Docker
Note | |
---|---|
This page is actively maintained by the Grid'5000 team. If you encounter problems, please report them (see the Support page). Additionally, as it is a wiki page, you are free to make minor corrections yourself if needed. If you would like to suggest a more fundamental change, please contact the Grid'5000 team. |
Docker is a software technology that provides operating-system-level virtualization. In this page, we present some tools that are specifically designed to use Docker on Grid'5000.
Installing Docker from a node
You can install and use Docker from a node with the standard environment by following these instructions:
- Reserve a node
See Getting_Started for more reservation options.
- Install Docker from the standard environment
The script g5k-setup-docker, available from the standard environment, installs Docker locally and makes Docker commands available without user needing to log out (by giving read write permissions to the file /var/run/docker.sock)
The -t
option allows to use /tmp/
to store docker images, which is useful because /tmp/
has more disk space available. Technically speaking, it does a bind mount of /tmp/docker
on /var/lib/docker
.
- Run Docker
You can now check that Docker is up and running
- Install Docker in a deployed environment
In addition to the standard environment, g5k-setup-docker works with the environments debian10-x64-nfs and debian10-x64-big (as well as with debian9 variants and the other architectures ppc64 and arm64).
Reserve a node, deploy an environment, connect to the node and run the script with its full path:
If you want to simply install Docker, without changing the permissions of /var/run/docker.sock (note that in this case you must log out and reconnect before using Docker commands), you can type
You can also use the -t
option to store docker images in /tmp/
to have more space, but be aware that everything will be deleted if you reboot the node.
Nvidia-docker
If you want to use Nvidia's Docker image available for nodes with GPUs (e.g. see [1]), you need to install nvidia-docker. A script is also available to automate the installation. Just run :
Options are the same as the regular g5k-setup-docker
script, see above. You need to run either g5k-setup-docker
or g5k-setup-nvidia-docker
, not both.
Using docker-machine and docker-g5k
The Spirals Team in Lille developped two tools to ease Docker usage on Grid'5000:
- a docker-machine driver
- the docker-g5k program
Provision a node with docker-machine
The driver for docker-machine allows you to reserve a node on Grid'5000 and to install a Linux image and Docker Engine on it, from your computer and in one single command.
The reserved node is then available from commands like docker-machine ssh
(standard ssh commands don't work when nodes are reserved with docker-machine).
Create a Swarm with docker-g5k
The docker-g5k program allows you to reserve several nodes, possibly on different sites, and to install a Linux image and Docker Engine on each node, in one single command. This command configures a Swarm, i.e. a set of Docker containers distributed over several nodes that communicate with each other.
Managing Docker images
One difficult aspect of using Docker is efficient images management, as (1) it is often required to load such images on many nodes simultaneously; (2) Grid'5000 connection to the internet is limited to 1 Gbps. The following strategies are recommended to manage Docker images:
Use docker load/save
To load and save images quickly, we encourage you to use docker load
and docker save
commands, with .tar docker images stored in your Grid'5000 home. Users home are NFS mounted, with good network performance.
- Example
You can also use docker load
command instead of retrieving the image from Docker Hub, when deploying a Swarm with docker-g5k.
- Example with docker-g5k
Give read rights to your image
Deploy three Docker nodes in Nancy (activate the Grid'5000 VPN before launching this command)
laptop :
|
docker-g5k create-cluster --g5k-username "user" --g5k-password "********" --g5k-image "jessie-x64-std" --g5k-reserve-nodes "nancy:3" |
Load Alpine image on each node
laptop :
|
for i in {0..2}; do docker-machine ssh nancy-${i} "docker load -i /home/user/alpine.tar"; done |
Use Inria private registry
The Inria registry has been closed by the end of 2019/beg. 2020.
As an alternative one can use gitlab.inria.fr to host docker images related to a git project, but this cannot be compared to the functionalities provided by a normal Docker registry.
Use a persistent virtual machine to host your registry
If you want to benefit from a private registry with good network performance, and are ready to manually install your own registry, you can request a Persistent Virtual Machine. You can look at Harbor or Portus open source projects, in order to install your own registry.
Avoid network conflict
The default network used by docker is 172.16.0.1/16 which is use internally on Grid'5000 thus this can be a source of conflict.
If you want to avoid any conflict you can set an other network. On debian you will have to edit /etc/default/docker and specify the network you want to use like this:
DOCKER_OPTS="--bip=192.168.42.1/24"
Using docker-cache.grid5000.fr
Due do the rate limiting of docker hub you might experience some troubles to fetch your image. As a result you can use docker-cache.grid5000.fr which is a registry mirrors.
To enable the use of the cache from a Grid'5000 node (as root or using sudo-g5k), edit /etc/docker/daemon.json
with:
{ "registry-mirrors": [ "docker-cache.grid5000.fr" ] }
then restart docker:
systemctl restart docker
The cache is automatically configured by g5k-setup-docker
.