Exit the Docker instance and save the image for easier access later.<\/li><\/ol>\n\n\n\nNow, there’s some extra components to the above, but I’ll get to them as I go through. I’m going to assume if you wanted to read this, you’d be comfortable with items (1) and (2), so I’m jumping straight to item (3) for my walkthrough.<\/p>\n\n\n\n
Getting a Docker Container Running<\/h2>\n\n\n\n
OK, first step is to get a Docker container running. Normally you’d d something like:<\/p>\n\n\n\n
$ docker run -it centos<\/strong><\/pre>\n\n\n\nBut in this case, we need to give our container a bit more access. Of course, I know this changes the security profile, but this is a proof of concept.<\/p>\n\n\n\n
So, the command we run instead is:<\/p>\n\n\n\n
pmdg@abydos
$ docker run -it --privileged --cap-add SYS_ADMIN --cap-add MKNOD --device \/dev\/fuse centos<\/strong><\/pre>\n\n\n\nDeploy BoostFS Within the Container<\/h2>\n\n\n\n
At this point you get a prompt inside your container, with the container ID as the hostname. The next step is to get the BoostFS package added to the container using the docker cp command. For me, that was:<\/p>\n\n\n\n
pmdg@abydos
$ docker cp DDBoostFS-1.3.0.0-607940.rhel.x86_64.rpm b6ad7a179778:\/tmp<\/strong><\/pre>\n\n\n\nYou’ll want to install the DDBoostFS Plugin now, but Docker will still want the FUSE base package and library installed as well, so I fall back on the old yum localinstall technique for that, viz.:<\/p>\n\n\n\n
root@b6ad7a179778 $ yum localinstall --nogpgcheck \/tmp\/DDBoostFS-1.3.0.0-607940.rhel.x86_64.rpm<\/strong>
Loaded plugins: fastestmirror, ovl
Examining \/tmp\/DDBoostFS-1.3.0.0-607940.rhel.x86_64.rpm: ddboostfs-1.3.0.0-607940.x86_64
Marking \/tmp\/DDBoostFS-1.3.0.0-607940.rhel.x86_64.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package ddboostfs.x86_64 0:1.3.0.0-607940 will be installed
--> Processing Dependency: fuse >= 2.8 for package: ddboostfs-1.3.0.0-607940.x86_64
Determining fastest mirrors
...snip...<\/em>
Installed:
ddboostfs.x86_64 0:1.3.0.0-607940
Dependency Installed:
fuse.x86_64 0:2.9.2-11.el7 fuse-libs.x86_64 0:2.9.2-11.el7
which.x86_64 0:2.20-7.el7
Complete!
root@b6ad7a179778 $ <\/pre>\n\n\n\nSetup BoostFS Configuration and Lockbox<\/h2>\n\n\n\n
Now we need to create a BoostFS configuration file. (I’ve also added BoostFS’s executable path, \/opt\/emc\/boostfs\/bin<\/strong>, to my PATH.)<\/p>\n\n\n\nMy container is going to write to a Data Domain called neutronium using a storage unit called BoostDocker, so the configuration file looks like the following:<\/p>\n\n\n\n
root@b6ad7a179778 $ cat \/opt\/emc\/boostfs\/etc\/boostfs.conf <\/strong>
[global]
data-domain-system=neutronium.turbamentis.int
storage-unit=BoostDocker
lockbox-path=\/opt\/emc\/boostfs\/lockbox\/boostfs.lockbox
log-enabled=true
log-level=info
log-dir=\/opt\/emc\/boostfs\/log
log-file=output.log
log-maxsize=100
log-rotate-num=4
[\/container\/datadomain]
data-domain-system=neutronium.turbamentis.int
storage-unit=BoostDocker
security=lockbox
mtboost-enabled=true
mtboost-threads=16
max-connections=128<\/pre>\n\n\n\nWith the configuration file created, the next step is the lockbox:<\/p>\n\n\n\n
root@b6ad7a179778 $ boostfs lockbox set -u boost -d neutronium.turbamentis.int -s BoostDocker<\/strong>
Enter storage unit user password:
Enter storage unit user password again to confirm:
Lockbox entry set<\/pre>\n\n\n\nOK, now we’re getting closer.<\/p>\n\n\n\n
Mount the BoostFS Storage Unit<\/h2>\n\n\n\n
With a lockbox and configuration file setup, we’re right to create the mount-point, and mount the BoostFS filesystem. First, creating the mount point:<\/p>\n\n\n\n
root@b6ad7a179778 $ mkdir -p \/container\/datadomain<\/strong><\/pre>\n\n\n\nNow, to get access to a deduplicating mount-point:<\/p>\n\n\n\n
root@b6ad7a179778 $ boostfs mount \/container\/datadomain<\/strong>
mount: Mounting neutronium.turbamentis.int:BoostDocker on \/container\/datadomain<\/pre>\n\n\n\nWe can see the mounted BoostFS filesystem via a “df” command:<\/p>\n\n\n\n
root@b6ad7a179778 $ df -h<\/strong>
Filesystem Size Used Avail Use% Mounted on
overlay 50G 5.2G 45G 11% \/
tmpfs 64M 0 64M 0% \/dev
tmpfs 3.8G 0 3.8G 0% \/sys\/fs\/cgroup
\/dev\/mapper\/centos_abydos-root 50G 5.2G 45G 11% \/etc\/hosts
shm 64M 0 64M 0% \/dev\/shm
boostfs 354G 54G 300G 16% \/container\/datadomain<\/pre>\n\n\n\nA quick test of writing data to the BoostFS filesystem:<\/p>\n\n\n\n
root@b6ad7a179778 $ du -hs \/usr\/share<\/strong>
37M \/usr\/share
root@b6ad7a179778 $ tar cf \/container\/datadomain\/share.tar \/usr\/share<\/strong>
tar: Removing leading \/' from member names<\/code>
tar: Removing leading<\/code>\/' from hard link targets
root@b6ad7a179778 $ ls -l \/container\/datadomain\/share.tar
<\/strong> -rw-r--r-- 1 root root 34007040 Mar 5 04:44 \/container\/datadomain\/share.tar<\/pre>\n\n\n\nUnmount the BoostFS Filesystem<\/h2>\n\n\n\n
To unmount the filesystem ahead of exiting the container, just execute:<\/p>\n\n\n\n
root@b6ad7a179778 $ boostfs unmount \/container\/datadomain<\/strong>
root@b6ad7a179778 $ df -h<\/strong>
Filesystem Size Used Avail Use% Mounted on
overlay 50G 5.2G 45G 11% \/
tmpfs 64M 0 64M 0% \/dev
tmpfs 3.8G 0 3.8G 0% \/sys\/fs\/cgroup
\/dev\/mapper\/centos_abydos-root 50G 5.2G 45G 11% \/etc\/hosts
shm 64M 0 64M 0% \/dev\/shm<\/pre>\n\n\n\nExit the Docker Image, Save the Container Template<\/h2>\n\n\n\n
OK, now we’re ready to exit the Docker image and save the container template. For me, that worked as follows:<\/p>\n\n\n\n
root@b6ad7a179778 $ exit<\/strong>
exit
pmdg@abydos
$ docker commit -m \"Added FUSE & BoostFS\" -a \"Preston de Guise\" b6ad7a179778 centos\/boostfs<\/strong>
sha256:96f67ea69027ae7d85904a0960f8266d4437ba4da60209f1a3c122bf000644ac
<\/pre>\n\n\n\nUsing the BoostFS Container<\/h2>\n\n\n\n
Obviously the point of creating a container template is to be able to make use of it. To do this, we have to:<\/p>\n\n\n\n
- Use docker to create a new container with the same settings as before.<\/li>
- Delete the lockbox information and recreate it. Why? The lockbox information is tied to the docker container we’d spun up for the creation of the template. But our new docker instance will get a different container ID \u2013 a different hostname from the DD perspective, and we’ll need to start from scratch.<\/li>
- Mount the BoostFS storage unit.<\/li><\/ol>\n\n\n\n
So, here goes!<\/p>\n\n\n\n
First, getting the docker container running based on our new centos\/boostfs template:<\/p>\n\n\n\n
pmdg@abydos
$ docker run -it --privileged --cap-add SYS_ADMIN --cap-add MKNOD --device \/dev\/fuse centos\/boostfs<\/strong>
<\/pre>\n\n\n\nWithin the container, we delete and recreate the lockbox information:<\/p>\n\n\n\n
[root@8a2861cd001a \/]# rm \/opt\/emc\/boostfs\/lockbox\/*<\/strong><\/pre>\n\n\n\n[root@8a2861cd001a \/]# boostfs lockbox set -u boost -d neutronium.turbamentis.int -s BoostDocker<\/strong>
Enter storage unit user password:
Enter storage unit user password again to confirm:
Lockbox entry set<\/pre>\n\n\n\nNow, we can mount the BoostFS filesystem and access whatever we’d previously saved:<\/p>\n\n\n\n
[root@8a2861cd001a \/]# boostfs mount \/container\/datadomain<\/strong>
mount: Mounting neutronium.turbamentis.int:BoostDocker on \/container\/datadomain
[root@8a2861cd001a \/]# ls -l \/container\/datadomain<\/strong>
total 2076
-rw-r--r-- 1 root root 34007040 Mar 5 04:44 share.tar<\/pre>\n\n\n\nWrapping Up<\/h2>\n\n\n\n
I’m not pretending to know a lot about Docker with the above, but for me the next logical step in using Containers is to make sure when they do<\/em> have state (and I know there’s a lot of arguments that they should, as much as possible, be stateless \u2013 but there’s going to be arguments that there’s always exceptions), you can do a storage and network efficient operation to protect that state data. One way to do that without going through a full agent\/client configuration within something like Avamar or NetWorker (and dealing with obvious client hostname issues) is to use BoostFS instead, which is what I wanted to test out here.<\/p>\n\n\n\n(There’s probably a whole raft of automation options in the above that I’ve not considered, but I’m still getting my head around docker.)<\/div><\/p>\n","protected":false},"excerpt":{"rendered":"
Docker: it’s where all the cool kids are playing these days (or so I’m told). It’s certainly got some good…<\/p>\n","protected":false},"author":1,"featured_media":7928,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[6,1181],"tags":[1460,1515,1514],"class_list":["post-7926","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-basics","category-data-domain-2","tag-boostfs","tag-container","tag-docker"],"aioseo_notices":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/nsrd.info\/blog\/wp-content\/uploads\/2019\/03\/bigStock-Containers.jpg","jetpack_shortlink":"https:\/\/wp.me\/pKpIN-23Q","jetpack_sharing_enabled":true,"jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/posts\/7926","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/comments?post=7926"}],"version-history":[{"count":5,"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/posts\/7926\/revisions"}],"predecessor-version":[{"id":7937,"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/posts\/7926\/revisions\/7937"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/media\/7928"}],"wp:attachment":[{"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/media?parent=7926"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/categories?post=7926"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nsrd.info\/blog\/wp-json\/wp\/v2\/tags?post=7926"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
![\"Obligatory](\"https:\/\/nsrd.info\/blog\/wp-content\/uploads\/2019\/03\/bigStock-Containers.jpg\")