Red Hat Enterprise Linux

The document covers the initial steps that describe how to play with containers and OpenShift. The article was written together with Jiri Hornicek.

Prerequisites

For more information about installing containers in RHEL, see Installation Guide - Red Hat Customer Portal
 
Download OpenShift binaries from Releases - openshift/origin - GitHub.
Extract the binaries to your /home/ directory and copy them to the /usr/bin/ directory:
$ tar -xzvf <origin_tarball>  # like  openshift-origin-server-v1.3.1-dad658de7465ba8a234a4fb40b5b446a45a4cee1-linux-64bit.tar.gz
$ cd <origin_dir_name>
$ sudo cp ~/<origin_dir_name>/{k,o}* /usr/bin/

Configuring a container for use with OpenShift

To start playing with OpenShift together with a container, modify the /etc/sysconfig/docker file. Allow the INSECURE_REGISTRY  option and add the IP address used by OpenShift.
This tells the container to entirely disregard security for your registry. Although it is relatively easy to configure the daemon in this way, it is very insecure.

$ cat /etc/sysconfig/docker | grep INSECURE
# adding the registry to the INSECURE_REGISTRY line and uncommenting it.
INSECURE_REGISTRY='--insecure-registry 172.30.0.0/16';

To get more information see item 1.6 in document Modifying the container daemon options

Enabling the Container by systemd

To enable the container daemon, run the following three commands:

$ sudo systemctl enable docker
$ sudo systemctl daemon-reload
$ sudo systemctl restart docker

and the container should start running:

$ sudo systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2016-11-07 15:11:41 CET; 20s ago
Docs: http://docs.docker.com
Main PID: 2769 (docker-current)
Tasks: 9
CGroup: /system.slice/docker.service
└─2769 /usr/bin/docker-current daemon --exec-opt native.cgroupdriver=systemd --selinux-enabled --log-driver=journald --insecure-registry 172.30.0.0
Nov 08 14:01:19 localhost.localdomain docker-current[2013]: time="2016-11-08T14:01:19.310721481+01:00" level=info msg="[graphdriver] using prior storage driver \"devicemapper\""
Nov 08 14:01:19 localhost.localdomain docker-current[2013]: time="2016-11-08T14:01:19.314271045+01:00" level=info msg="Graph migration to content-addressability took 0.00 seconds"
Nov 08 14:01:19 localhost.localdomain docker-current[2013]: time="2016-11-08T14:01:19.327088702+01:00" level=info msg="Firewalld running: true"
Nov 08 14:01:20 localhost.localdomain docker-current[2013]: time="2016-11-08T14:01:20.780845664+01:00" level=info msg="Default bridge (docker0) is assigned with an IP address 172.17.0.0/16.
Nov 08 14:01:21 localhost.localdomain docker-current[2013]: time="2016-11-08T14:01:21.937088251+01:00" level=info msg="Loading containers: start."
Nov 08 14:01:21 localhost.localdomain docker-current[2013]: time="2016-11-08T14:01:21.937291016+01:00" level=info msg="Loading containers: done."
Nov 08 14:01:21 localhost.localdomain docker-current[2013]: time="2016-11-08T14:01:21.937406091+01:00" level=info msg="Daemon has completed initialization"
Nov 08 14:01:21 localhost.localdomain docker-current[2013]: time="2016-11-08T14:01:21.937513606+01:00" level=info msg="Docker daemon" commit="e03ddb8/1.10.3" execdriver=native-0.2 graphdrive
Nov 08 14:01:21 localhost.localdomain systemd[1]: Started Docker Application Container Engine.
Nov 08 14:01:21 localhost.localdomain docker-current[2013]: time="2016-11-08T14:01:21.956150356+01:00" level=info msg="API listen on /var/run/docker.sock"

Starting with OpenShift

To start OpenShift, run a command:

$ sudo oc cluster up
-- Checking OpenShift client ... OK
-- Checking Docker client ... OK
-- Checking Docker version ... OK
-- Checking for existing OpenShift container ... OK
-- Checking for openshift/origin:v1.3.1 image ... OK
-- Checking Docker daemon configuration ... OK
-- Checking for available ports ...
WARNING: Binding DNS on port 8053 instead of 53, which may not be resolvable from all clients.
-- Checking type of volume mount ...
Using nsenter mounter for OpenShift volumes
-- Creating host directories ... OK
-- Finding server IP ...
Using 10.34.4.161 as the server IP
-- Starting OpenShift container ...
Creating initial OpenShift configuration
Starting OpenShift using container 'origin'
Waiting for API server to start listening
OpenShift server started
-- Installing registry ... OK
-- Installing router ... OK
-- Importing image streams ... OK
-- Importing templates ... OK
-- Login to server ... OK
-- Creating initial project "myproject" ... OK
-- Server Information ...
OpenShift server started.
You are logged in as:
User:     developer
Password: developer

To log in as administrator:
oc login -u system:admin

Now, both the container and OpenShift are properly installed and running.

Creating a container image

Let's create a simple "hello-world" container. To create a directory called "docker-hello-world", type:

$ mkdir ~/docker-hello-world
$ cd ~/docker-hello-world/

and create a Dockerfile in the directory, which might look like the following one:

$ cat Dockerfile
 FROM fedora:24
 MAINTAINER "Petr Hracek" phracek@redhat.com
 CMD [ "/bin/sh", "-c" , "while true; do echo Hello world; sleep 10; done" ]

Building an image

To build a helloworld docker container, run a command:

$ sudo docker build -t helloworld:0.1 .
Sending build context to Docker daemon 2.048 kB
Step 1 : FROM fedora:24
Trying to pull repository docker.io/library/fedora ...
24: Pulling from docker.io/library/fedora
2bf01635e2a0: Pull complete
Digest: sha256:64a02df6aac27d1200c2572fe4b9949f1970d05f74d367ce4af994ba5dc3669e
Status: Downloaded newer image for docker.io/fedora:24
---> 11a5107645d4
Step 2 : MAINTAINER "Petr Hracek" phracek@redhat.com
---> Running in 5eb304ac9b65
---> 7b1559495b5e
Removing intermediate container 5eb304ac9b65
Step 3 : CMD /bin/echo 'hello world'
---> Running in 9cafe8c3e6af
---> 92282096ce32
Removing intermediate container 9cafe8c3e6af
Successfully built 92282096ce32

At the end, you should see that the build was successful. In case of troubles, see a reference at [1].

Tagging an image to a local repository

To get IMAGE ID, run a docker images command in your local docker repository.

$ sudo docker images
REPOSITORY                                   TAG                 IMAGE ID            CREATED             SIZE
helloworld                                   0.1                 92282096ce32        8 minutes ago       204.4 MB
docker.io/openshift/origin-deployer          v1.3.0              5bf464732ca8        7 weeks ago         487.1 MB
docker.io/openshift/origin-docker-registry   v1.3.0              59d447094a3c        7 weeks ago         345.5 MB
docker.io/openshift/origin-haproxy-router    v1.3.0              e33d4e33dffb        7 weeks ago         506.2 MB
docker.io/openshift/origin                   v1.3.0              7b24611e640f        7 weeks ago         487.1 MB
docker.io/openshift/origin-pod               v1.3.0              35873f68181d        7 weeks ago         1.591 MB
docker.io/fedora                             24                  11a5107645d4        12 weeks ago        204.4 MB

Now, tag the docker image and push it to the local repository:

$ sudo docker tag 92282096ce32 localhost.localdomain:5000/my-helloworld

Verify that the "hello-world" container is tagged in your local container repository. The tags must be the same.

$ sudo docker images
REPOSITORY                                   TAG                 IMAGE ID            CREATED             SIZE
helloworld                                          0.1                 92282096ce32        12 minutes ago      204.4 MB
localhost.localdomain:5000/my-helloworld     latest              92282096ce32        12 minutes ago      204.4 MB
docker.io/openshift/origin-deployer          v1.3.0              5bf464732ca8        7 weeks ago         487.1 MB
docker.io/openshift/origin-docker-registry   v1.3.0              59d447094a3c        7 weeks ago         345.5 MB
docker.io/openshift/origin-haproxy-router    v1.3.0              e33d4e33dffb        7 weeks ago         506.2 MB
docker.io/openshift/origin                   v1.3.0              7b24611e640f        7 weeks ago         487.1 MB
docker.io/openshift/origin-pod               v1.3.0              35873f68181d        7 weeks ago         1.591 MB
docker.io/fedora                             24                  11a5107645d4        12 weeks ago        204.4 MB

Two ways of adding a docker image to OpenShift

You can use two approaches, how to get a docker image into OpenShift.

Add a docker image to OpenShift as an image

First, log into your OpenShift repository as a developer and enter the password developer. You got the password from the oc cluster up command.

$ oc login -u developer

and run a command:

$ oc new-app helloworld:latest

Add a docker image to OpenShift docker-registry

You can access OpenShift Origin's internal registry directly to push or pull images. This is helpful in order to create an image stream by manually pushing an image, or just to docker pull an image directly.
Two steps are required before adding a docker image to OpenShift. The first one is to log in as system:admin and the second one is to get a registry IP, which is mandatory.
To log in as system:admin, run a command:

$ sudo oc login -u system:admin

To verify that you are logged in as, system:admin on an OpenShift instance, run a command:

$ sudo oc whoami
system:admin

To get a docker-registry IP, run a command:
$ sudo oc get svc -n default | grep docker-registry

and the output should be similar to this one:
$ sudo oc get svc -n default |grep docker-registry
docker-registry   172.30.210.244   <none>        5000/TCP                  38m

Now, log in back as, developer:

$ sudo oc login -u developer

To push a local docker to the Origin docker-registry, run a command:

$ sudo docker login -u developer -p $(sudo oc whoami -t) -e <email>  172.30.210.244:5000

Now, let's tag your docker image:

$ sudo docker tag localhost.localdomain:5000/my-helloworld 172.30.210.244:5000/myproject/my-helloworld

To push the docker image to the OpenShift docker-registry, run a command:

$ sudo docker push 172.30.210.244:5000/myproject/my-helloworld

To verify that the previous task was successful, run a command

$ sudo oc get is
172.30.210.244:5000/myproject/my-helloworld

To deploy your docker image on OpenShift, run a command

$ sudo oc new-app my-helloworld:latest --name=my-helloworld

Deleting a container image from the OpenShift project

To delete an image from the Openshift project called "myproject", run a command:

$oc delete dc helloworld -n myproject

Storing a verified container image

If you verified a container image and you would like to share it, create a Pull Request in the to following GitHub repository:
https://github.com/container-images/container-image-template

References

[1] Container Best Practices
[2] GitHub - openshift/origin: Enterprise-Ready Kubernetes for Developers


As a developer, you can get a no-cost Red Hat Enterprise Linux Developer Suite subscription, which includes Red Hat Enterprise Linux 7 server, a collection of development tools, and much more.


 

Last updated: February 22, 2024