Docker Installation
https://docs.docker.com/engine/install/
If you follow Docker's official documentation, you'll see that there are installation instructions per Linux distribution, with step-by-step instructions for each one.
Let's be clear about one thing: there's a very easy installation script, but it should only be used in test or development environments; it's not recommended to use this script in production. It downloads the script and runs it directly in the specified shell, in this case bash.
Test the installation with the convenience script on the master machine, for example.
vagrant ssh master to enter the master machine and execute the command below
# Convenience script (development/test only)
curl -fsSL https://get.docker.com | sh
sudo curl -fsSL https://get.docker.com | bash
sudo systemctl start docker
sudo systemctl enable docker
sudo usermod -aG docker vagrant
Check the output with the command
vagrant@worker1:~$ docker system info
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Docker Buildx (Docker Inc., v0.8.2-docker)
compose: Docker Compose (Docker Inc., v2.6.0)
scan: Docker Scan (Docker Inc., v0.17.0)
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 20.10.17
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc io.containerd.runc.v2 io.containerd.runtime.v1.linux
Default Runtime: runc
Init Binary: docker-init
containerd version: 10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1
runc version: v1.1.2-0-ga916309
init version: de40ad0
Security Options:
apparmor
seccomp
Profile: default
Kernel Version: 5.4.0-120-generic
Operating System: Ubuntu 20.04.4 LTS
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 976.6MiB
Name: worker1.docker-dca.example
ID: 5ACX:CQ4L:GD3H:LRFV:NM2J:FVJQ:RA2C:NA3W:WWZE:NSXI:TTTZ:VJ53
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
WARNING: No swap limit support
vagrant@worker1:~$
On Ubuntu​
https://docs.docker.com/engine/install/ubuntu/
Test the installation on the Ubuntu machine as it should be done in a production environment
vagrant ssh worker1 to enter the worker1 machine and execute the command below
sudo apt-get update
sudo apt-get install \
ca-certificates \
curl \
gnupg \
lsb-release
Let's add the Docker repository key to download packages directly from there and then add the repository
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
After that, it's necessary to update the repository and install Docker, Docker CLI, and containerd.
What is containerd? Containerd is a graduated project at CNCF. It's a container runtime used by Docker itself to create its containers. It's one of the mandatory installation packages for Docker as well as for several others.
What we can understand here is that Docker is a container manager, not an orchestrator, and needs a runtime.
Would it be possible to install only containerd and have container support? Yes. If we install Kubernetes, we don't need to install Docker completely, only the runtime.
# Official Docker package installation
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
Could we install directly via apt-get install docker from Ubuntu's repository? Yes, you can, but is it correct? NO. So if they ask on the exam, you already know... it shouldn't be done that way.
On Red Hat and CentOS​
https://docs.docker.com/engine/install/centos/
epel-release is not necessary, but it's good, as they are essential OS packages.
sudo yum install yum-utils epel-release -y
If it's CentOS
sudo yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
If it's Red Hat
sudo yum-config-manager \
--add-repo \
https://download.docker.com/linux/rhel/docker-ce.repo
# Docker installation on CentOS/Red Hat
sudo yum install docker-ce docker-ce-cli containerd.io docker-compose-plugin -y
# Start Docker service
sudo systemctl start docker
... notice that it's not very different, only the process of adding repositories and the installation command
Continuation​
It's necessary for the user to have permission to run Docker commands without using sudo.
# Add user to docker group
sudo usermod -aG docker $USER
# Enable and start Docker service
sudo systemctl enable docker
sudo systemctl start docker
Parameterization​
https://docs.docker.com/config/daemon/ https://docs.docker.com/engine/reference/commandline/dockerd/
Docker daemon parameterization should be done in the file
- Linux: /etc/docker/daemon.json
- Windows: C:\ProgramData\docker\config\daemon.json
These files are not created by default, you need to create them.
All parameterization requires the daemon to be reloaded
# Reload daemon after changes
sudo systemctl daemon-reload
The Docker daemon persists all its data inside
- Linux: /var/lib/docker
- Windows: C:\ProgramData\docker
Below is a configuration showing everything that can be changed. It's just an example.
{
"allow-nondistributable-artifacts": [],
"api-cors-header": "",
"authorization-plugins": [],
"bip": "",
"bridge": "",
"cgroup-parent": "",
"cluster-advertise": "",
"cluster-store": "",
"cluster-store-opts": {},
"containerd": "/run/containerd/containerd.sock",
"containerd-namespace": "docker",
"containerd-plugin-namespace": "docker-plugins",
"data-root": "",
"debug": true,
"default-address-pools": [
{
"base": "172.30.0.0/16",
"size": 24
},
{
"base": "172.31.0.0/16",
"size": 24
}
],
"default-cgroupns-mode": "private",
"default-gateway": "",
"default-gateway-v6": "",
"default-runtime": "runc",
"default-shm-size": "64M",
"default-ulimits": {
"nofile": {
"Hard": 64000,
"Name": "nofile",
"Soft": 64000
}
},
"dns": [],
"dns-opts": [],
"dns-search": [],
"exec-opts": [],
"exec-root": "",
"experimental": false,
"features": {},
"fixed-cidr": "",
"fixed-cidr-v6": "",
"group": "",
"hosts": [],
"icc": false,
"init": false,
"init-path": "/usr/libexec/docker-init",
"insecure-registries": [],
"ip": "0.0.0.0",
"ip-forward": false,
"ip-masq": false,
"iptables": false,
"ip6tables": false,
"ipv6": false,
"labels": [],
"live-restore": true,
"log-driver": "json-file",
"log-level": "",
"log-opts": {
"cache-disabled": "false",
"cache-max-file": "5",
"cache-max-size": "20m",
"cache-compress": "true",
"env": "os,customer",
"labels": "somelabel",
"max-file": "5",
"max-size": "10m"
},
"max-concurrent-downloads": 3,
"max-concurrent-uploads": 5,
"max-download-attempts": 5,
"mtu": 0,
"no-new-privileges": false,
"node-generic-resources": [
"NVIDIA-GPU=UUID1",
"NVIDIA-GPU=UUID2"
],
"oom-score-adjust": -500,
"pidfile": "",
"raw-logs": false,
"registry-mirrors": [],
"runtimes": {
"cc-runtime": {
"path": "/usr/bin/cc-runtime"
},
"custom": {
"path": "/usr/local/bin/my-runc-replacement",
"runtimeArgs": [
"--debug"
]
}
},
"seccomp-profile": "",
"selinux-enabled": false,
"shutdown-timeout": 15,
"storage-driver": "",
"storage-opts": [],
"swarm-default-advertise-addr": "",
"tls": true,
"tlscacert": "",
"tlscert": "",
"tlskey": "",
"tlsverify": true,
"userland-proxy": false,
"userland-proxy-path": "/usr/libexec/docker-proxy",
"userns-remap": ""
}