Skip to main content
  1. 2022/
  2. June/

Installing Docker on Ubuntu-22.04

·5 mins

Installing Docker on Ubuntu 22.04 #

Much of this page shamelessly stolen from [This Digital Ocean Post][DOBlogpost].

Introduction #

Docker is an application that simplifies the process of managing application processes in containers. Containers let you run your applications in resource-isolated processes. They’re similar to virtual machines, but containers are more portable, more resource-friendly, and more dependent on the host operating system.

For a detailed introduction to the different components of a Docker container, ask me.

In this tutorial, you’ll install and use Docker Community Edition (CE) on Ubuntu 22.04. You’ll install Docker itself, work with containers and images, and push an image to a Docker Repository.

Wolfspyrelabs Prerequisites #

To follow this tutorial, you will need the following:

  • One Ubuntu 22.04 server
    • Server set up following the Ubuntu 22.04 initial server setup guide.
    • including a sudo non-root user and a firewall.
  • if you wish to create your own images and push them to Docker Hub, you’ll need an account on Docker Hub

Disable ipv6 #

for T in default all `ip  link list |awk ' $1~/^[0-9]+:/ {print $2}'|sed -e 's/://'|egrep -v 'lo'`; do 
  echo -n "${T} - "
  echo "net.ipv6.conf.${T}.disable_ipv6 = 1" >> /etc/sysctl.d/9901-disable-ipv6.conf; 
  echo 'Done'; 
done
sysctl  -p /etc/sysctl.d/9901-disable-ipv6.conf

Set up apt proxy config #

cat << EOF>> /etc/apt/apt.conf.d/proxy.conf
Acquire::http::Proxy "http://skwirreltrap.wolfspyre.io:3128/";
Acquire::https::Proxy "http://skwirreltrap.wolfspyre.io:3128/";
EOF

Add skwirreltrap to /etc/hosts #

STUFF HERE

Add our Networks to /etc/networks #

..... STUFF HERE

Add our ssl certs #

STUFF HERE

1 — Installing Docker #

The Docker installation package available in the official Ubuntu repository may not be the latest version. To ensure we get the latest version, we’ll install Docker from the official Docker repository. To do that, we’ll add a new package source, add the GPG key from Docker to ensure the downloads are valid, and then install the package.

First, update your existing list of packages:

sudo apt update

Next, install a few prerequisite packages which let apt use packages over HTTPS:

sudo apt install apt-transport-https ca-certificates curl software-properties-common

Then add the GPG key for the official Docker repository to your system:

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

Add the Docker repository to APT sources:

echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

Update your existing list of packages again for the addition to be recognized:

sudo apt update

Make sure you are about to install from the Docker repo instead of the default Ubuntu repo:

apt-cache policy docker-ce

You’ll see output like this, although the version number for Docker may be different:

Output of apt-cache policy docker-ce

docker-ce:
  Installed: (none)
  Candidate: 5:20.10.14~3-0~ubuntu-jammy
  Version table:
     5:20.10.14~3-0~ubuntu-jammy 500
        500 https://download.docker.com/linux/ubuntu jammy/stable amd64 Packages
     5:20.10.13~3-0~ubuntu-jammy 500
        500 https://download.docker.com/linux/ubuntu jammy/stable amd64 Packages

Notice that docker-ce is not installed, but the candidate for installation is from the Docker repository for Ubuntu 22.04 (jammy).

Finally, install Docker:

sudo apt install docker-ce

To be explicit, however:

apt install containerd.io docker-ce-cli docker-ce-rootless-extras docker-scan-plugin git git-man iptables less liberror-perl libip6tc2 libltdl7 libnetfilter-conntrack3 libnfnetlink0 libnftnl11 libslirp0 patch pigz slirp4netns

Docker should now be installed, the daemon started, and the process enabled to start on boot.

Check that it’s running:

sudo systemctl status docker

The output should be similar to the following, showing that the service is active and running:

Output

● docker.service - Docker Application Container Engine
     Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
     Active: active (running) since Fri 2022-04-01 21:30:25 UTC; 22s ago
TriggeredBy: ● docker.socket
       Docs: https://docs.docker.com
   Main PID: 7854 (dockerd)
      Tasks: 7
     Memory: 38.3M
        CPU: 340ms
     CGroup: /system.slice/docker.service
             └─7854 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

Installing Docker now gives you not just the Docker service (daemon) but also the docker command line utility, or the Docker client.
We’ll explore how to use the docker command later in this tutorial.

2 — Wolfspyrelabs Docker configuration #

docker daemon network configuration #

[docker’s networking documentation][docker-documentation-networking-bridge] about bridges is…. medium. took a bit of digging.

http://www.faqs.org/rfcs/rfc1918.html 10.0.0.0 - 10.255.255.255 (10/8 prefix) 172.16.0.0 - 172.31.255.255 (172.16/12 prefix) 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

sytemd config #

Docker’s config can be managed a few different ways… but on hosts configureed to use systemd, the proxy config cannot be managed in the daemon options in /etc/default/docker

systemd-resolved #
journald #

moving docker dir #

lvcreate TinkyVG -n TinkyDataLV -L +50G
mkfs.ext4 -m 0  -L TinkyDataFS -M /data /dev/mapper/TinkyVG-TinkyDataLV
echo 'LABEL=TinkyDataFS /data ext4 defaults 0 0' >> /etc/fstab
root@tinky:~# mount -=a^C
root@tinky:~# mkdir /data
root@tinky:~# mount -a
root@tinky:~# ls /data
lost+found
mkdir /data/docker
mkdir /data/docker-tmp
service docker stop&& cd /var/lib/docker/&& tar cpf - . | (cd /data/docker/&& tar xpf -); du -sh /data/docker /var/lib/docker&& cd / && rm -rf  /var/lib/docker; ln -s /data/docker /var/lib/docker

/etc/docker/daemon.json

cat <<EOF>>/etc/docker/daemon.json
{
  "data-root":  "/data/docker",
  "log-driver": "journald"
}
EOF

setting Docker proxy amd other runtime env vars #

mkdir -p /etc/systemd/system/docker.service.d/
cat <<EOF>> /etc/systemd/system/docker.service.d/wolfspyre-settings.conf
[Service]
Environment="HTTP_PROXY=http://skwirreltrap.wolfspyre.io:3128"
Environment="HTTPS_PROXY=http://skwirreltrap.wolfspyre.io:3128"
Environment="NO_PROXY=localhost,127.0.0.1,*.wolfspyre.io,*.wolfspyre.com,127.0.0.0/8,10.0.0.0/8,198.18.0.0/15,192.0.2.0/24"
Environment=DOCKER_TMPDIR="/data/docker-tmp"
EOF

Step 3 — Executing the Docker Command Without Sudo (Optional) #

By default, the docker command can only be run the root user or by a user in the docker group, which is automatically created during Docker’s installation process. If you attempt to run the docker command without prefixing it with sudo or without being in the docker group, you’ll get an output like this:

Output docker: Cannot connect to the Docker daemon. Is the docker daemon running on this host?. See ‘docker run --help’. If you want to avoid typing sudo whenever you run the docker command, add your username to the docker group:

sudo usermod -aG docker ${USER} Copy To apply the new group membership, log out of the server and back in, or type the following: su - ${USER}

You will be prompted to enter your user’s password to continue.

Confirm that your user is now added to the docker group by typing: groups

sammy sudo docker

If you need to add a user to the docker group that you’re not logged in as, declare that username explicitly using:

sudo usermod -aG docker username Copy The rest of this article assumes you are running the docker command as a user in the docker group. If you choose not to, please prepend the commands with sudo.

Let’s explore the docker command next.

Step 3 — Using the Docker Command

https://docs.docker.com/engine/reference/commandline/dockerd/ [DOBlogpost]: https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-22-04 [docker-documentation-networking-bridge]: https://docs.docker.com/network/bridge/ [rfc1918]: http://www.faqs.org/rfcs/rfc1918.html [docker-documentation-registry-mirror]:https://docs.docker.com/registry/recipes/mirror/