Docker - Gig77/wiki GitHub Wiki
Installation
Follow instructions at Docker homepage.
Test if it worked
sudo docker run -i -t ubuntu /bin/bash
exit
Add user to docker group such that they do not need root privileges to run docker
sudo gpasswd -a ${USER} docker
sudo service docker restart
X11
docker run --rm -it -e DISPLAY=`/sbin/ip route|awk '/default/ { print $3}'`:13.0 -v /tmp/.X11-unix:/tmp/.X11-unix -v $HOME/.Xauthority:/home/anduril/.Xauthority --net=host cfrech/anduril
Install locales (add to dockerfile)
sudo locale-gen de_AT
sudo locale-gen de_AT.UTF-8
sudo locale-gen en_US
sudo locale-gen en_US.UTF-8
sudo update-locale
Set locale in Debian-based docker
FROM debian:7.8
RUN localedef -c -i en_US -f UTF-8 en_US.UTF-8
ENV LANG en_US.UTF-8
Administration
Garbage collection
docker rm $(docker ps -aq -f status=exited)
docker rmi $(docker images -q -f dangling=true)
Display image hierarchy
docker images --tree
Docker registry
Start registry daemon on biowaste, mount synology directory into conainer where images will be stored
docker run -d -p 5000:5000 -v /data_synology/docker/registry/:/tmp/registry-dev registry:2.0
Re-tag existing image (or create new one with hostname in its name)
docker tag cfrech/anduril-rseqc biowaste:5000/anduril/rseqc
Push image to registry
docker push biowaste:5000/anduril/rseqc
Check if images is in registry
curl -v -X GET http://biowaste:5000/v2/anduril/rseqc/tags/list
On servers OTHER than biowaste, grant insecure access to this registry as shown below (depending on service manager init.d
or systemd
).
init.d
Edit /etc/init.d/docker
and add the following to DOCKER_OPTS=
DOCKER_OPTS=--insecure-registry=biowaste:5000
systemd
Edit /lib/systemd/system/docker.service
and change docker daemon startup parameters
/usr/bin/docker --insecure-registry=biowaste:5000 -d -H fd://
Force re-load of changed config file
sudo systemctl daemon-reload
init.d and systemd
Restart docker daemon
sudo service docker restart
Auto-map host user ID and group ID into container
Add gosu
and entrypoint to Dockerfile:
RUN gpg --keyserver pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4
RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates wget && rm -rf /var/lib/apt/lists/* \
&& wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/1.2/gosu-$(dpkg --print-architecture)" \
&& wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/1.2/gosu-$(dpkg --print-architecture).asc" \
&& gpg --verify /usr/local/bin/gosu.asc \
&& rm /usr/local/bin/gosu.asc \
&& chmod +x /usr/local/bin/gosu
COPY entrypoint.sh /usr/bin/entrypoint.sh
ENTRYPOINT ["/usr/bin/entrypoint.sh"]
entrypoint.sh: auto-create login and execute command under current user
#!/bin/bash
if [ -z $(getent group $DOCKER_GNAME) ]; then
groupadd --system --gid $DOCKER_GID $DOCKER_GNAME
fi
if [ -z $(getent passwd $DOCKER_UNAME) ]; then
useradd --system --gid $DOCKER_GID --uid $DOCKER_UID --home-dir $DOCKER_HOME --shell /bin/bash $DOCKER_UNAME
fi
export HOME=$DOCKER_HOME
echo Running command inside docker: $@ >&2
eval exec gosu $DOCKER_UID /bin/bash -c "'$@'"
Container startup:
docker run \
-it --rm \
--net=host \
-e DOCKER_UID=$(id -u) \
-e DOCKER_UNAME=$(id -un) \
-e DOCKER_GID=$(id -g) \
-e DOCKER_GNAME=$(id -gn) \
-e DOCKER_HOME=$HOME \
-w $(pwd) \
-v /home:/home \
-v /data_synology:/data_synology \
-v /data:/data \
-v /data2:/data2 \
[imagename] [command]