In the course of my job at Red Hat, I work with Docker containers on Fedora Atomic host every day. The Atomic Host from Project Atomic is a lightweight container OS that can run Linux containers in Docker format. It’s been modified for efficiency, making it optimal to use as a Docker run-time system for cloud environments.
Fortunately I’ve found a great way to manage containers running on the host: Cockpit. Cockpit is a remote manager for GNU/Linux servers with a nice Web UI. It lets me manage servers and containers running on the host. You can read more about Cockpit in this overview article previously published here. However, I also wanted to automate running containers on the host, which I’ve done using Ansible.
Note that we cannot use the dnf command on the Atomic Host. The host is designed not as a general purpose OS, but to be more fit for containers and other purposes. But it’s still very easy to set up applications and services on the Atomic Host. This post shows you how to automate and simplify this process.
Setting up the components
Before getting started, make sure you have Ansible installed on your system.
sudo dnf -y install ansible
First we will need to run the cockpit container on Atomic host. Copy the sources down from https://github.com/trishnaguha/fedora-cloud-ansible on your machine.
$ git clone https://github.com/trishnaguha/fedora-cloud-ansible.git
Now change your directory to cockpit and edit its inventory file as shown below:
$ cd fedora-cloud-ansible $ cd cockpit $ vim inventory
Make the following changes:
- Replace IP_ADDRESS_OF_HOST with the IP address of your Atomic host.
- Replace PRIVATE_KEY_FILE in the line ansible_ssh_private_key_file=’PRIVATE_KEY_FILE’ with your SSH private key file.
Now save and exit the inventory file.
Next, edit the ansible configuration file:
$ vim ansible.cfg
Replace User in the line remote_user=User with your remote user on your Atomic host. Then save and exit the file.
Putting it all together
Now it’s time to run the playbook. This command starts running the Cockpit container on the Atomic host:
$ ansible-playbook cockpit.yml
Cockpit is now running on the Atomic host. Use your web browser to visit the public IP of your instance on port 9090. This is the default port of Cockpit. For instance, if the IP address of the instance is 192.168.1.4, browse to 192.168.1.4:9090. You’ll now see the web interface of Cockpit on the web browser:
Managing your containers
Login with the credentials of your Atomic host or as root. Then visit the Containers section on the Cockpit manager to see the containers running on your Atomic host. In the example below, you’ll see I also set up others like httpd and redis:
Notice the interface lets you start and stop containers directly in the Cockpit manager using the Run and Stop buttons. You can also manage your Atomic host using the Cockpit manager. Go to Tools -> Terminals. There you can use the terminal of the Atomic host:
If you plan to deploy your containerized application on Atomic host, you can simply write a playbook for it. Then you can deploy using the ansible-playbook command and manage the containers using Cockpit.
Feel free to fork or add playbooks for containers in the repository https://github.com/trishnaguha/fedora-cloud-ansible.
I will try this out, thank you
Denis M., Glad to hear that :).
It does work whit windows too?
Mario Ojeda, Yes. You just need to have Ansible installed on the windows system.
Not related to this post, but the RSS stream seems to be broken.
I have this error with Liferea:
There were errors while parsing this feed!
Could not detect the type of this feed! Please check if the source really points to a resource provided in one of the supported syndication formats!
XML Parser Output:
The URL you want Liferea to subscribe to points to a webpage and the auto discovery found no feeds on this page. Maybe this webpage just does not support feed auto discovery.Could not determine the feed type.
You may want to contact the author/webmaster of the feed about this!
Justin W. Flory
Hey Sébastien, thanks for noticing this. We’re working to resolve the problem with the RSS feed not validating in this ticket. We should have it fixed soon!
It might be helpful to mention the requirements from an initial state, like installation.
This means that what first needs to be done is:
$ dnf install -y atomic
$ systemctl enable docker
$ systemctl start docker
Also, the Ansible scripts themselves only wrap the atomic command. Might be helpful to explain what it does.
Besides that, thanks for providing a nice intro to using the atomic command and running cockpit.
Sorry, my bad. Forgot it was also about Atomic Host. The use of Atomic and
as a command is confusing at times ;-). So the initial state is a way to reproduce it on a stock Fedora install, while the comment about the Ansible playbooks still stands. Some explaination about the command might clear confusion that exists with others.
Gerard Braad, So the idea is to run containers on the atomic host itself. We are executing all the commands above on our host (I have used workstation here). We are just using the IP Address of Atomic host in the inventory file where we want to run the containers. You just need to have Ansible installed on your host (Workstation/ Cloud/ Server).
I understand (already corrected myself as I got interrupted and had too little coffee; atomic host and atomic command). What I meant is the following:
Your Ansible script invokes: cmd: atomic run [containername]
what does the command do.
* pulls image on the target host
* runs the container according to the labels set
Explaining what happens on a host can be helpful to newcomers. Treat an article to be targeting a general audience; ELI6 (explain like I am 6). This can prevent questions like: how do I run this? Looking forward to future articles. Hopefully, we will see more about atomic and related projects, like atomic-reactor and commissaire 😉
Yeah sure. Thanks for your feedback :).
An easy and nice post. I created an AWS Fedora 24 atomic instance, clone the repo and configured, then ran ansible-playbook. all went fine.
On https://my-ip:9090 its not accepting any passwords though. (password-based ssh is disable per default with AWS F24 instances).
Is there any thing that I can do to make it work? Should enable passwordful ssh access?
Yeah you need to enable passwordful ssh access for only once. After enabling perform a reboot. After reboot try opening your . Disable passwordful ssh access after that. It will work. For more info you can check this: https://trishnag.wordpress.com/2016/08/17/cockpit-container-on-atomic-host.