Docker is an open-source project that automates the deployment of applications inside software containers.
Docker packaging model used to package applications inside container and run isolated from each other as an virtual machine.
Docker containerized environment based on Linux kernel features like namespace, cgroups and SElinux. These are describes as:
Kernel namespace is isolated virtual environment under base linux kernel which has following features.
1) PID: Used for process isolation.
2) mount: Provides each container as separate isolated file system.
3) IPC: Each container have separate shared memory regions, semaphores sets and message queues.
4) net: Used for managing network interfaces, routing tables, firewall rules.
5) UTS: Used for isolating kernel and version numbers. Setting host name and domain name will not affect the rest of the system.
Cgroup allow the Docker containerized environment to share available hardware resources to containers and set up limits and constraints.
SElinux policies are used to protect RHEL Atomic host from containers and also protect containers from each other. it provides two from of security protection namely Type enforcement and Multi-Category security (MCS) separation.
Containers are light weight as compared to virtual machines, they basically reduce the cost as compared to hyperviser based virtual machines. Container has only application related packages and dependencies and minimal operating system software included.
for more visit: https://www.docker.com/what-docker
RHEL Atomic Host:
Red Hat Enterprise Linux Atomic host is red hat variant, designed to run docker and provide containerized environment for applications. RHEL Atomic host pre-installed with minimal packages, usually it comes with below packages-
1) Docker Utility
2) Docker daemon
3) Kubernetes (container orchestrator)
5) rpm os-tree
6) RHEL-7 based kernel which supports namespace, cgroups and SElinux
– It has only two writable directories namely- /etc and /var
– yum command not used to install packages in RHEL Atomic host.
– /usr mounted read only, and /usr/local is symbolic link to the /var/usr/local
– No firewalld daemon is available, it has only iptables for packet filtering.
– No iSCSI client or initiator installed.
Container Images and Registry:
Container images are read only which can upload and downloaded from public or private image registry. Container images are used to build container. Docker utility are used to pull or push these images from registry. RHEL atomic host by default configured to use below mentioned public image registry. Additionally administrator can configure there own private image registry to store container images.
– Docker Hub (registry.hub.docker.com)
– Red hat Public Registry (registry.access.redhat.com)
Installation of RHEL Atomic host:
RHEL Atomic installation media
RHEL Atomic Host is available in a different variant:
1) .qcow2 image that can be used with OpenStack or KVM.
2) .ova images that can be used with RHEV or VMware.
3) .vhd image that can be used with Hyper-V.
4) iso image that can be used for a bare-metal hardware or virtual guest installation.
Download the installation ISO or a virtual machine image from the Red Hat Customer Portal. Below is the link.
Select the Red Hat Enterprise Linux link from the list of products. Then select Red Hat Enterprise Linux Atomic Host from the Product Variant pull-down menu. Click the Installation Media Download button to download the .iso installation media for RHEL Atomic Host.
RHEL Atomic installation using ISO:
Below are minimum installation requirements
System must have a minimum of 2 GB of RAM.
It should also have a minimum of 8 GB of disk space, 3 GB for RHEL Atomic, and the remaining space for container storage.
For bare-metal installations, burn the ISO image to media and boot the system. Alternatively, the installation media can also be published over the network and a PXE installation can be initiated.
Steps 1: Select the Install RHEL Atomic Host 7 menu item so it is highlighted, then press Enter to launch the installer.
Step 2: Select language from Menu list.
Step 3: After language selection, the installation summary hub is the next screen displayed. Date and time, keyboard, and language can be optionally configured from this screen.
Step 4: Select disk for installation as destination.
Step 5: Configuring network and host name during installation is recommended. Make sure to enable the network interfaces and configure them using DHCP or static network configuration. When a RHEL Atomic installation is performed using PXE, the network and host name will be configured by default.
Step 6: Select Next from screen, installation will started.
Step 7: Set root password and additional you can create user during installation.
Step 8: System will reboot after installation, log in with root user and perform system checks.
a) Check docker daemon is running or not
#systemctl status docker.service -l
b) See available container images from registry
In this way you can install RHEL Atomic host on virtual environment or on any bare metal hardware.