How to install and run docker on Fedora 22

docker fedora logo
Standard

In this post we will learn how to install and run docker on Fedora 22. Docker has established itself in the DevOps scene for quite a while and is becoming more and more popular. With the brand new toolbox, it’s even easier to manage and work with docker.

While it is very well documented on how to run it on Ubuntu and how to use it on mac and windows, there is little documentation on how to install and run docker on Fedora.

Installation

1. add the docker repo to your dnf

sudo cat >/etc/yum.repos.d/docker.repo <<-EOF 
[dockerrepo] 
name=Docker Repository 
baseurl=https://yum.dockerproject.org/repo/main/fedora/22 
enabled=1 
gpgcheck=1 
gpgkey=https://yum.dockerproject.org/gpg 
EOF

2. install docker

sudo dnf install docker-engine -y

3. start the docker service

sudo service docker start

4. create a docker user group

This part is not necessary to run docker on Fedora, but I recommend at least reading over it as it’s about security.

Unlike most applications, docker uses the Unix socket instead of the TCP socket.
And that Unix socket is always owned by root as default.
That means you would have to run sudo in front of every docker command to make it work.
If you run docker in a restricted environment like a virtual or development machine, then you can do the following without concerns.
But if you run docker on your production machine, you certainly don’t want to do this.

To run docker without sudo: create a group and make the unix socket read/write-able by the docker group. Then add your user to that docker group.

By doing this, you can than execute docker commands without sudo.

sudo groupadd docker
sudo usermod -aG docker [[USERNAME]]

5. make docker start at boot

sudo chkconfig docker on
# OR
sudo systemctl enable docker

6. test if everything works right

docker run docker/whalesay cowsay "Everything just works™"

If everything works out, you should see something like this:

whalesay screenshot

(Optional) running docker on fedora that is set up on BTRFS

docker: Docker version 1.8.2-fc22, build cb216be/1.8.2

In this and current case, there is a little bug.
SELinux will not mount an already mounted partition with different security flags.

You might get this error:

lxlDrCortex docker[6971]: time="2015-11-02T15:13:41.473664945+01:00" level=info msg="Listening for HTTP on unix (/var/run/docker.sock)"
lxlDrCortex docker[6971]: time="2015-11-02T15:13:41.495953684+01:00" level=fatal msg="Error starting daemon: SELinux is not supported with the BTRFS graph driver"
lxlDrCortex systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE
lxlDrCortex systemd[1]: Failed to start Docker Application Container Engine.
lxlDrCortex systemd[1]: Unit docker.service entered failed state.
lxlDrCortex systemd[1]: docker.service failed.

This is actually a known bug, and smart people are working hard to solve this issue.

To solve this problem in the meanwhile, first we make sure that the socket is accessible by the docker group.

chown root:docker /var/run/docker.sock

And then we change comment out this line in /etc/sysconfig/docker
NOTE: This will disable SELinux on the docker process.

#OPTIONS='--selinux-enabled'

Vagrant

vagrant logo

I made a Vagrantfile for people who would like to see how to run docker on Fedora without installing docker directly on your host. Check out the GitHub project.