Preparing a CentOS or RHEL 7 system for running containers
Docker Container Deployment
Step 1: read general requirements checklist
Step 2: install and patch operating system
- Install the latest version of the operating system using a "base" or "minimal" package set.
- Update all packages to receive the latest security and bug fixes:
Step 3: disable incompatible services
- In general, most network applications should be uninstalled or disabled because they can interfere with Docker and Kubernetes networking services. In particular, httpd must not be running, since its use of ports 80 and 443 will conflict with the Kubernetes reverse proxy. If httpd is present and cannot be uninstalled, run these two commands to permanently disable it:
systemctl stop httpd
system disable httpd
- There is a known incompatibility between firewalld and Docker's use of iptables, and it is documented at https://github.com/docker/docker/issues/16137. To disable firewalld:
systemctl stop firewalld
systemctl disable firewalld
Step 4: verify general system requirements
- The /var/lib directory should be on a file system with at least 30 GB of free disk space, and more if DeviceMapper Direct mode is not used (see Step 6 below).
- The machine must have at least one physical (or VLAN-mapped) NIC with an IP address.
- The machine must have direct access to the Internet. If access through a proxy is required, contact your Platform9 representative for additional configuration instructions. During Platform9 configuration of container-related software, the following types of data sources will be accessed:
- CentOS yum repository
- Docker yum repository
- Public Docker registries from Docker, Inc. and Google (Kubernetes project).
Step 5: configure firewall settings
Each host must allow incoming connections on the following ports
- TCP (required): 443, 8080, 4001
- TCP (recommended): 80
- UDP (required): 8285
Step 6: create docker storage
On CentOS/RHEL 7, Docker uses the "devicemapper" storage driver by default to manage container images and disk layers. For production, the storage driver must be configured to use "direct-lvm" mode (The "loop-lvm" mode is acceptable for testing, but is not supported). The "direct-lvm" mode requires one free block device (a disk or a partition).
WARNING: This procedure will delete all existing Docker images and containers.
If a free block device is available, go to Step 1B.
1A. Create a block device
You can attach a new disk, or create a new partition. The block device should be at least 40 GB in size. Attaching a new disk is outside the scope of these instructions. To create a new partition, use fdisk. Set the partition type to 8e (Linux LVM). See http://tldp.org/HOWTO/Partition/fdisk_partitioning.html for detailed information on fdisk.
1B. Note the path of the block device, e.g., /dev/sdb for a disk, /dev/sdc1 for a partition.
2. Create an LVM thin pool
Ensure that LVM is installed on the host:
The "lvm2" package should be listed as installed. If it is not, then install it:
Invoke the following bash script with the block name noted in Step 1B:
May 06, 2016