Prepare for the CoreOS container

Before you set up the authentication, privilege elevation, and audit and monitoring services functionality within a CoreOS container, make sure that you’ve done the following:

  • Installed Centrify Authentication Service, Privilege Elevation Service, and Audit & Monitoring Service on the CoreOS host computer
  • Joined the CoreOS host computer to a zone
  • Gathered the required container files:
    • For Ubuntu containers: dockerfile.ubuntu.dc and ubuntu_startup.sh
    • For CentOS containers: dockerfile.centos.dc and centrify.repo

The procedures that follow assume that you will be creating new containers and not working with existing containers.

To prepare for the CoreOS container:

  1. Login to the CoreOS host using an account that can run docker commands and can run sudo commands as root (for example, docker).
  2. Run the following commands to set up a sandbox environment:

    • If you want to enable only DirectControl inside of the CoreOS container:

      mkdir  ~/sandbox
      cd ~/sandbox
      sudo tar -cvf docker.copy.tar /etc/centrifydc /etc/krb5*
    • If you want to enable both DirectControl and DirectAudit functionality inside of the CoreOS container:

      mkdir  ~/sandbox
      cd ~/sandbox
      sudo tar -cvf docker.copy.tar /etc/centrifydc /etc/centrifyda /etc/krb5*
  3. Next, proceed to the section that corresponds to the type of CoreOS container that you want to set up: