Chapter 8. Working with Containers
Container
(in the narrow sense of the word) is an application sandbox. Each container is based on an image that holds necessary configuration data. When you launch a container from an image, a writable layer is added on top of this image. Every time you commit a container a new image layer is added to store your changes.Image
is a static snapshot of the containers' configuration. Image is a read-only layer that is never modified, all changes are made in top-most writable layer, and can be saved only by creating a new image. Each image depends on one or more parent images.Platform image
an image that has no parent. Platform images define the runtime environment, packages and utilities necessary for containerized applications to run. The platform image is read-only, so any changes are reflected in the copied images stacked on top of it. See Get Started with Docker Formatted Container Images on Red Hat Systems for information on how to access Red Hat Enterprise Linux platform images. See Example 8.1, “Creating a Red Hat Enterprise Linux Container in Satellite”.Registry
is a public or private archive that contains images available for download. Some registries allow users to upload images to make them available to others. Red Hat Satellite allows you to import images from local and external registries. Satellite itself can act as an image registry for hosts, however, hosts cannot push changes back to the registry. For more information, see Section 8.1.1, “Creating a New Container”Tags
are added to images to differentiate them from similar images in a repository. In practice, they typically mark versions of the application inside the image.Repositories
are used to group similar images together in a container registry. Images only have unique alphanumeric identifiers, so repositories provide a way to name images (by using tags). Naming in form or repository:tag is a human-readable way of identifying images. See Section 8.5, “Using Tags”, or Section 8.2, “Working with Repositories” for details.
8.1. Managing Containers
8.1.1. Creating a New Container
- Local content: represented by the
Satellite
option when creating a container. This option allows you to import an image from a repository that is already present on a capsule server in a certain content view and life cycle environment. For more information on how to create and populate a local registry, see Section 8.2, “Working with Repositories”. - Docker Hub: allows you to search the Docker Hub registry and pull images from there. Make sure that you pull only trusted images with verified content.
- External Registry: allows you to import images from a previously created external registry. For more information on creating registries in Red Hat Satellite, see Section 8.3, “Adding an External Registry”.
Note
Procedure 8.1. Creating a Container
- Navigate to→ . Alternatively, navigate to → and click .
- In the Preliminary stage of container creation configure the following settings:
- On the Compute resource tab, select the compute resource from the Deployed on drop-down menu. See Section 11.3.4, “Compute Resources” for more information on compute resources.
- On the Locations tab, select the locations where the new container will be available.
- On the Organizations tab, select the organizations where the new container will be available.
Clickto proceed. - In the Image stage of container creation import an image that will act as a base for your container. This can be a platform image, or a previously created layered image. Select from one of the following options:
- Select the Satellite tab to import an image from a life cycle environment. Specify the life cycle environment, content view, repository, tag, and Capsule Server.
- Select the Docker hub tab to import an image from the Docker Hub registry. Once you type an image name to the Search field, Satellite automatically searches the compute resource first. Click the looking glass icon to search the Docker Hub. If the image is found, Satellite displays the image metadata and populates the Tag field with tags available for the selected image name.
- Select the External registry tab to import an image from an existing registry. Select the registry from the drop-down menu, and search it by the image name. Satellite populates the Tag field with tags available for the selected image name. See Section 8.3, “Adding an External Registry” for details.
Clickto proceed. - In the Configuration stage of container creation set the following parameters:
- Select a name for the container.
- Specify a command to run inside the container.
- Specify an entrypoint, which is a command that is executed automatically as soon as the container starts. The default entrypoint is
/bin/sh -c
. - Assign CPUs to the container. For example,
0-2,16
represents CPUs 0, 1, 2, and 16. - Define the relative share of CPU time for the container.
- Specify a memory limit for the container. For example,
512m
limits the container memory usage to 512 MB.
Clickto proceed. - In the final stage of container creation named Environment, select if you want to allocate a pseudo-tty, attach STDIN, STDOUT, and STDERR to the container. Click to create a custom environment variable for the container.
- Clickto create the container.
Note
Example 8.1. Creating a Red Hat Enterprise Linux Container in Satellite
- Create a custom registry as described in Section 8.3, “Adding an External Registry”. Specify registry.access.redhat.com as a registry URL and insert your access credentials for the Red Hat Customer Portal.
- Create a new container as described in Section 8.1.1, “Creating a New Container”. In the Image stage of container creation, navigate to the External registry tab and select the registry created in the previous step from the drop-down list. Use the search field to find the desired version of the Red Hat Enterprise Linux image. Proceed through the Configuration and Environment stages to finalize the container.
8.1.2. Investigating Containers
Procedure 8.2. Investigating a Container
- Navigate to→ .
- On the Containers page, every Docker compute resource has a dedicated tab. Each of these tabs contains the table of available containers together with selected parameters of each container. Select the tab of the compute resource you want to inspect.
- To view the container metadata, click the name of the container you want to inspect. Satellite displays the table of container properties.
- On the Processes tab, you can view processes that are currently running in the container. Click on the process name to view the metadata of the process.
- If the container is running, you can view its standard output in the Logs tab. If you selected the allocate a pseudo-tty check box when creating a container, the console is interactive. Otherwise, it displays only the initial standard output produced when the container started.
8.1.3. Starting, Committing, and Removing Containers
Procedure 8.3. Starting and Stopping a Container
- Navigate to→ to view the list of available containers.
- Clicknext to the container you want to start. After starting the container, the button changes to , which allows for stopping the container. These actions are equivalent to the
docker start
anddocker stop
commands.
Procedure 8.4. Committing a Container
- Navigate to→ to view the list of available containers.
- Click the name of the container you want to commit.
- Click. Satellite then prompts you to provide the following information:
- Specify a repository name. This can be a single name or combined with the user name, for example user/my-rhel-image.
- Assign a tag to the image.
- Provide your contact information.
- Provide an informative comment about the image.
- Click.
Note
Procedure 8.5. Removing a Container
- Navigate to→ to view the list of available containers.
- Click the name of the container you want to delete.
- Click.
- In the alert box, clickto remove the container.