Photon OS is minimalistic RPM-based Linux distribution which is focussed on running Docker containers. It was optimized for VMware platforms (Workstation, Fusion, vSphere, vCloud Air) - e.g. its Linux kernel offers a caching mechanism optimized for vSphere.

Another characteristic is the customized package manager tdnf (Tiny Dandified YUM) which is similar to YUM but has also supports managing OSTree content (git-like versioned kickstartable filesystem content).

Foreman and Red Hat Satellite 6 offer Docker support enabling the central creation and management of containers. This article focusses on combining both products.

Configuring Photon OS

When creating the Photon OS VM, I was using the following settings:

• Guest operating system family: Linux
• Guest operating system version: VMware Photon OS (64-Bit)

Alternatively, you can download pre-defined OVA templates on the project website.

After VM provisioning, it is a good idea to update and reboot the system:

1# tdnf update
2# systemctl reboot

By default, Photon OS uses DHCP to obtain IP information. If you prefer static IP addresses, you need to create a systemd configuration:

 1# ip a
 2# vi /etc/systemd/network/10-static-eth0.network
 3[Match]
 4Name=eth0
 5
 6[Network]
 7Address=192.168.1.100/24
 8Gateway=192.168.1.1
 9DNS=192.168.1.1
10
11ESC ZZ

To ensure that this configuration is inherited, set appropriate file permissions and restart the corresponding network service:

1# chmod 0644 /etc/systemd/network/10-static-eth0.network
2# systemctl restart systemd-networkd

By default, the Docker service is only listening on localhost. If you plan to manage containers remotely, create the configuration file /etc/default/docker and append the following line:

1# vi /etc/default/docker
2DOCKER_OPTS="-H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock"

This line ensure that Docker also listens on the TCP port 2375. You can also use another port.

By default, Docker is not started automatically during boot time. Die following line starts Docker and also configures autostart on boot time:

1# systemctl enable docker ; systemctl start docker

To ensure remote access, it is required to open a port in the firewall:

1# iptables -A INPUT -p tcp --dport 2375 -j ACCEPT

This change will be discarded after the next reboot - enter the following lines into the configuration file /etc/systemd/scripts/iptables to make changes persistent

1# vi /etc/systemd/scripts/iptables
2...
3#Enable docker connections
4iptables -A INPUT -p tcp --dport 2375 -j ACCEPT
5# End /etc/systemd/scripts/iptables

Configuring Foreman

The next step is to link Photon OS to Foreman. By including a Docker plugin (foreman-docker) Foreman is capable to access and control Docker containers.

Start an assistant by clicking Infrastructure > Compute resources > New Compute Resource. In the dialog, enter the following information:

• Name: VMware Photon OS
• Provider: Docker
• Description: Short description, e.g. FQDN
• URL: http://fqdn:2375

Clicking Test Connection should acknowledge establishing a connection. Refer to the Locations and Organizations tabs to assign the system to particular locations or organizations.

Afterwards Photon OS is listed in Infrastructure > Compute resources. Click the appropriate entry and Containers to see defined containers:

Creating a container

Foreman is also able to create container. The following sources can be used to access Docker images:

• Content Views
• Docker Hub
• custom/external registry

Click Container > New container to start an assistant. The following example will create a CentOS 7 container that pings centos.org:

Specify the following information

• Prelimary
  • Compute resource
    • Deploy on: VMware Photon OS
• Image
  • Docker hub
    • Search: centos
    • Tag: latest
• Configuration
  • Name: centos-ping
  • Command: ping centos.org
• Environment
  • Run: Yes

Afterwards, the container is listed in Container > All containers. By clicking the appropriate entry, runtime information are displayed. The Logs tab contains console output messages:

By clicking Commit container changes can be stored in a new image. To stop the container, simply click Power Off.