Docker

From MTU LUG Wiki
Revision as of 15:43, 28 July 2024 by Allennova (talk | contribs) (Updates)
Jump to navigation Jump to search

Docker is a container solution for any operating system. Docker containers can run as a user, allowing for rootful and rootless containers, allowing for more security.

Concepts:

Images - A built software on top of a slim operating system, made into a prebuilt image ready for download

Containers - running images configured with system storage volumes, environment variables, tags and an image (with an optional version)

Volumes - internal storage passed through from host machine files and folders.

Environment variables - static settings for the container.

Installation

Debian 12 install:

sudo apt-get update && sudo apt-get upgrade && sudo apt-get dist-upgrade
sudo apt-get install docker docker-compose
sudo systemctl enable docker
sudo systemctl start docker

Fully update the system, install docker and docker compose and enable related services.

Common Docker Commands:

Keep in mind what permission level you are running containers in. Rootful containers will need sudo level permissions.

docker --help

Lists docker's commands and syntax.

docker container --help
docker container ls
docker container ls -a

Specifies we are working with containers, --help lists every action. ls lists all containers the user is running. -a lists all containers for the user.

docker container stop (container_name)
docker container restart (container_name)
docker container kill (container_name)
docker container logs (container_name)
docker container rm -f (container_name)

Stop, restart, and kill a container. Logs prints the logs in terminal. rm deletes the container from docker, -f force removing.

Docker Compose:

Compose simplifies docker down to files instead of commands, allows for full stacks to be built in a single file. Docker can then pull all images specified and build the container accordingly with one command.

Regular docker command:

sudo docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest

Sudo is ran as the Portainer container is privileged as it binds to docker.sock . -d runs the container in the background, -p specifies a port, --restart defines the restart policy, see above. -v defines a volume, can also define a file to be passed in. The image is defined at the end. Create a folder for Portainer to live in ~/Portainer and create docker-compose.yaml:

mkdir Portainer
cd Portainer
touch docker-compose.yaml
nano docker-compose.yaml
services:
  portainer:
    image: portainer/portainer-ce:latest
    container_name: portainer
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /Path/To/portainer_data:/data
    ports:
      - 8000:8000
      - 9443:9443
    restart: always

Pull the listed images from docker's repositories and run the services listed:

sudo docker-compose pull
sudo docker-compose up -d

Sudo is used here as Portainer binds to docker.sock. -d runs the compose container(s) in the background.

Common NAS stack inside docker example

Docker compose will be used, all containers (that are separate services, databases and libraries excluded) will be in separate docker-compose.yaml files.

Docker will expose host ports