Terraform
Docker Engine Requirements
This topic describes the Docker engine requirements for deploy Terraform Enterprise to Replicated. For information about deploying Terraform Enterprise natively to Docker using Docker Compose, refer to Terraform Enterprise deployment overview. Deploying to Docker natively is faster than Replicated deployments and results in faster startups, reduced resource requirements, and improved security.
Terraform Enterprise requires at least one of the following Docker Engine configurations, in order of preference:
- Docker Engine 23.x - 25.x
Compatibility warning: Terraform Enterprise does not yet support the pre-installed Docker version that comes with Amazon Linux 2023. You must uninstall your Docker version and manually install Docker Engine 24.x to ensure compatibility with Terraform Enterprise.
Docker v20.10 is only supported on Amazon Linux 2. Docker v20.10 is no longer receiving updates from Docker, including security updates. Customers using Amazon Linux 2 are encouraged to move to an operating system that supports Docker 23 or 24. In order run Docker v20.10, you will need one of the following:
New online installations of Terraform Enterprise install a supported version of Docker Engine by default. Alternatively, you can install Docker Engine manually as long as you adhere to the above requirements.
Upgrades to Terraform Enterprise do not upgrade Docker Engine. It is your responsibility to keep Docker Engine up to date within these requirements to ensure stability and security.
Docker Compose Compatibility
Docker Engine comes prepackaged with Docker Compose and compatibility is assessed by meeting the Docker Engine requirements.
# Docker Engine 24.0
docker compose version
Docker Engine With a Compatible runc
Version
Install a supported Docker Engine version.
Install the latest version of
containerd
for your operating system.On Debian/Ubuntu:
sudo apt install containerd
On RHEL/CentOS:
sudo yum install containerd.io
Confirm that the installed
containerd
version is 1.4.9, 1.5.5, or greater.containerd --version
Confirm that the installed
runc
version is v1.0.0-rc93 or greater:runc --version
If your Docker Engine and
runc
versions meet the requirements from previous steps, your system is properly configured. Otherwise, proceed to option 2.
Docker Engine With a Compatible libseccomp
Version
Note: These instructions should only be used if your operating system does not meet the requirements detailed in Docker Engine With a Compatible runc
Version.
Install a supported Docker Engine version.
Install the latest version of
libseccomp
for your operating system.On Debian/Ubuntu:
sudo apt install libseccomp2
On RHEL/CentOS:
sudo yum install libseccomp
Confirm that the installed
libseccomp
version is 2.4.4 or greater.runc --version
If your Docker Engine and
libseccomp
versions meet the requirements from previous steps, your system is properly configured. Otherwise, proceed to option 3.
Docker Engine Using a Modified libseccomp
Profile
Note: These instructions should only be used if your operating system does not meet the requirements detailed in either Docker Engine With a Compatible runc
Version or Docker Engine With a Compatible libseccomp
Version.
Install a supported Docker Engine version.
Check if the file
/etc/docker/seccomp.json
exists. If it does, proceed to step 4.Download the default moby
libseccomp
profile and save it to the file/etc/docker/seccomp.json
.sudo curl -L -o /etc/docker/seccomp.json \ https://raw.githubusercontent.com/moby/moby/master/profiles/seccomp/default.json
In the
/etc/docker/seccomp.json
file, change"defaultAction": "SCMP_ACT_ERRNO",
to"defaultAction": "SCMP_ACT_TRACE",
.sudo sed -i 's/"defaultAction":\s*"SCMP_ACT_ERRNO"/"defaultAction": "SCMP_ACT_TRACE"/1' /etc/docker/seccomp.json