compose/$(docker-compose version --short)/contrib/completion/bash/docker-compose -o /etc/bash_completion.d/docker-compose |
# ---------------------------------------------------------------------------- | # ---------------------------------------------------------------------------- |
pihole: | pihole: |
image: pihole/pihole:latest | image: IMAGE/IMAGE:latest |
container_name: "pihole-main" | container_name: "PROJECT-main" |
volumes: | volumes: |
- /opt/docker-pihole/pihole/:/etc/pihole/ | - /opt/docker-PROJECT/DOCKERHOST/:/etc/CONTAINER/ |
- /opt/docker-pihole/dnsmasq.d/:/etc/dnsmasq.d/ | |
- /opt/docker-pihole/adminCMS/pi-hole.css:/var/www/html/admin/style/pi-hole.css | |
- /etc/localtime:/etc/localtime:ro | - /etc/localtime:/etc/localtime:ro |
environment: | environment: |
- VIRTUAL_HOST=www.blackgate.org | - VARIABLE1=value_xy |
- ServerIP=192.168.1.2 | - VARIABLE2=value_xy |
- DNS1=127.0.0.1#5353 | |
- DNS2=no | |
- TZ=Europe/Zurich | |
- WEBPASSWORD=SUPERSECRETPASSWORD | |
- WEB_PORT=81 | |
- INTERFACE=enp1s0 | |
#ports: | #ports: |
# - 53:53/tcp | # - 53:53/tcp |
#networks: | #networks: |
# - local | # - local |
| |
restart: always | restart: always |
network_mode: "host" | network_mode: "host" |
</sxh> | </sxh> |
| |
''**Step x** - Start / Stop Docker Compose Projects:''<code> | ''**Step 3** - Start / Stop Docker Compose Projects:''<code> |
# docker-compose -f /opt/docker-PROJECT/docker_compose.yml up -d | # docker-compose -f /opt/docker-PROJECT/docker_compose.yml up -d |
# docker-compose -f /opt/docker-PROJECT/docker_compose.yml down | # docker-compose -f /opt/docker-PROJECT/docker_compose.yml down |
</WRAP> | </WRAP> |
| |
| |
| <WRAP center round important 100%> |
| ''**Enabling access to files protected by SELinux**'' |
| In order to give a container access to files protected by SELinux, you need to use one of the following volume options: z or Z. |
| |
| * ''**z(lower)**: relabels the content you’re mounting into the container, and makes it shareable between containers.'' |
| |
| * ''**Z(upper)**: relabels the content you’re mounting into the container, and makes it private. So, mounting this file in another container won’t work.'' |
| </WRAP> |
| |
| [[http://jaormx.github.io/2018/selinux-and-docker-notes/]] |
| |
---- | ---- |
https://www.tecmint.com/install-docker-and-learn-containers-in-centos-rhel-7-6/ | https://www.tecmint.com/install-docker-and-learn-containers-in-centos-rhel-7-6/ |
| |
<WRAP center round tip 100%> | |
**Baseimages: -> RHEL Atomic-Image:** | |
* ''https://access.redhat.com/containers/?tab=overview#/registry.access.redhat.com/rhel7-atomic'' | |
| |
---- | |
| |
**Interessante Docker Projekte:** | |
* ''https://github.com/hhktony/wordpress-nginx_rhel7'' | |
* ''https://github.com/nextcloud/nextcloudpi'' | |
</WRAP> | |
| |