2014-01-30 20:13:54 +01:00
|
|
|
Docker is an open-source project to easily create lightweight, portable,
|
|
|
|
self-sufficient containers from any application. The same container that
|
|
|
|
a developer builds and tests on a laptop can run at scale, in production,
|
|
|
|
on VMs, bare metal, OpenStack clusters, public clouds and more.
|
|
|
|
|
|
|
|
To use docker as a limited user, add your user to the 'docker' group:
|
|
|
|
|
2014-04-04 18:25:23 +02:00
|
|
|
# groupadd -r -g 281 docker
|
2014-01-30 20:13:54 +01:00
|
|
|
# usermod -a -G docker <your_username>
|
|
|
|
|
2014-07-15 18:26:19 +02:00
|
|
|
This will require logging out and back in.
|
2014-01-30 20:13:54 +01:00
|
|
|
|
|
|
|
To have the docker daemon start and stop with your host,
|
|
|
|
add to /etc/rc.d/rc.local:
|
|
|
|
|
|
|
|
if [ -x /etc/rc.d/rc.docker ]; then
|
|
|
|
/etc/rc.d/rc.docker start
|
|
|
|
fi
|
|
|
|
|
|
|
|
and to /etc/rc.d/rc.local_shutdown (creating it if needed):
|
|
|
|
|
|
|
|
if [ -x /etc/rc.d/rc.docker ]; then
|
|
|
|
/etc/rc.d/rc.docker stop
|
|
|
|
fi
|
|
|
|
|
2014-05-08 02:02:24 +02:00
|
|
|
For cgroups, docker does not support mounting cgroups on the "all" single hierarchy controller,
|
|
|
|
but rather the individual controllers.
|
|
|
|
|
|
|
|
To accomplish this, add the following to your /etc/fstab:
|
|
|
|
|
|
|
|
cgroup /cgroup/cpuset cgroup rw,relatime,cpuset 0 0
|
|
|
|
cgroup /cgroup/cpu cgroup rw,relatime,cpu 0 0
|
|
|
|
cgroup /cgroup/cpuacct cgroup rw,relatime,cpuacct 0 0
|
|
|
|
cgroup /cgroup/memory cgroup rw,relatime,memory 0 0
|
|
|
|
cgroup /cgroup/devices cgroup rw,relatime,devices 0 0
|
|
|
|
cgroup /cgroup/freezer cgroup rw,relatime,freezer 0 0
|
|
|
|
cgroup /cgroup/net_cls cgroup rw,relatime,net_cls 0 0
|
|
|
|
cgroup /cgroup/blkio cgroup rw,relatime,blkio 0 0
|
|
|
|
|
|
|
|
|
2014-07-15 18:26:19 +02:00
|
|
|
And in addition, add to /etc/cgconfig.conf the following:
|
|
|
|
|
|
|
|
mount {
|
|
|
|
cpuset = /cgroup/cpuset;
|
|
|
|
cpu = /cgroup/cpu;
|
|
|
|
cpuacct = /cgroup/cpuacct;
|
|
|
|
memory = /cgroup/memory;
|
|
|
|
devices = /cgroup/devices;
|
|
|
|
freezer = /cgroup/freezer;
|
|
|
|
net_cls = /cgroup/net_cls;
|
|
|
|
blkio = /cgroup/blkio;
|
|
|
|
}
|
|
|
|
|
|
|
|
If you are interested in enabling cgroup memory resource controll over swap as
|
|
|
|
well, then append "swapaccount=1" to your kernel's parameters. This is often in
|
|
|
|
/etc/lilo.conf, on the "append" variable.
|
|
|
|
|
2014-01-30 20:13:54 +01:00
|
|
|
NOTE: google-go-lang is only needed at compile time - not needed for runtime.
|