IT/Software/Docker: Difference between revisions

From msgwiki
< IT‎ | Software
Jump to navigation Jump to search
Access restrictions were established for this page. If you see this message, you have no access to this page.
No edit summary
 
(7 intermediate revisions by one other user not shown)
Line 1: Line 1:
= Docker =
=== General Notes ===
Natively docker doesn't come with a web UI, but there are several projects that can offer that functionality, e.g.
* Portainer (so far the "go to" for docker UI's)
* Dockge (a quite new project)
Nonetheless some basics are recommended :)
==== What for? ====
* fast and reproducible deployment of services
* nicely encapsulated services, no issues with dependency as the container has them installed already
* more security through encapsulation, add even more whith running containers as different users
* easy upgradeable, just pull the newer image and start the container with that
==== Why not? ====
* needs some learning, concept is a bit different to bare metal installs
==== Docker vs VM ====
* https://www.freecodecamp.org/news/docker-vs-vm-key-differences-you-should-know/
* in case of MSG, there are no VM's involved (afaik all services are installed bare metal), but encapsulation is still be a great benefit
==== docker run vs docker compose run ====
* containers can be run "just" with a simple cli command, e.g. <code>docker run hello-world</code>
** this is nice for quick tests
** but will get overwhelming as soon as more containers and parameters are involved
* docker compose uses yaml files (docker-compose.yml / compose.yml) https://docs.docker.com/compose/compose-file/
** <code>cd</code> to the folder where the compose file lies and run with <code>sudo docker compose up -d</code> (-d to run in background)
** all applications/services are defined in these compose files
** this allows for reproducible containers on any host
*** if a host dies, just use the same compose file to spin the service up on another host and it will have the same settings
*** '''persistent''' volumes/data still need to be copied/backuped
* we won't go into build files, which are used to create your own containers
===== Where to put the compose file and persistent data? =====
If you search the web, there are several opinions about this :)
Generally it doesn't matter that much where you put those, as long the file permissions are set correctly.
Some mentioned locations are: home directory, /opt/docker, /srv/docker
Preference:
* <code>/srv/docker/[SERVICE-STACK_NAME]</code>
'''Most important''' is, that the compose files and persistent data are backuped, as it should be the case for any other application.
==== Persistent vs Non-Persistent Data ====
In a gist:
* '''non-persistent''' data is completely replaceable and does not need to be kept
** container images (in a sence, the "logic" of a service)
*** if an application needs an update, usually just a new release of the image can be pulled, which makes tedious manual updating obsolete
** some services can be run completely non persistent: Redis, Adminer (simple webui for SQL DB's)
* probably the bulk of services needs '''persistent''' storage, which '''should be backuped''' (as in any other non containerized service)
** compose files (define the services and some configuration, depending how the container was made)
** internal config files (many containerized services still use their existing config files)
** application/user data (e.g. your uploaded files in Nextcloud, website data that is served by NGINX/Apache, sites made in Moodle)
** docker offers different volume types for persistency: https://docs.docker.com/storage/volumes/
*** we'll mostly use bind mounts which are easier to access and backup
=== Common CLI Commands ===
* CLI reference: https://docs.docker.com/engine/reference/commandline/cli/
Some useful commands for daily tasks (use <code>sudo</code> depending on how docker was installed)
Check status of containers and see container names and IDs
* <code>sudo docker ps</code>
* <code>sudo docker ps -a</code> (also shows stopped containers)
Check logs of a specific container
* <code>sudo docker logs -f [CONTAINER_ID/NAME]</code>
** <code>-f</code> to follow new lines
*show logs of all containers of a compose stack
**<code>cd</code> to compose folder
**<code>sudo docker compose logs -f</code>
Start containers
* <code>sudo docker run [CONTAINER_NAME]</code>
* compose
** <code>cd</code> to compose folder
** <code>sudo docker compose up -d</code>
Stop containers
* <code>sudo docker stop [CONTAINER_ID/NAME]</code>
* stop all containers of a compose stack
** <code>cd</code> to compose folder
** <code>sudo docker compose down</code>
Restart containers
* <code>sudo docker restart [CONTAINER_ID/NAME]</code>
* restart all containers of a compose stack
** <code>cd</code> to compose folder
** <code>sudo docker compose restart</code>
Update containers
* compose
** <code>cd</code> to compose folder
** change the image tag in the compose file to the version you want to upgrade to, or use the latest tag
** <code>sudo docker compose pull</code> (all containers from stack)
** <code>sudo docker compose pull [CONTAINER_NAME]</code> (pull only the specified containers, leave space for multiple)
** <code>sudo docker compose up -d</code>
** <code>sudo docker ps</code> to check if containers are running
** <code>sudo docker compose logs -f</code> to check for errors in the logs
=== Installation ===
==== Manually ====
* https://docs.docker.com/engine/install/ubuntu/
==== Ansible Playbook ====
* [[IT/Software/Ansible#Execute Playbooks|how to run playbooks]]
* ssh enabled on host <code>sudo apt update && sudo apt install openssh-server -y</code>
* https://github.com/stefannyffenegger/automation/blob/main/ansible/pb_prompt_install-docker.yml
==== Offline Manually ====
Install docker and docker-compose:  
Install docker and docker-compose:  


Line 53: Line 182:


Source: https://docs.fuga.cloud/how-to-install-portainer-docker-ui-manager-on-ubuntu-20.04-18.04-16.04
Source: https://docs.fuga.cloud/how-to-install-portainer-docker-ui-manager-on-ubuntu-20.04-18.04-16.04
=== Containers ===
==== In use ====
* Portainer: [[IT/Software/Portainer|Wiki article]]
* Octoprint: [[IT/Software/Octoprint|Wiki article]]
==== Potential use ====
* Nextcloud, MariaDB, Redis (existing data and config can be mounted over bind mount)
* NGINX / Apache with reverse proxy, e.g. SWAG (based on NGINX, with certbot and fail2ban included) or Traefik
* Moodle
* ...
* Interesting Docker projects: [[IT/Experimental/Docker|Wiki article]]

Latest revision as of 07:31, 7 November 2024

Docker

General Notes

Natively docker doesn't come with a web UI, but there are several projects that can offer that functionality, e.g.

  • Portainer (so far the "go to" for docker UI's)
  • Dockge (a quite new project)

Nonetheless some basics are recommended :)

What for?

  • fast and reproducible deployment of services
  • nicely encapsulated services, no issues with dependency as the container has them installed already
  • more security through encapsulation, add even more whith running containers as different users
  • easy upgradeable, just pull the newer image and start the container with that

Why not?

  • needs some learning, concept is a bit different to bare metal installs

Docker vs VM

docker run vs docker compose run

  • containers can be run "just" with a simple cli command, e.g. docker run hello-world
    • this is nice for quick tests
    • but will get overwhelming as soon as more containers and parameters are involved
  • docker compose uses yaml files (docker-compose.yml / compose.yml) https://docs.docker.com/compose/compose-file/
    • cd to the folder where the compose file lies and run with sudo docker compose up -d (-d to run in background)
    • all applications/services are defined in these compose files
    • this allows for reproducible containers on any host
      • if a host dies, just use the same compose file to spin the service up on another host and it will have the same settings
      • persistent volumes/data still need to be copied/backuped
  • we won't go into build files, which are used to create your own containers
Where to put the compose file and persistent data?

If you search the web, there are several opinions about this :)

Generally it doesn't matter that much where you put those, as long the file permissions are set correctly.

Some mentioned locations are: home directory, /opt/docker, /srv/docker

Preference:

  • /srv/docker/[SERVICE-STACK_NAME]

Most important is, that the compose files and persistent data are backuped, as it should be the case for any other application.

Persistent vs Non-Persistent Data

In a gist:

  • non-persistent data is completely replaceable and does not need to be kept
    • container images (in a sence, the "logic" of a service)
      • if an application needs an update, usually just a new release of the image can be pulled, which makes tedious manual updating obsolete
    • some services can be run completely non persistent: Redis, Adminer (simple webui for SQL DB's)
  • probably the bulk of services needs persistent storage, which should be backuped (as in any other non containerized service)
    • compose files (define the services and some configuration, depending how the container was made)
    • internal config files (many containerized services still use their existing config files)
    • application/user data (e.g. your uploaded files in Nextcloud, website data that is served by NGINX/Apache, sites made in Moodle)
    • docker offers different volume types for persistency: https://docs.docker.com/storage/volumes/
      • we'll mostly use bind mounts which are easier to access and backup

Common CLI Commands

Some useful commands for daily tasks (use sudo depending on how docker was installed)

Check status of containers and see container names and IDs

  • sudo docker ps
  • sudo docker ps -a (also shows stopped containers)

Check logs of a specific container

  • sudo docker logs -f [CONTAINER_ID/NAME]
    • -f to follow new lines
  • show logs of all containers of a compose stack
    • cd to compose folder
    • sudo docker compose logs -f

Start containers

  • sudo docker run [CONTAINER_NAME]
  • compose
    • cd to compose folder
    • sudo docker compose up -d

Stop containers

  • sudo docker stop [CONTAINER_ID/NAME]
  • stop all containers of a compose stack
    • cd to compose folder
    • sudo docker compose down

Restart containers

  • sudo docker restart [CONTAINER_ID/NAME]
  • restart all containers of a compose stack
    • cd to compose folder
    • sudo docker compose restart

Update containers

  • compose
    • cd to compose folder
    • change the image tag in the compose file to the version you want to upgrade to, or use the latest tag
    • sudo docker compose pull (all containers from stack)
    • sudo docker compose pull [CONTAINER_NAME] (pull only the specified containers, leave space for multiple)
    • sudo docker compose up -d
    • sudo docker ps to check if containers are running
    • sudo docker compose logs -f to check for errors in the logs

Installation

Manually

Ansible Playbook

Offline Manually

Install docker and docker-compose:

If you always want to automatically get the latest version of Docker on Ubuntu, you must add its official repository to Ubuntu system. To do that, run the commands below to install prerequisite packages: sudo apt update

sudo apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common

Next, run the commands below to download and install Docker’s official GPG key. The key is used to validate packages installed from Docker’s repository making sure they’re trusted. curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

sudo apt-key fingerprint 0EBFCD88

Now that the official GPG key is installed, run the commands below to add its stable repository to Ubuntu. To add the nightly or test repository, add the word nightly or test (or both) after the word stable in the commands below. sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" After this command, Docker’s official GPG and repository should be installed on Ubuntu. If you have older versions of Docker, run the commands below to remove them: sudo apt-get remove docker docker-engine docker.io containerd runc

When you have removed all the previous versions of Docker, run the commands below to install the latest and current stable version of Docker: sudo apt-get install docker-ce docker-ce-cli containerd.io

This will install Docker software on Ubuntu.

Add your account, for most cases it will be ubuntu, to Docker group and restart: sudo usermod -aG docker $USER

Reboot your instance: sudo reboot

To verify that Docker CE is installed correctly you can run the hello-world image: sudo docker run hello-world

If Docker is installed correctly you will see the following response: Response: Hello from Docker! This message shows that your installation appears to be working correctly.

Then you need to install docker-compose. This makes it easier for you to install containers on docker. To install it, run the commands below to download version 1.26.0. As of this writing, this was the current version. sudo curl -L "https://github.com/docker/compose/releases/download/1.26.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose

After downloading it, run the commands below to apply executable permissions to the binary file and create a symbolic link to /usr/binary sudo chmod +x /usr/local/bin/docker-compose sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose

Now, Docker Compose should work. To test it, we will run the command below: docker-compose --version

You should see similar output as below: Response: docker-compose version 1.24.0, build 0aa59064


Source: https://docs.fuga.cloud/how-to-install-portainer-docker-ui-manager-on-ubuntu-20.04-18.04-16.04

Containers

In use

Potential use

  • Nextcloud, MariaDB, Redis (existing data and config can be mounted over bind mount)
  • NGINX / Apache with reverse proxy, e.g. SWAG (based on NGINX, with certbot and fail2ban included) or Traefik
  • Moodle
  • ...