🐳 Install Docker Server¶
Docker is an open platform for developing, shipping, and running applications. Docker enables you to separate your applications from your infrastructure so you can deliver software quickly.
With Docker, you can manage your infrastructure in the same ways you manage your applications.
Docker Architecture
📥 Installation¶
Docker and Docker Compose can be installed easily on debian system using apt.
# uninstall any old/conflicting Docker packages
sudo apt remove -y docker docker-engine docker.io containerd runc
# install requirements
sudo apt-get update
sudo apt install -y ca-certificates curl gnupg lsb-release
# add gpg key used to sign the docker repository
sudo mkdir -p /etc/apt/keyrings
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg
# add docker's official apt repository
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] \
https://download.docker.com/linux/debian \
$(lsb_release -cs) stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
# install docker
sudo apt-get update
sudo apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin
# check that docker and docker compose are installed
docker --version
docker compose
⚙️ Configuration¶
Launching Docker commands as user instead of root
By default that Unix socket is owned by the user root and other users can only access it using sudo.
The Docker daemon always runs as the root user.
If you don’t want to preface the docker command with sudo, create a Unix group called docker and add users to it.
When the Docker daemon starts, it creates a Unix socket accessible by members of the docker group.
# add user to the docker group
sudo usermod -aG docker ${USER}
# log out and log back in so that your group membership is re-evaluated
sudo systemctl restart docker
Docker Log Rotation
By default, Docker does not enable log rotation.
As a result, container logs (*-json.log files) can grow very large over time, consuming gigabytes of disk space.
The following steps help you check log sizes, clean up existing logs, and enable automatic log rotation to prevent this problem.
# list all container log files with their sizes
sudo find `docker info --format '{{ .DockerRootDir }}'`/containers -name "*-json.log" -exec du -sh {} +
# clean all container logs (they can be gigabytes in size)
sudo find `docker info --format '{{ .DockerRootDir }}'`/containers/ -name "*-json.log" -exec sudo truncate -s 0 {} \;
Note: This only clears logs: containers will continue running normally.
To prevent log files from growing indefinitely, configure log rotation via Docker's daemon.json file:
# create /etc/docker/daemon.json with log rotation settings
sudo jq '
. + {
"log-driver": "json-file",
"log-opts": {
"max-size": "10m",
"max-file": "3"
}
}
' /etc/docker/daemon.json \
| sudo tee /etc/docker/daemon.json.tmp > /dev/null \
&& sudo mv /etc/docker/daemon.json.tmp /etc/docker/daemon.json
# restart docker for changes to take effect
sudo systemctl restart docker
Moving Docker's data directory to SSD
Moving Docker’s default data directory to the SSD provides several benefits:
- 🚀 Improve build speed and container I/O performance
- 💾 Reduce wear on your eMMC
- 📦 Give you more space for images & volumes
# stop docker
sudo systemctl stop docker
# create new docker directory on SSD
sudo mkdir -p /media/ssd/docker-lib
# copy everything safely
sudo rsync -aP /var/lib/docker/ /media/ssd/docker-lib/
# rename old directory (safety backup)
sudo mv /var/lib/docker /var/lib/docker.bak
# tell docker to use new location
sudo jq '. + {"data-root": "/media/ssd/docker-lib"}' /etc/docker/daemon.json \
| sudo tee /etc/docker/daemon.json.tmp > /dev/null \
&& sudo mv /etc/docker/daemon.json.tmp /etc/docker/daemon.json
# restart docker
sudo systemctl start docker
# remove backup
sudo rm -rf /var/lib/docker.bak