Created
September 1, 2021 02:07
-
-
Save tehpeh/7e5329d295eca9539e6462f36b6ce9c0 to your computer and use it in GitHub Desktop.
How to install and configure Docker on Centos 8 (VM instead of using Docker Desktop)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Install docker | |
| # from: https://docs.docker.com/engine/install/centos/ | |
| sudo yum install -y yum-utils | |
| sudo yum-config-manager \ | |
| --add-repo \ | |
| https://download.docker.com/linux/centos/docker-ce.repo | |
| sudo yum install docker-ce docker-ce-cli containerd.io | |
| # check fingerprint 060A 61C5 1B55 8A7F 742B 77AA C52F EB6B 621E 9F35 | |
| # OR if error on install, sometimes specific version of containerd.io is needed | |
| sudo dnf install https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm | |
| sudo yum install docker-ce docker-ce-cli | |
| sudo systemctl start docker | |
| # Allow user access | |
| sudo usermod -aG docker tim | |
| # Allow firewall in | |
| sudo firewall-cmd --permanent --new-service docker-host | |
| sudo firewall-cmd --permanent --service docker-host --add-port 2375/tcp | |
| sudo firewall-cmd --permanent --add-service docker-host | |
| # Setup docker | |
| # from: https://docs.docker.com/engine/install/linux-postinstall/ | |
| sudo systemctl enable docker | |
| sudo systemctl edit docker.service | |
| # add and save: | |
| [Service] | |
| ExecStart= | |
| ExecStart=/usr/bin/dockerd -H fd:// -H tcp://127.0.0.1:2375 | |
| sudo systemctl daemon-reload | |
| sudo systemctl restart docker.service | |
| # Configure firewalld for container internet access | |
| # from: https://forums.centos.org/viewtopic.php?f=54&t=74270 | |
| sudo firewall-cmd --permanent --zone=trusted --add-interface=docker0 | |
| sudo firewall-cmd --reload | |
| # an alternative using the "public" zone instead: https://serverfault.com/questions/987686/no-network-connectivity-to-from-docker-ce-container-on-centos-8/994704#994704 | |
| # Maybe enable IP forwarding? | |
| # from: https://docs.docker.com/network/bridge/#enable-forwarding-from-docker-containers-to-the-outside-world | |
| sudo vim /etc/sysctl.conf | |
| # add and save: | |
| net.ipv4.ip_forward = 1 | |
| net.ipv6.conf.all.forwarding = 1 | |
| sudo sysctl -p | |
| sudo iptables -P FORWARD ACCEPT | |
| # Mount home or src directory | |
| sudo dnf install nfs-utils | |
| sudo vim /etc/fstab | |
| # add and save | |
| 10.1.2.1:/usr/home/tim/src /usr/home/tim/src nfs defaults 0 0 | |
| sudo mount -a | |
| # Add extra repo | |
| sudo dnf install epel-release | |
| sudo dnf install htop | |
| ## Troubleshooting | |
| # No DNS queries inside container? | |
| # if using a custom network (docker-compose does this) then add the generated bridge to the trusted firewall zone: | |
| sudo firewall-cmd --permanent --zone=trusted --add-interface=br-abcdef # find name with `docker network list` or ifconfig | |
| sudo firewall-cmd --reload | |
| # Files not found in mounted volume? | |
| # re-mount the NFS mount | |
| sudo mount -a | |
| # No network access in host or during image build? | |
| # pf is blocking because vm was started before pf initialised during boot | |
| # on freebsd: | |
| doas service pf reload | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment