github/container.training
1
0
Fork 0
mirror of https://github.com/jpetazzo/container.training.git synced 2026-05-14 04:46:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
7ea740f6474ec5f8ee4efadaf2cfdb53bee2fb8b
container.training/slides/intro/Installing_Docker.md
Jérôme Petazzoni 2aad5319f9 Rename title images for consistency
2017-11-08 10:41:46 -08:00

129 lines
3.2 KiB
Markdown
Raw Blame History

class: title
# Installing Docker
![install](images/title-installing-docker.jpg)
---
## Objectives
At the end of this lesson, you will know:
* How to install Docker.
* When to use `sudo` when running Docker commands.
*Note:* if you were provided with a training VM for a hands-on
tutorial, you can skip this chapter, since that VM already
has Docker installed, and Docker has already been setup to run
without `sudo`.
---
## Installing Docker
There are many ways to install Docker.
We can arbitrarily distinguish:
* Installing Docker on an existing Linux machine (physical or VM)
* Installing Docker on MacOS or Windows
* Installing Docker on a fleet of cloud VMs
---
## Installing Docker on Linux
* The recommended method is to install the packages supplied by Docker Inc.
* The general method is:
- add Docker Inc.'s package repositories to your system configuration
- install the Docker Engine
* Detailed installation instructions (distro by distro) are available on:
https://docs.docker.com/engine/installation/
* You can also install from binaries (if your distro is not supported):
https://docs.docker.com/engine/installation/linux/docker-ce/binaries/
---
## Installing Docker on MacOS and Windows
* On MacOS, the recommended method is to use Docker4Mac:
https://docs.docker.com/docker-for-mac/install/
* On Windows 10 Pro, Enterprise, and Eduction, you can use Docker4Windows:
https://docs.docker.com/docker-for-windows/install/
* On older versions of Windows, you can use the Docker Toolbox:
https://docs.docker.com/toolbox/toolbox_install_windows/
---
## Running Docker on MacOS and Windows
When you execute `docker version` from the terminal:
* the CLI connects to the Docker Engine over a standard socket,
* the Docker Engine is, in fact, running in a VM,
* ... but the CLI doesn't know or care about that,
* the CLI sends a request using the REST API,
* the Docker Engine in the VM processes the request,
* the CLI gets the response and displays it to you.
All communication with the Docker Engine happens over the API.
This will also allow to use remote Engines exactly as if they were local.
---
## Docker4Mac and Docker4Windows
* They let you run Docker without VirtualBox
* They are installed like normal applications (think QEMU, but faster)
* They access network resources like normal applications
<br/>(and therefore, play well with enterprise VPNs and firewalls)
* They support filesystem sharing through volumes (we'll talk about this later)
* They only support running one Docker VM at a time ...
... so if you want to run a full cluster locally, install e.g. the Docker Toolbox
* They can co-exist with the Docker Toolbox
---
## Important PSA about security
* If you have access to the Docker control socket, you can take over the machine
(Because you can run containers that will access the machine's resources)
* Therefore, on Linux machines, the `docker` user is equivalent to `root`
* You should restrict access to it like you would protect `root`
* By default, the Docker control socket belongs to the `docker` group
* You can add trusted users to the `docker` group
* Otherwise, you will have to prefix every `docker` command with `sudo`, e.g.:
```bash
sudo docker version
```
Reference in New Issue View Git Blame Copy Permalink