Skip to content
d-centralize handbook

Docker

Docker is an open platform for developers and sysadmins to build, ship, and run distributed applications. Docker enables apps to be quickly assembled from components and eliminates the friction between development, QA, and production environments. As a result, IT can ship faster and run the same app, unchanged, on laptops, data center VMs, and any cloud.

Installation

Docker can be installed from the default Ubuntu repository, but docker-compose-plugin isn’t available there. So install everything from the docker.com repository:

Terminal window
# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc


# Add the repository to Apt sources:
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

Then add the regular user to the docker group:

Terminal window
sudo usermod -a -G docker $USER

To be on the safe side, reboot your machine now. A newly initialized terminal may also be enough.

Test whether it worked:

Terminal window
sudo docker run hello-world

Command line tips & tricks

Rerun every step when building a Docker image from a Dockerfile. This is especially useful when a copied file is modified:

Terminal window
docker build --no-cache .

Remove all containers no longer running:

Terminal window
docker rm $(docker ps -aq -f status=exited)

Start a docker container, open an interactive shell inside the container and, automatically remove the container upon exit.

Terminal window
docker run -it --rm <image:version>

Remove all untagged images:

Terminal window
docker rmi $(docker images -q -f "dangling=true")

Execute a command within a running Docker container:

Terminal window
docker exec <container_id> <command>

Open an interactive shell inside a Docker container:

Terminal window
docker exec -it <container_id> /bin/bash

Specify an architecture to build the Docker image for:

Terminal window
docker build . --platform linux/arm64/v8 /bin/bash

Enabling kernel address space layout randomization. When running debug tools such as gdb, you might encounter errors such as: “warning: Error disabling address space randomization: Operation not permitted”. This is because by default, docker does not provide permission to disable the kernel’s address space layout randomization, gdb turns this off in order to ensure the address of stack objects will be the same each time you run the program. To work around this problem provide the following options when starting the container:

Terminal window
docker run --security-opt seccomp=unconfined <image:version>

Docker Desktop Warning

Docker Desktop has been causing problems when running some of the projects. It’s been known to conflict with docker compose, so the general advise is to uninstall docker desktop and only use the docker and docker compose CLI tools.

Ensure that docker has been installed like in the handbook. If you intend to use Docker Desktop and you encounter problems with running some of the projects you can refer to this documentation - https://docs.docker.com/engine/install/linux-postinstall/

Host networking

When using docker desktop for certain projects, it might be that you need to run docker compose up to set up an environment. This may not work as intended because of the network being set to host. This is because the host uses the host’s network, and seeing as Docker Desktop has the docker daemon running in a virtual machine, it won’t be able to connect to your physical network. To read more about this you can read the forum explaining most of it. There is a solution for this if you are on Linux. On Windows you will probably need to set up a Linux machine using WSL to follow the steps below.

First of all you should completely turn off docker desktop by quitting it.

Linux

Start the docker service:

Terminal window
systemctl start docker

WSL

Enable iptables compatibility

Terminal window
echo 1 | update-alternatives --config iptables

Start docker service

Terminal window
sudo service docker start

Check if the status is: * Docker is running

Terminal window
sudo service docker status

Enable docker on startup

To enable docker on startup run:

Terminal window
systemctl enable docker.service
systemctl enable containerd.service

You should now be able to run docker containers using the network mode host.