Login/Register
How do I install docker using cloud-init? [closed]
Asked Answered
openstackuser-datacloud-init
A

7

26

I want to create instances in Openstack that will have Docker in them already installed prior to ssh to them. So naturally I got interested in Cloud-init technology because it allows us to install packages on virtual machines during first boot time. So now I'm trying to install Docker on my instances during boot time, here is my code that I'm passing to the user data;

#cloud-config

packages:
   - docker.io

This doesn't work obviously, so how can I make it work?

Armelda answered 25/6, 2014 at 21:22 Comment(1)
What operating system are you using for your OpenStack instance?Semiotic
S
42

If you want to install from the Docker repositories on an Ubuntu instance, and you don't especially like the idea of downloading and executing an arbitrary shell script, all you need is this:

#cloud-config

apt:
  sources:
    docker.list:
      source: deb [arch=amd64] https://download.docker.com/linux/ubuntu $RELEASE stable
      keyid: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88

packages:
  - docker-ce
  - docker-ce-cli

cloud-init already knows how to get a GPG key, how to add an APT source (even if it is HTTPS), how to update APT before installing packages, and how to do all the other stuff you'll find in various shell script heavy ways of doing this.

If Docker should ever change their repo signing key, you can satisfy yourself that the change is legitimate and then get the new fingerprint with something like:

$ curl -sL https://download.docker.com/linux/ubuntu/gpg | gpg
gpg: keybox '/home/ubuntu/.gnupg/pubring.kbx' created
gpg: WARNING: no command supplied.  Trying to guess what you mean ...
pub   rsa4096 2017-02-22 [SCEA]
      9DC858229FC7DD38854AE2D88D81803C0EBFCD88
uid           Docker Release (CE deb) <[email protected]>
sub   rsa4096 2017-02-22 [S]
Servomotor answered 2/7, 2020 at 23:31 Comment(4)
great answer, confirmed this work, the | gpg is an awesome timesaverOneal
I tried to do this on Debian but it just fails, no idea why (I replaced ubuntu with debian), and when sources fail no users are created so I can't login and check what caused it :(Bayadere
Looks like gpg isn't installed when it tries to add the apt source causing the following error: Reason: [Errno 2] No such file or directory: b'gpg'Bayadere
Note for Debian users: just replace ubuntu with debian in the url, and use 8D81803C0EBFCD88 as keyid.Motto
U
25

CAUTION: You should not use the Docker Convenience script (get.docker.com), it carries a warning for production environments:

Using these scripts is not recommended for production environments

Here are three ways to install Docker on Ubuntu using cloud-init for all environments that don't use the Docker Convenience script.

Install via apt-source (recommended approach):

#cloud-config

apt:
  sources:
    docker.list:
      source: deb [arch=amd64] https://download.docker.com/linux/ubuntu $RELEASE stable
      keyid: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88

packages:
  - apt-transport-https
  - ca-certificates
  - curl
  - gnupg-agent
  - software-properties-common
  - docker-ce
  - docker-ce-cli
  - containerd.io

# Enable ipv4 forwarding, required on CIS hardened machines
write_files:
  - path: /etc/sysctl.d/enabled_ipv4_forwarding.conf
    content: |
      net.ipv4.conf.all.forwarding=1

# create the docker group
groups:
  - docker

# Add default auto created user to docker group
system_info:
  default_user:
    groups: [docker]

Full install via cURL: (gist reference)

#cloud-config

packages:
  - apt-transport-https
  - ca-certificates
  - curl
  - gnupg-agent
  - software-properties-common

# Enable ipv4 forwarding, required on CIS hardened machines
write_files:
  - path: /etc/sysctl.d/enabled_ipv4_forwarding.conf
    content: |
      net.ipv4.conf.all.forwarding=1


# create the docker group
groups:
  - docker

# Install Docker, for production, consider pinning to stable versions
runcmd:
  - curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
  - add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
  - apt-get update -y
  - apt-get install -y docker-ce docker-ce-cli containerd.io
  - systemctl start docker
  - systemctl enable docker

# Add default auto created user to docker group
system_info:
  default_user:
    groups: [docker]

Simplified install using the default package: (gist reference)

#cloud-config

packages:
  - docker.io

# create the docker group
groups:
  - docker

# Add default auto created user to docker group
system_info:
  default_user:
    groups: [docker]
Unfasten answered 23/6, 2020 at 17:2 Comment(1)
Any idea how to run containers once installed? I assume cloud-init doesn’t have first-class support for declaring containers and thus I will have to use runcmd? In case it helps, I’m intending to use the recommended approach for installing Docker defined above.Congressman
S
10

There's a docker script which can be #include'd that's very handy for docker. Instead of #cloud-config, use

#include https://get.docker.com
Skelton answered 30/10, 2014 at 20:40 Comment(1)
!!! See Highway of Life's answer on this! https://mcmap.net/q/513243/-how-do-i-install-docker-using-cloud-init-closedMirza
R
4

Ricardo's solution is great if you only need to add docker to the deployed instance. But, in cases where you still DO need a #cloud-config (to customize other stuff, like pre-installed packages), here is a simple solution inspired by his answer, just add this command:

#cloud-config
# ... more config here

runcmd:
  - curl -fsSL https://get.docker.com -o get-docker.sh; sh get-docker.sh
Rudolph answered 11/4, 2019 at 11:37 Comment(1)
Or better yet, curl -fsSL https://get.docker.com | sh ?Servomotor
B
1

Debian does not contain gpg by default so you have to do the following:

#cloud-config

write_files:
  - path: /usr/share/keyrings/docker.asc
    owner: root:root
    permissions: '0644'
    content: |
      -----BEGIN PGP PUBLIC KEY BLOCK-----
      paste content of https://download.docker.com/linux/debian/gpg (do not remove the blank line it fails if you do)
      -----END PGP PUBLIC KEY BLOCK-----

apt:
  sources:
    docker.list:
      source: deb [arch=amd64 signed-by=/usr/share/keyrings/docker.asc] https://download.docker.com/linux/debian $RELEASE stable

packages:
  - docker-ce
  - docker-ce-cli
  - containerd.io
  - docker-compose-plugin

Source: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970796

Bayadere answered 29/10, 2022 at 21:10 Comment(0)
B
0

simple code

#cloud-config


groups:
  - docker

system_info:
  default_user:
    groups: [docker]

packages:
    - docker.io
Baud answered 6/9, 2021 at 20:33 Comment(0)
P
0

This one worked for me for deploying my app with docker compose at GCP:

#cloud-config

users:
- name: cloudservice
  groups: [docker]
  shell: /bin/bash
  uid: 2000

apt:
  sources:
    docker.list:
      source: deb [arch=amd64] https://download.docker.com/linux/ubuntu $RELEASE stable
      keyid: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88

packages:
  - apt-transport-https
  - ca-certificates
  - curl
  - gnupg-agent
  - software-properties-common
  - docker-ce
  - docker-ce-cli
  - containerd.io
  - docker-compose-plugin

write_files:
- path: /etc/sysctl.d/enabled_ipv4_forwarding.conf
  content: |
    net.ipv4.conf.all.forwarding=1
- path: /etc/systemd/system/cloudservice.service
  permissions: 0644
  owner: root
  content: |
    [Unit]
    Description=Start a simple docker container

    [Service]
    ExecStart=docker compose -f /home/cloudservice/my-service/beta-compose.yaml up

    ExecStop=docker compose -f /home/cloudservice/my-service/beta-compose.yaml stop
    ExecStopPost=docker compose -f /home/cloudservice/my-service/beta-compose.yaml down

runcmd:
- su - cloudservice -c "git clone https://github.com/my-user/my-service.git && cd /home/cloudservice/my-service/ && git checkout feature/my-branch"
- systemctl daemon-reload
- systemctl start cloudservice.service
Presumptuous answered 6/3 at 21:12 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.