In this post we will learn how to install and run docker on Fedora 22. Docker has established itself in the DevOps scene for quite a while and is becoming more and more popular. With the brand new toolbox, it’s even easier to manage and work with docker.
While it is very well documented on how to run it on Ubuntu and how to use it on mac and windows, there is little documentation on how to install and run docker on Fedora.
1. add the docker repo to your dnf
sudo cat >/etc/yum.repos.d/docker.repo <<-EOF [dockerrepo] name=Docker Repository baseurl=https://yum.dockerproject.org/repo/main/fedora/22 enabled=1 gpgcheck=1 gpgkey=https://yum.dockerproject.org/gpg EOF
2. install docker
sudo dnf install docker-engine -y
3. start the docker service
sudo service docker start
4. create a docker user group
This part is not necessary to run docker on Fedora, but I recommend at least reading over it as it’s about security.
Unlike most applications, docker uses the Unix socket instead of the TCP socket.
And that Unix socket is always owned by root as default.
That means you would have to run
sudo in front of every
docker command to make it work.
If you run docker in a restricted environment like a virtual or development machine, then you can do the following without concerns.
But if you run docker on your production machine, you certainly don’t want to do this.
To run docker without sudo: create a group and make the unix socket read/write-able by the docker group. Then add your user to that docker group.
By doing this, you can than execute
docker commands without
sudo groupadd dockersudo usermod -aG docker [[USERNAME]]
5. make docker start at boot
sudo chkconfig docker on # OR sudo systemctl enable docker
6. test if everything works right
docker run docker/whalesay cowsay "Everything just works™"
If everything works out, you should see something like this:
(Optional) running docker on fedora that is set up on BTRFS
docker: Docker version 1.8.2-fc22, build cb216be/1.8.2
In this and current case, there is a little bug.
SELinux will not mount an already mounted partition with different security flags.
You might get this error:
lxlDrCortex docker: time="2015-11-02T15:13:41.473664945+01:00" level=info msg="Listening for HTTP on unix (/var/run/docker.sock)" lxlDrCortex docker: time="2015-11-02T15:13:41.495953684+01:00" level=fatal msg="Error starting daemon: SELinux is not supported with the BTRFS graph driver" lxlDrCortex systemd: docker.service: main process exited, code=exited, status=1/FAILURE lxlDrCortex systemd: Failed to start Docker Application Container Engine. lxlDrCortex systemd: Unit docker.service entered failed state. lxlDrCortex systemd: docker.service failed.
This is actually a known bug, and smart people are working hard to solve this issue.
To solve this problem in the meanwhile, first we make sure that the socket is accessible by the docker group.
chown root:docker /var/run/docker.sock
And then we change comment out this line in /etc/sysconfig/docker
NOTE: This will disable SELinux on the docker process.
I made a Vagrantfile for people who would like to see how to run docker on Fedora without installing docker directly on your host. Check out the GitHub project.