Line 1: |
Line 1: |
− | {{Outdated}}
| |
| {{WIP box}} | | {{WIP box}} |
| Placeholder for anything to do with Docker (https://docker.com) | | Placeholder for anything to do with Docker (https://docker.com) |
Line 5: |
Line 4: |
| Your host server must have internet access. | | Your host server must have internet access. |
| | | |
− | All testing below has been done on a virtual SME9 under Virtualbox. Yes, Docker also run on VM's :-)
| + | Some testing below was originally done on a virtual SME9 under Virtualbox. Yes, Docker also run on VM's :-) |
| | | |
− | By NO means this is an official thing or even applicable at all. Tinkering phase only here!}}
| + | The contrib has been built from the original notes and I use it to permanently run Rocketchat. |
| + | }} |
| | | |
| '''You can discuss all things related to this page on the forums [http://forums.contribs.org/index.php/topic,51181.0.html here]''' | | '''You can discuss all things related to this page on the forums [http://forums.contribs.org/index.php/topic,51181.0.html here]''' |
Line 22: |
Line 22: |
| | | |
| ===Why Docker on SME Server?=== | | ===Why Docker on SME Server?=== |
− | Docker containers hold one or more applications (and all it's dependecies) and can be started and stopped at will. The containers, when activated, use the Linux kernel namespaces and are operating isolated from the rest of your server, except for storage/mount points and networking, depending on the configuration of the container. Some applications require special PHP versions or other modifications to your server settings that are not desirable and may effect yum updates and upgrades. Docker containers is a way to have such an application packed with all it's dependencies and run it isolated. You can have multiple containers running, depending on your server hardware capacity. | + | Docker containers hold one or more applications (and all it's dependencies) and can be started and stopped at will. The containers, when activated, use the Linux kernel namespaces and are operating isolated from the rest of your server, except for storage/mount points and networking, depending on the configuration of the container. Some applications require special PHP versions or other modifications to your server settings that are not desirable and may effect yum updates and upgrades. Docker containers is a way to have such an application packed with all it's dependencies and run it isolated. You can have multiple containers running, depending on your server hardware capacity. |
| | | |
| Examples: | | Examples: |
Line 46: |
Line 46: |
| sharedfolders-2.1.1-smeserver-9.0-fws | | sharedfolders-2.1.1-smeserver-9.0-fws |
| frontaccounting-3.2.1-smeserver-8.1-contribsorg | | frontaccounting-3.2.1-smeserver-8.1-contribsorg |
| + | |
| Why the SME Server version in the naming convention if it's all inside the container? Well, it could well be that the application inside the container will use some of SME Server specifics such as the db, templates or perl interaction. In that case we need to make sure that we know for which SME Server the image was build. | | Why the SME Server version in the naming convention if it's all inside the container? Well, it could well be that the application inside the container will use some of SME Server specifics such as the db, templates or perl interaction. In that case we need to make sure that we know for which SME Server the image was build. |
| | | |
Line 54: |
Line 55: |
| | | |
| | | |
− | ==Challenges== | + | ==Installation== |
− | * How to interact with localhost PAM or LDAP from within a container?
| + | |
| + | ===Contrib=== |
| + | There is a contrib that will set up a lot of this for you in the Reetp Repo: |
| + | |
| + | https://wiki.contribs.org/User:ReetP |
| + | |
| + | Add the reetp repo: |
| + | |
| + | yum --enablerepo=reetp,epel install smeserver-docker |
| + | |
| + | Most of the settings in the Manual Installation below are replicated into the contrib with templates |
| + | |
| + | ====Docker Images==== |
| + | |
| + | These can be pulled using docker itself as per Manual Installation below. Note that some require a higher version of docker. Regrettably I can't change that! |
| + | |
| + | Alternatively you can create a docker-compose.yml file directly, or via templates, in: |
| + | |
| + | /home/e-smith/files/docker/configs |
| + | |
| + | docker-compose will automatically run this at boot. |
| + | |
| + | Create you compose file and then run this from the configs directory |
| + | |
| + | docker-compose up -d |
| + | |
| + | ====Networking==== |
| + | |
| + | Docker attempts to guess what network to use and sets a bridged interface for it. |
| + | |
| + | Access to the container. |
| + | |
| + | This allows can access to any local services, and any ports in the container will appear locally |
| + | |
| + | --net="host" |
| + | |
| + | This maps container port 80 to host port 8088 |
| + | |
| + | # container:host |
| + | ports: |
| + | - 8080:8080 |
| + | |
| + | So if you ran an Apache container service on port 80, you can connect to it from the host using |
| + | |
| + | container.ip.add:8088 |
| + | |
| + | Using --net="host" means it is easier to connect to the container using the local IP address. Simple port forwarding/opening will suffice. |
| + | |
| + | However, it exposes all ports on the container locally, and there may also be conflicts with local ports. |
| + | |
| + | Using a port mapping is preferred, but your SME server will then block access container access to local services such as DNS. |
| + | |
| + | The answer is probably to statically set the Docker network, and then add the network to 'Local Network'. You can then expose ports via the docker config entry eg: |
| + | |
| + | docker=service |
| + | status=enabled |
| + | UPDPort=1234 |
| + | TCPPort=8088 |
| + | |
| + | I am working on this currently. |
| + | |
| + | |
| + | ==== Login to container==== |
| | | |
− | I think that you can access localhost services by adding
| + | If permitted, most containers can be logged into using this: |
| | | |
− | --net="host" to docker run
| + | docker exec -t -i -u root <container_name> /bin/bash |
| | | |
− | This means any services on the docker container are equally valid 'localhost' services accessible from the server itself so you need to ensure the server is properly firewalled.
| |
| | | |
− | * Many more...
| + | ===Manual Installation=== |
| | | |
| + | Note that most of the following is now in the contrib. See above. |
| | | |
− | ==Installation==
| |
| Docker requires some RPM's that are not available in the default upstream repo's. So we need to enable the epel repo first. See ''[[epel]]'' | | Docker requires some RPM's that are not available in the default upstream repo's. So we need to enable the epel repo first. See ''[[epel]]'' |
| | | |
Line 80: |
Line 142: |
| | | |
| | | |
− | ===Configuration=== | + | ====Configuration==== |
| Docker comes with a configuration file located at: | | Docker comes with a configuration file located at: |
| /etc/sysconfig/docker | | /etc/sysconfig/docker |
Line 142: |
Line 204: |
| | | |
| ===Running a docker container=== | | ===Running a docker container=== |
− | Now that we have downloaded the centos6 image it's time to give it a spin. To start the cento6 container we can issue the follwoing command: | + | Now that we have downloaded the centos6 image it's time to give it a spin. To start the cento6 container we can issue the following command: |
| docker run -t -i --net="host" centos:centos6 bash | | docker run -t -i --net="host" centos:centos6 bash |
− | This will tell docker to run the centos6 container interactiveley from the local centos repo, use the host network interface and start bash. After a few seconds you will be presented with the bash prompt inside the centos6 container: | + | This will tell docker to run the centos6 container interactively from the local centos repo, use the host network interface and start bash. After a few seconds you will be presented with the bash prompt inside the centos6 container: |
| bash-4.1# | | bash-4.1# |
| and to check if we are really inside the centos6 container we can display the release version: | | and to check if we are really inside the centos6 container we can display the release version: |
Line 171: |
Line 233: |
| To use the copyofsme9.tar file on another server and use it on that server with Docker, we can load it into the repository of the new server: | | To use the copyofsme9.tar file on another server and use it on that server with Docker, we can load it into the repository of the new server: |
| docker load -i < /downloads/copyofsme9.tar | | docker load -i < /downloads/copyofsme9.tar |
− | After Docker has loaded the file, you can check it's availability by executing: docker imagesand you can use it just like any other image on your new server. You can use the ''save'' and ''load'' commands to clean up your local repository and share copies of your image. | + | After Docker has loaded the file, you can check it's availability by executing: docker images and you can use it just like any other image on your new server. You can use the ''save'' and ''load'' commands to clean up your local repository and share copies of your image. |
| | | |
| ===Docker networking=== | | ===Docker networking=== |
Line 205: |
Line 267: |
| or you could add directly from the command line | | or you could add directly from the command line |
| docker run -i -t -dns 208.67.220.220 -dns 208.67.220.222 sme9_real:6.5 /bin/bash | | docker run -i -t -dns 208.67.220.220 -dns 208.67.220.222 sme9_real:6.5 /bin/bash |
| + | |
| + | ==Challenges== |
| + | * How to interact with localhost PAM or LDAP from within a container? |
| + | |
| + | I think that you can access localhost services by adding |
| + | |
| + | --net="host" to docker run |
| + | |
| + | This means any services on the docker container are equally valid 'localhost' services accessible from the server itself so you need to ensure the server is properly firewalled. |
| + | |
| + | * Many more... |
| + | |
| | | |
| ==Building your own images== | | ==Building your own images== |
Line 212: |
Line 286: |
| | | |
| ==='Proposal test image:'=== | | ==='Proposal test image:'=== |
− | An application that requires Java, PHP, Apache, MySQL and LDAP. The localhost MySQL and localhost LDAP should be used by the application. The application should be publicly available either on a subdomain or specific port on the FQDN. The application should only be available between 08:00AM untill 19:00PM. | + | An application that requires Java, PHP, Apache, MySQL and LDAP. The localhost MySQL and localhost LDAP should be used by the application. The application should be publicly available either on a subdomain or specific port on the FQDN. The application should only be available between 08:00AM until 19:00PM. |
| All application data should be incorporated by the default SME Sever backup mechanisms, including the image itself. | | All application data should be incorporated by the default SME Sever backup mechanisms, including the image itself. |
| | | |
Line 234: |
Line 308: |
| | | |
| ==Docker Compose== | | ==Docker Compose== |
| + | |
| + | The binary is included in the smeserver-docker contrib. |
| + | |
| The latest version that you can use with the installed version of docker (currently 1.7.1) is docker-compose version 1.5.2 | | The latest version that you can use with the installed version of docker (currently 1.7.1) is docker-compose version 1.5.2 |
| https://github.com/docker/compose/releases/tag/1.5.2 | | https://github.com/docker/compose/releases/tag/1.5.2 |