I have installed docker-18.09.1.tgz in RedHat 7.3

'# cd /tmp
'# tar xvzf docker-18.09.1.tgz
'# chown -R docker:docker docker
'# cd docker
'# cp -p * /usr/bin
'# mkdir /var/lib/docker
'# chown -R docker:docker /var/lib/docker
'# su - docker
'$ dockerd &
Failed to load listeners: can’t create unix socket /var/run/docker.sock: chown /var/run/docker.sock: operation not permitted

I have tried to create docker.sock by user docker…
'# su - docker
'$ touch /var/run/docker.sock

'$ ll /var/run/docker.sock
-rw-rw-r–. docker docker 0 Jan 331 18:27 /var/run/docker.sock

How can I run dockerd by user ‘docker’?

From the url: https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface, it said…

‘Running containers (and applications) with Docker implies running the Docker daemon. This daemon currently requires root privileges, and you should therefore be aware of some important details.’

That means if I want to run dockerd by user other than root, I must assign another user who should have the ‘root’ privilege!

So what is the difference between running docker daemon as root or another user with root privileges?

You are not installing Docker in a supported way and I’m not sure how you “built” the installation bits in the docker-18.09.1.tgz file shown in this post. And I’m thinking that docker-18.09.1.tgz file contains Docker Community Edition which is not supported on RHEL. RHEL requires Docker Enterprise Edition which you will need to purchase -> https://hub.docker.com/search?q=&type=edition&offering=enterprise

If you can substitute CentOS instead of RHEL, then you can install Docker Community Edition on CentOS with a simple 1 line command: curl --silent -SL https://get.docker.com/ | sh

I followed the following instructions to install the docker binary version, under the section, ‘Install static binaries’:

After installing docker using ‘curl’, can you run dockerd by user other than root? Or on the best practice, should we run dockerd by root?

The docker daemon dockerd has to run as the root user on Linux.
Non root users can “manage” docker if they are added to the Linux docker group.

I was able to install Docker CE 18.09.1 on a RHEL 7.6 virtual machine using the binaries installation -> https://docs.docker.com/install/linux/docker-ce/binaries/

See below.

Download the Linux binaries

🐳  gforghetti@172.28.128.6:[~] $ curl -O https://download.docker.com/linux/static/stable/x86_64/docker-18.09.1.tgz
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 45.7M  100 45.7M    0     0  28.3M      0  0:00:01  0:00:01 --:--:-- 28.3M

Extract the archive file directly into /usr/bin

🐳  gforghetti@172.28.128.6:[~] $ sudo tar zxvf docker-18.09.1.tgz --strip 1 -C /usr/bin
docker/ctr
docker/containerd-shim
docker/containerd
docker/docker-proxy
docker/docker
docker/dockerd
docker/runc
docker/docker-init
🐳  gforghetti@172.28.128.6:[~] $ ls -la /usr/bin/dockerd
-rwxr-xr-x. 1 vagrant vagrant 54320560 Jan  9 14:43 /usr/bin/dockerd

Manually start the docker daemon dockerd as a background process.

🐳  gforghetti@172.28.128.6:[~] $ sudo dockerd &
[1] 13024
🐳  gforghetti@172.28.128.6:[~] $ INFO[2019-02-01T08:46:54.875504850-05:00] libcontainerd: started new containerd process  pid=13034
INFO[2019-02-01T08:46:54.875620451-05:00] parsed scheme: "unix"                         module=grpc
---- I suppressed some output -----
INFO[2019-02-01T08:46:55.416618615-05:00] Docker daemon                                 commit=4c52b90 graphdriver(s)=overlay2 version=18.09.1
INFO[2019-02-01T08:46:55.417090393-05:00] Daemon has completed initialization
INFO[2019-02-01T08:46:55.435200545-05:00] API listen on /var/run/docker.sock

Verify that docker is up and running and you can manage it as root (sudo).

🐳  gforghetti@172.28.128.6:[~] $ sudo docker version
Client: Docker Engine - Community
 Version:           18.09.1
 API version:       1.39
 Go version:        go1.10.6
 Git commit:        4c52b90
 Built:             Wed Jan  9 19:33:22 2019
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          18.09.1
  API version:      1.39 (minimum version 1.12)
  Go version:       go1.10.6
  Git commit:       4c52b90
  Built:            Wed Jan  9 19:41:57 2019
  OS/Arch:          linux/amd64
  Experimental:     false

Create a docker group and add my user to that group.

🐳  gforghetti@172.28.128.6:[~] $ sudo groupadd docker
🐳  gforghetti@172.28.128.6:[~] $ sudo usermod -aG docker $USER
🐳  gforghetti@172.28.128.6:[~] $ exit

Logged out and came back in.

My user is now able to use the docker cli and manage docker.

🐳  gforghetti@172.28.128.6:[~] $ docker version
Client: Docker Engine - Community
 Version:           18.09.1
 API version:       1.39
 Go version:        go1.10.6
 Git commit:        4c52b90
 Built:             Wed Jan  9 19:33:22 2019
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          18.09.1
  API version:      1.39 (minimum version 1.12)
  Go version:       go1.10.6
  Git commit:       4c52b90
  Built:            Wed Jan  9 19:41:57 2019
  OS/Arch:          linux/amd64
  Experimental:     false