CentOS 7 and Docker wont work out of the box

Issues related to applications and software problems
Post Reply
JackD
Posts: 4
Joined: 2018/10/17 08:02:40

CentOS 7 and Docker wont work out of the box

Post by JackD » 2018/10/17 08:46:30

Hi all,

Coming from the Debian/Ubuntu based world I am starting to learn anything Red Hat based/related.

CentOS is awesome as a server platform!

RHEL based, I love it. I should have dived into it years ago.

But then I tried docker on it :?

After a lot of hours debugging I finally got docker to work on CentOS 7. On Debian based servers docker works instantly after installation. Migrating all of my servers to CentOS. I am not going back to Debian/Ubuntu.

Out of the box on CentOS 7 docker will not work!

And that amazes me since its RHEL based I thought that something like an industry standard like docker would work out of the box.

The docker version in CentOS 7 is docker-1.13.1-75.

The problem is when you start creating anything after installation of docker it will be denied by SELINUX and FIREWALLD.

Shutting down selinux is a very bad idea, so you wind up troubleshooting selinux for docker. And when that's taken care of and docker is allowed to create anything it still wont work on the network level because Firewalld comes in and starts blocking it. Docker creates its own iptables based rules during creation of the networks of the containers and at system boot. Something Firewalld can't handle and the creation of iptables rules gets blocked by firewalld because it don't understand what it needs to do with that input from docker.

The only way forward I found so far is disabling firewalld. This leaves your host wide open, bad idea, but then the creation of iptables rules by docker wont get blocked and will work. I spent time to learn the Red Hat way by learning selinux and firewalld, neither of them I want to stop just to make it work in a production environment but I have no clue so far how to fix this.

Firewalld and docker, anybody got a clue how to fix this?

User avatar
TrevorH
Forum Moderator
Posts: 23876
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CentOS 7 and Docker wont work out of the box

Post by TrevorH » 2018/10/17 14:06:34

Are you using our docker or docker's docker?
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

JackD
Posts: 4
Joined: 2018/10/17 08:02:40

Re: CentOS 7 and Docker wont work out of the box

Post by JackD » 2018/10/17 15:59:18

Hi Trevor,

Using the CentOS one that's in the default repo.

That's what amazes me.

hunter86_bg
Posts: 1422
Joined: 2015/02/17 15:14:33
Location: Bulgaria
Contact:

Re: CentOS 7 and Docker wont work out of the box

Post by hunter86_bg » 2018/10/18 04:06:20

Have you tried CentOS Atomic Host?
Its sole purpose is to be a docker host and everything is polished by Red Hat.

JackD
Posts: 4
Joined: 2018/10/17 08:02:40

Re: CentOS 7 and Docker wont work out of the box

Post by JackD » 2018/10/18 08:38:46

At this moment I just want CentOS 7 and docker.

Edit:
Playing around with CentOS 7 atomic in KVM/virt.

Post Reply