Setting up a Docker Engine and running as a rootless user (Ubuntu)
Rootless user (Ubuntu)
Installing Docker Engine.
You first need to set up a repository for first-time usage. You can subsequently install and update Docker from the repository
Setting up a repository
- Update
aptpackage index.sudo apt-get update - Install packages to allow apt to use a repository over HTTPS.
sudo apt-get install \ ca-certificates \ curl \ gnupg \ lsb-release - Add Docker’s official GPG key:
then:sudo mkdir -p /etc/apt/keyringscurl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg - Setup the repository
echo \ "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
Install Docker Engine
- Update
aptpackage index:sudo apt-get update - Install the latest version of Docker:
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin - Make sure the engine is running:
sudo docker run hello-world.Note: This command downloads a test image and runs it in a container. When the container runs, it prints a message and exits as shown below.
Welldone, Docker Engine is installed and running.
Running as a rootless user
Requirements
Rootless mode allows running the Docker daemon and containers as a non-root user to mitigate potential vulnerabilities in the daemon and the container runtime.
Open a terminal (
CTRL + ALT + T)Install
dbus-user-session(Simple Interprocess Messaging system) used for sending messages between applications.
sudo apt-get install -y dbus-user-session
- Run:
This sets up the daemon. Make sure the system-wide docker daemon is not running. If so, kill the process using:dockerd-rootless-setuptool.sh install
Your output should be similar to the one in the image below.sudo systemctl disable --now docker.service docker.socket
If you get an error, if dockerd-rootless-setuptool.sh is not present, you may need to install the docker-ce-rootless-extras package manually
sudo apt-get install -y docker-ce-rootless-extras
- Set up the environmental variables
export PATH=/usr/bin:$PATH export DOCKER_HOST=unix:///run/user/1000/docker.sock
Setting up the client
Note. Use systemctl --user to manage the lifecycle of the daemon:
systemctl --user start docker
- You must specify either the socket path or the CLI context explicitly.
a. To specify the socket path using $DOCKER_HOST:
export DOCKER_HOST=unix://$XDG_RUNTIME_DIR/docker.sockdocker context use rootless - Run a Nginx open-source in a Docker container:
docker run -d -p 8080:80 --name nginx_server nginx - The
-doption specifies that the container runs in detached mode: the container continues to run until stopped but does not respond to commands run on the command line. - The
-p(alternative--publish) flag exposes the port outside of Docker, to make the port available outside of Docker. See Networking in containers You can assign memorable names to your docker containers when you run them, using the
--nameflag. Here we choosenginx_serverThe first port number is associated with the host running the container. In the nginx example, 8080 is exposed on the host; in our case, that would be localhost:8080.Now our Nginx is up and running. Verify Either on in your browser or in the terminal using the command below:
- Terminal:
curl http://localhost:8080
- Terminal:
- In a Browser. Open a new tab and navigate to:
http://localhost:8080
- Shutting down a container. We aliased our container with the name
nginx_server. Shutdown the container using:docker stop nginx_server - Removing the container:
docker rm -f nginx_server - Shutdown all docker containers:
systemctl stop docker
Useful reference
- Learn more at Docker docs
- Using port mappings
Thanks for reading. Let us know your suggestions in the comments below