This page captures my effort to learn about docker images by building a docker image for ovirt-engine from scratch using Fedora 19. At this point I get stuck after launching the image with ovirt installed in it. I’ll be troubleshooting and seeing how I can best package ovirt-engine into a single image or breaking into multiple pieces. Who knows, maybe I’ll even try to make it communicate over etcd?
I was able to create a new base image, publish it to a private docker registry, then create a Dockerfile to create a layered image for ovirt-engine, the open source virtualization management platform. I used Marek Goldmann‘s great blog as a reference and leveraged the work of Matt Miller too.
Setup your System
On a Fedora 19 system install the necessary packages.
Install docker-io docker-registry. Docker automates deployment of containerized applications while docker-registry provides the docker registry server for sharing of docker images.
# yum install -y docker-io docker-registry --enablerepo=updates-testing
Install appliance-tools. Appliance tools is one method that can be used for creating a virtual machine that we will then package up into a docker image.
# yum install -y appliance-tools libguestfs-tools
Enable and start the docker and docker-registry services.
# systemctl enable docker
# systemctl start docker
# systemctl enable docker-registry
# systemctl start docker-registry
You may also want to unmount /tmp if you are running in a VM and have limited space in /tmp.
# systemctl mask tmp.mount; reboot
Build a Base Image
In order to build a base image you need to create a virtual machine image, then pack it up into an archive, and import it into docker.
You can use your favorite kickstart file for your base docker image. You would want to make the kickstart install the smallest possible footprint so your base image stays small. The following example kickstart is a good starting point.
appliance-creator can be used to automatically install a virtual machine using the kickstart file.
# appliance-creator -c mykickstart.ks -d -v -t /tmp \
-o /tmp/myimage --name "fedora-image" --release 19 \
--format=qcow2;
virt-tar-out creates a tar file from a virtual machine image.
# virt-tar-out -a /tmp/myimage/fedora-image/fedora-image-sda.qcow2 / - |
docker import - jlabocki f19
You can download the buildcontainers.sh script and container-small-19.ks kickstart which will help you with automating the building of a basic container.
If you have issues creating a container you can continue on by pulling an existing image, like Matt’s fedora image, from the Docker index.
# docker pull mattdm/fedora
Publish the New Image to a Docker Registry
Docker provides a registry, a place to store your docker images (web server that supports multiple storage back-ends and has hooks for authentication sources). The company behind docker provides an index which is the docker-registry combined with a web front end and collaborative environment.
Now that we have a docker image we can upload it to our private registry. First you’ll need to list the images, tag the image
# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
none latest e4a4f6d69590 29 hours ago 131.2 MB
# docker tag e4a4f6d69590 localhost.localdomain:5000/fedora-small
# docker push localhost.localdomain:5000/fedora-small
Create a New Dockerfile
Now let’s try to create a new image based on the base image. We will create a new directory and create a dockerfile.
# mkdir ovirt; cd ovirt; vi Dockerfile
A dockerfile accepts a bunch of options. We will use only a few in ours.
# Base on the Fedora image created by Matthew
FROM localhost.localdomain:5000/fedora-small
# Install the JBoss Application Server 7
#RUN yum install -y jboss-as
RUN yum localinstall -y http://ovirt.org/releases/ovirt-release-fedora.noarch.rpm
RUN yum install -y ovirt-engine
RUN yum install -y ovirt-engine-setup-plugin-allinone
RUN yum install -y wget
#RUN wget http://10.16.132.12/pub/answerfile -O /root/answerfile
# Run the JBoss AS after the container boots
# ENTRYPOINT /usr/bin/engine-setup --config=/root/answerfile
The FROM line indicates what base image should be used.
The RUN lines will be executed and committed on the image.
The ENTRYPOINT line specifies what should be executed when the image is launched. At this point I’ll leave the ENTRYPOINT commented out. We’ll just launch a shell and then try to execute the engine-setup command before we use an answerfile to install it automatically in a future image.
Now we will build our image.
# docker build .
Now we have a new image.
# docker images
We can tag this new image.
# docker tag 234ad73r7df localhost.localdomain:5000/ovirt-fedora-small
And we can push it to our registry as a new image.
# docker push localhost.localdomain:5000/ovirt-fedora-small
On another fedora 19 system with docker installed (or on the same one), you can pull the docker image down and run it.
# docker pull youripaddress:5000/ovirt-fedora-small
....
# docker run -i -t localhost.localdomain:5000/jlabocki/fedora-ovirt-small /bin/bash
You can run `docker help run` to understand the options that we just gave to run the image. You can also inspect the images and running containers to get lots of interesting information about it (from outside the container, not from within it). `docker ps a` will list the running containers while `docker images` will list the images you have.
From within the container, let’s try to run the engine-setup command and see how far we get …
bash-4.2# engine-setup
[ INFO ] Stage: Initializing
[ INFO ] Stage: Environment setup
Configuration files: ['/etc/ovirt-engine-setup.conf.d/10-packaging-aio.conf', '/etc/ovirt-engine-setup.conf.d/10-packaging.conf']
Log file: /var/log/ovirt-engine/setup/ovirt-engine-setup-20131219122235.log
Version: otopi-1.1.2 (otopi-1.1.2-1.fc19)
[ INFO ] Stage: Environment packages setup
[ INFO ] Stage: Programs detection
[ INFO ] Stage: Environment setup
[ ERROR ] Failed to execute stage 'Environment setup': Command 'initctl' is required but missing
[ INFO ] Stage: Clean up
Log file is located at /var/log/ovirt-engine/setup/ovirt-engine-setup-20131219122235.log
[ INFO ] Stage: Pre-termination
[ INFO ] Stage: Termination
[ ERROR ] Execution of setup failed
It looks like the ovirt-engine is looking for initctl, or at least that is the error it is throwing. Let’s see if we can fool the engine-setup command into thinking it exists.
# ln -s /usr/sbin/service /usr/bin/initctl
Re-running engine-setup
bash-4.2# engine-setup
[ INFO ] Stage: Initializing
[ INFO ] Stage: Environment setup
Configuration files: ['/etc/ovirt-engine-setup.conf.d/10-packaging-aio.conf', '/etc/ovirt-engine-setup.conf.d/10-packaging.conf']
Log file: /var/log/ovirt-engine/setup/ovirt-engine-setup-20131219122459.log
Version: otopi-1.1.2 (otopi-1.1.2-1.fc19)
[ INFO ] Stage: Environment packages setup
[ INFO ] Stage: Programs detection
[ INFO ] Stage: Environment setup
[ INFO ] Stage: Environment customization
Disabling all-in-one plugin because hardware supporting virtualization could not be detected. Do you want to continue setup without AIO plugin? (Yes, No) [No]: Yes
--== PACKAGES ==--
[ INFO ] Checking for product updates...
[ INFO ] No product updates found
--== ALL IN ONE CONFIGURATION ==--
--== NETWORK CONFIGURATION ==--
Host fully qualified DNS name of this server [502fbe26fc3c]:
[WARNING] Host name 502fbe26fc3c has no domain suffix
[WARNING] Failed to resolve 502fbe26fc3c using DNS, it can be resolved only locally
--== DATABASE CONFIGURATION ==--
Where is the database located? (Local, Remote) [Local]:
Setup can configure the local postgresql server automatically for the engine to run. This may conflict with existing applications.
Would you like Setup to automatically configure postgresql, or prefer to perform that manually? (Automatic, Manual) [Automatic]:
--== OVIRT ENGINE CONFIGURATION ==--
Engine admin password:
Confirm engine admin password:
[ ERROR ] Failed to execute stage 'Environment customization': [Errno 2] No such file or directory: '/usr/share/cracklib/pw_dict.pwd'
[ INFO ] Stage: Clean up
Log file is located at /var/log/ovirt-engine/setup/ovirt-engine-setup-20131219122459.log
[ INFO ] Stage: Pre-termination
[ INFO ] Stage: Termination
[ ERROR ] Execution of setup failed
Here is the output of ovirt-engine-setup-2013.log. It appears that I’m missing some files for password. It turns out the password dictionary file was missing, but it was just compressed. Let’s uncompress it and see if we can re-run engine-setup.
bash-4.2# gzip -d /usr/share/cracklib/pw_dict.pwd.gz
bash-4.2# engine-setup
[ INFO ] Stage: Initializing
[ INFO ] Stage: Environment setup
Configuration files: ['/etc/ovirt-engine-setup.conf.d/10-packaging-aio.conf', '/etc/ovirt-engine-setup.conf.d/10-packaging.conf']
Log file: /var/log/ovirt-engine/setup/ovirt-engine-setup-20131219125142.log
Version: otopi-1.1.2 (otopi-1.1.2-1.fc19)
[ INFO ] Stage: Environment packages setup
[ INFO ] Stage: Programs detection
[ INFO ] Stage: Environment setup
[ INFO ] Stage: Environment customization
Disabling all-in-one plugin because hardware supporting virtualization could not be detected. Do you want to continue setup without AIO plugin? (Yes, No) [No]: Yes
--== PACKAGES ==--
[ INFO ] Checking for product updates...
[ INFO ] No product updates found
--== ALL IN ONE CONFIGURATION ==--
--== NETWORK CONFIGURATION ==--
Host fully qualified DNS name of this server [502fbe26fc3c]:
[WARNING] Host name 502fbe26fc3c has no domain suffix
[WARNING] Failed to resolve 502fbe26fc3c using DNS, it can be resolved only locally
--== DATABASE CONFIGURATION ==--
Where is the database located? (Local, Remote) [Local]:
Setup can configure the local postgresql server automatically for the engine to run. This may conflict with existing applications.
Would you like Setup to automatically configure postgresql, or prefer to perform that manually? (Automatic, Manual) [Automatic]:
--== OVIRT ENGINE CONFIGURATION ==--
Engine admin password:
Confirm engine admin password:
[WARNING] Password is weak: it is based on a dictionary word
Use weak password? (Yes, No) [No]: Yes
Application mode (Both, Virt, Gluster) [Both]:
Default storage type: (NFS, FC, ISCSI, POSIXFS) [NFS]:
--== PKI CONFIGURATION ==--
Organization name for certificate [Test]:
--== APACHE CONFIGURATION ==--
Setup can configure the default page of the web server to present the application home page. This may conflict with existing applications.
Do you wish to set the application as the default page of the web server? (Yes, No) [Yes]:
Setup can configure apache to use SSL using a certificate issued from the internal CA.
Do you wish Setup to configure that, or prefer to perform that manually? (Automatic, Manual) [Automatic]:
--== SYSTEM CONFIGURATION ==--
--== END OF CONFIGURATION ==--
[ INFO ] Stage: Setup validation
[ ERROR ] Failed to execute stage 'Setup validation': Database configuration was requested, however, postgresql service was not found. This may happen because postgresql database is not installed on system.
[ INFO ] Stage: Clean up
Log file is located at /var/log/ovirt-engine/setup/ovirt-engine-setup-20131219125142.log
[ INFO ] Stage: Pre-termination
[ INFO ] Stage: Termination
[ ERROR ] Execution of setup failed
Conclusion
At this point the engine-setup command is not able to complete successfully because of a dbus error when trying to initialize postgresl-server. I’ll continue to work on this to see if I can make progress in packaging ovirt-engine into a docker image.
all things open 
This should help:
http://rhatdan.wordpress.com/2014/04/30/running-systemd-within-a-docker-container/
Indeed it should. If I have some time I’ll try this again using Dan’s instructions. Thanks Scott!