I have an old ThinkPad R61 with a cracked screen that has been gathering dust ever since Boy #2 inherited my old desktop. The idea of a [not quite] perfectly good computer going unused annoys me for some reason–there are potential CPU cycles that are simply not happening. While the hardware is dated, its Core2 Duo T7300 CPU runnng at 2.00GHz with 4GB of RAM certainly packs a much bigger wallop than my Raspberry Pi.\u00a0 So I decided to set it up as a host for running Docker containers.\u00a0 I then began my search for a suitable operating system.<\/p>\n
It seemed to me as though an Atomic Host (http:\/\/www.projectatomic.io\/)\u00a0 OS was exactly what I needed–an operating system “designed with the sole purpose of running containerized applications.”\u00a0 So I grabbed the CentOS 7 Atomic Host ISO image, burned it to a DVD (it was around 775MB and my CD-R media maxes out at 700MB), put it in the laptop and hit the power button.\u00a0 The install went smoothly and, even though I had an external monitor ready, was actually able to see everything well enough on the cracked screen.<\/p>\n
Once in, I ran “sudo atomic host upgrade” to upgrade things (but it seemed like I already had the latest and greatest) and then restarted the machine.\u00a0 I was able to ssh into the the machine and then started running containers–everything worked smoothly.\u00a0 It was fast and easy to go from zero to Docker container on bare metal.\u00a0 I was pleased and ready to try more.<\/p>\n
I then checked the docker version and discovered that it was still on a 1.8 version.\u00a0 I use Docker 1.8 and Kubernetes at work and was hoping to expand my horizons.\u00a0 Specifically I want to use 1.9 or later because at home I’m playing with the new networks feature and also the new networking functionality in v2 of Compose.\u00a0 Also, some of the fancy new images on Docker hub are officially supporting only 1.10.1.\u00a0 There didn’t seem to be an obvious way to update Docker to a new version, but I assumed that to be easily solvable with a little kicking and swearing so I put it on the back burner.<\/p>\n
Since I could now access the machine remotely, I wanted to get if off my disheveled desk.\u00a0 I knew that thanks to my charging station<\/a> there were plenty of free outlets, but places to plug in network cables are not as readily available in my home.\u00a0\u00a0 Since the laptop has all the hardware necessary for wireless goodness, I figured I’d just set that up.\u00a0 Unfortunately, I couldn’t find any mention of configuring wireless networking on Atomic Host or even how to install drivers.\u00a0 I expect that the CentOS packages could be used, but since Atomic Host doesn’t have yum, the install would have to be very different.\u00a0 And so I decided that I wouldn’t use Atomic Host.<\/p>\n I only recently heard of Alpine Linux when I read that Docker Official Images are Moving to Alpine Linux<\/a>, but I have used other BusyBox based distributions in the past, so I decided to give it a go.\u00a0 Downloading the svelte 86MB ISO was much faster than the Atomic Host image as was the process of burning to a CD (with plenty of room to spare).\u00a0 I put the disc in the laptop and booted it up.<\/p>\n Instead of an installer I got a message reading in part:<\/p>\n A little searching revealed the error to be not uncommon when booting from a USB drive, but I could find no mention of the problem occurring with an install from CDROM and the typical solution didn’t seem to quite fit.\u00a0 So I wrote the image to the USB drive, but the first time I tried, it hung while loading the installer.\u00a0 My third attempt had both the CD and the USB drive in the machine and I’m actually not sure which was used (or perhaps both?), but the installer loaded.\u00a0 It was a simple, text based user interface and the actual install process didn’t take too long.<\/p>\n Once installed, I wanted to see if I could succeed with Alpine where I failed with Atomic Host.\u00a0 Because of the lightweight nature of Alpine, wireless isn’t supported out of the box like it is in more robust distributions.\u00a0 However, following the clear instructions on instructions on the Alpine Wiki<\/a> soon remedied my need for a wireless connection and I was ready to move the laptop off my disheveled desk–or so I thought.<\/p>\n There are a few ssh choices in the installer and I opted for OpenSSH.\u00a0 I tried to connect via ssh, but it would not accept my credentials.\u00a0 At first I thought I had forgotten the password.\u00a0 After panicking I then did some poking around and learned that \/etc\/ssh\/sshd_config contains the directive “PasswordAuthentication no”.\u00a0 Presumably changing the “no” to “yes” would have worked, but I instead opted to use public\/private RSA keys for authentication instead.\u00a0 I had no issues setting up the keys and then I could connect via SSH and I moved the laptop into the dining room and put it on a spare chair next to an empty outlet.<\/p>\n Since package managers and distributions often come with older versions, I like to follow these Linux Docker installation instructions<\/a>.\u00a0 So I installed curl, but when I went to run the script it didn’t work as I’m accustomed to seeing on RHEL or Ubuntu.<\/p>\n Once again I found a relevant Alpine Wiki page<\/a> and once again found the instructions to be clear and easy to follow.\u00a0 I was further pleasantly surprised to see that it installed version 1.10.1 which had been built only four days previously.<\/p>\n Now I wanted to Docker Compose and I like to install it as a container<\/a>.\u00a0 There were no errors on the install, but when I tried to run it I got:<\/p>\n The fix for that was simply to modify the first line of \/usr\/local\/bin\/docker-compose to read “#!\/bin\/ash<\/strong>” instead of “#!\/bin\/bash<\/strong>“.\u00a0 After that it seemed happy.<\/p>\n Now I was ready to run some containers.\u00a0 I tried running a Docker Registry and got an error reading:<\/p>\n The error actually occurred during the pull and I found I could not even pull the image (which is interesting because I had just successfully pulled and ran Compose).\u00a0 Searching revealed other people who had seen the same error on Alpine doing Dockery stuff.\u00a0 I found a blog entry about Installing Docker (Daemon) on Alpine Linux<\/a> in which the author saw the error when running Docker build and gave a magic incantation to make the problem go away:<\/p>\n Whatever that did under the covers, it removed the error.\u00a0 However, I immediately ran into other permission related problems.<\/p>\n I was able to get some other containers to work including a rest service that I wrote that uses Alpine as a base image, but I was troubled that the registry didn’t want to run.\u00a0 Alpine is not only small, but is also security-oriented.\u00a0 In this case it seems like it is too secure to run everything I need (at least without a lot of extra knowledge).\u00a0 And so I decided that I wouldn’t use Alpine.<\/p>\n The story continues in part 2<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":" Introduction I have an old ThinkPad R61 with a cracked screen that has been gathering dust ever since Boy #2 inherited my old desktop. The idea of a [not quite] perfectly good computer going unused annoys me for some reason–there are potential CPU cycles that are simply not happening. While the hardware is dated, its … Continue reading “What OS for Docker host? (Part 1)”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[8],"class_list":["post-37","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-docker"],"_links":{"self":[{"href":"https:\/\/nathanbak.com\/index.php?rest_route=\/wp\/v2\/posts\/37","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nathanbak.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nathanbak.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nathanbak.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nathanbak.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=37"}],"version-history":[{"count":9,"href":"https:\/\/nathanbak.com\/index.php?rest_route=\/wp\/v2\/posts\/37\/revisions"}],"predecessor-version":[{"id":72,"href":"https:\/\/nathanbak.com\/index.php?rest_route=\/wp\/v2\/posts\/37\/revisions\/72"}],"wp:attachment":[{"href":"https:\/\/nathanbak.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=37"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nathanbak.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=37"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nathanbak.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=37"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Alpine Linux<\/h2>\n
Mounting boot media failed.\r\ninitramfs emergency recovery shell launched. Type 'exit' to continue boot<\/pre>\n
alpy:~# curl -fsSL https:\/\/get.docker.com\/ | sh<\r\nEither your platform is not easily detectable, is not supported by this\r\n installer script (yet - PRs welcome! [hack\/install.sh]), or does not yet have\r\n a package for Docker. Please visit the following URL for more detailed\r\n installation instructions:\r\n https:\/\/docs.docker.com\/engine\/installation\/<\/pre>\n
alpy:~# which docker-compose\r\n\/usr\/local\/bin\/docker-compose\r\nalpy:~# docker-compose version\r\n-ash: docker-compose: not found<\/pre>\n
\u00a0failed to register layer: ApplyLayer exit status 1 stdout: stderr: chmod \/bin\/mount: permission denied<\/pre>\n
\u00a0sysctl -w kernel.grsecurity.chroot_deny_chmod=0<\/pre>\n
alpy:~# docker run -d -p 5000:5000 --name registry registry:2\r\na8fc19a787c0ad7e5ea9fc17a7283261b68ac8fa4c154f7eea235bbf3978196d\r\nalpy:~# docker logs a8fc19a787c0ad7e5ea9fc17a7283261b68ac8fa4c154f7eea235bbf3978\r\n196d\r\n\/bin\/registry: error while loading shared libraries: librados.so.2: cannot enable executable stack as shared object requires: Permission denied<\/pre>\n