5 Creating Custom Images #
For creating your custom image you need a base docker image of SLES. You can use any of the pre-built SLES images that you can obtain as described in Section 5.2, “Customizing SLES Docker Images”.
Note: No SLES Images in Docker Hub
Usually you can pull a variety of base docker images from the docker hub but that does not apply for SLES. Currently we cannot distribute SLES images for Docker because there is no way to associate an End-User License Agreement (EULA) to a Docker image. sle2docker enables you to import pre-built SLES images that you can use for creating base SLES images.
After you obtain your base docker image, you can modify the image by using a Dockerfile (usually placed in the build directory). Then use the standard docker building tool to create your custom image:
docker build path_to_build_directory
For more docker build options please refer to the official Docker documentation.
Note: Dockerizing Your Applications
You may want to write a dockerfile for your own application that should be run inside a docker container. For a procedure refer to Chapter 6, Dockerizing Applications.
5.1 Obtaining Base SLES Images #
You can install pre-built images of SLES by using Zypper:
sudo zypper in sles11sp4-docker-image sles12sp3-docker-image
Pre-built images do not have repositories configured. But when the Docker host has an SLE subscription that provides access to the product used in the image, Zypper will automatically have access to the right repositories.
After the pre-built images are installed, you need to list them using sle2docker to get a proper image name:
sle2docker list
Now you need to activate the pre-built images:
sle2docker activate PRE-BUILT_IMAGE_NAME
After successful activation, sle2docker will display the name of the docker image. You can customize the docker image as described in Section 5.2, “Customizing SLES Docker Images”.
5.2 Customizing SLES Docker Images #
The pre-built images do not have any repository configured and do not include any modules or extensions. They contain a zypper service that contacts either the SUSE Customer Center (SCC) or your Subscription Management Tool (SMT) server, according to the configuration of the SLE host that runs the Docker container. The service obtains the list of repositories available for the product used by the Docker image. You can also directly declare extensions in your Dockerfile (for details refer to Section 5.2.3, “Adding SLE Extensions and Modules to Images”.
You do not need to add any credentials to the Docker image because the machine credentials are automatically injected into the container by the docker daemon. They are injected inside of the /run/secrets directory. The same applies to the /etc/SUSEConnect file of the host system, which is automatically injected into the /run/secrets directory.
Note: Credentials and Security
The contents of the /run/secrets directory are
never committed to a Docker image, hence there is no risk of your
credentials leaking.
To obtain the list of repositories use the following command:
zypper ref -s
It will automatically add all the repositories to your container. For
each repository added to the system a new file will be created
under /etc/zypp/repos.d. The URLs of these
repositories include an access token that automatically expires after 12
hours. To renew the token call the zypper ref -s
command. It is secure to commit these files to a Docker image.
If you want to use a different set of credentials, place a custom
/etc/zypp/credentials.d/SCCcredentials file inside
of the Docker image. It contains the machine credentials that have the
subscription you want to use. The same applies to the
SUSEConnect file: to override the file available on
the host system that is running the Docker container, add a custom
/etc/SUSEConnect file inside of the Docker image.
Now you can create a custom Docker image by using a Dockerfile. If you want to create a custom SLE 12 image, please refer to Section 5.2.1, “Creating a Custom SLE 12 Image”. If you want to create a custom SLE 11 SP3 Docker image, please refer to Section 5.2.2, “Creating a Custom SLE 11 SP3 Image”. In case you would like to move your application to a Docker container, please refer to Chapter 6, Dockerizing Applications.
5.2.1 Creating a Custom SLE 12 Image #
The following Docker file creates a simple Docker image based on SLE 12 SP3:
FROM suse/sles12sp3:latest RUN zypper ref -s RUN zypper -n in vim
When the Docker host machine is registered against an internal SMT server, the Docker image requires the SSL certificate used by SMT:
FROM suse/sles12sp3:latest # Import the crt file of our private SMT server ADD http://smt.test.lan/smt.crt /etc/pki/trust/anchors/smt.crt RUN update-ca-certificates RUN zypper ref -s RUN zypper -n in vim
5.2.2 Creating a Custom SLE 11 SP3 Image #
The following Docker file creates a simple Docker image based on SLE 11 SP4:
FROM suse/sles11sp3:latest RUN zypper ref -s RUN zypper -n in vim
When the Docker host machine is registered against an internal SMT server, the Docker image requires the SSL certificate used by SMT:
FROM suse/sles11sp4:latest # Import the crt file of our private SMT server ADD http://smt.test.lan/smt.crt /etc/ssl/certs/smt.pem RUN c_rehash /etc/ssl/certs RUN zypper ref -s RUN zypper -n in vim
5.2.3 Adding SLE Extensions and Modules to Images #
You may have subscriptions to SLE extensions or modules that you would like to use in your custom image. To add them to the Docker image, proceed as follows:
Procedure 5.1: Adding Extension and Modules #
Add the following into your
Dockerfile:ADD *.repo /etc/zypp/repos.d/ ADD *.service /etc/zypp/services.d RUN zypper refs && zypper refresh
Copy all
.serviceand.repofiles that you will use into the directory where you will build the Docker image from theDockerfile.