Docker is a containerization platform that allows you to develop, ship, and run applications in a portable and efficient manner. By using Docker, you can separate your applications from your infrastructure, which enables you to deliver software quickly and consistently. Docker provides a way to package your application and its dependencies into a container, which can then be run on any machine that has Docker installed. This makes it easy to move your application between development, testing, and production environments.
With Docker, you can manage your infrastructure in the same way you manage your applications. Docker provides a set of tools and methods for shipping, testing, and deploying code, which can significantly reduce the delay between writing code and running it in production. By using Docker’s methodologies, you can streamline the development lifecycle and achieve fast, consistent, and responsive delivery of your applications.
Here are the steps to install Docker on Ubuntu 22.04, with the necessary terminal commands:
- Pre-installation: Update the package index and install the necessary dependencies.
sudo apt update
sudo apt install apt-transport-https ca-certificates curl gnupg lsb-release
- Import Docker Repository: Add the Docker GPG key and add the Docker repository to your system.
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
- Install Docker: Install the latest version of Docker CE.
sudo apt update
sudo apt install docker-ce docker-ce-cli containerd.io
- Manage Docker with systemd: Start and enable the Docker service.
sudo systemctl start docker
sudo systemctl enable docker
- Docker Configuration Setup: Configure Docker to start on boot and enable Docker to run without sudo.
sudo systemctl enable docker
sudo usermod -aG docker ${USER}
Once you have installed Docker, you can configure it to your liking. Here are some basic configurations you can make:
- Create a Docker group: Add your user to the Docker group to avoid having to use sudo when running Docker commands.
sudo groupadd docker
sudo usermod -aG docker $USER
- Configure Docker to use a proxy: If you are behind a proxy, you can configure Docker to use it.
sudo mkdir -p /etc/systemd/system/docker.service.d
sudo nano /etc/systemd/system/docker.service.d/http-proxy.conf
Add the following lines to the file:
[Service]
Environment="HTTP_PROXY=http://proxy.example.com:80/"
Environment="HTTPS_PROXY=https://proxy.example.com:443/"
Save and exit the file, then reload the systemd daemon:
sudo systemctl daemon-reload
sudo systemctl restart docker
- Configure Docker to use a different storage driver: By default, Docker uses the
overlay2storage driver. However, you can configure it to use a different driver if you prefer.
sudo nano /etc/docker/daemon.json
Add the following lines to the file:
{
"storage-driver": "devicemapper"
}
Save and exit the file, then restart Docker:
sudo systemctl restart docker
To secure Docker, you can follow these best practices:
- Use a non-root user: Avoid running Docker as the root user.
- Enable Docker Content Trust: Enable Docker Content Trust to ensure that only trusted images are used.
export DOCKER_CONTENT_TRUST=1
- Use Docker Bench Security: Use Docker Bench Security to check your Docker installation for security issues.
docker run -it --net host --pid host --userns host --cap-add audit_control \
-e DOCKER_CONTENT_TRUST=$DOCKER_CONTENT_TRUST \
-v /etc:/etc:ro \
-v /usr/bin/containerd:/usr/bin/containerd:ro \
-v /usr/bin/runc:/usr/bin/runc:ro \
-v /usr/lib/systemd:/usr/lib/systemd:ro \
-v /var/lib:/var/lib:ro \
--label docker_bench_security \
docker/docker-bench-security