Docker

Docker on Archlinux for testing

First install docker, docker-compose and from the AUR docker-rootless-extras

sudo pacman -S docker docker-compose;
yay -S docker-rootless-extras

and then start the docker.socket service with:

system --user enable docker.socket
system --user start docker.socket

To finish, add the following line to your .bashrc or .zshrc:

echo "export DOCKER_HOST=unix://$XDG_RUNTIME_DIR/docker.sock" > .zshrc
source .zshrc		#reload shell

Reference:

Docker Compose

Environment

This is the section where you specify environment variables globally inside the container.

An equivalent is export Variable=value in your Unix shell.

From inside a container, you can find out which Env Variables are being set by using :

printenv

This works in any shell, be it container or host.

!!!!!! Don't forget, it's - VARIABLE_NAME=value, not with :.

Network

Requests from one container to another using the same network

http://your_container_name:PORT

Networking: Access outside host service from inside a container

  1. network_mode: host option. → however, this defeats the purpose of the container, which is to be isolated from the host system.
  2. extra_host: - host.docker.internal:docker.gateway → this gives the outside container IP address. Each container has an outside IP address.

To find it, just use:

# Gateway IP address
  docker network your_network inspect | grep Gateway
# Internal Subnet range, useful for the command below
  docker network your_network inspect | grep Subnet
  1. ufw allow container external IP range with port

This one worked! Usually, something like :

sudo ufw allow from 172.31.0.0/16 to any port 56789

*Replace the IP address with your containers outside IP subnet range, follow the command outside.

entrypoint, command

Those two run the program/command/script inside the container at the start or running the container.

Apparently, entrypoint is harder to modify on the fly, while command is more flexible.

If you need to run something that needs to run endlessly, use:

command: ["/bin/bash", "-c", "/path/to/script/or/binary && tail -f /dev/null"]

tail enables it main process of the script/binary to exit while keeping the container alive.

If you get something exited with code 0 this means the container stopped. The command above might help. This is mostly relevant for custom/modified containers.

Devices

GPU

For Intel GPU:

# Total GPU capabilities
devices:
  - /dev/dri:/dev/dri
  
# Just for computation purposes
devices:
  - /dev/render128:/dev/render128
↑ Back to the top