Supported tags and respective
The CentOS Project
Supported Docker versions:
the latest release (down to 1.6 on a best-effort basis)
CentOS Linux is a community-supported distribution derived from sources freely provided to the public by Red Hat for Red Hat Enterprise Linux (RHEL). As such, CentOS Linux aims to be functionally compatible with RHEL. The CentOS Project mainly changes packages to remove upstream vendor branding and artwork. CentOS Linux is no-cost and free to redistribute. Each CentOS Linux version is maintained for up to 10 years (by means of security updates -- the duration of the support interval by Red Hat has varied over time with respect to Sources released). A new CentOS Linux version is released approximately every 2 years and each CentOS Linux version is periodically updated (roughly every 6 months) to support newer hardware. This results in a secure, low-maintenance, reliable, predictable, and reproducible Linux environment.
CentOS image documentation
centos:latest tag is always the most recent version currently available.
The CentOS Project offers regularly updated images for all active releases. These images will be updated monthly or as needed for emergency fixes. These rolling updates are tagged with the major version number only. For example:
docker pull centos:6 or
docker pull centos:7
Additionally, images with minor version tags that correspond to install media are also offered. These images DO NOT recieve updates as they are intended to match installation iso contents. If you choose to use these images it is highly recommended that you include
RUN yum -y update && yum clean all in your Dockerfile, or otherwise address any potential security concerns. To use these images, please specify the minor version tag:
docker pull centos:5.11 or
docker pull centos:6.6
Overlayfs and yum
Recent Docker versions support the overlayfs backend, which is enabled by default on most distros supporting it from Docker 1.13 onwards. On Centos 6 and 7, that backend requires yum-plugin-ovl to be installed and enabled; while it is installed by default in recent centos images, make it sure you retain the
plugins=1 option in
/etc/yum.conf if you update that file; otherwise, you may encounter errors related to rpmdb checksum failure - see Docker ticket 10180 for more details.
By default, the CentOS containers are built using yum's
nodocs option, which helps reduce the size of the image. If you install a package and discover files missing, please comment out the line
/etc/yum.conf and reinstall your package.
Systemd is now included in both the centos:7 and centos:latest base containers, but it is not active by default. In order to use systemd, you will need to include text similar to the example Dockerfile below:
Dockerfile for systemd base image
FROM centos:7 ENV container docker RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == \ systemd-tmpfiles-setup.service ] || rm -f $i; done); \ rm -f /lib/systemd/system/multi-user.target.wants/*;\ rm -f /etc/systemd/system/*.wants/*;\ rm -f /lib/systemd/system/local-fs.target.wants/*; \ rm -f /lib/systemd/system/sockets.target.wants/*udev*; \ rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ rm -f /lib/systemd/system/basic.target.wants/*;\ rm -f /lib/systemd/system/anaconda.target.wants/*; VOLUME [ "/sys/fs/cgroup" ] CMD ["/usr/sbin/init"]
This Dockerfile deletes a number of unit files which might cause issues. From here, you are ready to build your base image.
$ docker build --rm -t local/c7-systemd .
Example systemd enabled app container
In order to use the systemd enabled base container created above, you will need to create your
Dockerfile similar to the one below.
FROM local/c7-systemd RUN yum -y install httpd; yum clean all; systemctl enable httpd.service EXPOSE 80 CMD ["/usr/sbin/init"]
Build this image:
$ docker build --rm -t local/c7-systemd-httpd .
Running a systemd enabled app container
In order to run a container with systemd, you will need to mount the cgroups volumes from the host. Below is an example command that will run the systemd enabled httpd container created earlier.
$ docker run -ti -v /sys/fs/cgroup:/sys/fs/cgroup:ro -p 80:80 local/c7-systemd-httpd
This container is running with systemd in a limited context, with the cgroups filesystem mounted. There have been reports that if you're using an Ubuntu host, you will need to add
-v /tmp/$(mktemp -d):/run in addition to the cgroups mount.
View license information for the software contained in this image.
As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained).
Some additional license information which was able to be auto-detected might be found in the
As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within.