James, you have done very well! Thanks for this very deep and complete article on how to build my own Vagrant base box using Red Hat Enterprise Linux…
Docker should be known by everyone: it provides containers on Linux hosts, separating different aspects of the operating system for a set of processes, what these processes are could be described by the docker container format. If you run a set of containers on different hosts, you may want to have network connectivity between these containers. And that is were flannel jumps in by providing an overlay network that connects containers across hosts.
As we love Vagrant I used it for providing some virtual machines running RHEL7 to me, these machine will be docker hosts and networking on these hosts will be managed by flannel. As a dependency etc is installed (and some other stuff). One VM will be the kubernetes master and additional n hosts will be minions.
For a details overview of the installation see a blog post by on of my colleagues: Flannel and Docker on Fedora – Getting Started
What I added to this basic installation is a Vagrant powered environment and an automated installation procedure driven by Ansible. What it will be in a few weeks: an infrastructure to install OpenShift Origin 3 on CentOS. This will rapidly set up an development environment for you ;)
To set up an environment by yourself try the following steps.
git clone https://github.com/goern/openshift-el.git cd openshift-el vagrant up vagrant ssh master
If you run some RHEL (or CentOS) based container, you may figure that ping is not working as expected from inside the container. You may also try running the container with some additional capabilities enabled.. capabilities? container? What that means, and what you gain security-wise is described in detail in Dan Walsh‘s post on docker security over at opensource.com
How to run a docker container with some additional capabilities:
host# docker run --cap-add net_raw --cap-add net_admin --rm -t -i registry.access.redhat.com/rhel7 bash container# yum install -y iputils container# ping 127.0.0.1
To figure out what capabilities a binary needs you could use