PLD Linux Distribution

User Tools

Site Tools

Trace:
packages:docker

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Last revision Both sides next revision
packages:docker [2015-04-09 16:55]
glen [Docker] add Prerequisites 		packages:docker [2019-02-01 12:29]
glen say hello
Line 3: Line 3:
 [[https://​www.docker.io/​|Docker,​ The Linux container engine]] is an open source project to pack, ship and run any application as a lightweight container. [[https://​www.docker.io/​|Docker,​ The Linux container engine]] is an open source project to pack, ship and run any application as a lightweight container.
  
-Have look at Docker [[https://www.docker.io/gettingstarted/|getting started]].+Have look at Docker [[https://docs.docker.com/linux/|getting started]].
  
  
 ===== Prerequisites ===== ===== Prerequisites =====
  
-[[docs:lxc#​prerequisites|LXC]] with ''​USER_NS'',​ ''​USER_NET'',​ etc.+  - [[packages:kernel]] with ''​USER_NS'',​ ''​USER_NET'',​ etc. 
 +  - vserver patch disabled (''​docker exec''​ will fail otherwise):​ 
 +    - https://​groups.google.com/​forum/#​!topic/​docker-user/​U3j7ykSceNg 
 +    - http://​lists.pld-linux.org/​mailman/​pipermail/​pld-devel-en/​2014-January/​023786.html 
 + 
 +===== PLD Linux Base images ===== 
 + 
 +Minimal PLD Linux base images are built every Friday and published in GitLab: 
 + 
 +  * https://​gitlab.com/​pld-linux/​pld#​pld-linux-base-docker-images 
 + 
 +There'​s also available base images from Th snapshots:​ 
 +  * https://​gitlab.com/​pld-linux/​pld/​blob/​master/​README.md#​snapshot-images 
 + 
 +<​code>​ 
 +$ docker run --rm -it registry.gitlab.com/​pld-linux/​pld echo hello pld linux 
 +hello pld linux 
 +</​code>​ 
 + 
 +To build your own base image, you can use [[https://​github.com/​moby/​moby/​blob/​master/​contrib/​mkimage-pld.sh|contrib/​mkimage-pld.sh]] as base. 
 + 
 + 
 +==== Setup Cgroups ==== 
 + 
 +Easiest way is to install [[package>​libcgroup]] package and enable all cgroup types: 
 + 
 +<​code>​ 
 +# install libcgroup and enable mounts 
 +poldek -u --noask libcgroup 
 +sed -i -e '/​^#​mount/,​$ s/​^#//'​ /​etc/​cgconfig.conf 
 +service cgconfig start  
 +</​code>​
 ===== Network Configuration =====  ===== Network Configuration ===== 
  
Line 23: Line 54:
 Or, to enable it more permanently,​ enable it on the host's **/​etc/​sysctl.conf**:​ Or, to enable it more permanently,​ enable it on the host's **/​etc/​sysctl.conf**:​
  
-    ​net.ipv4.ip_forward=1+   net.ipv4.ip_forward=1
  
  
-===== PLD Base image =====+===== Rights ​=====
  
-Simple script ​to create new base image for pld:+Don't run docker as ''​root''​. Add your user to ''​docker''​ group in host to be able to run from your own user.
  
-<code bash mkimage-pld.sh+<note tip
-#!/bin/sh +By adding yourself to the docker group you are effectively granting yourself full root permissions. For more information please read [[https://www.andreas-jung.com/​contents/​on-docker-security-docker-group-considered-harmful|On Docker security: docker group considered harmful]]. 
-set -e+</​note>​
  
-ROOTFS=~/root +Whoever, we still consider that more secure approach than just running as root. Accidental damage to Host system is minimized this way. 
-IMAGE=pld+===== How To ===== 
  
-# to clean up: +==== Maintenance ====
-docker rmi $IMAGE+
  
-# build +Getting rid of stopped containers
-rpm -r $ROOTFS --initdb+
  
-install -d $ROOTFS/​dev/​pts +<​code>​ 
-mknod $ROOTFS/​dev/​random c 1 8 -m 644 +docker ps -f status=exited 
-mknod $ROOTFS/​dev/​urandom c 1 9 -m 644 +docker ps --f status=exited | xargs -r docker rm 
-mknod $ROOTFS/​dev/​full c 1 7 -m 666 +</code>
-mknod $ROOTFS/​dev/​null c 1 3 -m 666 +
-mknod $ROOTFS/dev/zero c 1 5 -m 666 +
-mknod $ROOTFS/​dev/​console c 5 1 -m 660+
  
-poldek -r $ROOTFS --up -u bash iproute2 coreutils poldek+Getting rid of unused images
  
-# cleanups +<​code>​ 
-PKGS="​cracklib-dicts ca-certificates"​ +docker images ​--filter dangling=true 
-for pkg in $PKGS; do +docker images ​--filter dangling=true ​--quiet | xargs -r docker rmi 
-    rpm -r $ROOTFS ​-q $pkg && rpm -r $ROOTFS ​-e $pkg --nodeps +</​code>​
-done +
- +
-# and import +
-tar -C $ROOTFS -cf- . | docker import - $IMAGE+
  
-# and test +Getting rid of unused volumes 
-docker ​run --u root $IMAGE /bin/echo Success.+<​code>​ 
 +docker ​volume ls -f dangling=true 
 +docker volume ls -qf dangling=true | xargs -r docker volume rm
 </​code>​ </​code>​
  
-<file> +For Docker ​1.9, see [[https://github.com/chadoe/docker-cleanup-volumes|docker-cleanup-volumes]] tool.
-# sh -x /vagrant/mkimage-pld.sh  +
-+ rpm -r /home/vagrant/​root ​--initdb +
-+ poldek -r root --up -u bash iproute2 +
-docker ​import ​pld +
-# docker run -i -t pld bash +
-WARNING: IPv4 forwarding is disabled. +
-[root@e8d2bb1215c2 /]# id +
-uid=0(root) gid=0(root) groups=0(root) +
-</​file>​+
  
-You can see more available samples in [[https://​github.com/​dotcloud/​docker/​tree/​master/​contrib|docker/​contrib/​]]. +For Docker >= 1.13 use ''​docker ​{container,image,​volume,​network} prune'' ​subcommands.
- +
-alsoyou can try [[.:​people:​glen|glen's]] [[https://​index.docker.io/​u/​glen/​pld/​|pld test]] image: +
-<code bash> +
-vagrant@pld64 ~$ sudo docker run -i -t glen/pld bash +
-root@ae0aac5de155 ~#  +
-</​code>​+
  
 ===== Vagrant ===== ===== Vagrant =====
packages/docker.txt · Last modified: 2020-10-24 16:21 by glen

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: Public Domain
Public Domain Donate Powered by PHP Valid HTML5 Valid CSS PLD Linux Driven by DokuWiki