Red Hat
May 21, 2015
by Thomas Qvarnström
Containers are great and will change how we develop and deliver software. There are however also some criticism against containers that it isn’t secure and stable enough to run in products etc.

With the launch of Red Hat Enterprise Linux 7.1 and Red Hat Atomic enterprises and organisations can embrace innovations from this new trend without sacrificing security, stability and performance.

What is Red Hat CDK?

CDK is an abbreviation for Container Development Kit which enables developers to use Red Hat Atomic on their Desktop regardless if they are running Microsoft Windows®, Mac OS X® or another Linux distributions. Similar as boot2docker, CDK makes use of a virtual machine to boot a small host, which can run containers based on Red Hat Enterprise Linux.


  • Red Hat subscription - To install Red Hat CDK you will have to have a an active Red Hat Enterprise Linux subscription, if you don’t have an active subscription you can request and eval here.
  • VirtualBox (Mac/Windows) or virt-manager (Linux)
    • VirtualBox can be downloaded from
    • I recommend the latest stable version of VirtualBox, which at the time of writing this is 4.3.28. 
  • Vagrant
    • Vagrant can be downloaded from
    • I recommend the latest stable version, which at the time of writing this is 1.7.2
Download the following from the Red Hat Customer Portal.
  1. Red Hat Container Tools
  2. Red Hat Atomic Vagrant box for VirtualBox or Red Hat Atomic Vagrant box for libvirt.

Install the Red Hat Container Development Kit

Note: You need to have your virtualization environment and Vagrant installed before

Unzip the file you downloaded in your home directory. This should create ~/cdk (/Users/username/cdk)
$ unzip -d $HOME ~/Downloads/

Install additional Vagrant plugins for using Red Hat Vagrant boxes. The installation of the first plugin make take several minutes Vagrant may install some additional gem files as needed.
$ cd ~/cdk/plugins
$ vagrant plugin install vagrant-registration-0.0.8.gem
$ vagrant plugin install vagrant-atomic-0.0.3.gem

Verify the plugins are installed:
$ vagrant plugin list
vagrant-atomic (0.0.3)
- Version Constraint: 0.0.3
vagrant-registration (0.0.8)
- Version Constraint: 0.0.8

Add RHEL Atomic box to Vagrant:
$ vagrant box add --name rhel-atomic-7 ~/Downloads/

Start the Atomic host

Create a working directory for docker files
$ mkdir ~/containers && cd ~/containers
Create a working directory for containers and initiate vagrant
$ mkdir containers && cd containers
$ vagrant init -m
A `Vagrantfile` has been placed in this directory. You are now
ready to `vagrant up` your first virtual environment! Please read
the comments in the Vagrantfile as well as documentation on
`` for more information on using Vagrant.
This step will create a simple Vagrantfile. Open the Vagrant file and change the configuration as below:
Vagrant.configure(2) do |config| = "rhel-atomic-7"
config.vm.hostname = "rhel-atomic-7-docker-host"

config.vm.provider "virtualbox" do |vb|
vb.customize ["modifyvm", :id, "--cpuexecutioncap", "50"]
vb.memory = 4096

config.vm.provision "shell", inline: <<-SHELL
sudo systemctl stop docker > /dev/null 2>&1
sudo groupadd docker > /dev/null 2>&1
sudo usermod -a -G docker vagrant
sudo chown root:docker /var/run/docker.sock
sudo systemctl enable docker && sudo systemctl start docker
We are now ready to start the container. During the creation of the machine you will be prompted if you would like to register the system. Answer "Y" and then when prompted give your username and password for your RHN (Red Hat Network) account.
$ vagrant up
Bringing machine 'default' up with 'virtualbox' provider...
==> default: Importing base box 'rhel-atomic-7'...
==> default: Matching MAC address for NAT networking...
==> default: Setting the name of the VM: containers_default_1432213616739_95846
==> default: Clearing any previously set network interfaces...
==> default: Preparing network interfaces based on configuration...
default: Adapter 1: nat
==> default: Forwarding ports...
default: 22 => 2222 (adapter 1)
==> default: Running 'pre-boot' VM customizations...
==> default: Booting VM...
==> default: Waiting for machine to boot. This may take a few minutes...
default: SSH address:
default: SSH username: vagrant
default: SSH auth method: private key
default: Warning: Connection timeout. Retrying...
default: Vagrant insecure key detected. Vagrant will automatically replace
default: this with a newly generated keypair for better security.
default: Inserting generated public key within guest...
default: Removing insecure key from the guest if its present...
default: Key inserted! Disconnecting and reconnecting using new SSH key...
==> default: Machine booted and ready!
==> default: Checking for guest additions in VM...
default: No guest additions were detected on the base box for this VM! Guest
default: additions are required for forwarded ports, shared folders, host only
default: networking, and more. If SSH fails on this machine, please install
default: the guest additions and repackage the box to continue.
default: This is not an error message; everything may continue to work properly,
default: in which case you may ignore this message.
==> default: Setting hostname...
==> default: Registering box with vagrant-registration...
default: Would you like to register the system now (default: yes)? [y|n] y
default: Subscriber username: <your-rhn-username>
default: Subscriber password: <password>
==> default: Rsyncing folder: /Users/tqvarnst/containers/ => /home/vagrant/sync
==> default: Running provisioner: shell...
default: Running: inline script

Test your installation

$ vagrant ssh
[vagrant@rhel-atomic-7-docker-host ~]$ docker ps
[vagrant@rhel-atomic-7-docker-host ~]$ docker run -it rhel7.1 bash
Unable to find image 'rhel7.1:latest' locally
Pulling repository
10acc31def5d: Download complete
Status: Downloaded newer image for
[root@ead3774c2b84 /]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.1 (Maipo)
[root@ead3774c2b84 /]#
Press CTRL-P + CTRL-Q to escape the container
[vagrant@rhel-atomic-7-docker-host ~]$ docker ps
ead3774c2b84 "bash" About a minute ago Up About a minute focused_rosalind
Stop and delete the container
[vagrant@rhel-atomic-7-docker-host ~]$ docker stop $(docker ps -q)
[vagrant@rhel-atomic-7-docker-host ~]$ docker rm $(docker ps -aq)

Additional Resources and next steps


By following this guide you should have a working environment for using docker containers based on Red Hat Enterprise Linux 7.1 even if you are using Mac OS X®, Microsoft Windows® or another Linux distribution.


A special thanks goes to Pete Muir for the support and help with Vagrant setup.
Original Post