How do I install Docker Community Edition on Silverblue?


#1

I’m working on a few Docker projects, and for compatibility reasons (Windows and Mac) I need to use Docker Community Edition. How do I install that on Silverblue?


#2

I think it has to be layered, so ‘rpm-ostree install docker’ is what I just did and it apparently created a new ostree for e to boot into, so I guess I have Docker installed now. This was the result at the terminal… “Freed: 772.0 MB (pkgcache branches: 1)
Added:
atomic-registries-1.22.1-27.gitb507039.fc29.x86_64
container-storage-setup-0.11.0-4.dev.git413b408.fc29.noarch
docker-2:1.13.1-62.git9cb56fd.fc29.x86_64
docker-common-2:1.13.1-62.git9cb56fd.fc29.x86_64
docker-rhel-push-plugin-2:1.13.1-62.git9cb56fd.fc29.x86_64
oci-systemd-hook-1:0.1.17-3.gitbd86a79.fc29.x86_64
oci-umount-2:2.3.4-2.git87f9237.fc29.x86_64
python3-pytoml-0.1.18-1.fc29.noarch
python3-pyyaml-4.2-0.1.b4.fc29.x86_64
subscription-manager-rhsm-certificates-1.23.3-1.fc29.x86_64
yajl-2.1.0-11.fc29.x86_64”


#3

docker-2:1.13.1-62.git9cb56fd.fc29.x86_64 is the last version of Docker that was released before the project changed to Moby etc.

I tried adapting the instructions from the Docker CE page to Silverblue, but ultimately hit an error.

  1. Copy the Docker CE repo file to /etc/yum/repos/.d
  2. Change the the $releasever in the repo file to 28 (there is no version for Fedora 29 yet)
  3. rpm-ostree install docker-ce

Unfortunately, the error I hit looked like this:

$ sudo rpm-ostree install docker-ce
Checking out tree fa76021... done
Enabled rpm-md repositories: updates docker-ce-stable fedora
rpm-md repo 'updates' (cached); generated: 2018-11-08T03:01:41Z
Updating metadata for 'docker-ce-stable': [=============] 100%
rpm-md repo 'docker-ce-stable'; generated: 2018-11-07T23:26:19Z
Updating metadata for 'fedora': [=============] 100%
rpm-md repo 'fedora'; generated: 2018-10-28T11:00:54Z
Importing metadata [=============] 100%
Resolving dependencies... done
Will download: 3 packages (53.0 MB)
  Downloading from docker-ce-stable: [=============] 100%
Importing (3/3) [=============] 100%
Checking out packages (3/3) [=============] 100%
Running pre scripts... 1 done
Running post scripts... error: Running %post for docker-ce: Executing bwrap(/bin/sh): Child process killed by signal 2; run `journalctl -t 'rpm-ostree(docker-ce.post)'` for more information

$ sudo journalctl --no-pager -t 'rpm-ostree(docker-ce.post)'
-- Logs begin at Thu 2018-11-08 10:31:05 EST, end at Thu 2018-11-08 10:41:06 EST. --
Nov 08 10:40:12 localhost.localdomain rpm-ostree(docker-ce.post)[1283]: failed to link /var/lib/docker-engine/distribution_based_engine.json -> /etc/alternatives/distribution_based_engine.json: No such file or directory

#4

Yeah, the Docker daemon isn’t running on my machine, otherwise it installed as if all was OK, no errors seen. I only just now tried to get it to list images on my machine and it comes back with ‘Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?’
Which I am assuming is because I haven’t started it yet. So did just that with ‘systemctl docker’ and was able to get system info from docker under sudo in Silverblue


#5

I tried adapting the instructions from the Docker CE page to Silverblue, but ultimately hit an error.

So I should have installed from Docker CE then? The version I have on right now seems to be working but it is likely out of date is what your telling me.

My bad, I should have actually Read the first post I responded to.


#6

Unless you need particular features from the version supplied via Docker CE, I think the version you’ve installed (docker 1.13) should suffice.


#7

Or if I was going to try to get it going in order to help trouble shoot, which is pretty much my only reason for trying in this particular case. I don’t run into ever needing docker for my day to day use, and for containers Podman has been more than sufficient to satisfy my needs on Silverblue.


#8

Ah, that’s https://bugzilla.redhat.com/show_bug.cgi?id=1352154#c9

Unfortunate because having rpm-ostree support package layering is for exactly these cases - Docker upstream can build a single RPM that should work on both classic and rpm-ostree systems. It’s just that the update-alternatives system they’re using in %post doesn’t work today with ostree-style systems.


#9

OK - I need Docker CE for compatibility with Windows and Mac, and I’m not quite ready to switch over to podman for my own projects.


#10

I just downloaded and installed RPM from docker.com, so it’s now in LocalPackages. Only usecase where Podman is failing and I need docker is uploading new images to AWS ECR. For everything else podman is more than enough (you could get away with alias docker=podman :slight_smile: ). And I also didn’t enable docker-service to autostart as I don’t need it in everyday use.


#11

Have you seen this issue upstream? https://github.com/containers/libpod/issues/1719

It looks like the podman team is aware of the problem and wants to fix it, but it will require some coordination with the AWS folks. In the meantime, it looks like you are able to workaround this problem by using skopeo


#12

Nice, was planing to research issue today and open bug if nedded, but time hasn’t permited it. Thanks for inffo


#13

I’m getting into SilverBlue after a few months away from the scene. Back then, I had good results running atomic host for docker containers or for docker-compose services.

Is atomic no longer a thing?

I was under the impression that podman was the solution for Kubernetes and a replacement for kubectl

Maybe SilverBlue is meant only for workstations and I should use atomic-host for server applications?


#14

Yeah, atomic is starting to get phased out. It’s expected that most (if not all) of its functionality will be replaced with podman

You could probably use podman for some of your Kubernetes needs, but you should probably stick to kubectl or OpenShift Origin.

Yes, Fedora Atomic Host has no desktop-related packages and is suited for running container workloads. Fedora Silverblue is a workstation project delivered using the same ostree/rpm-ostree stack that is used by Atomic Host. Therefore, it is common for Silverblue users to utilize container technology found in the likes of podman and Flatpak to adapt to their existing workflows.


#15

Well, I’m more ready to switch over to podman for personal projects now - I have it building from source without issues, so I can run it on a Linux workstation / laptop that has Docker CE as well. But what’s the podman / buildah / skopeo solution for Windows and Mac?


#16

This upstream issue talks about Windows/OS X - https://github.com/containers/libpod/issues/1384

My understanding is that they are looking at using a script to start a small VM and proxy the commands to that VM. I believe this is how Docker works on OS X (not sure about Windows).


#17

I’m very familiar with how Docker works on Windows desktops. On Windows 10 Pro you have Hyper-V; all other versions, including 10 Home, require VirtualBox 5+. In either case, your hypervisor hosts a lightweight Linux VM which hosts your containers.

Once the VM is up, the host-side commands are relayed to the VM by some mechanism I’ve never bothered to research, and the networking is handled by the port mapping facilities of the hypervisor.

The situation is similar on MacOS but I’ve never used it so I don’t know the details. In any event, because there’s a virtual machine, you don’t have access to all the host RAM and CPU like you would on a Linux desktop / laptop. And there’s at least one bug / undocumented configuration pitfall that’s 18+ months old.

I would love to see Fedora CoreOS / Atomic Host run in Hyper-V hosting podman / buildah / skopeo instead of the current “integrated” solution. It works; I’ve done it - it just needs marketing, packaging and documentation.