I jumped into Docker feet first a few months ago and have not had a real good time with it. Networking doesn’t make sense, I can’t ever seem to access config files without dropping to su -, all the tutorials and videos I find are pretty top level and assume the user already has a firm grasp on it. It’s great for drop in stuff like open speed test and Vaultwarden but I recently tried setting up dashy and I can’t even find the config files to edit. The Dashy documentation says the easiest way to edit the configs is to use code-server, so I spun up a code-server VM and can’t even get it to open the files because the web based VSC doesn’t allow for SSH editing. There’s nothing explained in the documentation beyond that.
Yes I’m frustrated but I’m not bitching as if these solutions are trash, I’m simply asking where can I go to learn this shit from the ground up? It doesn’t make any sense to me from the perspective that I’ve approached it. Networking seems to be silly and weird, entering an interactive TTY to the container seems to be useless as there’s no package manager and doesn’t seem to have vim, nano, or any native way to edit configs. It’s been extremely frustrating so I ask you, where can I learn what I’m doing wrong and how to properly work with Docker?
Sounds like you, like a lot of others, have come to docker from the perspective of “it’s like a mini virtual machine”. Maybe you’ve used VMs before, like virtualbox or VMware or EC2. Maybe you have experience with setting up a cluster of VMs, each with their own OS, own SSH client, own suite of applications, and an overlay network between them all. Maybe someone told you “you should use docker instead, it’s like mini lightweight VMs”. And you’d be right to assume this is the wrong perspective to approach docker, because it leads to the problems you have faced.
Instead, try to think of docker containers as standalone applications. They don’t contain a kernel, they don’t have SSH, no Nano or VIM, just simply the Application, in a container, with enough supporting filesystem and OS libraries to make the application work.
That perspective is what helped me to get better at docker, I know it’s not exactly answering your question, but it might help.
“like mini lightweight VMs”
That’s exactly how I’ve approached it cause that’s exactly how it was explained. But it’s not at all like that. Thanks for your explanation.
Same, that’s how it was explained to me too. It spent over a year learning docker the wrong way, and trying to use it as a replacement for VMs, after a coworker told me that.
Heh I remember searching for an hour about how to see the GUI of a docker container when I was first getting into it. Didn’t help that I was using windows to run docker, either, it’s a whole other layer of abstraction.
Echoing the sentiment that you should adjust your perspective in approaching containerization, otherwise you’re in for a tough time.
Jerome Petazzoni, one of the more recognizable names in the container community, has a site where he puts all of his workshops, slides, etc. This is his one for getting started with Docker.
Is there a PDF
Huge thanks for this. I’ll look at them tonight.
Others have pointed out that docker containers aren’t idiomatically like VMs and you interact with them differently. Some workflow tips:
- Don’t edit configs in containers. Mount your config files as a volume. Edit them from your host using your normal editor and restart your container when they change.
- Don’t exec into your running container and then try to install debugging tools as you need them. Use a Dockerfile to build an image that has the debugging tools you need and launch your container using that.
- In general, mess with your container less while its running. Use dockerfiles, compose, and entry point scripts to set things up in your container so it’s the way you want it on startup. While its running, just use docker logs to see what it’s doing or run the occasional debugging command via exec if you must… but do more during container-build and startup and less after it’s running. Rebuild and restart the container a lot during debugging to make your changes take effect.
The other issue in play here is that the fundamentals necessary to understand how docker containers run aren’t actually docker fundamentals. They’re:
- Networking fundamentals. The container networking stack is really configurable and really complicated.
- Volumes and config mounts are based on overlay filesystems.
- Lots of docker issues are related to complex security systems like Linux capabilities.
- All of these systems are configurable, and different docker setups use them different ways.
These things aren’t trivial to learn, a thorough understanding of these things is the difference between a junior sysadmin and a senior one, and you WILL get exposed to them when things break. But step one in learning more is definitely to recognize that the hards parts of docker are rarely docker itself. Rather, the hard parts are their own thing. Figure out what Linux system you’re struggling with and start learning about that and how docker uses it rather than narrowly focusing your research on docker itself. Anything focusing on the docker piece must necessarily gloss over the real foundations which are often very complex… so this will start you expose you to deeper material that you can assemble in your own mind into an understanding of your own specific docker setup.
I’ve been using my library’s membership to LinkedIn Learning to take a Docker Essentials course
I think that might be exactly what I was looking for. Thank you.
Lots of great information and suggestions in this discussion. Thank you everyone who are offering your input. I’d like to ask as well, how easy is it to setup docker for use in windows? I ask this because almost every guide I’ve found has docker running in Linux. I realize you are able to setup a docker in windows, but I was struggling to get basic instructions for windows, and even the tutorial in docker required me to switch back to docker types that don’t work in windows.
From my experience the “default” experience, which is Docker Desktop, is a pain, due to what you described. In particular, Linux containers and Windows file permissions just don’t mix well.
Other than that, there’s three options:
- Docker Desktop, but used from WSL 2. This seems to be the cleanest solution nowadays. Never personally used it though. Officially supported.
- Installing Docker inside WSL 2. Configuring this correctly is a bit of a pain and not really supported AFAIK.
- Installing Docker in a VM, using the integrated Hyper-V functionality for example. The least amount of integration, but most reliable.
Containers are hard. This should at least get docker running without sudo: https://www.baeldung.com/linux/docker-run-without-sudo
Podman is supposed to be a sudo-less container manager. Though fair warning I hear it is also quite frustrating to start.
Yeah I spent a few hours with Podman before I went straight back to Docker.
What was different? I learned podman first because that’s what my work wanted to use. I feel like 99% of the time I can just alias docker=podman and everything just works the same way you would expect.
Obviously podman has pods instead of docker compose, but you can get docker compose working for podman if you prefer to do it that way.
The one thing that I feel is extremely wonky about podman is UIDs in rootless containers. But when I want to figure out what the UID a user has outside the container, I just mount an empty volume that has permissions 777, touch a file, then check the UID of that file outside the container.
I took a look at Dashy, I think I see the confusion. If you are looking at this article, then yes they mention Code Server, but that’s purely in the context of using Dashy in a non-docker context. But to be honest, any text editor works.
But I think that’s a red herring. That in itself has nothing to do with docker.
What you’ll need to do, once you understand the fundamentals of running docker, pull images, start a container based on an imagine, is to expose a docker volume that points to
/public/conf.yaml
. A docker volume ensures that the file or directory it’s mapped to in the container is available and persists outside of the container. This allows you to persist files and directories without losing them once the container stops or restarts.Once the volume is exposed, then you can use your favorite text editor to update the dashy config file. Code Server is fine, powerful, but overkill.
But first, try getting familiar with pulling, starting stopping docker images using the cli. Gotta start there first before tinkering with docker parameters like volumes.
Yeah Dashy isn’t really important to me, it’s just another fun project to learn more about Docker. However, what I learned is that I don’t know shit about what I’m doing lol. It proved to be a great tool at exposing my absolute ignorance of something I thought I was getting a good grasp on.
Yeah I think I’m gonna shit can Portainer and go through that LinkedIn course someone else posted. Thanks for your insight.
Portainer is definitely useful (I use it on a daily basis), but probably a bad place to start…
I started with the following progression:
- Docker CLI
- Docker-Compose
- Writing my own scripts to build and manage docker-compose configs (purely optional and skippable)
- Portainer
- Purely optional, but in a professional setting, kubernetes and various container orchestration tools.
Good luck in your journey!
Docker-compose got it done. Once I learned about Volumes and using compose to pass in volumes from other instances I was able to pass in a directory with a custom yaml to the Dashy container then pass the same directory into the code-server container and both are working as I expected they should. Compose and volumes were the missing pieces. I also learned that stacks is how to use compose in Portainer. Not sure why they felt the need to change the naming but it works.
That is AWESOME! Congrats!
Yes that’s right, portainer stacks equate to compose… I might be wrong, but I remember reading somewhere a while back that they (and other container orchestration tools) were not permitted to reference “Docker” or its products (including compose) due to legal and licensing restrictions by Docker.
Not to the level of Reddit, but Docker has its fair share of questionable business decisions.
I started learning docker first by how to customize an image. Since Alpine Linux is a popular light weight distro, I started with customizing it and moved from there. I also explored other people’s Dockerfiles to see how to use a Dockerfile to customize an image to containerize an app.
I found almost every YouTube howto on the subject matter very frustrating and often making the assumptions that you note. I also read the reference documentation on docker’s website. It’s not easy and it’s time consuming. I’d say I am good enough to be dangerous, not much more than that. Mostly, I’ve modified other people’s images to suite my needs
Thanks I’ll look into that. It doesn’t help that my introduction to Docker was using portainer so I haven’t really had much experience in the terminal outside of docker ps. I really put the cart before the horse there and am regretting it.