https://wiki.alpinelinux.org/w/api.php?action=feedcontributions&user=Ruluk&feedformat=atomAlpine Linux - User contributions [en]2024-03-29T11:09:09ZUser contributionsMediaWiki 1.40.0https://wiki.alpinelinux.org/w/index.php?title=Docker&diff=15871Docker2019-04-05T13:19:41Z<p>Ruluk: /* Installation */ Docker-compose requires new dependencies in latest version. See https://github.com/docker/compose/issues/6617#issuecomment-477974325.</p>
<hr />
<div>Alpine makes a great docker container, because it is so small and optimized to be run in RAM.<br />
It might also might make a good controller for several docker containers with enough RAM. I haven't tested this yet<br />
Docker's setup is easy to use from command line. Commands can be run from an interactive shell, or through a configuration file called a "Dockerfile". <br />
docker.com has excellent walk-throughs on how to run, pull, setup a container, commit an image, and create a configuration file. hub.docker.com is a freemium setup, where the first private repository is free.<br />
<br />
== Installation ==<br />
<br />
Run <code>apk add docker</code> to install Docker on Alpine Linux.<br />
<br />
The Docker package is in the 'Community' repository, so if the '''apk add''' fails with '''unsatisfiable constraints''', you need to edit the '''/etc/apk/repositories''' file to add (or uncomment) a line like:<br />
<br />
<code>http://dl-cdn.alpinelinux.org/alpine/latest-stable/community</code><br />
<br />
then run <code>apk update</code> to index the repository.<br />
<br />
<br />
'''To start the Docker daemon at boot, run:'''<br />
<br />
<code>rc-update add docker boot</code><br />
<br />
<br />
'''Then to start the Docker daemon manually, run:'''<br />
<br />
<code>service docker start</code><br />
<br />
<br />
{{Note|On older version of Alpine Linux with older version of docker you'll also need to disable some kernel security flags in order to build images:}}<br />
<br />
<code>sysctl -w kernel.grsecurity.chroot_deny_chmod=0</code><br />
<br />
<code>sysctl -w kernel.grsecurity.chroot_deny_mknod=0</code><br />
<br />
For more information, have a look at the [https://github.com/docker/docker/issues/20303 corresponding Github issue].<br />
<br />
Anyway, this weakening of security is not necessary to do with Alpine 3.4.x and Docker 1.12 as of August 2016 anymore.<br />
<br />
=== Docker Compose ===<br />
<br />
'''To install docker-compose, first install pip:'''<br />
<br />
<code>apk add py-pip</code><br />
<br />
<br />
'''Since docker-compose version 1.24.0, you also need some dev dependencies:'''<br />
<br />
<code>apk add python-dev libffi-dev openssl-dev gcc libc-dev make</code><br />
<br />
<br />
'''Then install docker-compose, run:'''<br />
<br />
<code>pip install docker-compose</code><br />
<br />
== Isolate containers with a user namespace ==<br />
<pre><br />
adduser -SDHs /sbin/nologin dockremap<br />
addgroup -S dockremap<br />
echo dockremap:$(cat /etc/passwd|grep dockremap|cut -d: -f3):65536 >> /etc/subuid<br />
echo dockremap:$(cat /etc/passwd|grep dockremap|cut -d: -f4):65536 >> /etc/subgid<br />
</pre><br />
<br />
and add in '''/etc/docker/daemon.json'''<br />
<br />
<pre><br />
{ <br />
"userns-remap": "dockremap"<br />
}<br />
</pre><br />
<br />
''You may also consider these options : '''<br />
"experimental": false,<br />
"live-restore": true,<br />
"ipv6": false,<br />
"icc": false,<br />
"no-new-privileges": false'''''<br />
<br />
You will find all possible configurations here[https://docs.docker.com/engine/reference/commandline/dockerd/#daemon-configuration-file].<br />
<br />
== Example: How to install docker from Arch ==<br />
<br />
https://wiki.archlinux.org/index.php/Docker<br />
<br />
== "WARNING: No {swap,memory} limit support" ==<br />
<br />
You may, probably, encounter this message by executing <code>docker info</code>.<br />
To correct this situation we have to enable the <code>cgroup_enable=memory swapaccount=1</code><br />
<br />
==== Alpine 3.8 ====<br />
Well I'm not sure it was'nt the case before but for sure with Alpine 3.8 you must config cgroups properly<br />
<pre>echo "cgroup /sys/fs/cgroup cgroup defaults 0 0" >> /etc/fstab</pre><br />
<pre><br />
cat >> /etc/cgconfig.conf <<EOF<br />
mount {<br />
cpuacct = /cgroup/cpuacct;<br />
memory = /cgroup/memory;<br />
devices = /cgroup/devices;<br />
freezer = /cgroup/freezer;<br />
net_cls = /cgroup/net_cls;<br />
blkio = /cgroup/blkio;<br />
cpuset = /cgroup/cpuset;<br />
cpu = /cgroup/cpu;<br />
}<br />
EOF<br />
</pre><br />
<br />
=== Grub ===<br />
Well; if you use Grub it is like any other linux and you just have to add the cgroup condition into <code>/etc/default/grub</code> than upgrade your grub<br />
<br />
<pre>GRUB_CMDLINE_LINUX_DEFAULT="... e=memory swapaccount=1"</pre><br />
<br />
<br />
=== Extlinux ===<br />
With Extlinux you also add the cgroup condition but inside <code>/etc/update-extlinux.conf</code><br />
<br />
<pre>default_kernel_opts="... cgroup_enable=memory swapaccount=1"</pre><br />
<br />
than update the config and reboot<br />
<br />
<code>update-extlinux</code><br />
<br />
== '''How to use docker''' ==<br />
<br />
The best documentation for how to use Docker and create containers is at the main docker site. Adding anything more to it here would be redundant.<br />
<br />
'''http://docs.docker.com/'''<br />
<br />
if you create an account at docker.com you can browse through other user's images and learn from the syntax in contributor's dockerfiles.<br />
<br />
Official Docker image files are denoted by a blue ribon on the website.<br />
<br />
== See also ==<br />
* [https://www.erianna.com/creating-a-alpine-linux-repository/ Creating & Hosting an Alpine Linux Package Repository for Docker Packages]<br />
<br />
[[Category:Virtualization]]</div>Ruluk