Docker Fedora 32

2/13/2022by admin
Docker

1. The problems

  • problem 1: there’s currently no Docker rpm repo for Fedora 32. Package installations fail with:

error: Status code: 404 for http://download.docker.com/linux/fedora/32/repodata/repomd.xml (IP: 13.35.253.112) (http://download.docker.com/linux/fedora/32/repodata/repomd.xml).

  • problem 2: if you work around this issue by installing from the Fedora 31 repo, start the docker daemon and try to run a container, Docker isn’t able to start it for you:
  1. Dec 09, 2020 Docker has been removed from Fedora 32 and 31, being replaced by moby-engine (both don't yet support cgroups v2 though). In case you're not familiar with Moby and its relationship with Docker, I recommend reading this article. To install moby-engine (includes Docker CLI and the Docker Engine) on Fedora 32 or 31, enable and start its daemon, use.
  2. May 04, 2020 Moby-engine vs Docker-ce. There are two ways we can obtain docker on Fedora 32: we can install the “docker” package from the official distribution repositories, or add the docker-ce ones and install the needed packages from there.

$ docker run –rm -t hello-world
Docker: Error response from daemon: cgroups: cgroup mountpoint does not exist: unknown.
ERRO[0000] error waiting for container: context canceled

See full list on blog.thenextgenlearn.com. Apr 30, 2020 After little trouble with running Docker in Fedora 31 I found myself yet again in a similar situation. This time the DNS inside Docker containers could not resolve github.com hostname. This was the welcome of a first Docker build on Fedora 32.

Oct 21, 2020 Here’s a way how to successfully install Docker from Docker’s repo on Fedora 32. The first steps also solve similar issues with other container tools on Fedora 32, such as k3s. Please note that this does not break podman, as podman can deal both with legacy environments (cgroups v1, iptables) and Fedora 32’s more modern defaults.

  • problem 3: if you manage to work around this issue (we’ll get to how below) your containers are likely having network issues: From within a container usually there’s no connection to hosts on the Internet and connections to other (linked) containers fail.

2. Why is it broken?

Problem 2 (running containers) has to do with the fact that Fedora 31/32 are using cgroups v2 instead of v1. Cgroups v2 is still relatively new and Docker doesn’t support it yet. In fact Fedora is the first mainstream distro that enables it by default. It is possible to switch the Kernel back to cgroups v1.

Problem 3 (container networking) is caused by the fact that Fedora 32 is using nftables instead of iptables for its firewall daemon firewalld. Programs that use iptables directly (such as Docker) can cause conflicts. It is possible to switch firewalld back to use iptables.

3. Is it really a problem? (aka. Do I really need Docker?)

If you just want to run containers in a similar style to with Docker, there’s a different default container tool in Fedora and RHEL/CentOS called podman. The Podman CLI works almost identical to Docker but has numerous advantages (such as rootless containers — no Docker daemon needed) and a better integration into the Red Hat ecosystem (such as systemd and selinux integration for containers).

Free

You can install Podman with:

sudo dnf install podman

And then just use it as a replacement for Docker:

podman run –rm -t hello-world

However, there are legitimate reasons why you might still want to use Docker instead of Podman. One reason that I personally care about is that Docker supports CLI plugins and Podman not (yet)*. I have made myself a couple of homebrewn CLI plugins over time, like this one.

*(Having said that: This is a very personal reason related to my specific setup and shouldn’t stop you from using podman unless you’re having a similar setup. Podman is a great tool and the better choice for most use cases on Fedora/RHEL/CentOS).

4. A solution (aka. I really want Docker on Fedora 32)

Here’s a way how to successfully install Docker from Docker’s repo on Fedora 32. The first steps also solve similar issues with other container tools on Fedora 32, such as k3s. Please note that this does not break podman, as podman can deal both with legacy environments (cgroups v1, iptables) and Fedora 32’s more modern defaults.

Let’s get started:

  • disable cgroups v2 via a kernel parameter:

sudo grubby –update-kernel=ALL –args=”systemd.unified_cgroup_hierarchy=0″
reboot

  • switch firewalld’s backend from nftables to iptables by editing /etc/firewalld/firewalld.conf and there set FirewallBackend=iptables. Then restart firewalld with systemctl restart firewalld.service.
  • Now we can install Docker. For that there are two options:
    Either we can use Fedora’s Docker package (derrived from Docker’s upstream project moby, therefore called moby-engine). I recommend this option.
    Or alternatively we can install Docker’s Fedora 31 packages on Fedora 32.

Either: Install Docker from Fedora’s package repo (Recommended)

sudo dnf install moby-engine

Or: Install Docker on Fedora 32 from Docker’s Fedora 31 package repo

sudo rpmkeys –import https://download.docker.com/linux/fedora/gpg
sudo dnf config-manager –add-repo https://download.docker.com/linux/fedora/docker-ce.reposudo dnf install –enablerepo=docker-ce-stable –releasever=31 docker-ce-cli docker-ce

  • let’s also add docker-compose: sudo dnf install docker-compose
  • and finally we need to enable the Docker daemon:

sudo systemctl enable docker.service –now

We should now be able to run containers via Docker as usual:

$ docker run –rm -t hello-world head -2Hello from Docker!

1. The problems

  • problem 1: there’s currently no Docker rpm repo for Fedora 32. Package installations fail with:
Docker fedora 32 key

error: Status code: 404 for http://download.docker.com/linux/fedora/32/repodata/repomd.xml (IP: 13.35.253.112) (http://download.docker.com/linux/fedora/32/repodata/repomd.xml).

  • problem 2: if you work around this issue by installing from the Fedora 31 repo, start the docker daemon and try to run a container, Docker isn’t able to start it for you:

$ docker run –rm -t hello-world
Docker: Error response from daemon: cgroups: cgroup mountpoint does not exist: unknown.
ERRO[0000] error waiting for container: context canceled

Docker And Fedora 32 - Fedora Magazine

  • problem 3: if you manage to work around this issue (we’ll get to how below) your containers are likely having network issues: From within a container usually there’s no connection to hosts on the Internet and connections to other (linked) containers fail.

2. Why is it broken?

Problem 2 (running containers) has to do with the fact that Fedora 31/32 are using cgroups v2 instead of v1. Cgroups v2 is still relatively new and Docker doesn’t support it yet. In fact Fedora is the first mainstream distro that enables it by default. It is possible to switch the Kernel back to cgroups v1.

Problem 3 (container networking) is caused by the fact that Fedora 32 is using nftables instead of iptables for its firewall daemon firewalld. Programs that use iptables directly (such as Docker) can cause conflicts. It is possible to switch firewalld back to use iptables.

3. Is it really a problem? (aka. Do I really need Docker?)

If you just want to run containers in a similar style to with Docker, there’s a different default container tool in Fedora and RHEL/CentOS called podman. The Podman CLI works almost identical to Docker but has numerous advantages (such as rootless containers — no Docker daemon needed) and a better integration into the Red Hat ecosystem (such as systemd and selinux integration for containers).

You can install Podman with:

sudo dnf install podman

And then just use it as a replacement for Docker:

podman run –rm -t hello-world

However, there are legitimate reasons why you might still want to use Docker instead of Podman. One reason that I personally care about is that Docker supports CLI plugins and Podman not (yet)*. I have made myself a couple of homebrewn CLI plugins over time, like this one.

*(Having said that: This is a very personal reason related to my specific setup and shouldn’t stop you from using podman unless you’re having a similar setup. Podman is a great tool and the better choice for most use cases on Fedora/RHEL/CentOS).

4. A solution (aka. I really want Docker on Fedora 32)

Here’s a way how to successfully install Docker from Docker’s repo on Fedora 32. The first steps also solve similar issues with other container tools on Fedora 32, such as k3s. Please note that this does not break podman, as podman can deal both with legacy environments (cgroups v1, iptables) and Fedora 32’s more modern defaults.

Let’s get started:

  • disable cgroups v2 via a kernel parameter:

sudo grubby –update-kernel=ALL –args=”systemd.unified_cgroup_hierarchy=0″
reboot

  • switch firewalld’s backend from nftables to iptables by editing /etc/firewalld/firewalld.conf and there set FirewallBackend=iptables. Then restart firewalld with systemctl restart firewalld.service.
  • Now we can install Docker. For that there are two options:
    Either we can use Fedora’s Docker package (derrived from Docker’s upstream project moby, therefore called moby-engine). I recommend this option.
    Or alternatively we can install Docker’s Fedora 31 packages on Fedora 32.

Either: Install Docker from Fedora’s package repo (Recommended)

sudo dnf install moby-engine

Docker-compose Fedora 32

Or: Install Docker on Fedora 32 from Docker’s Fedora 31 package repo

Docker On Fedora 32

sudo rpmkeys –import https://download.docker.com/linux/fedora/gpg
sudo dnf config-manager –add-repo https://download.docker.com/linux/fedora/docker-ce.reposudo dnf install –enablerepo=docker-ce-stable –releasever=31 docker-ce-cli docker-ce

See Full List On Blog.thenextgenlearn.com

  • let’s also add docker-compose: sudo dnf install docker-compose
  • and finally we need to enable the Docker daemon:

sudo systemctl enable docker.service –now

We should now be able to run containers via Docker as usual:

$ docker run –rm -t hello-world head -2Hello from Docker!

Comments are closed.