Tags: Docker »»»» Self Hosting
Docker is a system for deploying containerized software on laptops, single board computers, server farms, or massive compute systems. It gives you a Linux environment in which to install software, that is packaged in a portable format, for execution on any system that can run Open Container Initiative (OCI) containers. It is easy to setup Docker on Linux hosts, and only slightly harder on Mac or Windows systems.
Let's start this journey into Docker by learning how to install it on popular systems, namely macOS, Windows and Linux. Installation is very simple thanks to the hard work of the Docker team. You youngsters don't know how easy you have it now that Docker for Mac and Docker for Windows exist. Long gone are the days when we had to install VirtualBox along with a specialized virtual machine to use Docker.
Docker ecosystem overview
The Docker ecosystem is focused on developer tools for containerizing applications. This includes tools for constructing Docker images, running Docker containers, interacting with remote Docker servers, and orchestrating Docker deployments over multiple machines using either Docker Swarm or Kubernetes.
A container is just enough of an operating system image to support running a specific application. This includes a Linux kernel, some command-line tools, some of the administrative utilities and files, set up in a Linux file system, along with the installed application(s). The word container refers to the execution context. They are built by downloading an image, which contains the files required the container. Software engineers construct images using Docker build tools.
To execute a Docker container requires having a Docker runtime, then running Docker commands to download and execute images on that runtime.
On Linux, the Docker runtime is called Docker Engine. It supplants the older Docker CE package.
Processes executing inside a Docker container run natively on the Linux host system. These processes are run inside a virtualization context causing the process to believe it is executing on a different Linux release, with a different filesystem, and semi-virtualized networking and devices. The result is that one container might be built with Debian, another built with Arch Linux, another built with Gentoo, but the host operating system is Linux Mint, with Docker keeping everything straight.
On macOS and Windows, the Docker runtime is called Docker Desktop. There is also a Docker Desktop runtime for Linux.
On both macOS and Windows, the host operating system is not Linux, obviously. Docker does not run natively on those systems. For each, Desktop includes a lightweight virtual Linux environment configured with a Docker Engine environment for executing Docker containers. The Desktop user doesn't interact with that virtual Linux environment, but it's there. In the olden days, a few years ago, we had to build that Linux VM ourselves and jump through several dozen hoops. Docker Desktop takes care of everything for us. They come bundled with the same command-line tools supplied with Docker Engine, but configured to interface with the bundled Docker Engine contained.
The Docker Desktop for Linux is architected the same way with a lightweight Linux environment for Docker execution. Containers executing in the Linux version of Desktop are therefore in a separate Docker environment than any containers executing on Docker Engine on the same system.
Installing Docker Desktop on Windows, macOS, or Linux
For desktop (GUI) systems it might be preferable to install Docker Desktop. This product is easy to install -- it's just an app you install like any other app -- along with a GUI for administering the local Docker installation.
The URLs are:
- macOS: https://docs.docker.com/desktop/install/mac-install/
- Windows: https://docs.docker.com/desktop/install/windows-install/
- Linux: https://docs.docker.com/desktop/install/linux-install/
The installation instructions for macOS and Windows is essentially, download the installer, run the installer, profit. For Linux, installation is a little more complex, of course.
Docker Desktop was formerly a $0 cost free application, and is still free for individuals or small teams to use. But, it now comes under these terms:
Commercial use of Docker Desktop in larger enterprises (more than 250 employees OR more than $10 million USD in annual revenue) requires a paid subscription.
On macOS, it is only supported on recent releases:
Docker supports Docker Desktop on the most recent versions of macOS. That is, the current release of macOS and the previous two releases.
On Windows, it's required to have a recent Windows build, and to have WSL2 or Hyper-V enabled.
Installing Docker Engine on Linux (Ubuntu)
Installing Docker Engine follows roughly the same steps on all Linux distros. For demonstration purposes, we'll go over the Ubuntu process here. For other distros, proceed to the online documentation.
The primary documentation is: https://docs.docker.com/engine/install/
Linux is the only operating system on which you can install Docker Engine. That's because it uses native Linux capabilities that do not exist on macOS or Windows. To install Docker on either of those, use Docker Desktop instead.
In many cases you'll find Docker packages in the package management system of your preferred Linux distribution.
The first step is removing any existing Docker packages.
# Uninstall any existing Docker support
for pkg in docker.io docker-doc docker-compose docker-compose-v2 \
podman-docker containerd runc; do \
sudo apt-get remove $pkg;
done
These may be installed on your computer, and would interfere with installing the latest Docker environment.
In the case of docker-compose
, that command has been obsolete for a couple years since that functionality is now available via the docker compose
command. Notice that the -
is missing from docker compose
, because the Compose functionality is now incorporated into the docker
command. Notice below that one of the installed packages, docker-compose-plugin
, suggests that Compose is a plugin for the docker
command,
This script is derived from the official instructions.
# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl gnupg
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg
# Add the repository to Apt sources:
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
# Install Docker packages
sudo apt-get install docker-ce docker-ce-cli containerd.io \
docker-buildx-plugin docker-compose-plugin
# Post-installation steps
sudo groupadd docker
sudo usermod -aG docker $USER
They setup, configure, and launch the Docker Engine service.
The last two commands ensure that a group named docker
exists, and that the current user is added to that group. Doing this allows the docker
command to be executed by an unprivileged user.
This command is a simple way to test whether Docker is installed and running correctly. But, for a fresh installation you'll see this error, because while your user ID was added to the docker
group this change requires an additional step.
$ docker run --rm hello-world
docker: permission denied while trying to connect to the Docker daemon socket at ...
This error message is printed when the current user is not part of the docker
group. The Docker Engine service uses a Unix-domain socket allowing Docker tools to communicate with the Engine using the Docker protocol. THis socket is protected this way:
$ sudo ls -l /var/run/docker.sock
srw-rw---- 1 root docker 0 Jan 6 22:00 /var/run/docker.sock
Hence, any process that is in the docker
group can access this socket. But, at the end of running the script above, your user ID has been added to this group, but your user environment is not running with that group.
To enable being in the docker
group, simply log out then log back in. Once you do that the command to run the hello-world
container will execute, proving that Docker is installed and ready to go.
Docker-Compose is dead, long live Docker Compose
You may see tutorials discussing use of docker-compose
and telling you to install the separate docker-compose
package. That command, and corresponding packages, were deprecated years ago. The current Compose file format is greatly advanced over the version supported by docker-compose
, and all of its functionality is now available with docker compose
(no -
).
Summary
Having installed Docker you have before you a journey in learning (more) about Docker.
It is a powerful system that has revolutionized the operational side of most software systems. With Docker you can develop software on your laptop, and deploy to production servers it in exactly the same environment. This can end that old excuse of "it works on my computer", because the Docker container is exactly the same no matter where it is executing.
Docker isn't just for server farms rented from a cloud web hosting provider. You can use a compact mini-PC, like an Intel NUC, for home-based Docker deployments. This is called "Home Lab" or "Self-Hosting". There's no need to pay princely sums to a cloud hosting provider like AWS to run a few services for personal needs. An inexpensive mini-PC sitting in the corner of your home office easily pays for itself within a few months.