Docker: Difference between revisions

From MTU LUG Wiki
Jump to navigation Jump to search
No edit summary
(Added NAS stuff, cleanup.)
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
Docker is a container solution for any operating system. Docker containers can run as a user, allowing for rootful and rootless containers, allowing for more security.
Docker is a container solution for any operating system. Docker containers can run as a user, allowing for rootful and rootless containers, allowing for more security.


Concepts:
== Concepts: ==
Images - A built software on top of a slim operating system, made into a prebuilt image ready for download
Images - A built software on top of a slim operating system, made into a prebuilt image ready for download


Line 10: Line 10:
Environment variables - static settings for the container.
Environment variables - static settings for the container.


== Installation ==
Debian 12 installation:
Debian 12 install:<syntaxhighlight lang="bash" line="1">
sudo apt-get update && sudo apt-get upgrade && sudo apt-get dist-upgrade
sudo apt-get install docker docker-compose
sudo systemctl enable docker
sudo systemctl start docker
</syntaxhighlight>Fully update the system, install docker and docker compose and enable related services.


== Common Docker Commands: ==
sudo apt-get update
Keep in mind what permission level you are running containers in. Rootful containers will need sudo level permissions.<syntaxhighlight lang="bash">
docker --help
</syntaxhighlight>Lists docker's commands and syntax.<syntaxhighlight lang="bash">
docker container --help
docker container ls
docker container ls -a
</syntaxhighlight>Specifies we are working with containers, --help lists every action. ls lists all containers the user is running. -a lists all containers for the user.<syntaxhighlight lang="bash">
docker container stop (container_name)
docker container restart (container_name)
docker container kill (container_name)
docker container logs (container_name)
docker container rm -f (container_name)
</syntaxhighlight>Stop, restart, and kill a container. Logs prints the logs in terminal. rm deletes the container from docker, -f force removing.


== Docker Compose: ==
sudo apt-get install docker docker-compose
Compose simplifies docker down to files instead of commands, allows for full stacks to be built in a single file. Docker can then pull all images specified and build the container accordingly with one command.


Regular docker command:<syntaxhighlight lang="bash" line="1" start="0">
sudo docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest
</syntaxhighlight>Sudo is ran as the Portainer container is privileged as it binds to docker.sock . -d runs the container in the background, -p specifies a port, --restart defines the restart policy, see above. -v defines a volume, can also define a file to be passed in. The image is defined at the end.


Create a folder for Portainer to live in ~/Portainer and create docker-compose.yaml:<syntaxhighlight lang="bash">
Common Docker Commands:
mkdir Portainer
cd Portainer
touch docker-compose.yaml
nano docker-compose.yaml
</syntaxhighlight><syntaxhighlight lang="yaml" line="1">
services:
portainer:
image: portainer/portainer-ce:latest
container_name: portainer
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /Path/To/portainer_data:/data
ports:
- 8000:8000
- 9443:9443
restart: always
</syntaxhighlight>Pull the listed images from docker's repositories and run the services listed: <syntaxhighlight lang="bash">
sudo docker-compose pull
sudo docker-compose up -d
</syntaxhighlight>Sudo is used here as Portainer binds to docker.sock. -d runs the compose container(s) in the background.


== Common NAS stack inside docker example ==
Keep in mind what permission level you are running containers in. Rootful containers will need sudo level permissions.
Docker compose will be used, all containers (that are separate services, databases and libraries excluded) will be in separate docker-compose.yaml files.


Docker will expose host ports listed to all interfaces by default, you can bind via the following:<syntaxhighlight lang="bash">
docker container --help
-p 127.0.0.1:80:80
</syntaxhighlight><syntaxhighlight lang="yaml">
ports:
- 127.0.0.1:80:80
</syntaxhighlight>We will be installing the following:


[https://github.com/qdm12/gluetun Gluetun] - VPN client. Supports providers, openvpn, wireguard, DNS over TLS, etc.
docker container ls

[https://deluge-torrent.org/ Deluge] - Torrent client, subsitiute with any.

[https://sonarr.tv/ Sonarr] - TV/Anime organizer. Sorts, requests, renames and tells plex when media is imported.

[https://radarr.video/ Radarr] - Movie organizer. Sorts, requests, renames and tells plex when media is imported.

[https://prowlarr.com/ Prowlarr] - One stop shop for indexers. *arr requests torrents from this. (Alternitive: [https://github.com/Jackett/Jackett Jackett])

[https://www.plex.tv/ Plex] - Serve the media we grab.

Every service will be in its own docker-compose.yaml file, and in its own folder. All docker folders will be contained in /opt/.<syntaxhighlight lang="bash">
sudo apt-get update && sudo apt-get upgrade && sudo apt-get dist-upgrade
sudo apt-get install docker docker-compose
sudo systemctl start docker && sudo systemctl enable docker
sudo mkdir /opt/docker
cd /opt/docker
sudo mkdir gluetun deluge sonarr radarr prowlarr plex
</syntaxhighlight>Update the system, install and enable docker/docker compose, create a docker folder in opt and subfolders for every service.


== Plex ==
docker container kill
https://github.com/plexinc/pms-docker


Plex's official docker page does not have compose files, so ill hand convert the host networking command:<syntaxhighlight lang="bash">
docker container logs
docker run -d --name plex --network=host -e TZ="<timezone>" -e PLEX_CLAIM="<claimToken>" -v <path/to/plex/database>:/config -v <path/to/transcode/temp>:/transcode -v <path/to/media>:/data plexinc/pms-docker
</syntaxhighlight><syntaxhighlight lang="yaml">
services:
plex:
image: plexinc/pms-docker
container_name: plex
network_mode: host
environment:
- TZ=America/Detroit
- PLEX_CLAIM="<claimToken>"
volumes:
~/database:/config
~/temp:/transcode
:/media:/data
restart: unless-stopped
</syntaxhighlight>


== Gluetun ==
Docker Compose:


== Deluge ==
simplifies docker down to files instead of commands, allows for full stacks to be built in a single file. Docker can then pull all images specified and build the container accordingly with one command.


== Prowlarr ==
regular docker command:


== Sonarr ==
'''docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest'''


== Radarr ==
docker compose:

Latest revision as of 18:05, 28 July 2024

Docker is a container solution for any operating system. Docker containers can run as a user, allowing for rootful and rootless containers, allowing for more security.

Concepts:

Images - A built software on top of a slim operating system, made into a prebuilt image ready for download

Containers - running images configured with system storage volumes, environment variables, tags and an image (with an optional version)

Volumes - internal storage passed through from host machine files and folders.

Environment variables - static settings for the container.

Installation

Debian 12 install:

sudo apt-get update && sudo apt-get upgrade && sudo apt-get dist-upgrade
sudo apt-get install docker docker-compose
sudo systemctl enable docker
sudo systemctl start docker

Fully update the system, install docker and docker compose and enable related services.

Common Docker Commands:

Keep in mind what permission level you are running containers in. Rootful containers will need sudo level permissions.

docker --help

Lists docker's commands and syntax.

docker container --help
docker container ls
docker container ls -a

Specifies we are working with containers, --help lists every action. ls lists all containers the user is running. -a lists all containers for the user.

docker container stop (container_name)
docker container restart (container_name)
docker container kill (container_name)
docker container logs (container_name)
docker container rm -f (container_name)

Stop, restart, and kill a container. Logs prints the logs in terminal. rm deletes the container from docker, -f force removing.

Docker Compose:

Compose simplifies docker down to files instead of commands, allows for full stacks to be built in a single file. Docker can then pull all images specified and build the container accordingly with one command.

Regular docker command:

sudo docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest

Sudo is ran as the Portainer container is privileged as it binds to docker.sock . -d runs the container in the background, -p specifies a port, --restart defines the restart policy, see above. -v defines a volume, can also define a file to be passed in. The image is defined at the end. Create a folder for Portainer to live in ~/Portainer and create docker-compose.yaml:

mkdir Portainer
cd Portainer
touch docker-compose.yaml
nano docker-compose.yaml
services:
  portainer:
    image: portainer/portainer-ce:latest
    container_name: portainer
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /Path/To/portainer_data:/data
    ports:
      - 8000:8000
      - 9443:9443
    restart: always

Pull the listed images from docker's repositories and run the services listed:

sudo docker-compose pull
sudo docker-compose up -d

Sudo is used here as Portainer binds to docker.sock. -d runs the compose container(s) in the background.

Common NAS stack inside docker example

Docker compose will be used, all containers (that are separate services, databases and libraries excluded) will be in separate docker-compose.yaml files.

Docker will expose host ports listed to all interfaces by default, you can bind via the following:

-p 127.0.0.1:80:80
ports:
  - 127.0.0.1:80:80

We will be installing the following:

Gluetun - VPN client. Supports providers, openvpn, wireguard, DNS over TLS, etc.

Deluge - Torrent client, subsitiute with any.

Sonarr - TV/Anime organizer. Sorts, requests, renames and tells plex when media is imported.

Radarr - Movie organizer. Sorts, requests, renames and tells plex when media is imported.

Prowlarr - One stop shop for indexers. *arr requests torrents from this. (Alternitive: Jackett)

Plex - Serve the media we grab.

Every service will be in its own docker-compose.yaml file, and in its own folder. All docker folders will be contained in /opt/.

sudo apt-get update && sudo apt-get upgrade && sudo apt-get dist-upgrade
sudo apt-get install docker docker-compose
sudo systemctl start docker && sudo systemctl enable docker
sudo mkdir /opt/docker
cd /opt/docker
sudo mkdir gluetun deluge sonarr radarr prowlarr plex

Update the system, install and enable docker/docker compose, create a docker folder in opt and subfolders for every service.

Plex

https://github.com/plexinc/pms-docker

Plex's official docker page does not have compose files, so ill hand convert the host networking command:

docker run -d --name plex --network=host -e TZ="<timezone>" -e PLEX_CLAIM="<claimToken>" -v <path/to/plex/database>:/config -v <path/to/transcode/temp>:/transcode -v <path/to/media>:/data plexinc/pms-docker
services:
  plex:
    image: plexinc/pms-docker
    container_name: plex
    network_mode: host
    environment:
      - TZ=America/Detroit
      - PLEX_CLAIM="<claimToken>"
    volumes:
      ~/database:/config
      ~/temp:/transcode 
      :/media:/data
    restart: unless-stopped

Gluetun

Deluge

Prowlarr

Sonarr

Radarr