Post

Docker Engine on Ubuntu

Let's Install Docker Engine on Ubuntu.

Posted
By DS2Man
4 min read
Docker Engine on Ubuntu

Due to Docker Desktop’s monetization policy (as of August 31, 2021), companies with more than 250 employees or annual revenue exceeding $10 million cannot use it. Since I fall into this category, I plan to install Docker using a different method. (If I get the chance, I will write a post on utilizing Docker Desktop.) In the previous post, we installed WSL, and now we aim to set up a Docker environment without Docker Desktop.
This document is based on docker documentation (https://docs.docker.com/engine/install/ubuntu/).

Install Docker Engine on Ubuntu

  • According to the documentation (Installation methods), there are three ways to install the Docker Engine. In this post, I will install it using the script method.
    curl -sSL https://get.docker.com | sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14

# curl -fsSL https://get.docker.com -o get-docker.sh
# `-f`: Fails silently without displaying an error message if the download fails.
# `-s`: Executes in silent mode without displaying the progress status.
# `-S`: Used together with `-s`, it displays an error message if the operation fails.
# `-L`: Automatically follows redirects if they are present.
# sudo sh get-docker.sh
jaoneol@DESKTOP-B7GM3C5:~$ curl -sSL https://get.docker.com | sh
# Executing docker install script, commit: 4c94a56999e10efcf48c5b8e3f6afea464f9108e

WSL DETECTED: We recommend using Docker Desktop for Windows. 
Please get Docker Desktop from https://www.docker.com/products/docker-desktop

You may press Ctrl+C now to abort this script.
+ sleep 20

docker engine Installation docker engine Installation

Docker Settings

  • Let’s use ‘iptables-legacy’ instead of ‘iptables-nft’. Docker is only compatible with iptables-nft and iptables-legacy. Firewall rules created with nft are not supported on a system with Docker installed. Make sure that any firewall rulesets you use are created with iptables or ip6tables, and that you add them to the DOCKER-USER chain, see Packet filtering and firewalls.
    sudo update-alternatives --set iptables /usr/sbin/iptables-legacy
1
2
3
4
5
6
7
8
9
10
11
12

# sudo update-alternatives --set iptables /usr/sbin/iptables-legacy
jaoneol@DESKTOP-B7GM3C5:~$ sudo update-alternatives --config iptables
[sudo] password for jaoneol:
There are 2 choices for the alternative iptables (providing /usr/sbin/iptables).

  Selection    Path                       Priority   Status
------------------------------------------------------------
* 0            /usr/sbin/iptables-nft      20        auto mode
  1            /usr/sbin/iptables-legacy   10        manual mode
  2            /usr/sbin/iptables-nft      20        manual mode

Press <enter> to keep the current choice[*], or type selection number: 1
  • If a “permission denied” error occurs for /var/run/docker.sock after installing Docker, change the file’s permissions to 666 to allow other users in the group to access it.
    sudo chmod 666 /var/run/docker.sock
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42

jaoneol@DESKTOP-B7GM3C5:~$ docker version
Client: Docker Engine - Community
 Version:           27.5.1
 API version:       1.47
 Go version:        go1.22.11
 Git commit:        9f9e405
 Built:             Wed Jan 22 13:41:48 2025
 OS/Arch:           linux/amd64
 Context:           default
permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.47/version": dial unix /var/run/docker.sock: connect: permission denied
# Solution for "permission denied"
jaoneol@DESKTOP-B7GM3C5:~$ sudo chmod 666 /var/run/docker.sock
# Very important!
jaoneol@DESKTOP-B7GM3C5:~$ docker version
Client: Docker Engine - Community
 Version:           27.5.1
 API version:       1.47
 Go version:        go1.22.11
 Git commit:        9f9e405
 Built:             Wed Jan 22 13:41:48 2025
 OS/Arch:           linux/amd64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          27.5.1
  API version:      1.47 (minimum version 1.24)
  Go version:       go1.22.11
  Git commit:       4c9b3b0
  Built:            Wed Jan 22 13:41:48 2025
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.7.25
  GitCommit:        bcc810d6b9066471b0b6fa75f557a15a1cbf31bb
 runc:
  Version:          1.2.4
  GitCommit:        v1.2.4-0-g6c52b3f
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0
jaoneol@DESKTOP-B7GM3C5:~$
  • Manage Docker as a non-root user The Docker daemon binds to a Unix socket, not a TCP port. By default it’s the root user that owns the Unix socket, and other users can only access it using sudo. The Docker daemon always runs as the root user.
    usermod -a -G docker jaoneol
1
2
3
4

jaoneol@DESKTOP-B7GM3C5:~$ su - 
Password:
root@DESKTOP-B7GM3C5:~# usermod -a -G docker jaoneol
root@DESKTOP-B7GM3C5:~#
  • [Check]Configure Docker to start on boot with systemd
    systemctl status docker.service, systemctl status containerd.service
    systemctl enable docker.service, systemctl enable containerd.service
    systemctl disable docker.service, systemctl disable containerd.service
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22

jaoneol@DESKTOP-B7GM3C5:~$ systemctl status docker.service
● docker.service - Docker Application Container Engine
     Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; preset: enabled)
     Active: active (running) since Sat 2025-02-01 21:43:54 KST; 1h 2min ago
TriggeredBy: ● docker.socket
       Docs: https://docs.docker.com
   Main PID: 253 (dockerd)
      Tasks: 15
     Memory: 90.5M ()
     CGroup: /system.slice/docker.service
             └─253 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

Feb 01 21:43:54 DESKTOP-B7GM3C5 dockerd[253]: time="2025-02-01T21:43:54.574207734+09:00" level=info msg="Default bridge (docker0) is assigned with an IP a>
Feb 01 21:43:54 DESKTOP-B7GM3C5 dockerd[253]: time="2025-02-01T21:43:54.639275980+09:00" level=info msg="Loading containers: done."
Feb 01 21:43:54 DESKTOP-B7GM3C5 dockerd[253]: time="2025-02-01T21:43:54.647986556+09:00" level=warning msg="WARNING: No blkio throttle.read_bps_device sup>
Feb 01 21:43:54 DESKTOP-B7GM3C5 dockerd[253]: time="2025-02-01T21:43:54.648005314+09:00" level=warning msg="WARNING: No blkio throttle.write_bps_device su>
Feb 01 21:43:54 DESKTOP-B7GM3C5 dockerd[253]: time="2025-02-01T21:43:54.648007850+09:00" level=warning msg="WARNING: No blkio throttle.read_iops_device su>
Feb 01 21:43:54 DESKTOP-B7GM3C5 dockerd[253]: time="2025-02-01T21:43:54.648009935+09:00" level=warning msg="WARNING: No blkio throttle.write_iops_device s>
Feb 01 21:43:54 DESKTOP-B7GM3C5 dockerd[253]: time="2025-02-01T21:43:54.648018842+09:00" level=info msg="Docker daemon" commit=4c9b3b0 containerd-snapshot>
Feb 01 21:43:54 DESKTOP-B7GM3C5 dockerd[253]: time="2025-02-01T21:43:54.648175311+09:00" level=info msg="Daemon has completed initialization"
Feb 01 21:43:54 DESKTOP-B7GM3C5 dockerd[253]: time="2025-02-01T21:43:54.682162247+09:00" level=info msg="API listen on /run/docker.sock"
Feb 01 21:43:54 DESKTOP-B7GM3C5 systemd[1]: Started docker.service - Docker Application Container Engine.
Docker, D-Setup
WSL Ubuntu Docker
This post is licensed under CC BY 4.0 by the author.