Setting up Docker for IBM Cloud Private
IBM Cloud Private requires Docker. You must manually install Docker on your boot node. You can either manually install Docker on the rest of your cluster nodes, or the installer can automatically install Docker on your correctly configured master, worker, proxy, and optional management and Vulnerability Advisory (VA) nodes.
You must manually install a version of Docker that is supported by IBM Cloud Private on your boot node.
You can also manually install Docker on all your cluster nodes, or you can let the IBM Cloud Private installer set up Docker on your cluster nodes. If you want the installer to set up Docker on your cluster nodes, you can set this configuration during the installation of your cluster. See Configuring cluster nodes for automatic Docker installation.
For a list of Docker versions that are supported by IBM Cloud Private, see Supported Docker versions.
Manually installing Docker
You can either install the provided IBM Cloud Private Docker package, or install an IBM Cloud Private supported version of Docker from the Docker website.
Manually installing Docker by using the provided IBM Cloud Private Docker package
Complete the following steps on each node that you want to manually install Docker on.
- On your node, ensure that your package manager is configured to allow for package updates. Package managers include
RPM
for RHEL andApt
for Ubuntu. - Download the Docker package for your node. See IBM Cloud Private Docker packages.
-
Install Docker.
-
For Linux® x86_64, run this command:
chmod +x icp-docker-18.03.1_x86_64.bin sudo ./icp-docker-18.03.1_x86_64.bin --install
-
For Linux® on Power® (ppc64le), run this command:
chmod +x icp-docker-18.03.1_ppc64le.bin sudo ./icp-docker-18.03.1_ppc64le.bin --install
-
For IBM® Z, run this command:
chmod +x icp-docker-18.03.1_s390x.bin sudo ./icp-docker-18.03.1_s390x.bin --install
Note: To uninstall this Docker package, replace the
--install
option with--uninstall
option in the command.
-
-
Verify your installation, see Verifying your installation.
Manually installing Docker from the Docker website
Complete the following steps on each node that you want to manually install Docker on.
- Install Docker. Note: You might need to register to download the Docker package.
- For Ubuntu, see the Docker documentation .
- For SUSE Linux Enterprise Server (SLES) nodes, you can either manually install Docker by using the Docker installation instructions in the SLES documentation or by using the provided IBM Cloud Private Docker package.
- Verify your installation, see Verifying your installation.
Verifying your installation
-
Ensure that Docker engine is started. Run the following command:
sudo systemctl start docker sudo systemctl status docker
-
Configure your Docker engine, see Configuring your Docker engine.
Configuring your Docker engine
- If you want to change the location of the Docker default storage directory, you must configure a bind mount to the new directory before you install IBM Cloud Private. See Specifying a default Docker storage directory for manually installed Docker.
-
Set up Docker log rotation. This reduces disk issues that are caused by retaining too much log information. To set up log rotation, complete the following steps:
-
Configure log rotation by using the
/lib/systemd/system/docker.service
file. For the ExecStart parameter, add the following option:--log-opt max-size=10m --log-opt max-file=10
-
Reload and restart Docker:
sudo systemctl daemon-reload sudo systemctl restart docker
-
-
To view logs of Docker containers and services from the IBM Cloud Private management console, you must set the default logging driver to
json-file
.-
Find the default logging driver for your Docker daemon:
sudo docker info|grep "Logging Driver"
The output resembles the following code:
Logging Driver: journald
- Configure the Docker logging driver to
json-file
. See the Docker documentation . -
Verify that the default logging driver is updated to
json-file
:sudo systemctl daemon-reload sudo systemctl start docker sudo docker info|grep "Logging Driver"
The output resembles the following code:
Logging Driver: json-file
-
- If you are using a custom
docker.service
file, either ensure that the MountFlags parameter is set to share, or remove the MountFlags parameter from thedocker.service
file. For more information about manually creating thesystemd
unit file,docker.service
, see the Docker documentation . - For Red Hat Enterprise Linux (RHEL) systems, review the storage driver settings. See Architectures and storage drivers .
-
Ensure that SELinux is not enabled for Docker.
-
Check if SELinux is enabled:
sudo docker info --format '{{json .SecurityOptions}}'
If SELinux is enabled, the output resembles the following code:
["name=seccomp,profile=default","name=selinux"]
-
If SELinux is enabled, remove the
--selinux-enable
setting from the Docker service file and save the file:sudo vim /lib/systemd/system/docker.service
For more information about modifying the Docker daemon configuration file, see Daemon configuration file .
-
Apply the changes:
sudo systemctl daemon-reload
-
Restart the Docker daemon:
sudo systemctl restart docker.service
-
Verify that SELinux is disabled:
sudo docker info --format '{{json .SecurityOptions}}'
If SELinux is disabled, the output resembles the following code:
["name=apparmor","name=seccomp,profile=default"]
-