How to Install Docker on CentOS 8

install docker centos 8

CentOS 8 comes with its own tools, buildah and podman, which are compatible with existing docker images and work without relying on a daemon, allowing the creation of containers as normal users, without the need of special permissions.

These tools still have some limitations, so in this tutorial, we will see how to install and run the original Docker CE on Centos 8 by using the official Docker repository.

What is Docker ?

Docker is an open-source project which allows the creation and distribution of applications inside containers, which are standardized environments that can be easily replicated, independently from the host system.

Adding the Docker repository

First, we must add an external repository to obtain the Docker CE. We will use the official Docker CE CentOS repository.

The DNF config-manager utility let us, among the other things, to easily enable or disable a repository in our CentOS. By default, only the appstream and baseos repositories are enabled on CentOS 8. The next step is to add and enable the docker-ce repo too. All we need to do to accomplish this task is to run the following:

$ sudo dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo
Adding repo from: https://download.docker.com/linux/centos/docker-ce.repo

We can verify that the repository has been enabled by typing the following dnf command:

$ sudo dnf repolist -v

....

Repo-id      : docker-ce-stable
Repo-name    : Docker CE Stable - x86_64
Repo-revision: 1567619328
Repo-updated : Wed 04 Sep 2019 05:48:48 PM UTC
Repo-pkgs    : 51
Repo-size    : 1.1 G
Repo-baseurl : https://download.docker.com/linux/centos/7/x86_64/stable
Repo-expire  : 172,800 second(s) (last: Mon 30 Sep 2019 09:28:09 PM UTC)
Repo-filename: /etc/yum.repos.d/docker-ce.repo

Installing docker-ce package

The repository contains several versions of the docker-ce package, to display all of them, we can run:

$ dnf list docker-ce --showduplicates | sort -r
Extra Packages for Enterprise Linux 8 - x86_64  501 kB/s | 2.3 MB     00:04    
docker-ce.x86_64            3:19.03.4-3.el7                     docker-ce-stable
docker-ce.x86_64            3:19.03.3-3.el7                     docker-ce-stable
docker-ce.x86_64            3:19.03.2-3.el7                     docker-ce-stable
docker-ce.x86_64            3:19.03.1-3.el7                     docker-ce-stable
docker-ce.x86_64            3:19.03.0-3.el7                     docker-ce-stable
docker-ce.x86_64            3:18.09.9-3.el7                     docker-ce-stable
docker-ce.x86_64            3:18.09.8-3.el7                     docker-ce-stable
docker-ce.x86_64            3:18.09.7-3.el7                     docker-ce-stable
docker-ce.x86_64            3:18.09.6-3.el7                     docker-ce-stable
docker-ce.x86_64            3:18.09.5-3.el7                     docker-ce-stable
docker-ce.x86_64            3:18.09.4-3.el7                     docker-ce-stable
docker-ce.x86_64            3:18.09.3-3.el7                     docker-ce-stable
docker-ce.x86_64            3:18.09.2-3.el7                     docker-ce-stable
docker-ce.x86_64            3:18.09.1-3.el7                     docker-ce-stable
docker-ce.x86_64            3:18.09.0-3.el7                     docker-ce-stable
docker-ce.x86_64            18.06.3.ce-3.el7                    docker-ce-stable
docker-ce.x86_64            18.06.2.ce-3.el7                    docker-ce-stable
docker-ce.x86_64            18.06.1.ce-3.el7                    docker-ce-stable
docker-ce.x86_64            18.06.0.ce-3.el7                    docker-ce-stable
docker-ce.x86_64            18.03.1.ce-1.el7.centos             docker-ce-stable
docker-ce.x86_64            18.03.0.ce-1.el7.centos             docker-ce-stable
docker-ce.x86_64            17.12.1.ce-1.el7.centos             docker-ce-stable
docker-ce.x86_64            17.12.0.ce-1.el7.centos             docker-ce-stable
docker-ce.x86_64            17.09.1.ce-1.el7.centos             docker-ce-stable
docker-ce.x86_64            17.09.0.ce-1.el7.centos             docker-ce-stable
docker-ce.x86_64            17.06.2.ce-1.el7.centos             docker-ce-stable
docker-ce.x86_64            17.06.1.ce-1.el7.centos             docker-ce-stable
docker-ce.x86_64            17.06.0.ce-1.el7.centos             docker-ce-stable
docker-ce.x86_64            17.03.3.ce-1.el7                    docker-ce-stable
docker-ce.x86_64            17.03.2.ce-1.el7.centos             docker-ce-stable
docker-ce.x86_64            17.03.1.ce-1.el7.centos             docker-ce-stable
docker-ce.x86_64            17.03.0.ce-1.el7.centos             docker-ce-stable

At the time being, installation of containerd.io > 1.2.0-3.el7 is blocked, which is a dependency of docker-ce. Because of this, we have to work around this problem. However, another problem is present. As long as firewalld, the system firewall manager is enabled, DNS resolution inside docker containers does not work.
For the time being this is the only way to install docker-ce. We will update the article once the proper centos 8 package becomes available.

We will now install the docker with the following command:

$ sudo dnf -y  install docker-ce --nobest
Last metadata expiration check: 0:35:54 ago on Sun 20 Oct 2019 05:17:37 PM UTC.
Dependencies resolved.

 Problem: package docker-ce-3:19.03.4-3.el7.x86_64 requires containerd.io >= 1.2.2-3, but none of the providers can be installed
  - cannot install the best candidate for the job
  - package containerd.io-1.2.10-3.2.el7.x86_64 is excluded
  - package containerd.io-1.2.2-3.3.el7.x86_64 is excluded
  - package containerd.io-1.2.2-3.el7.x86_64 is excluded
  - package containerd.io-1.2.4-3.1.el7.x86_64 is excluded
  - package containerd.io-1.2.5-3.1.el7.x86_64 is excluded
  - package containerd.io-1.2.6-3.3.el7.x86_64 is excluded
================================================================================
 Package           Arch   Version                        Repository        Size
================================================================================
Installing:
 docker-ce         x86_64 3:18.09.1-3.el7                docker-ce-stable  19 M
Installing dependencies:
 container-selinux noarch 2:2.94-1.git1e99f1d.module_el8.0.0+58+91b614e7
                                                         AppStream         43 k
 libcgroup         x86_64 0.41-19.el8                    BaseOS            70 k
 containerd.io     x86_64 1.2.0-3.el7                    docker-ce-stable  22 M
 docker-ce-cli     x86_64 1:19.03.4-3.el7                docker-ce-stable  39 M
Enabling module streams:
 container-tools          rhel8                                                
Skipping packages with broken dependencies:
 docker-ce         x86_64 3:19.03.4-3.el7                docker-ce-stable  24 M

Transaction Summary
================================================================================
Install  5 Packages
Skip     1 Package

Total download size: 80 M
Installed size: 338 M
Downloading Packages:
(1/5): container-selinux-2.94-1.git1e99f1d.modu 314 kB/s |  43 kB     00:00    
(2/5): libcgroup-0.41-19.el8.x86_64.rpm         470 kB/s |  70 kB     00:00    
(3/5): containerd.io-1.2.0-3.el7.x86_64.rpm     3.1 MB/s |  22 MB     00:07    
(4/5): docker-ce-18.09.1-3.el7.x86_64.rpm       2.6 MB/s |  19 MB     00:07    
(5/5): docker-ce-cli-19.03.4-3.el7.x86_64.rpm   2.6 MB/s |  39 MB     00:15    
--------------------------------------------------------------------------------
Total                                           4.5 MB/s |  80 MB     00:17     
warning: /var/cache/dnf/docker-ce-stable-091d8a9c23201250/packages/containerd.io-1.2.0-3.el7.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY
Docker CE Stable - x86_64                       1.4 kB/s | 1.6 kB     00:01    
Importing GPG key 0x621E9F35:
 Userid     : "Docker Release (CE rpm) "
 Fingerprint: 060A 61C5 1B55 8A7F 742B 77AA C52F EB6B 621E 9F35
 From       : https://download.docker.com/linux/centos/gpg
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                        1/1 
  Installing       : docker-ce-cli-1:19.03.4-3.el7.x86_64                   1/5 
  Running scriptlet: docker-ce-cli-1:19.03.4-3.el7.x86_64                   1/5 
  Installing       : containerd.io-1.2.0-3.el7.x86_64                       2/5 
  Running scriptlet: containerd.io-1.2.0-3.el7.x86_64                       2/5 
  Running scriptlet: libcgroup-0.41-19.el8.x86_64                           3/5 
  Installing       : libcgroup-0.41-19.el8.x86_64                           3/5 
  Running scriptlet: libcgroup-0.41-19.el8.x86_64                           3/5 
  Installing       : container-selinux-2:2.94-1.git1e99f1d.module_el8.0.0   4/5 
  Running scriptlet: container-selinux-2:2.94-1.git1e99f1d.module_el8.0.0   4/5 
  Running scriptlet: docker-ce-3:18.09.1-3.el7.x86_64                       5/5 
  Installing       : docker-ce-3:18.09.1-3.el7.x86_64                       5/5 
  Running scriptlet: docker-ce-3:18.09.1-3.el7.x86_64                       5/5 
  Verifying        : container-selinux-2:2.94-1.git1e99f1d.module_el8.0.0   1/5 
  Verifying        : libcgroup-0.41-19.el8.x86_64                           2/5 
  Verifying        : containerd.io-1.2.0-3.el7.x86_64                       3/5 
  Verifying        : docker-ce-3:18.09.1-3.el7.x86_64                       4/5 
  Verifying        : docker-ce-cli-1:19.03.4-3.el7.x86_64                   5/5 

Installed:
  docker-ce-3:18.09.1-3.el7.x86_64                                              
  container-selinux-2:2.94-1.git1e99f1d.module_el8.0.0+58+91b614e7.noarch       
  libcgroup-0.41-19.el8.x86_64                                                  
  containerd.io-1.2.0-3.el7.x86_64                                              
  docker-ce-cli-1:19.03.4-3.el7.x86_64                                          

Skipped:
  docker-ce-3:19.03.4-3.el7.x86_64                                              

Complete!

Now we must enable docker service:

$ sudo systemctl enable --now docker
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.

We can check if the service is running as it should:

$ systemctl status  docker
● docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor pres>
   Active: active (running) since Sun 2019-10-20 18:00:45 UTC; 2min 12s ago
     Docs: https://docs.docker.com
 Main PID: 2856 (dockerd)
    Tasks: 21
   Memory: 53.2M
   CGroup: /system.slice/docker.service
           ├─2856 /usr/bin/dockerd -H fd://
           └─2873 containerd --config /var/run/docker/containerd/containerd.tom>

From this, we can see that everything is ok.

Adding user to docker group

The docker group is created, but no users are added to the group. Add your user to this group to run docker commands without sudo.

$ sudo usermod -aG docker $USER
$ id $USER
uid=1000(vagrant) gid=1000(vagrant) groups=1000(vagrant),988(docker)

Logout and Login again to use Docker without sudo. We can check the docker version with:

$ newgrp docker

$ docker version
Client: Docker Engine - Community
 Version:           19.03.4
 API version:       1.39 (downgraded from 1.40)
 Go version:        go1.12.10
 Git commit:        9013bf583a
 Built:             Fri Oct 18 15:52:22 2019
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          18.09.1
  API version:      1.39 (minimum version 1.12)
  Go version:       go1.10.6
  Git commit:       4c52b90
  Built:            Wed Jan  9 19:06:30 2019
  OS/Arch:          linux/amd64
  Experimental:     false

Test docker installation by pulling the test image

We can now pull the alpine docker container image to test our installed docker:

$ docker pull alpine
Using default tag: latest
latest: Pulling from library/alpine
9d48c3bd43c5: Pull complete 
Digest: sha256:72c42ed48c3a2db31b7dafe17d275b634664a708d901ec9fd57b1529280f01fb
Status: Downloaded newer image for alpine:latest
docker.io/library/alpine:latest

List downloaded container images:

$ docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
alpine              latest              961769676411        2 months ago        5.58MB

Verify that Docker CE is working correctly by running the alpine container from the downloaded image.

$ docker run -it --rm alpine /bin/sh
/ # apk update
fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/main/x86_64/APKINDEX.tar.gz
ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.10/main: temporary error (try again later)
WARNING: Ignoring APKINDEX.00740ba1.tar.gz: No such file or directory
fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/community/x86_64/APKINDEX.tar.gz
ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.10/community: temporary error (try again later)
WARNING: Ignoring APKINDEX.d8b2a6f4.tar.gz: No such file or directory
2 errors; 14 distinct packages available
/ # exit

We see here that we get errors trying to update with "apk update".

As said before, in order to make DNS resolution work inside Docker containers, we must disable firewalld (a system reboot may be also needed):

$ sudo systemctl disable firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

After reboot we will try again apk update:

$ docker run -it --rm alpine /bin/sh
/ # apk update
fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/community/x86_64/APKINDEX.tar.gz
v3.10.2-189-g393dc02e8c [http://dl-cdn.alpinelinux.org/alpine/v3.10/main]
v3.10.2-189-g393dc02e8c [http://dl-cdn.alpinelinux.org/alpine/v3.10/community]
OK: 10337 distinct packages available
/ # exit

And now it works. This is not a good solution, but for now, this is the only way. Now you can ssh into docker and start using it.

Conclusion

At this time there is no official Centos 8 docker package. For now, we have to use this workaround to use the official Docker. In this tutorial, we have learned how to install and use Docker and docker images with the only workaround known at this time.

Read Also:

Slavisa Milojkovic 4:29 am

Comments

Your email address will not be published. Required fields are marked *

All comments are subject to moderation.