Running RHEL Docker Containers in Ubuntu (or other non-RHEL)

My home server runs Ubuntu 22.04. I do a lot of RHEL development at work. Naturally I would like to have a more diverse environment at home.

If you use Red Hat’s UBI (universal base image), you get free access to a reasonable subset of what is available from a RHEL subscription.

If the UBI subset fits your needs, that’s great. However, in the process of setting up a RHEL 9 container to host this very WordPress blog, I found some packages that WordPress suggested I install were missing. I noticed when I was trying to install the PHP ImageMagick plugin from EPEL that it had a dependency on graphviz. graphviz is available in RHEL but not available in the UBI subset. Dang.

I have a free RHEL developer subscription, however, actually subscribing a UBI image to a RHEL subscription is somewhat tricky if you aren’t running the container on a RHEL host.

If you run your container on a RHEL host, RHEL’s clone of docker, podman, will (to my understanding) bind-mount the host’s subscription certificates into the container, allowing the container to inherit the host’s subscription without having to register the container as a separate instance and consuming a subscription.

To make this work on Ubuntu, one cannot simply just do a “subscription-manager register”:

subscription-manager is disabled when running inside a container. Please refer to your host system for subscription management.

But my host system is Ubuntu!

Red Hat seems to prefer stability over compatibility so they prefer to not support containers running on non-RHEL container runtimes, hence they make it difficult to put a RHEL subscription into a container running on a non-RHEL runtime host.

I found this article: https://access.redhat.com/discussions/5889431

Apparently the simplest thing to do is run this sed one-liner from a user in that discussion to modify the Python code that checks if the container is running on a RHEL host to always convince it that it’s not in a container:

sed -i 's/\(def in_container():\)/\1\n    return False/g' /usr/lib64/python*/*-packages/rhsm/config.py

Note that this is fine if you’re putting this kind of container into a test / dev / lab environment, but not a good idea to make it “production” because it’s not supported and support will turn you away if you try to open a case on such a container.

However it is working fine for my home lab use case and I am happy to have it as a way to “broaden my horizons” so to speak.

Leave a Reply

Your email address will not be published. Required fields are marked *