07. 07. 2022 Lorenzo Candeago DevOps

How to Use a Host’s Redhat Subscription to Run Containers Using Docker instead of Podman

In NetEye 4.23 we shifted our base containers from CentOS to RedHat Enterprise Linux. Within our NetEye image and container we ship packages that come from RedHat Enterprise Linux’s private repositories and are thus subject to subscription, hence we need a way to be able to use our subscription when building NetEye containers.

RedHat allows you to use a host’s subscription for package installation inside containers out of the box when using podman, but not with other Docker versions.

One of the problems we are facing is that our CI infrastructure is still based on Docker Swarm, which is not supported by podman (although we are currently transitioning our CI to OpenShift).

Following a method not officially supported by RedHat, it’s enough to mount the secrets and certificates directory from the host machine onto the container in the correct location:

docker run -it -v /etc/yum.repos.d/redhat.repo:/run/secrets/redhat.repo:ro  \ 
     -v /etc/pki/entitlement/:/run/secrets/etc-pki-entitlement:ro \
     -v /etc/rhsm/:/run/secrets/rhsm:ro redhat/ubi8 bash

Once inside the container, if we now try to run the subscription-manager we’ll get the same error we would get with podman, meaning that the container is using the host’s subscription.

subscription-manager status
subscription-manager is disabled when running inside a container. Please refer to your host system for subscription management.
Lorenzo Candeago

Lorenzo Candeago

DevOps Engineer at Würth Phoenix

Author

Lorenzo Candeago

DevOps Engineer at Würth Phoenix

Leave a Reply

Your email address will not be published.

Archive