Install Docker on CentOS8. The problem that the name could not be resolved was resolved.

Introduction

After the work of Building CentOS8 on ESXi6.7 with the minimum configuration I wrote earlier, I installed docker, but it broke with dnf. I can't resolve the name with DNS even though I can ping the IP directly. Has been resolved, so I will keep it as a record. I didn't want to do --net = host when starting the container, so I searched for information.

Only the solution is described

On the host side, I set NAPT and it worked.

# firewall-cmd --add-masquerade --permanent
# firewall-cmd --reload

Prerequisites

Is it because I installed it with the minimum configuration? nftables wasn't running, firewalld was working, and iptables was running behind the scenes.

nftables is stopped.

# systemctl status nftables
● nftables.service - Netfilter Tables
   Loaded: loaded (/usr/lib/systemd/system/nftables.service; disabled; vendor preset: disabled)
   Active: inactive (dead)
     Docs: man:nft(8)

firewalld is running.

# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2020-02-08 16:28:47 JST; 27min ago
     Docs: man:firewalld(1)
 Main PID: 1182 (firewalld)
    Tasks: 2 (limit: 23585)
   Memory: 38.9M
   CGroup: /system.slice/firewalld.service
           mq1182 /usr/libexec/platform-python -s /usr/sbin/firewalld --nofork --nopid

iptables is running.

# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy DROP)
target     prot opt source               destination
DOCKER-USER  all  --  anywhere             anywhere
DOCKER-ISOLATION-STAGE-1  all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
DOCKER     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain DOCKER (1 references)
target     prot opt source               destination

Chain DOCKER-ISOLATION-STAGE-1 (1 references)
target     prot opt source               destination
DOCKER-ISOLATION-STAGE-2  all  --  anywhere             anywhere
RETURN     all  --  anywhere             anywhere

Chain DOCKER-ISOLATION-STAGE-2 (1 references)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere
RETURN     all  --  anywhere             anywhere

Chain DOCKER-USER (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Make docker available

Package installation

Since it will be hit by the version of the package at the time of installation, install it with --nobest.

# dnf config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
# dnf install --nobest docker-ce docker-ce-cli containerd.io

As a side note, include docker-compose

curl -L "https://github.com/docker/compose/releases/download/1.25.3/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose

Service settings

# systemctl enable docker
# systemctl start docker

Try launching hello-world in the test. Hopefully you'll see Hello from Docker! As shown below

# docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
1b930d010525: Pull complete
Digest: sha256:9572f7cdcee8591948c2963463447a53466950b3fc15a247fcad1917ca215a2f
Status: Downloaded newer image for hello-world:latest

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
    (amd64)
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
 https://hub.docker.com/

For more examples and ideas, visit:
 https://docs.docker.com/get-started/

Try booting with the image of CentOS 8

In order for systemctl to work, you have to run it in / sbin / init.

# docker pull centos:centos8
# docker run --privileged -it -d --name centos8_check centos:centos8 /sbin/init
# docker exec -it centos8_check /bin/bash
[root@fced0781866f /]#

I was able to log in.

Trouble

I can't resolve the name!

When I try to install the epel package inside the container, I can't.

[root@fced0781866f /]# dnf install epel-release
Failed to set locale, defaulting to C.UTF-8
CentOS-8 - AppStream                                           0.0  B/s |   0  B     00:05
Failed to download metadata for repo 'AppStream'
Error: Failed to download metadata for repo 'AppStream'

Container → Google Public DNS can be reached by directly hitting the IP.

[root@fced0781866f /]# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=52 time=5.60 ms

The DNS of the container refers to the server in the LAN

[root@fced0781866f /]# cat /etc/resolv.conf
# Generated by NetworkManager
search prosper2.net
nameserver 10.254.10.241

Container → DNS ping passes

[root@fced0781866f /]# ping 10.254.10.241
PING 10.254.10.241 (10.254.10.241) 56(84) bytes of data.
64 bytes from 10.254.10.241: icmp_seq=1 ttl=127 time=0.467 ms

But I can't resolve the name

[root@fced0781866f /]# ping dns.google
ping: dns.google: Name or service not known

Why. .. ..

I was able to resolve it

On the host side, I set NAPT and it worked.

# firewall-cmd --add-masquerade --permanent
# firewall-cmd --reload

I was able to properly dnf install epel-release.

# dnf install epel-release
Failed to set locale, defaulting to C.UTF-8
CentOS-8 - AppStream                                           4.7 MB/s | 6.4 MB     00:01
CentOS-8 - Base                                                4.8 MB/s | 5.0 MB     00:01
CentOS-8 - Extras                                              6.2 kB/s | 2.1 kB     00:00
Dependencies resolved.
===============================================================================================
 Package                   Architecture        Version               Repository           Size
===============================================================================================
Installing:
 epel-release              noarch              8-5.el8               extras               22 k

Transaction Summary
===============================================================================================
Install  1 Package

Total download size: 22 k
Installed size: 30 k
Is this ok [y/N]: y
Downloading Packages:
epel-release-8-5.el8.noarch.rpm                                915 kB/s |  22 kB     00:00
-----------------------------------------------------------------------------------------------
Total                                                           36 kB/s |  22 kB     00:00
warning: /var/cache/dnf/extras-cbfb2f07b0021b7e/packages/epel-release-8-5.el8.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID 8483c65d: NOKEY
CentOS-8 - Extras                                              1.6 MB/s | 1.6 kB     00:00
Importing GPG key 0x8483C65D:
 Userid     : "CentOS (CentOS Official Signing Key) <[email protected]>"
 Fingerprint: 99DB 70FA E1D7 CE22 7FB6 4882 05B5 55B3 8483 C65D
 From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
Is this ok [y/N]: y
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                       1/1
  Installing       : epel-release-8-5.el8.noarch                                           1/1
  Running scriptlet: epel-release-8-5.el8.noarch                                           1/1
  Verifying        : epel-release-8-5.el8.noarch                                           1/1

Installed:
  epel-release-8-5.el8.noarch

Complete!

Postscript

At the time of installation, --nobest was fine for the time being, but I kept getting dependency errors.

# dnf update
Final confirmation of metadata expiration: 0:53:It was held 51 hours ago on February 08, 2020 at 16:38:36.
error:
problem: package docker-ce-3:19.03.5-3.el7.x86_64 requires containerd.io >= 1.2.2-3, but none of the providers can be installed
  - cannot install the best update candidate for package docker-ce-3:18.09.1-3.el7.x86_64
  - package containerd.io-1.2.10-3.2.el7.x86_64 is excluded
  - package containerd.io-1.2.2-3.3.el7.x86_64 is excluded
  - package containerd.io-1.2.2-3.el7.x86_64 is excluded
  - package containerd.io-1.2.4-3.1.el7.x86_64 is excluded
  - package containerd.io-1.2.5-3.1.el7.x86_64 is excluded
  - package containerd.io-1.2.6-3.3.el7.x86_64 is excluded
(To skip non-installable packages'--skip-broken'Or try adding'--nobest'Do not use only the best candidate packages)

I don't like this, so let's force the RPM. First, find out where it is.

# grep stable /etc/yum.repos.d/docker-ce.repo
[docker-ce-stable]
baseurl=https://download.docker.com/linux/centos/7/$basearch/stable

Well, is CentOS 7 the target in the first place? .. .. Let's pick it up from here.

# dnf update https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.10-3.2.el7.x86_64.rpm
Final confirmation of metadata expiration: 1:00:It was held 47 hours ago on February 08, 2020 at 16:38:36.
containerd.io-1.2.10-3.2.el7.x86_64.rpm                                                                                                 7.5 MB/s |  23 MB     00:03
The dependency has been resolved.
========================================================================================================================================================================
Package architecture version repository size
========================================================================================================================================================================
upgrade:
 containerd.io                             x86_64                             1.2.10-3.2.el7                             @commandline                              23 M

Transaction overview
========================================================================================================================================================================
Upgrade 1 package

Total size: 23 M
Is this okay? [y/N]: y
Download package:
Performing transaction confirmation
The transaction was confirmed successfully.
Running transaction test
You have successfully tested the transaction.
Transaction is in progress
Preparation:                                                                                                                                                1/1
scriptlet running: containerd.io-1.2.10-3.2.el7.x86_64                                                                                                            1/1
During upgrade: containerd.io-1.2.10-3.2.el7.x86_64                                                                                                            1/2
scriptlet running: containerd.io-1.2.10-3.2.el7.x86_64                                                                                                            1/2
scriptlet running: containerd.io-1.2.0-3.el7.x86_64                                                                                                               2/2
Organize: containerd.io-1.2.0-3.el7.x86_64                                                                                                               2/2
scriptlet running: containerd.io-1.2.0-3.el7.x86_64                                                                                                               2/2
Verification: containerd.io-1.2.10-3.2.el7.x86_64                                                                                                            1/2
Verification: containerd.io-1.2.0-3.el7.x86_64                                                                                                               2/2

Upgraded:
  containerd.io-1.2.10-3.2.el7.x86_64

Has completed!

Alright, do a big update.

# dnf update
Final confirmation of metadata expiration: 1:01:It was held 08 hours ago on February 08, 2020 at 16:38:36.
The dependency has been resolved.
========================================================================================================================================================================
Package architecture version repository size
========================================================================================================================================================================
upgrade:
 docker-ce                            x86_64                            3:19.03.5-3.el7                               docker-ce-stable                             24 M

Transaction overview
========================================================================================================================================================================
Upgrade 1 package

Total download size: 24 M
Is this okay? [y/N]: y
Download package:
docker-ce-19.03.5-3.el7.x86_64.rpm                                                                                                      7.2 MB/s |  24 MB     00:03
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
7 in total.2 MB/s |  24 MB     00:03
Performing transaction confirmation
The transaction was confirmed successfully.
Running transaction test
You have successfully tested the transaction.
Transaction is in progress
Preparation:                                                                                                                                                1/1
scriptlet running: docker-ce-3:19.03.5-3.el7.x86_64                                                                                                               1/1
During upgrade: docker-ce-3:19.03.5-3.el7.x86_64                                                                                                               1/2
scriptlet running: docker-ce-3:19.03.5-3.el7.x86_64                                                                                                               1/2
scriptlet running: docker-ce-3:18.09.1-3.el7.x86_64                                                                                                               2/2
/usr/bin/dockerd is not configured for compatibility with dockerd.

Organize: docker-ce-3:18.09.1-3.el7.x86_64                                                                                                               2/2
scriptlet running: docker-ce-3:18.09.1-3.el7.x86_64                                                                                                               2/2
Verification: docker-ce-3:19.03.5-3.el7.x86_64                                                                                                               1/2
Verification: docker-ce-3:18.09.1-3.el7.x86_64                                                                                                               2/2

Upgraded:
  docker-ce-3:19.03.5-3.el7.x86_64

Has completed!

Yeah, it looks okay.

# dnf update
Final confirmation of metadata expiration: 1:01:It was held 38 hours ago on February 08, 2020 at 16:38:36.
The dependency has been resolved.
There is nothing to do.
Has completed!

Was good.

ELK Try it with the official image.

git clone https://github.com/elastic/stack-docker.git
cd stack-docker
docker-compose -f setup.yml up
docker-compose up -d

Use the password displayed during setup.

setup_1  | setup_elasticsearch    | Elastic password is: [password]

Source

https://serverfault.com/questions/987686/no-network-connectivity-to-from-docker-ce-container-on-centos-8

Recommended Posts

Install Docker on CentOS8. The problem that the name could not be resolved was resolved.
The story that 5GHz band access point could not be created on Ubuntu
raspberry pi 4 centos7 install on docker
Solved the trap that Rails commands could not be used after using the development environment with Docker
What to do if you get "The session could not be opened" when installing CentOS on VirtualBox
Log when I was worried that I could not connect to Wi-Fi on Linux
The problem that the ifconfig command cannot be used
Solved the problem that MacVim installed by Homebrew was not built by python of pyenv
[Pyhton] I want to solve the problem that tkinter does not work on MacOS11
Code memo that I was having trouble with not being on the discord.py site
Solved the problem that the image was not displayed in ROMol when loaded with PandasTools.LoadSDF.
The story when I was using IntelliJ on Linux and could not input Japanese
I investigated the problem that I could not get more than 101 images with google images download
Note that int64 could not be received by pyOSC
How to solve the problem that video content cannot be played on Firefox for Linux
Install Faiss on CentOS 7
Workaround for the problem that sys.argv is not passed when executing a Python script with only the file name in Python2.7 on Windows
Install docker on Fedora31
Install numba on CentOS 7.2
Install Python3.4 on CentOS 6.6
Install mecab-python on CentOS
Install Python 2.7.3 on CentOS 5.4
Install Docker on AWS
Install awscli on centos7
Install Chainer on CentOS 6.7
Install Python 3.6 on Docker
Get the host name of the host PC with Docker on Linux
How to solve the problem that APL does not start after transferring to the actual device on Kivy-iOS
When I tried to use pip with python, I was told that XML_SetHashSalt could not be found.
Problems that cannot be wget. (Warning: The name `www.oracle.com'on the certificate and the host name ʻedelivery.oracle.com' do not match)