Post-IBM acquisition Red Hat has crippled Docker on the inaugural release of CentOS 8, in a bid to force users to switch to podman (Pod Manager), the container engine backed by the company. Although the supporters of Podman argue that podman’s daemonless and rootless design make it more lightweight & secure than the Docker daemon, Podman has no orchestration features other than the ability to generate kubectl configuration files, which makes it a non-starter for Docker Compose and Swarm users.
A fresh install of CentOS 8 blocks the installation of the containerd.io package through the package manager, which the docker-ce package is dependent on. You have to download & install containerd.io manually from download.docker.com before installing docker-ce and docker-cli. Furthermore firewalld, the default firewall in CentOS 8, breaks DNS within containers when using the Docker Engine instead of Podman.
Here is how to work around the restrictions and install Docker on CentOS 8.
Install the dependencies and add the docker-ce repo.
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
Download and install the containerd.io package manually.
sudo yum install -y https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm
If you don’t download & install the containerd.io RPM manually, you will encounter errors similar to this when installing docker-ce and docker-cli. This is Red Hat blocking the installation of containerd.io to discourage users from using the Docker Engine, and switch to Podman instead.
Error:
Problem: package docker-ce-3:19.03.2-3.el7.x86_64 requires containerd io >= 1.2.2-3, but none of the providers can be installed
– cannot install the best candidate for the job
– package containerd.io-1.2.2-3.3.el7.x86_64 is excluded
– package containerd.io-1.2.2-3.el7.x86_64 is excluded
– package containerd.io-1.2.4-3.1.el7.x86_64 is excluded
– package containerd.io-1.2.5-3.1.el7.x86_64 is excluded
– package containerd.io-1.2.6-3.3.el7.x86_64 is excluded
Install Docker CE from the docker-ce repository.
sudo yum install docker-ce docker-ce-cli containerd.io
Enable and start the docker systemd service.
sudo systemctl enable docker
sudo systemctl start docker
sudo systemctl disable firewalld
If you don’t disable firewalld, your containers will fail to resolve any domain name through DNS. This appears to be another intentional attempt to cripple the Docker Engine to force the use of podman in CentOS 8 instead.
Reboot the system to make the changes take effect.
sudo reboot