Docker image oracle linux

Oracle В® Linux

Oracle Container Runtime for Docker User’s Guide

Oracle Legal Notices

Copyright В© 2012, 2021, Oracle and/or its affiliates.

This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.

The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing.

If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable:

U.S. GOVERNMENT END USERS: Oracle programs (including any operating system, integrated software, any programs embedded, installed or activated on delivered hardware, and modifications of such programs) and Oracle computer documentation or other Oracle data delivered to or accessed by U.S. Government end users are «commercial computer software» or «commercial computer software documentation» pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, reproduction, duplication, release, display, disclosure, modification, preparation of derivative works, and/or adaptation of i) Oracle programs (including any operating system, integrated software, any programs embedded, installed or activated on delivered hardware, and modifications of such programs), ii) Oracle computer documentation and/or iii) other Oracle data, is subject to the rights and limitations specified in the license contained in the applicable contract. The terms governing the U.S. Government’s use of Oracle cloud services are defined by the applicable contract for such services. No other rights are granted to the U.S. Government.

This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications.

Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Intel and Intel Inside are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Epyc, and the AMD logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group.

This software or hardware and documentation may provide access to or information about content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services unless otherwise set forth in an applicable agreement between you and Oracle. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services, except as set forth in an applicable agreement between you and Oracle.

Oracle Documentation License

This document uses the Web-based Help format from DocBook XML. The following license information applies to this format.

Copyright В© 1999-2007 Norman Walsh

Copyright В© 2003 Jiri Kosek

Copyright В© 2004-2007 Steve Ball

Copyright В© 2005-2008 The DocBook Project

Copyright В© 2011-2012 O’Reilly Media

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the «Software»), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

Except as contained in this notice, the names of individuals credited with contribution to this software shall not be used in advertising or otherwise to promote the sale, use or other dealings in this Software without prior written authorization from the individuals in question.

Any stylesheet derived from this Software that is publicly distributed will be identified with a different name and the version strings in any derived Software will be changed so that no possibility of confusion between the derived package and this Software will exist.

THE SOFTWARE IS PROVIDED «AS IS», WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL NORMAN WALSH OR ANY OTHER CONTRIBUTOR BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Web-based Help from DocBook XML

Copyright В© 2008-2012 Kasun Gajasinghe, David Cramer

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

Except as contained in this notice, the names of individuals credited with contribution to this software shall not be used in advertising or otherwise to promote the sale, use or other dealings in this Software without prior written authorization from the individuals in question.

Any stylesheet derived from this Software that is publicly distributed will be identified with a different name and the version strings in any derived Software will be changed so that no possibility of confusion between the derived package and this Software will exist.

Warranty: THE SOFTWARE IS PROVIDED «AS IS», WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL DAVID CRAMER, KASUN GAJASINGHE, OR ANY OTHER CONTRIBUTOR BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Certain search characteristics associated with the DocBook XSL webhelp stylesheets are provided as javascript files generated using Apache Lucene and other fourth party technologies, which are licensed under the Apache License reproduced below.

Источник

ChapterВ 2В Installing Oracle Container Runtime for Docker

This chapter describes the steps required to perform an installation of Oracle Container Runtime for Docker on an Oracle Linux 7 host.

Before you install and configure the Docker Engine on an Oracle Linux 7 system, make sure you are running an appropriate release of the Unbreakable Enterprise Kernel. Instructions to install UEK are detailed in Section 2.1, “Setting up Unbreakable Enterprise Kernel”.

If you are already running either UEK R4 or UEK R5, you can follow the instructions in Section 2.4, “Installing Oracle Container Runtime for Docker” to complete your installation.

2.1В Setting up Unbreakable Enterprise Kernel

Configure the system to use the Unbreakable Enterprise Kernel Release 5 (UEK R5) or later and boot the system with this kernel. If you are using an earlier Unbreakable Enterprise Kernel (UEK) release, or the Red Hat Compatible Kernel (RHCK), you must upgrade the kernel.

If your system is registered with ULN, disable access to the ol7_x86_64_UEKR3 and ol7_x86_64_UEKR4 channels, and enable access to the ol7_x86_64_UEKR5 channel.

Log into https://linux.oracle.com with your ULN user name and password and click on the Systems tab to select the system where you installing Oracle Container Runtime for Docker. Go to the Manage Subscriptions page and update the channel subscriptions for the system. Click on Save Subscriptions to save your changes.

If you use the Oracle Linux yum server, disable the ol7_UEKR3 and ol7_UEKR4 repositories and enable the ol7_UEKR5 repository. You can do this easily using yum-config-manager :

Run the following command to upgrade the system to the selected UEK release:

Reboot the system, selecting the UEK kernel if this is not the default boot kernel.

2.2В Enabling Access to the Oracle Container Runtime for Docker Packages

To access to the Oracle Container Runtime for Docker packages, you must enable the appropriate ULN channel or yum repositories.

If your system is registered with ULN, enable the ol7_x86_64_addons channel. Use the ULN web interface to subscribe the system to the appropriate channel:

Log in to https://linux.oracle.com with your ULN user name and password.

On the Systems tab, click the link named for the system in the list of registered machines.

On the System Details page, click Manage Subscriptions .

On the System Summary page, select each required channel from the list of available channels and click the right arrow to move the channel to the list of subscribed channels.

Subscribe the system to the ol7_x86_64_addons channel.

Click Save Subscriptions .

If you use the Oracle Linux yum server, enable the ol7_addons channel. To enable a yum repository on your system, use the yum-config-manager command. For example, run:

2.3В Removing the docker Package

The latest Docker package is docker-engine , which conflicts with the older docker package. If you have the older docker package installed, you must remove it before you install Docker Engine. To check if you have the older docker package installed, run:

If the older docker package is installed, stop the docker service and remove the package. To stop the docker service:

Remove the docker package.

You can now install the docker-engine package.

2.4В Installing Oracle Container Runtime for Docker

To install the docker-engine and docker-cli packages.

Start the docker service and configure it to start at boot time.

To check that the docker service is running, use the following command:

You can also use the docker info command to display information about the configuration and version of the Docker Engine.

For more information, see the docker(1) manual page.

2.5В Configuring a Proxy Server

To configure web proxy networking options, create the drop-in file /etc/systemd/system/docker.service.d/http-proxy.conf that contains the following lines:

Replace proxy_URL and port with the appropriate URLs and port numbers for your web proxy.

After adding or modifying a systemd drop-in file while the docker service is running, you need to tell systemd to reload the configuration for the service.

Restart the docker service for the configuration changes to take effect.

2.6В Configuring IPv6 Networking

With IPv6 enabled, Docker assigns the link-local IPv6 address fe80::1 to the bridge docker0 .

For more information about configuring Docker networking, see:

Create or edit /etc/docker/daemon.json .

If you are creating this file from scratch, it should look like this:

If this file already exists and contains other entries, be careful that adding a line for the ipv6 configuration variable conforms with typical JSON formatting.

If you want Docker to assign global IPv6 addresses to containers, additionally specify the IPv6 subnet for the fixed-cidr-v6 option, for example:

Similarly, you can also configure the default IPv6 gateway that should be used by Docker, using the default-gateway-v6 parameter in this configuration file.

For more information on the format and options for this configuration file, see:

Check that the —ipv6 , —fixed-cidr-v6 and default-gateway-v6 options are not being invoked as command line switches when starting the Docker engine daemon.

You should check that these options do not appear in either the /etc/sysconfig/docker or /etc/sysconfig/docker-networking files. These files are deprecated and may be removed in future releases. If these files contain any other configuration parameters, consider whether you could move these into /etc/docker/daemon.json to future-proof your configuration.

Also check that these options do not appear in any systemd drop-in files in /etc/systemd/system/docker.service.d/ . While this is a supported configuration option, it is preferable to keep all Docker Engine configuration in the same place, where possible.

2.7В Configuring Docker Storage

The Docker Engine is configured to use overlay2 as the default storage driver to manage Docker containers. This provides a performance and scalability improvement on earlier releases that used the device mapper as the default storage driver, but the technology is new and should be tested properly before use in production environments. For more information on overlay2 , see:

Overlay file systems can corrupt when used in conjunction with any file system that does not have dtype support enabled.

For Oracle Linux 7.4 or earlier, the root partition is automatically formatted with -n ftype=0 ( disabling dtype support), where XFS is selected as the file system.

The Docker Engine installer checks the filesystem for dtype support, and if this is not enabled, the default storage driver is set to use devicemapper . This check is only performed on a fresh installation of Docker Engine. The configuration of an existing Docker installation is unaffected during upgrade.

This allows Docker to function on a default Oracle Linux 7 system without any additional configuration required, immediately after install. However, using the devicemapper is not recommended for production environments. Performance and scalability can be compromised by this configuration. Therefore, it is important to consider using dedicated storage for Docker, and to change the storage driver to use either btrfs or overlay2 .

If you continue to use devicemapper as the storage driver, you should be aware that some Docker images, such as the image for Oracle Database, require that the base device size is set to 25GB or more. The default base device size for devicemapper is updated to 25GB, but this only meets a minimum requirement for some containers. Where additional capacity may be required, the base device size can be changed by setting the dm.basesize start option for a container or, globally, for the Docker Engine.

You can change this value globally, by adding it to the storage-opts configuration parameter in /etc/docker/daemon.json , for example:

The base device size is sparsely allocated, so an image may not initially use all of this space. You can check how much space is allocated to the Base Device Size by running the docker info command.

For more information on storage driver options, see:

Oracle recommends using Btrfs as a more stable and mature technology than overlayfs.

In most cases, it is advisable to create a dedicated file system to manage Docker containers. This file system can be mounted at /var/lib/docker at boot time, before the Docker service is started.

Any unused block device that is large enough to store several containers is suitable. The suggested minimum size is 1GB but you might require more space to implement complex Docker applications. If the system is a virtual machine, Oracle recommends that you create, partition, and format a new virtual disk. Alternatively, convert an existing ext3 or ext4 file system to Btrfs. For information on converting file systems, see the Oracle В® Linux 7: Administrator’s Guide.

If an LVM volume group has available space, you can create a new logical volume and format it as a Btrfs file system.

XFS file systems must be created with the -n ftype=1 option enabled for use as an overlay. The root partition on Oracle Linux 7 is automatically formatted with -n ftype=0 where XFS is selected as the file system. Therefore, if you intend to use the overlay2 storage driver in this environment, you must format a separate device for this purpose.

2.7.1В Configuring Docker Storage Automatically

The docker-engine package includes a utility that can help you to configure storage correctly for a new Docker deployment. The docker-storage-config utility can format a new block device, set up the mount point and correctly configure the Docker Engine to run with the appropriate storage driver so that your storage configuration follows Oracle guidelines.

For usage instructions, run docker-storage-config with the -h option:

The docker-storage-config utility requires that you provide the path to a valid block device to use for Docker storage. The script formats the device with a new file system. This can be a destructive operation. Any existing data on the device may be lost. Use the lsblk command to help you correctly identify block devices currently attached to the system.

To automatically set up your Docker storage, before installation, run docker-storage-config as root:

Substitute /dev/sdb1 with the path to the block device that you attached as dedicated storage.

You can substitute btrfs with overlay2 if you would prefer to use this storage driver. If you do this, the block device is formatted with XFS and dtype support is enabled.

To overwrite an existing configuration, you can use the -f flag. If your Docker installation has already been used to set up images and containers, this option is destructive and may make these images and containers inaccessible to you, so the option should be used with caution.

2.7.2В Configuring Docker Storage Manually

This section discusses manually setting up a file system for Docker containers.

Configure the Docker Engine to use Btrfs as the storage driver to manage containers. Use yum to install the btrfs-progs package:

If the root file system is not configured as a Btrfs file system, create a Btrfs file system on a suitable device or partition such as /dev/sdb1 in this example:

Configure the Docker Engine to use a block device formatted with XFS in conjunction with the overlay2 storage driver to manage containers. Format the block device with the XFS file system, for example to format a partition /dev/sdb1 :

It is essential that you use the -n ftype=1 option when you create the file system or you cannot use overlayfs. To check if a mounted XFS partition has been formatted correctly, run the following command and check the output to make sure that ftype=1 :

Use the blkid command to display the UUID and TYPE for the new file system and make a note of this value, for example:

The UUID for the file system on the device /dev/sdb1 in this example is the UUID value 26fece06-e3e6-4cc9-bf54-3a353fdc5f82 . You can ignore the PARTUUID value, which is the UUID of the underlying partition. The TYPE of file system in this example is the TYPE value xfs .

Create an entry in your /etc/fstab file to make sure the file system is mounted at boot. Open /etc/fstab in an editor and add a line similar to the following:

Replace UUID_value with the UUID value. Replace fstype with the file system TYPE.

Previous versions of Docker required that dedicated storage used by Docker was mounted via a Systemd mount target and a Systemd drop-in file for the Docker service. This requirement was related to an issue where the storage was automatically unmounted when the Docker service was stopped. This issue no longer applies. If your storage is currently mounted using these methods, consider simplifying your environment by removing the Systemd drop-in and mount target and replacing this with an fstab entry.

This entry defines a mount for the file system on /var/lib/docker . You might need to create this directory if you are performing a fresh installation:

You must mount the file system to start using it:

Источник