859
edits
Changes
From SME Server
Jump to navigationJump to search→Repo setup
{{WIP box}}
{{WIP box}}
Placeholder for anything to do with Docker (https://docker.com)
Placeholder for anything to do with Docker (https://docker.com)
{{Note box| All info is based on SME Server 9 only.
{{Note box| All info is based on SME Server 9 only but I have just started to test on v10 - see notes below
Your host server must have internet access.
Your host server must have internet access.
https://wiki.contribs.org/User:ReetP
https://wiki.contribs.org/User:ReetP
Add the reetp repo:
Add the reetpTest repo:
yum --enablerepo=reetp,epel install smeserver-docker
yum --enablerepo=reetpTest,epel install smeserver-docker
Most of the settings in the Manual Installation below are replicated into the contrib with templates
Most of the settings in the Manual Installation below are replicated into the contrib with templates
====Networking====
====Networking====
See Issues and other comment further down re host/bridged networking.
{{Note box | See Issues and other comments further down re host/bridged networking}}
Docker attempts to guess what network to use and sets a bridged interface for it.
Docker attempts to guess what network to use and sets a bridged interface for it.
Access to the container.
Access to the container.
This allows can access to any local services, and any ports in the container will appear locally
This allows access to any local services, and any ports in the container will appear locally
--net="host"
--net="host"
TCPPort=8088
TCPPort=8088
I am working on this currently.
I am working on this currently but the LocalNetworking approach doesn't work. It probably need manipulation of the firewall with templates.
==== Login to container====
==== Login to container====
docker exec -t -i -u root <container_name> /bin/bash
docker exec -t -i -u root <container_name> /bin/bash
===Manual Installation===
===Manual Installation===
If you don't use host networking, you use the internal IP address set with docker, but this address is unknown as a local network to SME and it will block any queries emanating from the container. I am looking at this with the contrib.
If you don't use host networking, you use the internal IP address set with docker, but this address is unknown as a local network to SME and it will block any queries emanating from the container. I am looking at this with the contrib.
==Koozai SME v10==
Some basic scratchpad notes as I go
https://docs.docker.com/engine/install/centos/
Don't use the extras repo to install
[[Category:Containers]]
https://download.docker.com/linux/centos/docker-ce.repo
[[Category:Containers:Docker]]
===Repo setup===
db yum_repositories set docker-ce-stable repository \
BaseURL 'https://download.docker.com/linux/centos/7/$basearch/stable' \
EnableGroups no \
GPGCheck yes \
GPGKey https://download.docker.com/linux/centos/gpg \
Name 'Docker Stable' \
Visible yes \
status disabled
signal-event yum-modify
yum --enablerepo=extras,docker-ce-stable install docker-ce docker-ce-cli
===Files to modify?===
systemd unit file
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
BindsTo=containerd.service
After=network-online.target firewalld.service containerd.service
Wants=network-online.target
Requires=docker.socket
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock -g /home/e-smith/files/docker
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always
# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
# Both the old, and new location are accepted by systemd 229 and up, so using the old location
# to make them work for either version of systemd.
StartLimitBurst=3
# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
# this option work for either version of systemd.
StartLimitInterval=60s
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Comment TasksMax if your systemd version does not support it.
# Only systemd 226 and above support this option.
TasksMax=infinity
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
[Install]
WantedBy=multi-user.target
[[Category:Containers]]
[[Category:Containers:Docker]]
