Chapter 11. Provisioning Containers


With Red Hat Satellite 6, you can create an on-premise registry, import images from various sources and distribute them to containers using Content Views. Satellite Server supports creating one or more Docker compute resources that act as servers for running containers.

You can import an image, start a container based on this image, monitor the container’s activity, and commit its state to a new image layer that can be further propagated.

For information about containers, see the Getting Started with Containers guide for Red Hat Enterprise Linux Atomic Host 7.

Use this chapter to import container images and use these images to create containers.

11.1. Prerequisites for Container Provisioning

Before you can provision a container using Red Hat Enterprise Linux Atomic Host, you must have a source for images, such as a container registry.

Red Hat Satellite 6 uses three sources of container images:

11.2. Importing Container Images

You can import container images from the Red Hat Container Catalog or from other image registries that you connect to Satellite.

To import a container image, follow these steps:

  1. Create a custom product for Red Hat Container Catalog.
  2. Add a repository that links to the container catalog that you want to use. For example, Red Hat Container Catalog registry (http://registry.access.redhat.com/) or a third-party registry in Satellite.
  3. Synchronize with the registry’s repository.

To create a custom product for the Red Hat container Catalog and create an image repository, complete the following steps:

  1. In the Satellite web UI, navigate to Content > Products and click New Product.
  2. In the Name field, enter a name for the product.
  3. Enter and select any additional details for the product.
  4. Click Save to create the product.
  5. Click Create Repository.
  6. In the Name field, enter a name that describes the repository.
  7. In the Label field, enter an internal ID for the repository.
  8. From the Type list, select docker.
  9. In the URL field, enter the URL of the registry to use as a source: for example, http://registry.access.redhat.com/ or the URL of another source that you want to use, such as https://registry.hub.docker.com.
  10. In the Upstream Repository Name field, enter the name of the repository.
  11. Click Save to create the repository and view it in Satellite’s repository list.
  12. Select the new repository and then click Sync Now to start the synchronization process.

To view the progress of the synchronization in the Web UI. Navigate to Content > Sync Status and expand the repository tree.

When the synchronization completes, you can click Manage Docker Manifests to list the available manifests. From the list, you can also remove any manifests that you do not require.

For CLI Users

  1. Create the custom Red Hat Container Catalog product:

    # hammer product create \
    --name "Red Hat Container Catalog" \
    --sync-plan "Example Plan" \
    --description "Red Hat Container Catalog content" \
    --organization "My_Organization"
  2. Create the repository for the container images:

    # hammer repository create \
    --name "RHEL7" \
    --content-type "docker" \
    --url "http://registry.access.redhat.com/" \
    --docker-upstream-name "rhel7" \
    --product "Red Hat Container Catalog" \
    --organization "My_Organization"
  3. Synchronize the repository:

    # hammer repository synchronize \
    --name "RHEL7" \
    --product "Red Hat Container Catalog" \
    --organization "My_Organization"

11.3. Adding External Registries to the Satellite Server

If you want to create a container from an image in an external registry, you must first add the registry to Satellite.

To add an external container registry, complete the following steps:

  1. In the Satellite web UI, navigate to Containers > Registries and click Create Registry.
  2. In the Name field, enter a name for the registry.
  3. In the URL field, enter the location of the registry. For example: https://registry.access.redhat.com.
  4. Optional: In the Description field, enter a description for your registry entry.
  5. In the Username field, enter the user name that corresponds with your user account on the registry.
  6. In the Password field, enter the password for your user account on your registry.
  7. Select the Locations tab, and select a location.
  8. Select the Organizations tab, and select an organization.
  9. Click Submit to save the external registry.

For CLI Users

Create the registry with the hammer docker registry create command:

# hammer docker registry create --name "Red Hat" \
--url "https://registry.access.redhat.com" \
--description "Red Hat Container Image Registry" \
--organization "Default_Organization" \
--location "Default_Location"

11.4. Managing Container Images in Satellite

To manage container images with Content Views, complete the following steps:

  1. In the Satellite web UI, navigate to Content > Content Views and click Create New View.
  2. In the Name field, enter Containers. This automatically populates the Label field.
  3. In the Description field, enter a description. For example, Container image for Red Hat Enterprise Linux 7.
  4. If you want to use a Composite Content View to hold other Content Views, select the Composite View check box.
  5. Optional: If you select Composite Content View, you can select whether you want to Auto publish a composite view when a new version of a component Content View is created.
  6. Click Save to create the Content View.
  7. Navigate to the Docker Content subtab, then click Add.
  8. Select the container repository for a Red Hat Enterprise Linux 7 Server image.
  9. Click Add Repository.
  10. Navigate to Versions and click Publish New Version.

You can enter a Description for the version; meaningful descriptions can help in logging new content versions.

Satellite Server creates the new version of the view and publishes it to the Library environment.

You can also click Promote to promote this Content View across environments in the application life cycle.

For CLI Users

  1. To obtain a list of repository IDs:

    # hammer repository list --organization "My_Organization"
  2. Create the Content View and add the repository:

    # hammer content-view create \
    --name "Containers" \
    --description "Container image for Red Hat Enterprise Linux 7" \
    --repository-ids 8 \
    --organization "My_Organization"
  3. Publish the view:

    # hammer content-view publish \
    --name "Containers" \
    --description "Initial Content View for our container image" \
    --organization "My_Organization"

11.5. Configuring the Red Hat Enterprise Linux Atomic Host

Configure the Atomic Host before connecting to Satellite. This includes exposing the Red Hat API for Docker-formatted containers to the Satellite Server. For information about containers, see the Getting Started with Containers guide for Red Hat Enterprise Linux Atomic Host 7.

  1. Log on to the Atomic Host and edit the /etc/sysconfig/docker file:

    $ vi /etc/sysconfig/docker
  2. Find the OPTIONS parameter and modify it to expose the API:

    OPTIONS=--selinux-enabled -H unix:///var/run/docker.sock -H tcp://0.0.0.0:2375
    Important

    Use either TCP port 2375 or 2376 for the connection. Satellite Server contains certain SELinux rules to permit access to these ports. Using an alternative port results in authentication failure.

  3. Open port 2375 for the firewall:

    # firewall-cmd --add-port=2375/tcp
    # firewall-cmd --add-port=2375/tcp --permanent
  4. Import the Satellite Server certificate:

    $ curl http://satellite.example.com/pub/katello-server-ca.crt \
    -o /etc/pki/ca-trust/source/anchors/katello-server-ca.crt
    $ update-ca-trust
  5. Restart the docker service:

    # systemctl restart docker

11.6. Adding an Atomic Host Connection to the Satellite Server

To add an Red Hat Enterprise Linux Atomic connection in the Satellite Server’s compute resources, complete the following steps:

  1. In the Satellite web UI, navigate to Infrastructure > Compute Resources and click Create Compute Resource.
  2. In the Name field, enter a name for the resource.
  3. From the Provider list, select Docker.
  4. Optional: In the Description field, you can add a description for the resource.
  5. Select the Locations tab, and select the location that you want to use.
  6. Select the Organizations tab, and select the organization that you want to use.
  7. Click Submit to save.

For CLI Users

Create the connection with the hammer compute-resource create command:

# hammer compute-resource create --provider docker \
--name "Atomic" --url "http://atomic.example.com:2375" \
--organizations 'Default Organization' --locations 'Default Location'

11.7. Creating a Container

Use this procedure to create a container in Satellite. The Satellite web UI contains a wizard that guides you through the creation process. You can select a container image from a Content View, a Docker Hub, or an external registry that you add to Satellite.

  1. In the Satellite web UI, navigate to Containers > Create Container.
  2. From the Deploy on list, select the compute resource that you want to use.
  3. Select the Locations tab, and select a location.
  4. Select the Organizations tab, and select an organization.
  5. Click Next step.

To create a container, you have three options:

  • Create from a container image in Content View
  • Create from an container image in the Docker Hub
  • Create from an container image in an external registry.

Creating a Container from a Content View

  1. From the Lifecycle Environment list, select the lifecycle environment that you want to use.
  2. From the Content View list, select the container image that you want to use.
  3. From the Registry list, select the registry that you want to use.
  4. From the Tag list, select the container image tag that you want to use.
  5. From the Capsule list, select the Capsule that you want to use.
  6. Click Next Step.

Creating a Container from Docker Hub

  1. Select the Docker Hub tab, and in the Search field, enter the Docker container that you want to use.
  2. In the Tag field, enter the name of the container image tag that you want to use, and click Search for images.
  3. Select the container image that you want to use, and click Next Step.

Creating a Container from an External Registry

  1. From the Registry list, select a registry that you want to use.
  2. In the Search field, enter the name of the container image that you want to use.
  3. In the Tag field, enter the tag that is associated with the container image you want to use.
  4. Click Search for images and select the image that you want to use, and click Next step.

Finishing the Container Creation Process

  1. In the Name field, enter a name for the new container.
  2. In the Command field, enter a command that you want to run in the container.
  3. In the Entry point field, enter a command that you want the container to execute automatically when the container starts. The default entrypoint is /bin/sh -c.
  4. Select the Compute options tab.
  5. In the CPU Sets field, assign CPUs to the container. For example, 0-2,16 represents CPUs 0, 1, 2, and 16.
  6. In the CPU share field, assign the CPU share for the container. This sets the share of CPU time available to containerized tasks.
  7. In the Memory field, enter the memory size that you want to allocate to the container.
  8. Click Next Step.
  9. In the Environment variables field, define a set of environmental variables. For example, LANG=en_US.UTF-8.
  10. In the Exposed Ports field, enter the number of ports that you want to open in the container. For example, you can open SSH communication to the container on port 22.
  11. In the DNS field, enter the DNS server for the container.
  12. Select the Run check box to start the container automatically after it is created.
  13. Click Submit to create a container.

For CLI Users

The following are three examples of the hammer docker container create command.

  • To create a container from a Content View:

    # hammer docker container create --compute-resource "Atomic" \
    --repository-name "rhel7" --tag "latest" --name "docker-test1" \
    --command "bash" --organizations "My_Organization" --locations "New York"
  • To provision from the Docker Hub:

    # hammer docker container create --compute-resource "Atomic" \
    --repository-name "docker.io/redhat" --tag latest \
    --name "docker-test2" --command bash --organizations "My_Organization" \
    --locations "New York"
  • To provision from an external registry:

    # hammer docker container create --compute-resource "Atomic" \
    --registry-id 1 --repository-name "rhel" --tag latest \
    --name "docker-test3 --command bash --organizations "My_Organization" \
    --locations "New York"

11.8. Starting, Committing, and Removing Containers

Starting or Stopping a Container

When you create a container, its default state is disabled. By enabling a container, you start the processes of the containerized application in the compute resource. Hosts are then able to communicate with the container as with a web application.

  1. In the Satellite web UI, navigate to Containers > All Containers.
  2. From the list of existing containers, select the container that you want, and then click Power On. To stop the container, click Power Off.

Committing a Container

When you launch a container from an image, a writable layer is added on top of this image. Committing a container creates an image layer that stores the status of that container. Every time you commit a container a new image layer is added to store your changes. The container is committed to the repository of the original image. For example, if the container is based on an image pulled from the Docker Hub, the committed changes are pushed back to the Docker Hub.

  1. In the Satellite web UI, navigate to Containers > All Containers.
  2. From the list of existing containers, select the container that you want, and then click Commit.
  3. Enter a repository name, for example user/my-rhel-image.
  4. Assign a tag to the image.
  5. Enter your contact information.
  6. Enter an informative comment about the commit.
  7. Click Submit.

Removing a Container

  1. In the Satellite web UI, navigate to Containers > All Containers.
  2. From the list of existing containers, select the container that you want, and then click Delete.
  3. In the alert window, click OK to confirm the deletion.
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.