Differences

This shows you the differences between two versions of the page.

--- packages:docker [2016-02-16 12:02]
glen [Prerequisites]
+++ packages:docker [2019-02-01 12:29]
glen say hello
@@ Line 8: / Line 8: @@
 ===== Prerequisites =====
-[[packages:kernel]] with ''USER_NS'', ''USER_NET'', etc.
+  - [[packages:kernel]] with ''USER_NS'', ''USER_NET'', etc.
+  - vserver patch disabled (''docker exec'' will fail otherwise):
+    - https://groups.google.com/forum/#!topic/docker-user/U3j7ykSceNg
+    - http://lists.pld-linux.org/mailman/pipermail/pld-devel-en/2014-January/023786.html
+===== PLD Linux Base images =====
+Minimal PLD Linux base images are built every Friday and published in GitLab:
+  * https://gitlab.com/pld-linux/pld#pld-linux-base-docker-images
+There's also available base images from Th snapshots:
+  * https://gitlab.com/pld-linux/pld/blob/master/README.md#snapshot-images
+<code>
+$ docker run --rm -it registry.gitlab.com/pld-linux/pld echo hello pld linux
+hello pld linux
+</code>
+To build your own base image, you can use [[https://github.com/moby/moby/blob/master/contrib/mkimage-pld.sh|contrib/mkimage-pld.sh]] as base.
 ==== Setup Cgroups ====
@@ Line 36: / Line 56: @@
    net.ipv4.ip_forward=1
-===== How To =====
-==== Getting rid of unused images ====
+===== Rights =====
-<code>
+Don't run docker as ''root''. Add your user to ''docker'' group in host to be able to run from your own user.
-docker rmi $(docker images --filter dangling=true --quiet)
-</code>
-===== PLD Base image =====
-Simple script to create new base image for pld:
+<note tip>
+By adding yourself to the docker group you are effectively granting yourself full root permissions. For more information please read [[https://www.andreas-jung.com/contents/on-docker-security-docker-group-considered-harmful|On Docker security: docker group considered harmful]].
+</note>
-<code bash mkimage-pld.sh>
+Whoever, we still consider that more secure approach than just running as root. Accidental damage to Host system is minimized this way.
-#!/bin/sh
+===== How To =====
-set -e
-ROOTFS=~/root
+==== Maintenance ====
-IMAGE=pld
-# to clean up:
+Getting rid of stopped containers
-docker rmi $IMAGE
-# build
+<code>
-rpm -r $ROOTFS --initdb
+docker ps -f status=exited
+docker ps -q -f status=exited | xargs -r docker rm
+</code>
-install -d $ROOTFS/dev/pts
+Getting rid of unused images
-mknod $ROOTFS/dev/random c 1 8 -m 644
-mknod $ROOTFS/dev/urandom c 1 9 -m 644
-mknod $ROOTFS/dev/full c 1 7 -m 666
-mknod $ROOTFS/dev/null c 1 3 -m 666
-mknod $ROOTFS/dev/zero c 1 5 -m 666
-mknod $ROOTFS/dev/console c 5 1 -m 660
-poldek -r $ROOTFS --up -u bash iproute2 coreutils poldek
+<code>
+docker images --filter dangling=true
-# cleanups
+docker images --filter dangling=true --quiet | xargs -r docker rmi
-PKGS="cracklib-dicts ca-certificates"
+</code>
-for pkg in $PKGS; do
-    rpm -r $ROOTFS -q $pkg && rpm -r $ROOTFS -e $pkg --nodeps
-done
-# and import
-tar -C $ROOTFS -cf- . | docker import - $IMAGE
-# and test
+Getting rid of unused volumes
-docker run -i -u root $IMAGE /bin/echo Success.
+<code>
+docker volume ls -f dangling=true
+docker volume ls -qf dangling=true | xargs -r docker volume rm
 </code>
-<file>
+For Docker < 1.9, see [[https://github.com/chadoe/docker-cleanup-volumes|docker-cleanup-volumes]] tool.
-# sh -x /vagrant/mkimage-pld.sh
-+ rpm -r /home/vagrant/root --initdb
-+ poldek -r root --up -u bash iproute2
-+ docker import - pld
-# docker run -i -t pld bash
-WARNING: IPv4 forwarding is disabled.
-[root@e8d2bb1215c2 /]# id
-uid=0(root) gid=0(root) groups=0(root)
-</file>
-You can see more available samples in [[https://github.com/dotcloud/docker/tree/master/contrib|docker/contrib/]].
+For Docker >= 1.13 use ''docker {container,image,volume,network} prune'' subcommands.
-also, you can try [[people:glen|glen's]] [[https://index.docker.io/u/glen/pld/|pld test]] image:
-<code bash>
-vagrant@pld64 ~$ sudo docker run -i -t glen/pld bash
-root@ae0aac5de155 ~#
-</code>
 ===== Vagrant =====

PLD Linux Distribution

User Tools

Site Tools

Differences

Page Tools