How to Install Docker Container Engine in CentOS 7

How to Install Docker Container Engine in CentOS 7

Introduction

Docker is free and open-source software that allows you to build, test and deploy applications through a container in the form of images. Docker uses images to build containers that are machine-like instances. Unlike virtual machines, when creating a docker container you do not have to specify the resources (RAM, CPU, and storage) for the instance. Instead, the system treats a container as an application thus it is intelligent enough to know when and amount of resources to allocate to a container. This is cost-effective as docker only uses resources when needed.

Pre-requisites

For you to be able to install Docker on CentOS, you should have the following;

  1. CentOS 7 server
  2. A non-root user with sudo privileges

With that, let’s embark on the installation of Docker.

Install Docker

There are a number of methods to install Docker on CentOS 7;

  1. Installation from Docker repositories
  2. Installing manually by downloading the RPM package

However, in this tutorial, we are going to install Docker from Docker repositories since the RPM package may not contain the latest version of Docker.

Step 1: System Update

Make sure your CentOS system is updated to its latest packages:

$ sudo yum check-update

Step 2: Set up the repository

To set up the repository, you need to install the yum-utils package which will provide the yum-config-manager utility.

$ sudo yum install -y yum-utils

Step 3: Add the official docker repository

The following command will add the official docker repository, it will download the latest docker version and install it afterward:

$ curl -fsSL https://get.docker.com/ | sh

Below output displays the installation process.

# Executing docker install script, commit: b2e29ef7a9a89840d2333637f7d1900a83e7153f
+ sudo -E sh -c 'yum install -y -q yum-utils'
Package yum-utils-1.1.31-54.el7_8.noarch already installed and latest version
+ sudo -E sh -c 'yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo'
Loaded plugins: fastestmirror
adding repo from: https://download.docker.com/linux/centos/docker-ce.repo
grabbing file https://download.docker.com/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
repo saved to /etc/yum.repos.d/docker-ce.repo
+ '[' stable '!=' stable ']'
+ sudo -E sh -c 'yum makecache'
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
epel/x86_64/metalink                                     |  60 kB     00:00     
* base: mirror.aptus.co.tz
* epel: d2lzkl7pfhq30w.cloudfront.net
* extras: mirror.aptus.co.tz
* updates: mirror.aptus.co.tz
base                                                     | 3.6 kB     00:00     
docker-ce-stable                                         | 3.5 kB     00:00     
extras                                                   | 2.9 kB     00:00     
updates                                                  | 2.9 kB     00:00     
(1/13): docker-ce-stable/7/x86_64/updateinfo               |   55 B   00:00     
(2/13): docker-ce-stable/7/x86_64/primary_db               |  80 kB   00:00     
(3/13): docker-ce-stable/7/x86_64/filelists_db             |  33 kB   00:00     
(4/13): docker-ce-stable/7/x86_64/other_db                 | 125 kB   00:00     
(5/13): epel/x86_64/prestodelta                            |  873 B   00:01     
(6/13): epel/x86_64/other_db                               | 3.4 MB   00:01     
(7/13): base/7/x86_64/filelists_db                         | 7.2 MB   00:01     
(8/13): extras/7/x86_64/other_db                           | 148 kB   00:00     
(9/13): base/7/x86_64/other_db                             | 2.6 MB   00:02     
(10/13): updates/7/x86_64/other_db                         | 1.1 MB   00:00     
(11/13): extras/7/x86_64/filelists_db                      | 277 kB   00:00     
(12/13): updates/7/x86_64/filelists_db                     | 9.1 MB   00:02     
(13/13): epel/x86_64/filelists_db                          |  12 MB   00:20     
Metadata Cache Created
+ sudo -E sh -c 'yum install -y -q docker-ce docker-ce-cli containerd.io docker-scan-plugin docker-compose-plugin docker-ce-rootless-extras'
warning: /var/cache/yum/x86_64/7/docker-ce-stable/packages/docker-ce-20.10.17-3.el7.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY
Public key for docker-ce-20.10.17-3.el7.x86_64.rpm is not installed
Importing GPG key 0x621E9F35:
Userid     : "Docker Release (CE rpm) <docker@docker.com>"
Fingerprint: 060a 61c5 1b55 8a7f 742b 77aa c52f eb6b 621e 9f35
From       : https://download.docker.com/linux/centos/gpg
================================================================================
To run Docker as a non-privileged user, consider setting up the
Docker daemon in rootless mode for your user:
dockerd-rootless-setuptool.sh install
Visit https://docs.docker.com/go/rootless/ to learn about rootless mode.
To run the Docker daemon as a fully privileged service, but granting non-root
users access, refer to https://docs.docker.com/go/daemon-access/
WARNING: Access to the remote API on a privileged Docker daemon is equivalent
to root access on the host. Refer to the 'Docker daemon attack surface'
documentation for details: https://docs.docker.com/go/attack-surface/

Step 4: Start and verify the docker service

Docker daemon does not start automatically, therefore you should start it by running:

$ sudo systemctl start docker 

Now check if docker is up and running:

$ sudo systemctl status docker

Your output will be similar to the one below showing that docker is active and running;

 docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
Active: active (running) since Qib 2022-07-05 10:43:58 EAT; 4s ago
Docs: https://docs.docker.com
Main PID: 10128 (dockerd)
Tasks: 8
Memory: 33.7M
CGroup: /system.slice/docker.service
└─10128 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

Step 5: Configure Docker to start up on boot

This will allow the docker service to start automatically every time the system reboots.

Run:

$ sudo systemctl enable docker

Docker is successfully installed. Let us now look at how you can run a docker container, execute docker commands, and so on.

Managing docker as a non-root user

By default, the Docker daemon runs as the root user. Therefore, to be able to run as a non-root user, you should preface the docker command with sudo, otherwise, the operation will not run.

However, you can avoid the task of prefacing the docker command sudo every time by creating a Unix group called docker and adding users to it. This way, you will be able to perform the commands without prefacing them with sudo. In other words, the docker group grants privilege the same to the root.

Let us try to run a docker command as non-root and see what happens;

$ docker run hello-world

You will get an error denying you permission to complete and run the command. This is because you don’t have the privileges.

docker: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/create": dial unix /var/run/docker.sock: connect: permission denied.
See 'docker run --help'.

Therefore we need to add you to the docker group to be able to run the command.

To create a docker group;

$ sudo groupadd docker

To add users to the docker group;

$  sudo usermod -aG docker $USER

To apply the new changes, run;

$ sudo newgrp docker

Now, let’s repeat our previous command and see if it will be successful now that the user is in the docker group;

$ docker run hello-world
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.

This shows that you are able to run the docker command as a non-root user and without prefixing sudo before docker .

From here, we won’t be prefacing docker with sudo because we have the privilege to run the docker command without sudo .

Using Docker commands

First off, you have to understand the docker command-line utility which comes as a full package during the installation of docker. The docker command consists of a number of steps which include passing it through a chain of options and subcommands then followed by some arguments. A complete docker the command takes the form;

$ docker [option] [command] [arguments]

Now, to be able to view the system’s info, you can run the following command;

$ docker info

To see all available docker sub-commands run;

$ docker

The sub-commands may keep changing based on your docker version.

Commands:
attach      Attach local standard input, output, and error streams to a running container
build       Build an image from a Dockerfile
commit      Create a new image from a container's changes
cp          Copy files/folders between a container and the local filesystem
create      Create a new container
diff        Inspect changes to files or directories on a container's filesystem
events      Get real time events from the server
exec        Run a command in a running container
export      Export a container's filesystem as a tar archive
history     Show the history of an image
images      List images
import      Import the contents from a tarball to create a filesystem image
info        Display system-wide information
inspect     Return low-level information on Docker objects
kill        Kill one or more running containers
load        Load an image from a tar archive or STDIN
login       Log in to a Docker registry
logout      Log out from a Docker registry
logs        Fetch the logs of a container
pause       Pause all processes within one or more containers
port        List port mappings or a specific mapping for the container
ps          List containers
pull        Pull an image or a repository from a registry
push        Push an image or a repository to a registry
rename      Rename a container
restart     Restart one or more containers
rm          Remove one or more containers
rmi         Remove one or more images
run         Run a command in a new container
save        Save one or more images to a tar archive (streamed to STDOUT by default)
search      Search the Docker Hub for images
start       Start one or more stopped containers
stats       Display a live stream of container(s) resource usage statistics
stop        Stop one or more running containers
tag         Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
top         Display the running processes of a container
unpause     Unpause all processes within one or more containers
update      Update configuration of one or more containers
version     Show the Docker version information
wait        Block until one or more containers stop, then print their exit codes

Working with Docker images

A docker image is a set of instructions like file used to execute code in a docker container. These images are stored in a Docker hub- a cloud based registry run by docker-.

To search for an image in the docker hub repository, you use the search subcommand followed by the name of the image. For instance let’s try nd search for the CentOS 7 image;

$ docker search centos

Your output will be similar to this;

NAME                                         DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
centos                                       The official build of CentOS.                   7219      [OK]       
kasmweb/centos-7-desktop                     CentOS 7 desktop for Kasm Workspaces            21                   
continuumio/centos5_gcc5_base                                                                3                    
dokken/centos-7                              CentOS 7 image for kitchen-dokken               2                    
dokken/centos-stream-9                                                                       1                    
couchbase/centos7-systemd                    centos7-systemd images with additional debug…   1                    [OK]
spack/centos7                                CentOS 7 with Spack preinstalled                1                    

The image pull sub-command is used to download a docker image. Let us download the CentOS docker image;

$ docker image pull centos

You’ll get a similar output like the one below:

Using default tag: latest
latest: Pulling from library/centos
a1d0c7532777: Pull complete 
Digest: sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd6c473f432b177
Status: Downloaded newer image for centos:latest
docker.io/library/centos:latest

Use the run sub-command to start the downloaded image. Since we’ve downloaded Centos image, let’s run it:

$ docker run centos

To view the downloaded images, run:

$ docker images

Our output will show our previously downloaded docker images:

REPOSITORY    TAG       IMAGE ID       CREATED        SIZE
hello-world   latest    feb5d9fea6a5   9 months ago   13.3kB
centos        latest    5d0da3dc9764   9 months ago   231MB

Working with Docker containers

Docker containers are like virtual machines. You can be able to do operations inside the containers and exit the container. An example of a container is the hello-world the container we downloaded before.

For interactive shell access into the container, we use the combination of the -i and -t switches. Let’s run a container using the centos image:

 $ docker run -it centos

The output will show that you are working from inside the container:

[root@de29d874a8e1 /]#

Now that you are inside the container, you can run any operation without prefixing sudo . This is because you have all the privileges in the container. The highlighted text in the output code is the container’s ID.

When you are done with the container, you simply log out using the exit command.

To list active containers, run:

$ docker ps

To list both active and in-active containers, run:

$ docker ps -a

The output will look like this:

CONTAINER ID   IMAGE         COMMAND       CREATED          STATUS                      PORTS     NAMES
de29d874a8e1   centos        "/bin/bash"   9 minutes ago    Exited (0) 52 seconds ago             gallant_buck
3854b6336cd9   centos        "/bin/bash"   21 minutes ago   Exited (0) 21 minutes ago             cranky_ride
886a3e47821b   hello-world   "/hello"      2 hours ago      Exited (0) 2 hours ago                relaxed_margulis
123545b7ca4a   hello-world   "/hello"      2 hours ago      Exited (0) 2 hours ago                romantic_driscoll

To see the last container you created, run:

$ docker ps -l

The output will show the latest container created:

CONTAINER ID   IMAGE     COMMAND       CREATED          STATUS                     PORTS     NAMES
de29d874a8e1   centos    "/bin/bash"   13 minutes ago   Exited (0) 4 minutes ago             gallant_buck

To stop a running container:

$ docker stop container-id

You should now be in a position to work with the docker images and containers with much ease.

Conclusion

You successfully installed Docker on CentOS 7, we have also looked at several ways to manage docker images and containers. That should give you an added scope in your journey to start using and working with Docker. Thank you!

How to Install Docker in Ubuntu

How to Install Prometheus in Ubuntu 18.04|20.04|22.04

How to Install Nginx in CentOS 7

One thought on “How to Install Docker Container Engine in CentOS 7

Leave a Reply

Your email address will not be published. Required fields are marked *

6 − 4 =