update via ./update.sh centos
This commit is contained in:
Jim Perrin
parent
f156b9341c
commit
475c9b3217
104
centos/README.md
104
centos/README.md
|
|
@ -15,23 +15,103 @@ repo](https://github.com/docker-library/official-images).
|
|||
|
||||
# CentOS
|
||||
|
||||
CentOS (abbreviated from Community Enterprise Operating System) is a Linux
|
||||
distribution that attempts to provide a free, enterprise-class,
|
||||
community-supported computing platform which aims to be 100% binary compatible
|
||||
with its upstream source, Red Hat Enterprise Linux (RHEL). In January 2014, it
|
||||
was announced that CentOS was officially joining forces with Red Hat while
|
||||
staying independent from RHEL, under a new CentOS Governing Board.
|
||||
CentOS Linux is a community-supported distribution derived from sources
|
||||
freely provided to the public by [Red Hat](ftp://ftp.redhat.com/pub/redhat/linux/enterprise/)
|
||||
for Red Hat Enterprise Linux (RHEL). As such, CentOS Linux aims to be
|
||||
functionally compatible with RHEL. The CentOS Project mainly changes
|
||||
packages to remove upstream vendor branding and artwork. CentOS Linux
|
||||
is no-cost and free to redistribute. Each CentOS Linux version is maintained
|
||||
for up to 10 years (by means of security updates -- the duration of the
|
||||
support interval by Red Hat has varied over time with respect to Sources
|
||||
released). A new CentOS Linux version is released approximately every 2 years
|
||||
and each CentOS Linux version is periodically updated (roughly every 6 months)
|
||||
to support newer hardware. This results in a secure, low-maintenance,
|
||||
reliable, predictable, and reproducible Linux environment.
|
||||
|
||||
> [wikipedia.org/wiki/CentOS](https://en.wikipedia.org/wiki/CentOS)
|
||||
|
||||
This is the official CentOS image, and will be updated on a regular schedule or
|
||||
as needed for emergency fixes.
|
||||
|
||||
The `centos:latest` tag will always point to the most recent version currently
|
||||
available, and `centos:centos6` will point to the latest version of the CentOS 6 tree.
|
||||
> [wiki.centos.org](https://wiki.centos.org/FrontPage)
|
||||
|
||||
|
||||
|
||||
# CentOS image documentation
|
||||
|
||||
The `centos:latest` tag is always the most recent version currently
|
||||
available.
|
||||
|
||||
The CentOS Project offers regularly updated images for all active releases.
|
||||
These images will be updated monthly or as needed for emergency fixes. These
|
||||
rolling updates are tagged with the major version number only.
|
||||
For example: `docker pull centos:6` or `docker pull centos:7`
|
||||
|
||||
Additionally, images that correspond to install media are also offered. These
|
||||
images DO NOT recieve updates as they are intended to match installation iso
|
||||
contents. If you choose to use these images it is highly recommended that you
|
||||
include `RUN yum -y update && yum clean all` in your Dockerfile, or otherwise
|
||||
address any potential security concerns. To use these images, please specify
|
||||
the minor version tag:
|
||||
|
||||
For example: `docker pull centos:5.11` or `docker pull centos:6.6`
|
||||
|
||||
|
||||
# Systemd integration
|
||||
|
||||
Currently, systemd in CentOS 7 has been removed and replaced with a
|
||||
`fakesystemd` package for dependency resolution. This is due to systemd
|
||||
requiring the `CAP_SYS_ADMIN` capability, as well as being able to read
|
||||
the host's cgroups. If you wish to replace the fakesystemd package and
|
||||
use systemd normally, please follow the steps below.
|
||||
|
||||
## Dockerfile for systemd base image
|
||||
|
||||
FROM centos:7
|
||||
MAINTAINER "you" <your@email.here>
|
||||
ENV container docker
|
||||
RUN yum -y swap -- remove fakesystemd -- install systemd systemd-libs
|
||||
RUN yum -y update; yum clean all; \
|
||||
(cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i ==
|
||||
systemd-tmpfiles-setup.service ] || rm -f $i; done); \
|
||||
rm -f /lib/systemd/system/multi-user.target.wants/*;\
|
||||
rm -f /etc/systemd/system/*.wants/*;\
|
||||
rm -f /lib/systemd/system/local-fs.target.wants/*; \
|
||||
rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
|
||||
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
|
||||
rm -f /lib/systemd/system/basic.target.wants/*;\
|
||||
rm -f /lib/systemd/system/anaconda.target.wants/*;
|
||||
VOLUME [ "/sys/fs/cgroup" ]
|
||||
CMD ["/usr/sbin/init"]
|
||||
|
||||
This Dockerfile swaps out fakesystemd for the real package, but deletes a
|
||||
number of unit files which might cause issues. From here, you are ready
|
||||
to build your base image.
|
||||
|
||||
docker build --rm -t local/c7-systemd .
|
||||
|
||||
## Example systemd enabled app container
|
||||
|
||||
In order to use the systemd enabled base container created above, you will
|
||||
need to create your `Dockerfile` similar to the one below.
|
||||
|
||||
FROM local/c7-systemd
|
||||
RUN yum -y install httpd; yum clean all; systemctl enable httpd.service
|
||||
EXPOSE 80
|
||||
CMD ["/usr/sbin/init"]
|
||||
|
||||
Build this image:
|
||||
|
||||
docker build --rm -t local/c7-systemd-httpd
|
||||
|
||||
## Running a systemd enabled app container
|
||||
|
||||
In order to run a container with systemd, you will need to use the
|
||||
`--privileged` option mentioned earlier, as well as mounting the cgroups
|
||||
volumes from the host. Below is an example command that will run the
|
||||
systemd enabled httpd container created earlier.
|
||||
|
||||
docker run --privileged -ti -v /sys/fs/cgroup:/sys/fs/cgroup:ro -p 80:80 local/c7-systemd-httpd
|
||||
|
||||
This container is running with systemd in a limited context, but it must
|
||||
always be run as a privileged container with the cgroups filesystem mounted.
|
||||
|
||||
# Supported Docker versions
|
||||
|
||||
This image is officially supported on Docker version 1.4.1.
|
||||
|
|
|
|||
Loading…
Reference in New Issue