Docker is a slick container based virtualization platform that allows you to run “images,” with minimal overhead. There are many different images available, from full blown OS’s, such as Ubuntu or CentOS, to web apps like WordPress or Ghost. The possibilities are endless, and because resource usage is minimal, you can really do a lot with little resources. You can install docker on all of the major linux distributions, as well as windows. I works fine in a virtual machine, or VPS. I will be installing Docker on a CentOS 7 VM, running on an ESXi hypervisor.
Lets Get Started
I’m assuming you already have your operating system installed, you are sitting at a command prompt. Installation and configuration is very easy on CentOS 7. By default, CentOS uses firewalld. Docker and firewalld do not get along nicely. Docker creates iptables rules directly for access to running containers, and if firewalld is refreshed or restarted, all of the iptables rules docker initiated get wiped by firewalld. So, we will disable firewalld and install the classic iptables functionality. Here are the steps involved:
- Install Docker
- Disable firewalld
- Install iptables configuration scripts
- Download Ghost Docker image and run
First, we will go ahead and install Docker. To do this only requires a single, simple command.
# sudo yum install docker
Let’s set up Docker to start at boot time.
# sudo chkconfig docker on
There will be a handful of dependencies, nothing out of the ordinary. If you are already running as root, you can omit the sudo. Next, we need to get firewalld stopped, removed, and iptables configuration scripts installed.
Disable firewalld
# systemctl mask firewalld
Stop firewalld
# systemctl stop firewalld
Check the status to verify it is masked and inactive
# systemctl status firewalld firewalld.service Loaded: masked (/dev/null) Active: inactive (dead)
Install iptables and dependencies
# yum -y install iptables-services
Make sure it starts at boot
# systemctl enable iptables # systemctl enable ip6tables
Now, lets start the iptables services
# systemctl start iptables # systemctl start ip6tables
Now that Docker and iptables are installed and configured, go ahead and restart your server. I’ve ran into firewall issues with Docker when skipping this reboot, so I believe it’s important. After you’ve rebooted, we can download our first Docker image. The process of downloading and starting images is pretty much the same for all of them so feel free to sub in WordPress, MariaDB, NGINX, Apache, or any other image in place of Ghost. Let’s go ahead and start the Docker daemon if it’s not already:
# sudo service docker start
Download the Ghost image. You can find other images at http://hub.docker.com
# sudo docker pull ghost
You should see it downloading a bunch of gibberish. When all lines have Pull Complete status, it will be finished. This means you are ready to fire up the image. By default, Ghost starts on port 2368. If you want this to be accessible from any server or workstation other than the docker machine itself, you need to specify a port map in the startup command. As you can see, I have mapped port 80 to port 2368 below (-p 80:2368) so that the Ghost blog is accessible on the standard port 80. If you want to run it on a different port, just change the source port, 80, to whatever you want. If you want to keep it on 2368, just put it in for both source and destination (-p 2368:2368)
# docker run --name nameyourinstance -p 80:2368 -d ghost
Now, you can point your web browser to the IP address of your docker server, and you will see the Ghost blog.
You still need to go through the setup process and set up an account. To do so, go to http:///admin
Fill in all the required info, click Let’s Do This, and you’re all done! Feel free to post in the comments if you need a hand. Thanks!