Installation

Follow instructions at Docker homepage.

Test if it worked

sudo docker run -i -t ubuntu /bin/bash
exit

Add user to docker group such that they do not need root privileges to run docker

sudo gpasswd -a ${USER} docker
sudo service docker restart

X11

docker run --rm -it -e DISPLAY=`/sbin/ip route|awk '/default/ { print  $3}'`:13.0 -v /tmp/.X11-unix:/tmp/.X11-unix -v $HOME/.Xauthority:/home/anduril/.Xauthority --net=host cfrech/anduril

Install locales (add to dockerfile)

sudo locale-gen de_AT
sudo locale-gen de_AT.UTF-8
sudo locale-gen en_US
sudo locale-gen en_US.UTF-8
sudo update-locale

Set locale in Debian-based docker

FROM debian:7.8
RUN localedef -c -i en_US -f UTF-8 en_US.UTF-8
ENV LANG en_US.UTF-8

Administration

Garbage collection

docker rm $(docker ps -aq -f status=exited)    
docker rmi $(docker images -q -f dangling=true)

Display image hierarchy

docker images --tree

Docker registry

Start registry daemon on biowaste, mount synology directory into conainer where images will be stored

docker run -d -p 5000:5000 -v /data_synology/docker/registry/:/tmp/registry-dev registry:2.0

Re-tag existing image (or create new one with hostname in its name)

docker tag cfrech/anduril-rseqc biowaste:5000/anduril/rseqc

Push image to registry

docker push biowaste:5000/anduril/rseqc

Check if images is in registry

curl -v -X GET http://biowaste:5000/v2/anduril/rseqc/tags/list

On servers OTHER than biowaste, grant insecure access to this registry as shown below (depending on service manager init.d or systemd).

init.d

Edit /etc/init.d/docker and add the following to DOCKER_OPTS=

DOCKER_OPTS=--insecure-registry=biowaste:5000

systemd

Edit /lib/systemd/system/docker.service and change docker daemon startup parameters

/usr/bin/docker --insecure-registry=biowaste:5000 -d -H fd://

Force re-load of changed config file

sudo systemctl daemon-reload

init.d and systemd

Restart docker daemon

sudo service docker restart

Auto-map host user ID and group ID into container

Add gosu and entrypoint to Dockerfile:

RUN gpg --keyserver pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4
RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates wget && rm -rf /var/lib/apt/lists/* \
    && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/1.2/gosu-$(dpkg --print-architecture)" \
    && wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/1.2/gosu-$(dpkg --print-architecture).asc" \
    && gpg --verify /usr/local/bin/gosu.asc \
    && rm /usr/local/bin/gosu.asc \
    && chmod +x /usr/local/bin/gosu

COPY entrypoint.sh /usr/bin/entrypoint.sh
ENTRYPOINT ["/usr/bin/entrypoint.sh"]

entrypoint.sh: auto-create login and execute command under current user

#!/bin/bash

if [ -z $(getent group $DOCKER_GNAME) ]; then
  groupadd --system --gid $DOCKER_GID $DOCKER_GNAME
fi
if [ -z $(getent passwd $DOCKER_UNAME) ]; then
  useradd --system --gid $DOCKER_GID --uid $DOCKER_UID --home-dir $DOCKER_HOME --shell /bin/bash $DOCKER_UNAME
fi
export HOME=$DOCKER_HOME
echo Running command inside docker: $@ >&2
eval exec gosu $DOCKER_UID /bin/bash -c "'$@'"

Container startup:

docker run \
    -it --rm \
    --net=host \
    -e DOCKER_UID=$(id -u) \
    -e DOCKER_UNAME=$(id -un) \
    -e DOCKER_GID=$(id -g) \
    -e DOCKER_GNAME=$(id -gn) \
    -e DOCKER_HOME=$HOME \
    -w $(pwd) \
    -v /home:/home \
    -v /data_synology:/data_synology \
    -v /data:/data \
    -v /data2:/data2 \
    [imagename] [command]