***OFFICIAL GUIDE*** Using Docker


jonp

Recommended Posts

All,

 

Many have asked for us to put together a more comprehensive guide to getting started with unRAID.  With the release of beta14 and the updated Docker Manager tool, we have done exactly that.  You can view the guide directly from our website be clicking the link below.  We will be adding a "Guides" page to the website in the days ahead that will act as our official repository for all tutorials on unRAID.  Feel free to post any questions you may have here in this thread or suggestions to improve the guide.  Thanks!

 

http://lime-technology.com/docker-guide

Link to comment
  • Replies 50
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Posted Images

Looks good with one exception.

 

You mention that

Applications are made available and supported by both the Docker and unRAID user communities respectively.

 

However, you only talk about adding the containers available via the template repositories.  Maybe add another guide for adding containers which do not have the template xml?

 

 

Link to comment

Looks good with one exception.

 

You mention that

Applications are made available and supported by both the Docker and unRAID user communities respectively.

 

However, you only talk about adding the containers available via the template repositories.  Maybe add another guide for adding containers which do not have the template xml?

Yes that will be going into the Advanced guide that I'm working on.  For beginners, I don't want to intimidate them with visiting the registry, figuring out settings, etc, when so many of the most popular and frequently used containers are so greatly simplified by the use of templates.

Link to comment

This is a great intro to Docker!

 

Just to nitpick on the opening sentence:

With unRAID 6, we can now run any Linux application on unRAID

We can't actually run Linux desktop apps, right?

 

In the Volume Maps area, should we mention that the easiest way to give Dockers access to your array is to map /mnt to /mnt?

 

Link to comment

This is a great intro to Docker!

 

Just to nitpick on the opening sentence:

With unRAID 6, we can now run any Linux application on unRAID

We can't actually run Linux desktop apps, right?

 

In the Volume Maps area, should we mention that the easiest way to give Dockers access to your array is to map /mnt to /mnt?

Technically you should be able to build a container that contains a GUI with docker, install VNC on it, and remotely connect to it.  There is more involved here, but I could change the text to read any "service-driven Linux applications" or "headless Linux applications."

 

As far as mapping /mnt to /mnt, I am not a fan of that approach. I would rather see folks use /mnt/user or even better,  a specific share name.  This is one of the values of Docker is to isolate application access to only the data that the app needs. The app doesn't need full access to the array if its just downloading data to a single location or reading your media files.

Link to comment

As far as mapping /mnt to /mnt, I am not a fan of that approach. I would rather see folks use /mnt/user or even better,  a specific share name.

 

Great points.  I guess what I'm really getting at is that it might be easier for people to map /mnt/user/Movies to /mnt/user/Movies rather than /unraid_media/Movies.  That allows you to always use the same path to get to your Movies without having consider the context. 

 

Link to comment

As far as mapping /mnt to /mnt, I am not a fan of that approach. I would rather see folks use /mnt/user or even better,  a specific share name.

 

Great points.  I guess what I'm really getting at is that it might be easier for people to map /mnt/user/Movies to /mnt/user/Movies rather than /unraid_media/Movies.  That allows you to always use the same path to get to your Movies without having consider the context.

 

The primary concern with this is that A)  you've just given the user two paths to traverse as opposed to one to get to their data and B)  what if a container has a /mnt/user already?  Or what about a container that periodically does things automatically as part of it's processes to manage what's under /mnt? 

 

By using a more unique preface such as unraid_ before the name makes it more recognizable in the list, easier to remember, and removes any possibility of overlapping within the container.  Just thought I'd explain the logic.  For the users out there that stray from this advice, I'm not saying you'll break your server, but unexpected behavior could be blamed on this.  The purpose of the guide is to provide the instructions in a way that is repeatable 100%, every time.  Maybe I am being to cautious here in this approach, but I prefer to err on the side of caution.

Link to comment
  • 4 weeks later...

I remember reading about the different file systems way back in the early betas. Once RC comes out i will begin to move over to version 6 but i can't find info on if i have to format my cache drive (which i don't really want to do, but will if there are some benefits to it)

 

Can this be added to the guide, as i can't see it mentioned. Or provide some sort of best practice guide to moving over from version 5 + plugins to version 6 + docker?

 

thanks

Link to comment

 

 

I remember reading about the different file systems way back in the early betas. Once RC comes out i will begin to move over to version 6 but i can't find info on if i have to format my cache drive (which i don't really want to do, but will if there are some benefits to it)

 

Can this be added to the guide, as i can't see it mentioned. Or provide some sort of best practice guide to moving over from version 5 + plugins to version 6 + docker?

 

thanks

 

You do not need worry about filesystem choice for docker as we store docker and your containers inside a virtual disk image that we format automatically with btrfs (this wasn't the case in beta 6, but we are way past those days now). The parent disk device that the vdisk is stored on can be formatted with any filesystem supported by unraid.

 

As far as moving from v5 plugins to v6 containers, some containers can point to the same appdata folder you previously had for a plugin but some may need to be setup from scratch. It comes down to the app, the version of it you had as a plugin, and the version of it you're trying to set up as a container.

 

My recommendation for newcomers would be to set up a new container first to get the feel for how they work, then you can try to experiment setting up a container for an app that points to the appdata folder of your previous plugin.  Of course it goes without saying that you should backup your appdata before doing this.

Link to comment
  • 2 weeks later...

This whole docker thing is waaaay over my head, but im getting use to it.  Is the docker image considered another pc, and only dockers inside that image can see each other?

 

Like im having a hella time getting my plugins to work with my dockers.

 

I have the nzbdrone plugin from phaz, and using a nzbget docker.  In order to get them to work i have to treat nzbget as a separate pc, and use the nzbdrone drive map feature ( or what ever its called) in order to interpret nzbget's "/unraid_media/TV shows" (mapped to /mnt/user/TV shows) to nzbdrone's "/mnt/user/TV shows" even though they are "looking" at the exact same spot.

 

IM not sure if i have to drive map inside of nzbdrone after i get an nzbdrone docker, since both nzbget and nzbdrone will be in the same docker image, and both looking at the fake "/unraid_media/TV shows".

Link to comment
  • 2 weeks later...
  • 2 weeks later...

Ok, I cant find the answer to this anywhere. What is the privileged setting for containers accomplish?

From the docker documentation:

 

When the operator executes docker run --privileged, Docker will enable to access to all devices on the host as well as set some configuration in AppArmor or SELinux to allow the container nearly all the same access to the host as processes running outside containers on the host. Additional information about running with --privileged is available on the Docker Blog.

 

Link to Docker blog on the subject:  http://blog.docker.com/2013/09/docker-can-now-run-within-docker/

Link to comment

Thanks Jon. What is the recommended practice for this setting?

 

I would assume with the latest Limetech arguments against plugins being about security that they have too much access, that would apply to Dockers run in privilege node too. So don't use privilege mode.

Link to comment

Thanks Jon. What is the recommended practice for this setting?

 

I would assume with the latest Limetech arguments against plugins being about security that they have too much access, that would apply to Dockers run in privilege node too. So don't use privilege mode.

I would say its not quite the same as a plugin, but its certainly not necessary for the majority of containers to have this option checked. For containers that need host device access, I would use the --dev option in the extra parameters tab instead (see the docker documentation on their site for this).

 

All of this said, because we compile unRAID with a minimal amount of hardware drivers (pretty much just network, storage, and USB controller drivers), if you are trying to use other devices with a docker container, they won't work. Unlike virtual machines with KVM, docker cannot supply drivers for hardware outside of the host kernel. At least not yet.  Not sure if this is even something that would be possible or if Docker will even try to do that in the future, but for now, any hardware pass through needs should really be handled through VMs.

 

Hope this clarifies.

Link to comment

How would I set certain docker, that it would get different IP than unRAID?

 

As in an IP from your DHCP server or a NAT'd IP from the bridge?

IP from DHCP. unRAID server has IP 10.1.0.12. For docker (ruTorrent) I would like to get different IP, so I can set up exception in firewall and Snort.

Link to comment
  • 2 weeks later...

Been reading more about dockers. I read the quick startup guide from the original post. For those docker experts out there, is it recommended to put the docker image on a regular data drive? Also, if you have TWO dockers installed does that create another 10GB image or multiple dockers run within that one image? I do not have a cache drive, since I was never really concerned about my write speeds and 35MB-40MB was always good enough for what my server did. But now newer technology and a newer unraid is it a better idea to add a cache drive with dockers?

 

I'm most likely going to build another unraid box, but since these additional features with dockers and plugins is it worth to get better performance hardware? We are most likely a long way off from a stable, but we have an idea of what it will be like with the beta, so I'm trying to plan a new build around getting really good performance out of it.

 

I can't wait to give a docker install a try, but right now I only have an Intel Core 2 DUO 2.66Ghz and 8GB of memory. Wondering if specs like that prohibit good performance. Sorry, hard to get out what I'm trying to say verbally here.

 

 

 

Link to comment
  • trurl unpinned this topic

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.