105 lines
2.1 KiB
Markdown
105 lines
2.1 KiB
Markdown
# Docker
|
|
|
|
Containerized services for easy deployment and updates.
|
|
|
|
## Inspiration / Further Reading
|
|
|
|
- [https://docs.docker.com/install/](https://docs.docker.com/install/)
|
|
- [https://docs.docker.com/install/linux/docker-ce/debian/](https://docs.docker.com/install/linux/docker-ce/debian/)
|
|
- [https://blog.alexellis.io/get-started-with-docker-on-64-bit-arm/](https://blog.alexellis.io/get-started-with-docker-on-64-bit-arm/)
|
|
|
|
## Pre Flight Setup
|
|
|
|
``` bash
|
|
|
|
apt remove docker docker-engine docker.io
|
|
apt install \
|
|
apt-transport-https \
|
|
ca-certificates \
|
|
curl \
|
|
gnupg2 \
|
|
software-properties-common
|
|
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
|
|
|
|
```
|
|
|
|
### Arm (32bit / armv7)
|
|
|
|
``` bash
|
|
|
|
add-apt-repository \
|
|
"deb [arch=armhf] https://download.docker.com/linux/debian \
|
|
$(lsb_release -cs) \
|
|
stable"
|
|
|
|
```
|
|
|
|
### Arm (64bit)
|
|
|
|
``` bash
|
|
|
|
add-apt-repository \
|
|
"deb [arch=arm64] https://download.docker.com/linux/debian \
|
|
$(lsb_release -cs) \
|
|
stable"
|
|
|
|
```
|
|
|
|
## Install
|
|
|
|
``` bash
|
|
|
|
apt update
|
|
apt install docker-ce
|
|
systemctl enable docker
|
|
|
|
```
|
|
|
|
## Adjust Storage
|
|
|
|
**OPTIONAL**
|
|
|
|
If you have an external USB storage device always connected, you may want to move the contents of ```/var/lib/docker``` to somewhere on the external storage and use a symlink in place. This will help with churn on the internal micro-sd card and extend its life.
|
|
|
|
## Configure Docker Default Bridge
|
|
|
|
Ensure the default Docker bridge doesn't conflict with existing networks.
|
|
|
|
*Note: replace arm64 with arm32 in the below if using an arm32 board*
|
|
|
|
``` bash
|
|
|
|
cat >> /etc/docker/daemon.json <<EOF
|
|
{
|
|
"bip": "10.30.0.1/16",
|
|
"labels": [
|
|
"os=linux",
|
|
"arch=arm64"
|
|
]
|
|
}
|
|
EOF
|
|
systemctl restart docker
|
|
|
|
```
|
|
|
|
## Setup Custom Network for Services
|
|
|
|
``` bash
|
|
|
|
docker network create \
|
|
--subnet=172.30.0.1/16 \
|
|
docker-private
|
|
|
|
```
|
|
|
|
## Trust Docker Private LAN
|
|
|
|
``` bash
|
|
|
|
nmcli connection show # Look for uuid of new docker bridge
|
|
nmcli connection modify [uuid] connection.zone trusted
|
|
systemctl restart NetworkManager docker firewalld
|
|
firewall-cmd --info-zone trusted
|
|
|
|
```
|