Categories: Docker

Learning Docker – Part 2

In my previous post, I have explained how to install the Docker on Cent OS and few important commands can be used for verification and other basic operations. In addition, I have mentioned next topic will be Initial configuration task, which is required.

In this topic, I will be explaining about the initial configuration, which you have to perform after installation of Docker.

How to Secure the Docker Access

The Docker daemon binds to a Unix socket instead of a TCP port. By default that Unix socket is owned by the user root and other users can only access it using sudo. The docker daemon always runs as the root user.

We cannot share root credentials with anyone, so we have to give permission to developers to run Docker. There are two options once

  • Provide sudo access to users
  • Add user to Docker group

Configure Sudo Access

Sudo

The sudo command offers a mechanism for providing trusted users with administrative access to a system without sharing the password of the root user. When users given access via this mechanism precede an administrative command with sudo they are prompted to enter their own password. Once authenticated, and assuming the command is permitted, the administrative command is executed as if run by the root user.

Log in to the system as the root user.

Create a normal user account using the useradd command

# useradd username

Set a password for the new user using the passwd command

# passwd username

Let try to run docker command with new user we created

Now lets check sudo permission

And we confirmed there is no sudo permission for this user , so we have to add  the user to sudoers file, you can add this user to the exiting group available on the suodoers or create a new group and configure that in sudoers.

 

  1. Edit the /etc/sudoers file using any suitable editor , here I use vi editor .

Note:- File sudoers  defines the policies applied by the sudo command.

  1. Find the lines in the file that grant sudo access to users in the group wheel when enabled.

Wheel is a default group available for sudoers, or you can create a new group and add to sudoers file which can be used for setting sudo permission.

# cat /etc/sudoers     – Use command to check the contests of the  sudoers file

⁠ ## Allows people in group wheel to run all commands# %wheel        ALL=(ALL)       ALL

  1. Remove the comment character (#) at the start of the second line. This enables the configuration option.
  2. Save your changes and exit the editor.

Note:- admin is a group i have created for  configure sudo access

If you don’t want to use sudo when you use the docker command, add the users to docker group which will be created while you install and enable docker . When the docker daemon starts, it makes the ownership of the Unix socket read/writable by the docker group.

Add user to Docker Group 

usermod -aG docker username

I have added vmarena user to docker group now Log out and log back  for  the group membership become active .

Verify that you can run docker commands without sudo.

$ docker run hello-world

This command downloads a test image and runs it in a container. When the container runs, it prints an informational message and exits.

Configure Docker to start on boot

You can use systemctl to manage which services start when the system boots .

# systemctl enable docker

To disable this use disable instead of enable

# sudo systemctl disable docker

Note:- User configured with docker group will not have the permission to perfomr this , sudo permission required or need use root account .

Options to Check  Docker Status

You will have multiple option to check the docker service status , find below

Use the docker info command  using to display system-wide information such as  status  , available containers , images  , OS ,  resources etc

You can also use operating system utilitie systemctl is-active docker or service docker status

Finally, you can check in the process list for the dockerd process, using commands like ps or top

 

First two Lessons are only to start docker and upcoming posts will help you understand how containers works in docker 
and  you can follow the exercise , Stay Tuned

Suggested Posts

Docker Architecture and Components

How Container Differ from Physical and Virtual Infrastructure

Learning Docker – Part 1

Learning Docker – Part 3

Thank you for reading this post  , Share the knowledge if you feel worth sharing it.

Follow VMarena on FaceBook , Twitter , Youtube

Rajesh Radhakrishnan

Share
Published by
Rajesh Radhakrishnan

Recent Posts

NAKIVO Backup & Replication v10.8 Released With New Features

Nakivo has released its new Backup and Replication solution Nakivo v10.8, which includes support for…

2 years ago

Oracle Cloud VMware Solution and Features

Oracle Cloud VMware Solution (OCVS) provides a customer-managed, native VMware-based cloud environment hosted in Oracle…

2 years ago

Vinchin Backup and Recovery Review

Vinchin is a professional provider of data protection solutions for enterprises. It provides a series…

2 years ago

VMware Cloud Disaster Recovery (VCDR) Solution Deployment And Configuration Part 2

In my previous blog post, I have explained about VMware Cloud Disaster Recovery (VCDR) Onboarding and…

2 years ago

How to Deploy vRNI Cloud With VMC on AWS

vRealize Network Insight helps you build an optimized, highly available, and secure network infrastructure across…

2 years ago

This SysAdmin Day, WIN with Hornetsecurity!

Can you believe it's here again? SysAdmin Day is back, and with it comes endless gratitude…

2 years ago