Docker is an open platform for developing, shipping, and running applications. Docker enables you to separate your applications from your infrastructure so you can deliver software quickly.
Install Docker Engine#
curl -fsSL https://get.docker.com | sudo sh
sudo groupadd docker
sudo usermod -aG docker $USER
newgrp docker
docker version
Configure Docker to start on boot#
sudo systemctl enable docker.service
sudo systemctl enable containerd.service
Install Compose Standalone#
Compose is a tool for defining and running multi-container Docker applications. With Compose, you use a YAML file to configure your application’s services.
sudo curl -SL "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
docker-compose version
Configure remote access#
If you want to grant access from a remote Portainer service, Docker daemon must be configured to listen on TCP port.
Create or update /etc/docker/daemon.json:
sudo nano /etc/docker/daemon.json
{
"tls": false,
"hosts": ["unix:///var/run/docker.sock", "tcp://0.0.0.0:2376"]
}
Create a new file /etc/systemd/system/docker.service.d/docker.conf to fix conflict with default systemd configuration:
sudo mkdir /etc/systemd/system/docker.service.d/
sudo nano /etc/systemd/system/docker.service.d/docker.conf
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd
Then reload and restart service, and verify that Docker daemon is listening on the expected port:
sudo systemctl daemon-reload
sudo systemctl restart docker.service
sudo netstat -lntp | grep dockerd
tcp 0 0 0.0.0.0:2376 0.0.0.0:* LISTEN 327100/dockerd
Binding to IP address without tls certificates is insecure and gives root access on this machine to everyone who has access to your network.