Home

Archive

Knowledge Base

Graph

Portfolio

Contact

live

Dock­er

5:10AMFebruary 18 2025Daniel Tompkins
codeLinuxsysadmin

Archive KB devops

In­stal­la­tion

Though I work hard to pro­vide the most up-to-date in­for­ma­tion in this knowl­edge base, I don't al­ways have the time to manage every­thing my­self. To en­sure you're fol­lowing the latest in­stal­la­tion in­struc­tions for your plat­form, I rec­om­mend vis­iting the of­fi­cial doc­u­men­ta­tion .

In­stall Docker Com­mu­nity Edi­tion (CE)

Instructions written for Ubuntu 20.04 LTS (YMMV)

Please note that this page uses ex­am­ples that ex­e­cute the Ubuntu apt package man­ager. If you're on macOS, you'll want to use brew in­stead. If you're on an­other Linux distro, package names might be dif­ferent and you might have a dif­ferent package man­ager other than apt.

Remove any previous installs of Docker
shell
sudo apt remove docker docker-engine docker.io
Install prerequisites
shell
sudo apt install apt-transport-https ca-certificates curl software-properties-common gnupg
Add Docker GPG
shell
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
Verify fingerprint
shell
sudo apt-key fingerprint 0EBFCD88
Add stable Docker repo (replace amd64 with your architecture)
shell
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
Install Docker
shell
sudo apt update sudo apt install docker-ce
Add user to Docker group
shell
sudo usermod -aG docker $USER

In­stall Docker Com­pose

shell
sudo apt update sudo apt install docker-compose-plugin

Tips

Clean slate
shell
docker-compose down -v --rmi all --remove-orphans

Ex­pose vs Ports

In a docker-compose.yml file, you have the op­tion to use ei­ther:

yml
... expose: - 5432 ... # and/or ... ports: - 5432:5432 ...

These two op­tions look be­nignly sim­ilar, but they are crit­i­cally dif­ferent:

  • The expose key­word will "ex­pose" that Docker con­tain­er's port to the host server— as well as to other con­tainers ac­tive on the server.
  • The ports key­word will map the con­tain­er's port to the host's port.

The sig­nif­i­cance of this is that a port map of 443:443 on a con­tainer­ized Nginx or Apache will allow ex­ternal traffic (i.e., the public In­ternet) to in­teract di­rectly with the Docker con­tain­er's Web server. How­ever, if using expose for 443 in­stead, that con­tainer won't be public.

This is an im­por­tant dis­tinc­tion for things like data­bases or mem-cache ser­vices (Redis) that you might not want ex­posed to the public Web. In those in­stances, expose will still allow other con­tainers to in­ter­face on the same host without al­lowing ex­ternal in­spec­tion.

Previous
Two screens on a desk, featuring cyberpunk terminals in an anime illustration style.
En­vi­ron­ments
06 07 2020kb
As a software engineer or systems administrator, you'll want to know how to set up a BASH environment and configure an editor like Vim....
codeLinux
Next
Colorful shipping containers being stacked in a grid by yellow cranes.
De­vOps
07 07 2020kb
Developer operations (DevOps) is an important aspect of software engineering. Here are some of my notes and other useful DevOps tips....
codeLinux