Wednesday, March 9, 2016

Redux a Redux

Redux a Redux

Let's install docker, from the install script, again.

This install script was hidding on the docker site, only listed on the CentOS/Red Hat  install pages

Even though it works well on Debian and Ubuntu.
So to keep it simple, stupid we are just going to run this script.
This is a fine example of groups not talking to each other. So lets start it

Start by loging into your docker host. and the sudo to root, then run the command

curl -fsSL | sh

This will install everyhing. But we should review the switches for curl? Maybe.. why not

-f fail silently
-s silent
-S Show Error with -s only show errors when they occur
-L Follow redirects
So to review, fail silently, unless it shows errors, with silent output but be sure to follow the redirects

so the output from the script is here:

[root@docker02 ~]# curl -fsSL | sh
+ sh -c 'sleep 3; yum -y -q install docker-engine'
warning: /var/cache/yum/x86_64/7/docker-main-repo/packages/docker-engine-selinux-1.10.2-1.el7.centos.noarch.rpm: Header V4 RSA/SHA512 Signature, key ID 2c52609d: NOKEY
Public key for docker-engine-selinux-1.10.2-1.el7.centos.noarch.rpm is not installed
Importing GPG key 0x2C52609D:
 Userid     : "Docker Release Tool (releasedocker) <>"
 Fingerprint: 5811 8e89 f3a9 1289 7c07 0adb f762 2157 2c52 609d
 From       :

If you would like to use Docker as a non-root user, you should now consider
adding your user to the "docker" group with something like:

  sudo usermod -aG docker your-user

Remember that you will have to log out and back in for this to take effect!

[root@docker02 ~]#

So we unbecome root at this point, and switch it to a standard user.
Why? Because of this bad security nightmare here:

sudo usermod -aG docker hifi

Once ytou do that command, you pretty much screw security out the window

Logout and log back in to refresh permissions

Then, start the docker service.

[hifi@docker02 ~]$ sudo service docker start
Redirecting to /bin/systemctl start  docker.service

next if you want to test it run the hello-world

[hifi@docker02 ~]$ docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world

03f4658f8b78: Pull complete
a3ed95caeb02: Pull complete
Digest: sha256:8be990ef2aeb16dbcb9271ddfe2610fa6658d13f6dfb8bc72074cc1ca36966a7
Status: Downloaded newer image for hello-world:latest

Hello from Docker.
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker Hub account:

For more examples and ideas, visit:

[hifi@docker02 ~]$

you can see it ran with docker ps -a

[hifi@docker02 ~]$ docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                      PORTS               NAMES
6e7fbc7e552f        hello-world         "/hello"            34 seconds ago      Exited (0) 34 seconds ago                       hopeful_leakey

Remember, to search the other installation methods when you want to install this open source software.

If you watch the video, i felt bad that it was too short, so i added some fluiff on the end.