John Galea's Blog

My blog on Gadgets and the like

Redhat Enterprise Linux docker containers quick review

I last did a quick start guide for Windows 10/Server 2016 docker containers and decided to have a look at Redhat Enterprise Linux. As a developer you have access to licensing to allow you to learn/play/test for free. I did discover that you have to re-sign up every year to keep yourself current. This for me just meant logging back into the developer web site and re-accepting the terms/licensing info.

I recently came across an official quickstart guide. It was very helpful and thorough. To get started I installed a Redhat enterprise Linux full into a VM on hyperv. Then installed docker (following the guide). I was then off to the races running docker under Redhat, but don’t do that. Docker that is part of Redhat is old. See below to install the current version of docker.

I recently attended a mini information session put on by our Redhat evangelist and discovered Redhat Atomic. Atomic is light distribution of Redhat Enterprise Linux 7 that is designed and built for container hosts. It has limited writeable storage, and a much lower attack surface making your host more manageable and lower risk. Redhat has provided Atomic in a number of formats including ISO for installing to bare metal or for a number of virtualizations. Red hat Atomic link. This allows you to get started with Atomic quickly. Because Atomic is pretty stripped down your going to want to develop your environment on a full Redhat 7 environment where you have the tools you need to debug inevitable issues. Once it’s nailed down and running you are then ready to move your container onto Atomic. Atomic appears to not need any form of licensing making it a great choice for playing in lab and home environments. You can spin them up and down at will!

I started with the Hyper-V downloaded from the above link. Redhat for some bizarre reason did not assign a default password and you have to go through a process that while explained in the instal/config guide is so off I glanced over it. Basically you have to make two text files, create an ISO on another Redhat box, then boot the Hyper-V vm with the ISO mounted. It is unnecessarily complicated. If you have to do it this way give us a damn ISO with a default userid and password. I can only imagine Redhat are concerned about people leaving it as the default password but geez … Well I got past this and am up and running.

As common as docker is across platforms there are also differences. One of the major areas of differences are in networking. For example out of the box Windows networking looks like
NETWORK ID NAME DRIVER SCOPE
NAT
6edbbe0987fe none null local

While on Redhat it looks like:
docker network ls
NETWORK ID NAME DRIVER SCOPE
0d678d05d64e bridge bridge local
cc563543ebc4 host host local
f0f03379b31c none null local

NAT in windows and bridge in Redhat are the same in that they hand the container a separate non routable IP to allow the container to talk outbound. But since what I am playing with is inbound this isn’t useful. Host on the other hand shares the network IP and stack of the host. So the container does not get it’s own IP. And the ports served by the container appear to be served by the container host. Of course don’t forget to open the firewall rules on the container host to allow it to talk out. Now obviously this mode would not allow you to have two containers serving the same port. I found a list of official containers that are ready for you to download. They are well documented and can get you up and running shockingly fast. I had little to no issues getting a mariadb container up and serving in no time. Very cool! And of course you can also pull your containers from Docker Hub.

I found that the more restrictive SELINUX caused issues so I had to:
Edit /etc/selinux/config change to permissive

As I mentioned above I did discover that Redhat ships an older version of Docker. To get around this you need to add the docker repository to yum and install docker from the official docker source rather than Redhat.
sudo yum install -y yum-utils (to add utils for yum)
sudo yum-config-manager \
–add-repo \
https://download.docker.com/linux/centos/docker-ce.repo

sudo yum install docker-ce
systemctl enable docker.service
service docker start

Once installed I’ve had good success with containers running on Redhat. As good or better than running on Ubuntu. Unlike Windows containers where there just isn’t much out there, there are tons of free Linux containers out there ready to go. Figuring out the inevitably poor documentation of the container is the biggest challenge.

November 8, 2018 - Posted by | Container stuff

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: