How to manage Linux containers with Docker on Ubuntu

Last updated on December 12, 2020 by Dan Nanni

While full hardware virtualization such as KVM, Xen or Hyper-V is great at running fully isolated instances of multiple operating systems on a physical host, it comes with various overheads in terms of performance, resource, and provisioning time. Depending on your use cases, full machine virtualization may actually not be necessary.

An alternative lightweight virtualization approach is so-called Linux Containers (LXC), which provides operating system level virtualization. Without the overhead of running virtual machines, LXC allows you to run multiple instances of full Linux operating system within lightweight container sandbox. Containers can be very useful when you set up a reproducible development/test environment or deploy applications within secure sandboxes.

Docker is an open-source tool which was developed to facilitate the deployment of Linux containers. Docker is fast becoming a de-facto standard for container technologies, being embraced in major Linux distros such as Ubuntu and Red Hat.

In this tutorial, I am going to demonstrate how to manage Linux containers with Docker on Ubuntu 18.04 LTS. Note that instructions may be slightly different for earlier versions of Ubuntu. If you want to try out Docker on Fedora or CentOS, refer to this tutorial.

At this time, the Docker package available on Ubuntu only supports 64-bit systems. To run it on 32-bit machine, you will need to build 32-bit version of Docker from source.

Install Docker

Docker is available as docker.io in the base Ubuntu repositiory (due to naming conflict with a system tray app called "docker"). However, it is recommended you install the latest stable version of Docker from the official source as described in this post.

The first step is to install dependencies and provision the official Docker repository on your Ubuntu system:

$ sudo apt update
$ sudo apt install -y apt-transport-https ca-certificates curl software-properties-common
$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
$ sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
$ sudo apt update

Finally, use apt command to install Docker.

$ sudo apt install -y docker-ce

To allow non-root user to run Docker, add yourself to docker group. The command below will allow the current user to run Docker without root permission.

$ sudo usermod -a -G docker $USER

Log out and then re-login to activate group membership change.

Optional: Add Proxy Configuration for Docker

If you need to use Docker behind an HTTP proxy, proceed as follows. Skip this step if you don't have a proxy.

Create a systemd configuration file for the proxy:

$ sudo mkdir /etc/systemd/system/docker.service.d
$ sudo vi /etc/systemd/system/docker.service.d/http-proxy.conf
[Service]
Environment="HTTP_PROXY=http://<your-proxy-IP-address:proxy-port>/"
NO_PROXY=localhost,127.0.0.1

After this, restart Docker service:

$ sudo systemctl daemon-reload
$ sudo systemctl restart docker

Manage Docker Containers

If you want to start a new Docker container of Ubuntu operating system, first pull Ubuntu Docker image first. The command below will download the latest Docker image (Ubuntu 20.04 LTS) over a network. The first time you run this command, it will take a couple of minutes to finish. The downloaded image will be cached locally, so subsequent pulls of the same image will be completed instantly.

$ docker pull ubuntu

You can start a Ubuntu Docker in an interactive mode as follows.

$ docker run -i -t ubuntu /bin/bash

In the above command, the last argument /bin/bash is the command that will be executed inside a container once it is launched, in this case, a simple bash shell. So it will launch a Ubuntu container immediately (which is the beauty of containers!), and give you a shell prompt inside the container. At this point, you should be able to access a minimal Ubuntu operating system inside a sandboxed environment.

To exit a Docker container, type exit at the prompt inside the container.

You can launch containers in different flavors. For example, to start a Fedora container:

$ docker run -i -t fedora /bin/bash

If a Fedora Docker image is not available locally, the command will automatically download the image first, and then launch a Docker.

If you want to launch a container with a particular distro release, you can also do that by specifying a version number. For example, to start a Ubuntu 18.04 Docker:

$ docker run -i -t ubuntu:18.04 /bin/bash

Container Networking

Docker uses Linux bridge to interconnect containers with each other, and to connect them to external networks. After installing Docker, you should see docker0 Linux bridge created automatically by default. Every container you create will be connected to docker0 bridge interface on 172.17.0.0/16 by default.

Customize Default Docker Network docker0

If you want, you can customize the default Docker network docker0 to use a different subnet. For example, if you want to change the default subnet 172.17.0.0/16 to 10.0.0.0/24, do the following.

Open /etc/systemd/system/multi-user.target.wants/docker.service, and add --bip "10.0.0.1/24" as a parameter to /usr/bin/dockerd as shown below.

$ sudo vi /etc/systemd/system/multi-user.target.wants/docker.service
ExecStart=/usr/bin/dockerd -H fd:// --bip "10.0.0.1/24"

To activate the change, restart Docker service:

$ sudo systemctl daemon-reload
$ sudo systemctl restart docker

At this point, docker0's network should be changed to 10.0.0.1/24.

From this point any new container that is launched will be assigned an IP address from 10.0.0.0/24. For more ambitious users, there are more advanced and user-friendly docker networking tools which allow Docker containers to interconnect themselves across multiple hosts.

Other Customizations

There are several other ways to customize the default network settings of Docker, mostly by adding additional parameters to /usr/bin/dockerd in /etc/systemd/system/multi-user.target.wants/docker.service.

Troubleshooting

1. You encounter the following error when running docker command.

dial unix /var/run/docker.sock: no such file or directory

The error may be because Docker daemon is not running. Check the status of Docker daemon, and make sure to start it first.

$ sudo systemctl status docker
$ sudo systemctl start docker

2. You encounter the following error when starting a Docker container.

docker: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.38/containers/create: dial unix /var/run/docker.sock: connect: permission denied.
See 'docker run --help'.

This error is because you are not added to the docker group, and so you need root privilege to run a Docker. If you want to run Docker without root privilege, add yourself to docker group as follows.

$ sudo usermod -a -G docker $USER

Log out and log back in, and try again.

Support Xmodulo

This website is made possible by minimal ads and your gracious donation via PayPal or credit card

Please note that this article is published by Xmodulo.com under a Creative Commons Attribution-ShareAlike 3.0 Unported License. If you would like to use the whole or any part of this article, you need to cite this web page at Xmodulo.com as the original source.

Xmodulo © 2021 ‒ AboutWrite for UsFeed ‒ Powered by DigitalOcean