Install Mirantis Container Runtime for CentOS

There are two ways to install and upgrade Mirantis Container Runtime (MCR):

  • YUM repository: Set up a Docker repository and install Mirantis Container Runtime from it. This is the recommended approach because installation and upgrades are managed with YUM and easier to do.

  • RPM package: Download the RPM package, install it manually, and manage upgrades manually. This is useful when installing Mirantis Container Runtime on air-gapped systems with no access to the internet.

Prerequisites

Perform all prerequisites as required prior to installing MCR on CentOS.

Architectures and storage drivers

Mirantis Container Runtime supports CentOS 64-bit, latest version, running on x86_64.

On CentOS, Mirantis Container Runtime supports the overlay2 storage drivers. The following limitations apply:

  • If selinux is enabled, overlay2 is supported on CentOS 7.4 or higher.

  • If selinux is disabled, overlay2 is supported on CentOS 7.2 or higher with kernel version 3.10.0-693 and higher.

Uninstall old Docker versions

The Mirantis Container Runtime package is called docker-ee. Older versions were called docker or docker-engine. Uninstall all older versions and associated dependencies. The contents of /var/lib/docker/ are preserved, including images, containers, volumes, and networks.

sudo yum remove docker \
                docker-client \
                docker-client-latest \
                docker-common \
                docker-latest \
                docker-latest-logrotate \
                docker-logrotate \
                docker-selinux \
                docker-engine-selinux \
                docker-engine\
                docker-ee\
                docker-ee-cli

Repo install and upgrade

The advantage of using a repository from which to install Mirantis Container Runtime (or any software) is that it provides a certain level of automation. RPM-based distributions such as CentOS, use a tool called YUM that work with your repositories to manage dependencies and provide automatic updates.

Set up the repository

You only need to set up the repository once, after which you can install Mirantis Container Runtime from the repo and repeatedly upgrade as necessary.

  1. Remove existing Docker repositories from /etc/yum.repos.d/:

    sudo rm /etc/yum.repos.d/docker*.repo
    
  2. Temporarily store https://repos.mirantis.com in an environment variable. This variable assignment does not persist when the session ends:

    export DOCKERURL="https://repos.mirantis.com"
    
  3. Store the value of the variable, DOCKERURL (from the previous step), in a yum variable in /etc/yum/vars/:

    sudo -E sh -c 'echo "$DOCKERURL/centos" > /etc/yum/vars/dockerurl'
    
  4. Store your OS version string in /etc/yum/vars/dockerosversion:

    sudo sh -c 'echo "7" > /etc/yum/vars/dockerosversion'
    
  5. Install the yum-utils that provides the yum-config-manager utility.

    sudo yum install -y yum-utils
    
  6. Enable the extras RHEL repository. This ensures access to the container-selinux package required by docker-ee.

    The repository can differ per your architecture and cloud provider , so review the options in this step before running one of the following commands.

    For all architectures except IBM Power

    sudo yum-config-manager --enable rhel-7-server-extras-rpms
    

    For IBM Power only (little endian)

    sudo yum-config-manager --enable extras
    sudo subscription-manager repos --enable=rhel-7-for-power-le-extras-rpms
    sudo yum makecache fast
    sudo yum -y install container-selinux
    
  7. Depending on cloud provider, you may also need to enable another repository. Refer to the official product documentation for more information.

    AWS (where REGION is a literal and does not represent the region your machine is running in)

    Product Documentation for Red Hat Update Infrastructure 4.

    Azure

    Red Hat Update Infrastructure for on-demand Red Hat Enterprise Linux VMs in Azure

  8. Add the Mirantis Container Runtime stable repository:

    sudo -E yum-config-manager \
        --add-repo \
        "$DOCKERURL/centos/docker-ee.repo"
    

Install from the repository

  1. Install the latest patch release, or proceed to the next step to install a specific version.

    sudo yum -y install docker-ee docker-ee-cli \
    docker-ee-rootless-extras containerd.io
    

    Note

    MCR nodes in rootless mode cannot currently be a member of an MKE cluster.

    If prompted to accept the GPG key, verify that the fingerprint matches 77FE DA13 1A83 1D29 A418 D3E8 99E5 FF2E 7668 2BC9, and if so, accept it.

  2. To install a specific version of Mirantis Container Runtime (recommended in production), list versions and install:

    1. List and sort the versions available in your repo. This example sorts results by version number, highest to lowest, and is truncated:

      sudo yum list docker-ee  --showduplicates | sort -r
      
      docker-ee.x86_64      23.0.ee.2-1.el7.centos      docker-ee-stable-19.03
      

      The list returned depends on which repositories you enabled, and is specific to your version of CentOS (indicated by .el7 in this example).

    2. Install a specific version by its fully qualified package name, which is the package name (docker-ee) plus the version string (2nd column) starting at the first colon (:), up to the first hyphen, separated by a hyphen (-). For example, docker-ee-23.0.1.

      sudo yum -y install docker-ee-<VERSION_STRING> \
      docker-ee-cli-<VERSION_STRING> \
      docker-ee-rootless-extras-<VERSION_STRING> containerd.io
      

      Note

      MCR nodes in rootless mode cannot currently be a member of an MKE cluster.

      For example, if you want to install the 23.0.1 version run the following:

      sudo yum -y install docker-ee-23.0.1 docker-ee-cli-23.0.1 containerd.io
      

    Docker is installed but not started. The docker group is created, but no users are added to the group.

  3. Start Docker:

    sudo systemctl start docker
    
  4. Verify that Mirantis Container Runtime is installed correctly by running the hello-world image. This command downloads a test image, runs it in a container, prints an informational message, and exits:

    sudo docker run hello-world
    

    Mirantis Container Runtime is installed and running. Use sudo to run Docker commands.

Package install and upgrade

To manually install MCR, download the .rpm file for your release. You need to download a new file each time you want to upgrade MCR.

Install with a package

  1. Go to repos.mirantis.com in your browser.

  2. Navigate to centos/7/x86_64/stable-<VERSION>/Packages and download the .rpm file for the Docker version you want to install.

  3. Install MCR.

    sudo yum install <path_to_downloaded_centos_package_.rpm>
    

    Docker is installed but not started. The docker group is created, but no users are added to the group.

  4. Start Docker

    sudo systemctl start docker
    
  5. Verify that Mirantis Container Runtime is installed correctly by running the hello-world image. This command downloads a test image, runs it in a container, prints an informational message, and exits:

    sudo docker run hello-world
    

    Mirantis Container Runtime is installed and running. Use sudo to run Docker commands.

Upgrade with a package

  1. Download the newer package file.

  2. Repeat the installation procedure, using yum -y upgrade instead of yum -y install, and point to the new file.

Enable MCR Telemetry

By default, MCR automatically records and transmits data to Mirantis for monitoring and analysis purposes. The data collected provides the Mirantis Customer Success Organization with information that helps us to better understand the operational use of MCR by our customers. It also provides key feedback in the form of product usage statistics, which enable our product teams to enhance Mirantis products and services.

To disable the telemetry function, set features.telemetry to false in your /etc/docker/daemon.json file. Change the setting to true to re-enable telemetry.

{"features":{"telemetry": false}}

Caution

To send the telemetry, verify that dockerd can resolve api.segment.io and create a TCP (HTTPS) connection on port 443.

Run MCR as a non-root user (Rootless mode)

Note

MCR nodes in rootless mode cannot belong to a MKE cluster.

For information on rootless mode installation and configuration, refer to the Docker documentation Run the Docker daemon as a non-root user (Rootless mode).

Uninstall Mirantis Container Runtime

  1. Uninstall the Mirantis Container Runtime package:

    sudo yum -y remove docker-ee \
    docker-ee-cli \
    containerd.io \
    container-selinux
    
  2. Delete all images, containers, and volumes (because these are not automatically removed from your host):

    sudo rm -rf /var/lib/docker
    
  3. Delete other Docker related resources:

    sudo rm -rf /run/docker
    sudo rm -rf /etc/docker
    
  4. Delete any edited configuration files manually.