容器技术很棒,它将会改变我们开发好传递软件的方式。当然也有一个批评此技术的人认为它并不安全和足够安全的在产品环境运行。
随着 Red Hat Enterprise Linux 7.1 和 Red Hat Atomic 的登陆,企业和组织机构可以不用牺牲安全性和性能,也能拥抱这一新技术趋势。
CDK 是 Container Development Kit(容器开发包)的缩写,它能让开发者在他们的桌面系统上使用 Red Hat Atomic,不管他们所使用的是 Microsoft Windows®,Mac OS X® 或者其他 Linux 的发行版。同boot2docker类似,CDK利用虚拟机来启动一个小的主机,它能运行基于 Red Hat Enterprise Linux 的容器。
前置条件从 Red Hat 消费者门户 下载下面这些东西。
Red Hat 容器工具(Container Tools)
面向 VirtualBox 的 Red Hat Atomic Vagrant 盒子 或者 面向libvirt 的 Red Hat Atomic Vagrant 盒子。
安装 Red Hat 容器开发包
注意:在这之前你需要安装好虚拟化环境以及 Vagrant
解压你下载的 cdk.zip 文件到主目录. 这样会创建 ~/cdk (/Users/username/cdk)
$ unzip -d $HOME ~/Downloads/cdk-1.0-0.zip
安装使用 Red Hat Vagrant 所需要的 Vagrant 插件. 第一个插件会花几分钟时间,Vagrant 可能会需要安装一些额外的gem文件。
$ cd ~/cdk/plugins
$ vagrant plugin install vagrant-registration-0.0.8.gem
$ vagrant plugin install vagrant-atomic-0.0.3.gem
验证插件是否已经安装好了:
$ vagrant plugin list
vagrant-atomic (0.0.3)
- Version Constraint: 0.0.3
vagrant-registration (0.0.8)
- Version Constraint: 0.0.8
将 RHEL Atomic 盒子添加到 Vagrant:
$ vagrant box add --name rhel-atomic-7 ~/Downloads/rhel-atomic-virtualbox-7.1-0.x86_64.box
启动 Atomic 主机
为 docker 文件创建一个工作目录
$ mkdir ~/containers && cd ~/containers
为容器创建一个工作目录,并初始化 vagrant
$ mkdir containers && cd containers
$ vagrant init -m
A `Vagrantfile` has been placed in this directory. You are now
ready to `vagrant up` your first virtual environment! Please read
the comments in the Vagrantfile as well as documentation on
`vagrantup.com` for more information on using Vagrant.
这一步会创建一个简单的 Vagrant 文件。打开它并像下面这样修改配置:
Vagrant.configure(2) do |config|
config.vm.box = "rhel-atomic-7"
config.vm.hostname = "rhel-atomic-7-docker-host"
config.vm.provider "virtualbox" do |vb|
vb.customize ["modifyvm", :id, "--cpuexecutioncap", "50"]
vb.memory = 4096
end
config.vm.provision "shell", inline: <<-SHELL
sudo systemctl stop docker > /dev/null 2>&1
sudo groupadd docker > /dev/null 2>&1
sudo usermod -a -G docker vagrant
sudo systemctl enable docker && sudo systemctl start docker
sudo chown root:docker /var/run/docker.sock
sudo systemctl enable docker && sudo systemctl start docker
SHELL
end
我们现在已经做好了启动容器的准备。在机器的创建过程中,你将会看到是否想要注册系统的提示。回答 "Y" 就会要你输入RHN (Red Hat Network) 账户的用户名和密码.
$ vagrant up
Bringing machine 'default' up with 'virtualbox' provider...
==> default: Importing base box 'rhel-atomic-7'...
==> default: Matching MAC address for NAT networking...
==> default: Setting the name of the VM: containers_default_1432213616739_95846
==> default: Clearing any previously set network interfaces...
==> default: Preparing network interfaces based on configuration...
default: Adapter 1: nat
==> default: Forwarding ports...
default: 22 => 2222 (adapter 1)
==> default: Running 'pre-boot' VM customizations...
==> default: Booting VM...
==> default: Waiting for machine to boot. This may take a few minutes...
default: SSH address: 127.0.0.1:2222
default: SSH username: vagrant
default: SSH auth method: private key
default: Warning: Connection timeout. Retrying...
default:
default: Vagrant insecure key detected. Vagrant will automatically replace
default: this with a newly generated keypair for better security.
default:
default: Inserting generated public key within guest...
default: Removing insecure key from the guest if its present...
default: Key inserted! Disconnecting and reconnecting using new SSH key...
==> default: Machine booted and ready!
==> default: Checking for guest additions in VM...
default: No guest additions were detected on the base box for this VM! Guest
default: additions are required for forwarded ports, shared folders, host only
default: networking, and more. If SSH fails on this machine, please install
default: the guest additions and repackage the box to continue.
default:
default: This is not an error message; everything may continue to work properly,
default: in which case you may ignore this message.
==> default: Setting hostname...
==> default: Registering box with vagrant-registration...
default: Would you like to register the system now (default: yes)? [y|n] y
default: Subscriber username: <your-rhn-username>
default: Subscriber password: <password>==> default: Rsyncing folder: /Users/tqvarnst/containers/ => /home/vagrant/sync
==> default: Running provisioner: shell...
default: Running: inline script
测试你的安装