Domino 10.0.1 in Docker on Ubuntu 18.04
Mindwatering Incorporated
Tripp W Black on 02/21 at 10:22 AM


Category: Domino Upgrades / Installations
Software Installation

Starting with Domino 9 FP10 (Feature Pack 10), IBM Domino supported being run w/in a Docker container.
Note that the "data" directory is still outside the container.

Overview
When you use Docker, each application no longer has it's own virtual OS, instead each application runs in its own container using "images" of software. These containers are built from one, or more often, more than one "Docker Image" stacked on top of each other.

Open-source images are typically images are downloaded and run from the Docker Hub web site. This web site requires a username/login to use. Once you have a username, you can then upload and host your own images on the Docker Hub.

Docker runs as a layer on top of the base host (e.g. Linux kernel). The images are loaded on Docker, and the final top piece is the executing code.
In this example, we are using:
Ubuntu --> Docker --> OS image (e.g. CentOS or Ubuntu) --> Domino 10.0.1 image --> Runtime/Writable Container
Any FP would be an image added on top of the Domino 10.0.1 image.
Any IF would be an image added on top of that FP.

So the IF parent image is a FP image, the FP parent image is the full/base install of that version of Domino, and the parent of the Domino install would be the Linux:latest OS.
Since these image(s) are "static" or read-only executions in the top container run-time, the Domino data folder would still be an external folder, e.g. /local/notesdata, or a logical external NFS disk, etc. These storage areas are called "Docker Volumes".

Your local collection of images are called your "Docker Registry" or sometimes local library.

For Domino, we need the "bubble gum" that makes a Domino installation TAR file and converts it to an image. This is the domino-docker official repository.


Step 1 - Install Ubuntu

1. Create a VM with 2 processors, and 8 GB memory, and 2 disks. Set around 30 GB disk space on the first disk and size the second disk at least double all your "data" needs. Say 50 GB.
(Increase the "data" disk for the number of other Docker applications and the size of your NotesData folder.)

2. Attach to the VM, the Ubuntu 18.04 Server ISO. Run the server installation.
- Choose language (e.g. English)
- Choose keyboard (e.g. US-EN)
- Choose Install, which is "Install Ubuntu"
- Set the main ethernet adaptor for it's static IP.
- Use the automatic partitioning by selecting the "Use an Entire Disk" option on the storage page. (This is will format and create a LVM in the first disk.)
-- Confirm the disk to be used (use the first one)
-- Confirm the partitioning layout is what you want.
- Set up the first admin user profile, e.g. serveradmin with name Server Admin. (Ubuntu calls a user a profile). Give it a good password.
- Confirm the settings and watch the log of the installation.

3. Perform Post Installation Tasks
- Add the SSH server to the firwall and enabled the UFW firewall.
$ sudo ufw app list
--> (output)
Available applications:
OpenSSH
$ sudo ufw allow OpenSSH
$ sudo ufw enable
$ sudo ufw status
--> Output will show that OpenSSH is Allowed from Anywhere for OpenSSH and OpenSSH (v6). (The v6 is IP v6, and the unlabeled one is IP 4.)

4. Optional - If adding another administrative user besides the "serveradmin" original, create as follows:
$ sudo add user dockeradmin
$ sudo usermod -aG sudo dockeradmin

5. Update the system:
$ sudo apt update
--> wait for list of repositories to update.
$ sudo apt upgrade
--> approve/confirm with "y" and wait for installation.

If the kernel is updated, you may also want to remove the old ones:
$ sudo apt-get autoremove
Note: This may also prompt for a reboot.

- Confirm apt can use https:
$ sudo apt install apt-transport-https ca-certificates curl software-properties-common
--> (install if not already installed)

6. Create a local Domino datastore folder for persistent data. This drive is on a separate disk in this example.
This gives us the flexibility of moving (swinging) this Domino install to another VM by simply moving/copying the disk in vSphere.
$ sudo mkdir /local/notesdata
$ sudo mkfs.ext4 /dev/sdc1
# vi /etc/fstab
fstab line example: /dev/sdc1 /local/notesdata ext4 defaults 1 2
(<esc> & wq to save changes.)
$ sudo mount -a
(Mounts the new disk.)
# chown -R notes /local/notesdata
# chgrp -R notes /local/notesdata
# chmod -R g+w /local/notesdata

7. Download / Set-up domino-docker and create the Domino 10.0.1 image.
Make the /local/domino-docker folder from the second /dev/sdb drive, and prep for Domino/docker images. Alternately use /var/lib/docker for the local repository.
$ sudo mkdir/local/domino-docker/
$ sudo mkfs -t xfs -n ftype=1 /dev/sdb
Note: the ftype=1 is needed for the version2 overlayfs-driver.

# vi /etc/fstab
fstab line example: /dev/sdb1 /local/domino-docker xfs defaults 1 1
(<esc> & wq to save changes.)
$ sudo mount -a
(Mounts the new disk.)

$ cd /local/domino-docker/
$ sudo wget https://github.com/IBM/domino-docker/archive/master.zip
$ sudo unzip master.zip
--> This will create the the subfolders inside /local/domino-docker/
- Using Filezilla, transfer the full IBM install of Domino 10.0.0 (CNW1ZEN) ( DOMINO_SERVER_V10.0_64_BIT_LINUX.tar ) to the /local/domino-docker/software/domino10/ folder, or...
- Using Filezilla, transfer the full IBM install of Domino 10.0.1 (CNXL9EN) ( DOM_SVR_V10.0.1_64_BIT_Lnx.tar ) to the /local/domino-docker/software/domino10/ folder.
$ cd /local/domino-docker/
$ sudo ./build.sh domino

Stop and Note:
See updated docker build option on GIT for 2019/01/31 at bottom of this page.
See updated docker build option using GIT for 2019/01/19 at bottom of this page. This replaces the instructions from here down for this option.



Step 2 - Install Docker:
1. Install Docker (from Docker rather than the older package version in Ubuntu repository). Start by adding the repository, and then do an apt-get update and install, like normal.
- Add the repository key for the Docker site:
$ sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

- Add the repository for the Docker site:
$ sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable"

- Confirm the apt-get install will use the Docker repository, and install Docker from its repository:
$ sudo apt-get update
$ sudo apt-cache policy docker-ce
--> Look at the "candidate" line, and the last line. Note the candidate line version, and confirm that the last line lists download.docker.com repository.
$ sudo apt install docker-ce
--> (approve/confirm with "y" and wait for the installation to complete.

- Confirm that Docker is now running successfully:
$ sudo systemctl status docker
--> Output should have no red error text, and show it "Loaded", "Active", its "Main Pid", docker.service file running it, and the location its running from - /usr/bin/dockerd.

2. Update the overlay driver to version 2.
$ sudo vi /etc/docker/daemon.json
(Update the second line as follows and save.)
{
 "storage-driver": "overlay2",
 "storage-opts": [
   "overlay2.override_kernel_check=true"
 ]
}
(<esc> & wq to save changes.)
Note: The overlay driver allows network to span multiple hosts (e.g. Docker swarm). If you use bridging then you are re-using the host network config directly.

3. Install GDB and LSOF for Domino NSD. (Use yum install gdb lsof for CentOS.)
$ sudo apt-get install gdb lsof


Step 3 - Add the Administrative User(s) to the Docker Group (Optional)
If you want to not have to type sudo for the docker commands, you can give Docker authority to more than just the root user. We add the administrative user to the docker group.
$ sudo usermod -aG docker serveradmin
$ sudo usermod -aG docker dockeradmin

To apply the group membership, log out and log back into the server. Or, you can apply it now like this:
$ su - dockeradmin
--> enter password
$ id -nG
--> Output will list something like dockeradmin sudo docker, meaning that dockeradmin is in its own personal group, the sudo group, and the docker group.

- Test running docker w/o sudo, by running it's main command, with the normal options. (e.g. docker, instead of docker [option] [command] [arguments] )
$ docker
--> This will output the complete list of commands (subcommands) starting with "attach" and ending with "wait".

- Ask it to give you syntax help for the "build" command:
$ docker build --help
--> This will output the help for the build subcommand.

- Display the system status for docker:
$ docker info


Step 4 - Download/Install/Run the Docker image "hello-world" (Optional)
$ docker run hello-world
--> The output of this command will show that the Hello-world container app isn't locally available, so Docker retrieves it from the cloud, and then runs it. Since the hello-world app just says hello, the output concludes with the message:
Hello from Docker!
This message shows that your installation appears to be working correctly.


Step 5 - Create/run new Domino Image in Docker
(We finally are doing something w/Domino.)
$ docker volume create --name=dominodata1
(notice the double dash)

$ docker run -it -d -e "ServerName=MyServer" -e "OrganizationName=Mindwatering" -e "AdminFirstName=Joe" -e "AdminLastName=Doe" -e "AdminPassword=adminpw0rd" -h myserver.mindwatering.com -p 1352:1352 -p 8888:80 -p 8443:443 --cap-add=SYS_PTRACE --name MyServer -v dominodata1:/local/notesdata ibmcom/domino:10.0.1
Note:
The --cap-add=SYS_PTRACE is the part used by GBD tool for NSD.

To stop the run-time container:
$ docker stop --time=90 MyServer


_____________________________________________

Notes:
The domino-docker package starts a temporary nginx server as the repository server from which to run the image.
The domino-docker/management/ folder contains the config file (e.g. config_think)

The parameters you can pass for the "-e" variable are listed here in the GIT repository:
https://github.com/IBM/domino-docker/blob/master/documentation/run-variables.md

With Domino 10.0.1, the GIT software folder has an updated README.md (2019/02) with instructions for adding the Domino 10.0.1. The build script has been updated for Domino 10.0.1.
Start the software repository (NGINX) with:
$ software-repo.sh start
The software-repo has the following command options start, stop, ip, remove, and stopremove.
Stop and remove the temporary repository container with:
$ software-repo.sh stopremove

--> Updated Domino build method (01/31/2019)
The ../domino-docker/management/ folder contains new files from Think 2019.
See the docker_domino_readme.txt. It allows you to build using the commands:
$ docker_domino build
$ docker_domino run
The files in that folder also give an example response file so that everything doesn't have to passed on the run line anymore (like we did in step 5 above).

--> Updated Domino build method (01/19/2019)
There is another way that has come out using the Github klehmann/domino-docker-setup.
With this docker set-up script, there is no need for the NGINX temporary server. This script works with the DOM_SVR_V10.0.1_64_BIT_Lnx.tar file only.

Alternate Step 2:
Download the ZIP file from github.com/klehmann/domino-docker-setup/.
(or download via GIT)
$ cd /home/myadmin/
$ mkdir dominodockersetup
$ cd dominodockersetup

Transfer the Zip to this folder via FileZilla.
$ unzip master.zip
$ cd /local/domino-docker/
$ docker build -t klehmann/domino:10.0.1.
$ cd /home/myadmin/dominodockersetup/
$ docker build -t klehmann/domino-scriptsupport:10.0.1. // if server not new, skip the set-up steps below
$ docker volume create dominoSvrNm

Domino Set-up: Create startup script for Domino to personalize if a new server:
$ mkdir /home/myadmin/notesids
$ vi env.list
... complete the setup variables and save (DOMINOHOSTNAME should be FQDN) ...
<esc> :wq
$ docker run --rm --interactive --tty --env-file ./env.list –v dominoSvrNm:/local/notesdata klehmann/domino_scriptsupport:10.0.1

Docker command to run script and copy out the files.
$ docker run --rm -v dominoSvrNm:/local/notesdata -v "$PWD":/home/myadmin/notesids/ busybox cp -f /local/notesdata/{cert.id,server.id,admin.id} /home/myadmin/notesids/

The Nashed scripts now have docker support. Make sure when you tell docker to stop the Domino docker instance that you add additional time beyond the default 10 seconds.
$ docker stop --time=90 dominoSvrNm



previous page