-
-
Notifications
You must be signed in to change notification settings - Fork 1
HOWTO coldsetup 03_docker
References:
- How To Install and Use Docker on Ubuntu 20.04
- How To Install and Use Docker Compose on Ubuntu 20.04
- Getting rid of Docker plain text credentials
"Docker.io" is the default version that is shipped with Ubuntu and, being a "snap" image, it comes with all bound static libraries wrapped together. So, although it's quicker to install (sudo apt-get install docker
) updating a single component may yield to multiple versions of the linked library.
The "Docker.ce" (Community Edition) is somewhat preferable to "Docker.io" given that usually it yields the latest version of all the tools and it updates just the single library bindings. (And not all the statically linked libraries as Docker.io does)
Remember to remove Docker.io first when already present (which docker
, which docker-compose
), just to avoid any possible issues.
(@ remote server)
$> sudo apt update
$> sudo apt install apt-transport-https ca-certificates curl software-properties-common
$> curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
$> sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
$> sudo apt update
$> apt-cache policy docker-ce
$> sudo apt install docker-ce
$> sudo systemctl status docker
Executing the Docker Command Without Sudo:
$> sudo usermod -aG docker ${USER}
$> su - ${USER}
$> id -nG
Install docker-compose:
$> sudo curl -L "https://github.com/docker/compose/releases/download/1.27.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
$> sudo chmod +x /usr/local/bin/docker-compose
$> docker-compose --version
Make sure Docker doesn't store plain credentials in ~/.docker/config.json
:
$> wget https://github.com/docker/docker-credential-helpers/releases/download/v0.6.3/docker-credential-pass-v0.6.3-amd64.tar.gz && tar -xf docker-credential-pass-v0.6.3-amd64.tar.gz && chmod +x docker-credential-pass && sudo mv docker-credential-pass /usr/local/bin/
$> sudo apt install gpg pass
$> gpg2 --generate-key
$> pass init
$> pass insert docker-credential-helpers/docker-pass-initialized-check
Type Docker password & confirm; type the passphrase at the end to enable gpg2 key.
$> pass show docker-credential-helpers/docker-pass-initialized-check
$> docker-credential-pass list
$> mkdir .docker && touch ~/.docker/config.json
$> vi ~/.docker/config.json
{
"credsStore": "pass"
}
Export TTY so that pass can ask for passphrase:
$> export GPG_TTY=$(tty)
Log-in to Docker Hub:
$> export DOCKERHUB_USERNAME=<my_user>
$> export DOCKERHUB_PASSWORD=<my_password>
$> echo $DOCKERHUB_PASSWORD | docker login --username "$DOCKERHUB_USERNAME" --password-stdin