Line 1: |
Line 1: |
| {{WIP box}} | | {{WIP box}} |
| Placeholder for anything to do with Docker (https://docker.com) | | Placeholder for anything to do with Docker (https://docker.com) |
− | {{Note box| All info is based on SME Server 9 only. | + | {{Note box| All info is based on SME Server 9 only but I have just started to test on v10 - see notes below |
| Your host server must have internet access. | | Your host server must have internet access. |
| | | |
Line 62: |
Line 62: |
| https://wiki.contribs.org/User:ReetP | | https://wiki.contribs.org/User:ReetP |
| | | |
− | Add the reetp repo: | + | Add the reetpTest repo: |
| | | |
− | yum --enablerepo=reetp,epel install smeserver-docker | + | yum --enablerepo=reetpTest,epel install smeserver-docker |
| | | |
| Most of the settings in the Manual Installation below are replicated into the contrib with templates | | Most of the settings in the Manual Installation below are replicated into the contrib with templates |
Line 84: |
Line 84: |
| ====Networking==== | | ====Networking==== |
| | | |
− | See Issues and other comment further down re host/bridged networking. | + | {{Note box | See Issues and other comments further down re host/bridged networking}} |
| | | |
| Docker attempts to guess what network to use and sets a bridged interface for it. | | Docker attempts to guess what network to use and sets a bridged interface for it. |
Line 90: |
Line 90: |
| Access to the container. | | Access to the container. |
| | | |
− | This allows can access to any local services, and any ports in the container will appear locally | + | This allows access to any local services, and any ports in the container will appear locally |
| | | |
| --net="host" | | --net="host" |
Line 117: |
Line 117: |
| TCPPort=8088 | | TCPPort=8088 |
| | | |
− | I am working on this currently. | + | I am working on this currently but the LocalNetworking approach doesn't work. It probably need manipulation of the firewall with templates. |
− | | |
| | | |
| ==== Login to container==== | | ==== Login to container==== |
Line 125: |
Line 124: |
| | | |
| docker exec -t -i -u root <container_name> /bin/bash | | docker exec -t -i -u root <container_name> /bin/bash |
− |
| |
| | | |
| ===Manual Installation=== | | ===Manual Installation=== |
Line 339: |
Line 337: |
| If you don't use host networking, you use the internal IP address set with docker, but this address is unknown as a local network to SME and it will block any queries emanating from the container. I am looking at this with the contrib. | | If you don't use host networking, you use the internal IP address set with docker, but this address is unknown as a local network to SME and it will block any queries emanating from the container. I am looking at this with the contrib. |
| | | |
| + | ==Koozai SME v10== |
| + | |
| + | Some basic scratchpad notes as I go |
| + | |
| + | https://docs.docker.com/engine/install/centos/ |
| | | |
| + | Don't use the extras repo to install |
| | | |
− | [[Category:Containers]] | + | https://download.docker.com/linux/centos/docker-ce.repo |
− | [[Category:Containers:Docker]] | + | |
| + | ===Repo setup=== |
| + | |
| + | db yum_repositories set docker-ce-stable repository \ |
| + | BaseURL 'https://download.docker.com/linux/centos/7/$basearch/stable' \ |
| + | EnableGroups no \ |
| + | GPGCheck yes \ |
| + | GPGKey https://download.docker.com/linux/centos/gpg \ |
| + | Name 'Docker Stable' \ |
| + | Visible yes \ |
| + | status disabled |
| + | |
| + | signal-event yum-modify |
| + | |
| + | yum --enablerepo=extras,docker-ce-stable install docker-ce docker-ce-cli |
| + | |
| + | ===Files to modify?=== |
| + | |
| + | systemd unit file |
| + | |
| + | [Unit] |
| + | Description=Docker Application Container Engine |
| + | Documentation=https://docs.docker.com |
| + | BindsTo=containerd.service |
| + | After=network-online.target firewalld.service containerd.service |
| + | Wants=network-online.target |
| + | Requires=docker.socket |
| + | |
| + | [Service] |
| + | Type=notify |
| + | # the default is not to use systemd for cgroups because the delegate issues still |
| + | # exists and systemd currently does not support the cgroup feature set required |
| + | # for containers run by docker |
| + | ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock -g /home/e-smith/files/docker |
| + | ExecReload=/bin/kill -s HUP $MAINPID |
| + | TimeoutSec=0 |
| + | RestartSec=2 |
| + | Restart=always |
| + | |
| + | # Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229. |
| + | # Both the old, and new location are accepted by systemd 229 and up, so using the old location |
| + | # to make them work for either version of systemd. |
| + | StartLimitBurst=3 |
| + | |
| + | # Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230. |
| + | # Both the old, and new name are accepted by systemd 230 and up, so using the old name to make |
| + | # this option work for either version of systemd. |
| + | StartLimitInterval=60s |
| + | |
| + | # Having non-zero Limit*s causes performance problems due to accounting overhead |
| + | # in the kernel. We recommend using cgroups to do container-local accounting. |
| + | LimitNOFILE=infinity |
| + | LimitNPROC=infinity |
| + | LimitCORE=infinity |
| + | |
| + | # Comment TasksMax if your systemd version does not support it. |
| + | # Only systemd 226 and above support this option. |
| + | TasksMax=infinity |
| + | |
| + | # set delegate yes so that systemd does not reset the cgroups of docker containers |
| + | Delegate=yes |
| + | |
| + | # kill only the docker process, not all processes in the cgroup |
| + | KillMode=process |
| + | |
| + | [Install] |
| + | WantedBy=multi-user.target |
| + | |
| + | [[Category:Containers]] |
| + | |
| + | [[Category:Containers:Docker]] |