Differences

This shows you the differences between two versions of the page.

--- docs:guide-user:virtualization:docker_host [2023/12/28 22:18] – [Install Docker Community Edition] fixed package name palebloodsky
+++ docs:guide-user:virtualization:docker_host [2024/10/08 16:59] (current) – [Docker Community Edition] luci-app-dockerman now depends on dockerd stokito
@@ Line 1: / Line 1: @@
 ======= OpenWrt as Docker container host =======
-OpenWrt can be a [[wp>Docker_(software)|Docker]] host on x86-64, Aarch64, and other supported architectures.
+[[wp>Docker_(software)|Docker]] uses OS-level virtualization to deliver software in packages called containers. This is used to automate the deployment of applications in lightweight containers so that applications can work efficiently in different environments in isolation.
-There are two ways to use Docker as a host, install Docker Community Edition, or use native OpenWrt tools that support Docker container specification.
+To run containers, users may install Docker Community Edition, use native OpenWrt tools, or use Podman. While Docker CE is perhaps the most typical method, this guide covers several options.
-You will probably need to [[docs:guide-user:storage:usb-drives|set up storage first]] as a place to store the containers and data.
+===== Prerequisites =====
-Also in most cases you will be running the container as a specific user and will give it access to some folder outside the container, where it can store its configuration and the data. So you will probably need to [[docs:guide-user:additional-software:create-new-users|create new users and groups for applications or system services]], create the folders for the configuration and data, and then change the owner of these folders to the user you will run the container as.
+For devices with small flash partitions you may need to [[docs:guide-user:storage:usb-drives|set up storage]] to store the containers and data.
-===== Install Docker Community Edition =====
+Also in many cases you will be running the container as a specific user that will need access to some folder outside the container for its configuration and data. So you will probably need to [[docs:guide-user:additional-software:create-new-users|create new users and groups]] for applications, create folders, and then change the owner of these folders to the user who will run the container.
-  * Install **luci-app-dockerman** to get a control panel for containers in Luci along with CLI docker and all required packages
-  * Install **docker** for only the command line tools\\
-The default folder for docker in the dockerman luci interface is **/opt/docker** so you want to mount your storage at **/opt** or change the folder in **Docker** >  **Overview** > **Docker Root Dir** and then restart the dockerd service.
+===== Docker Community Edition =====
+First you need to install the ''dockerd'' (''opkg install dockerd'' ~16 Mb) daemon that will run containers.
+It provides an [[https://docs.docker.com/engine/api/|Docker Engine API]] available by a local UNIX socket and HTTP REST that can be called from outside if allowed.
-==== Adding images ====
+Then you need a //client// e.g. ''docker'' (''opkg install docker'' ~12 Mb) to connect for the daemon API and start containers.
+To save space you can use the ''docker'' from another computer if the Docker Engine is opened.
-To add an image, search for it on [[https://hub.docker.com/|Docker Hub]], then copy the image name from the **docker pull** text box. For example, if the text is **docker pull linuxserver/transmission**, then copy **linuxserver/transmission**.
+As a GUI client install ''luci-app-dockerman'' (''opkg install luci-app-dockerman'') to get a LuCI page to manage containers. It can work with ''dockerd'' on both remote and local hosts. Since the ''luci-app-dockerman'' version v0.6 it will also install the ''dockerd'' and even ''docker-compose'' as a dependency.
+The default folder for docker in the dockerman Luci interface is **/opt/docker** so mount your storage at **/opt** or change the folder in **Docker** >  **Overview** > **Docker Root Dir** then restart the dockerd service.
+==== Adding images ====
+Search for an image on [[https://hub.docker.com/|Docker Hub]], then copy the image name from the **Docker Pull Command** text box. For example, if the text is **docker pull linuxserver/transmission**, then copy **linuxserver/transmission**.
 In Luci go to **Docker** > **Images** and paste that text in the **Pull Image** box, then click **Pull**. The page will show the download progress.
-Note for larger container pulls Luci might timeout, so you will need to use the command line. For example, unifi-controller images include java runtime environment and approach 500MB, so you can SSH in and enter: **docker pull linuxserver/unifi-controller**.
+Note for larger container pulls LuCI might timeout, so you will need to use the command line. For example, Unifi-network-application includes java runtime environment and approaches 500MB. For this you can instead use SSH and enter: ''docker pull lscr.io/linuxserver/unifi-network-application:latest''.
-Then in Luci go to **Docker** > **Containers** > **Add**. In the new container page select the docker image from the **Docker Image** menu, then set all other parameters (usually the available/useful parameters are described in the description of the container on Docker Hub), then press Submit to create the container.
+Once you have your images, in Luci go to **Docker** > **Containers** > **Add**. In the new container page select the docker image from the **Docker Image** menu, then set all other parameters (usually the available/useful parameters are described in the description of the container on Docker Hub), then press Submit to create the container.
-==== Configure The Docker CE Engine Daemon ====
+==== Configure the Docker daemon ====
 Config is located in ''/etc/config/dockerd''.
@@ Line 47: / Line 54: @@
+===== Native OpenWrt tools =====
-===== Use native OpenWrt tools =====
+Instead of running Docker CE users may want to use the procd init system which supports Open Container Initiative Runtime Specification set by [[https://opencontainers.org/|Opencontainers.org]]. This extends its slim containers ('ujail') capability. The uxc command line tool handles the basic operations on containers as defined by the spec. This allows to use it as a drop-in replacement for Docker's 'runc' (or 'crun') on OpenWrt hosts with a reduced footprint.
-Procd init system now supports Open Container Initiative Runtime Specification, extending its slim containers ('ujail') capability.\\
-The uxc command line tool handles the basic operations on containers as defined by the spec.\\
-This allows to use it as a drop-in replacement for Docker's 'runc' (or 'crun') on OpenWrt hosts with a significantly reduced footprint.
 Detailed but possibly outdated info available on https://gitlab.com/prpl-foundation/prplos/prplos/-/wikis/uxc
-==== install packages ====
-For 20.0x install the following:
-<code>
-opkg install kmod-veth uxc ujail-console
-</code>
-For newer snapshots:
+==== Install packages ====
+Install the following:
 <code>
 opkg install kmod-veth uxc procd-ujail procd-ujail-console
 </code>
-==== create veth pair for container ====
+==== Create veth pair for container ====
 <code>
 uci batch <<EOF
@@ Line 84: / Line 84: @@
 </code>
-====creating an OCI run-time bundle====
+==== Creating an OCI run-time bundle ====
 To create an OCI run-time bundle, which is needed for uxc, follow these steps.
@@ Line 102: / Line 102: @@
 This is quite cumbersome. If someone knows a better way, please do update this page.
-====import a OCI runtime container====
+==== Import a OCI runtime container ====
 (assuming OCI run-time bundle with config.json in /mnt/sda3/debian)
 <code>
@@ Line 118: / Line 118: @@
 ===== Podman =====
-https://podman.io/ is another alternative to Docker and it is compatible with docker client commands.
+https://podman.io/ is alternative to Docker and it is compatible with Docker client commands.
 Here is example setup using podman to create web server container with proxy.