Docker on Debian 10 managed with Cockpit

Docker on Debian 10 managed with Cockpit

With Cockpit, you can also manage docker containers. Here is a small example setup:

Install Docker

apt install apt-transport-https ca-certificates curl gnupg2 software-properties-common
curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable"
apt update
apt-cache policy docker-ce
apt install docker-ce

Make sure that docker is running:

systemctl status docker

Output:

docker.service - Docker Application Container Engine
   Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: e
   Active: active (running) since Thu 2020-05-07 15:46:41 CEST; 1min ago
     Docs: https://docs.docker.com
 Main PID: 3038 (dockerd)
    Tasks: 8
   Memory: 46.4M
   CGroup: /system.slice/docker.service

Allow your user to manage docker:

usermod -aG docker sebastian
service docker restart

Install Cockpit

I run Cockpit on a separate server (see this blog post).

If you want to run Cockpit on the same machine, just install the same Cockpit components as described in the blog post, but install ‚cockpit-docker‘, as well.

apt install cockpit-docker

If you run the primary Cockpit server on a different machine like me, use:

apt install cockpit-bridge cockpit-system cockpit-networkmanager cockpit-packagekit cockpit-docker

Now add the server to cockpit:

Download and run a container

On the docker server, you should see the container, too:

docker ps -a

Output:

CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS               NAMES
9dfaa257b7d2        wordpress:latest    "docker-entrypoint.s…"   6 minutes ago       Up 5 minutes        80/tcp              furious_babbage

The WordPress container is started with the IP 172.17.0.2. Here is an example to forward port 80 from the container server to the container:

firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --add-forward-port=port=80:proto=tcp:toaddr=172.17.0.2:toport=80
firewall-cmd --reload

You can check the firewall settings with:

firewall-cmd --list-all

Output:

public
  target: default
  icmp-block-inversion: no
  interfaces: 
  sources: 
  services: dhcpv6-client http ssh
  ports: 
  protocols: 
  masquerade: no
  forward-ports: port=80:proto=tcp:toport=80:toaddr=172.17.0.2
  source-ports: 
  icmp-blocks: 
  rich rules:

Note: Don’t forget to install firewalld and the latest iptables as described here.

If you now open the address of your docker server with your browser you should see the WordPress setup page.

Schreibe einen Kommentar

eMail-Benachrichtigung bei weiteren Kommentaren.
Auch möglich: Abo ohne Kommentar.

Diese Website verwendet Akismet, um Spam zu reduzieren. Erfahre mehr darüber, wie deine Kommentardaten verarbeitet werden.