Docker Linux Workstation Development

Something that will become apparent at some point of your journey using a Linux workstation as a development environment is that Docker runs as Root hence all commands must be run with sudo, directories and volumes will be owned by the root users (and must be removed with sudo for instance) as well.

Docker Rootless

Best practice to run Docker in Rootless mode whenever you can.

If you follow the guide over at Docker's website will get your pretty far.

This essentially boils down to a few things

Finding a Compatible Storage Driver

I ran into some problems around Docker by default continuing to use ZFS (my workstation OS root file system is ZFS) for storage that now no longer has permissions to run ZFS commands.

These docs were not immediately clear on how to alleviate this.

Attempting to set the storage driver to any of the recommended overlay2, fuse-overlay, aufs or depreciated devicemapper all gave errors on startup looking something like a stopped docker service.

Starting the rootless docker image like so

~/bin/dockerd-rootless.sh

Would result in something like this.

...
ERRO[2021-02-06T07:59:07.331974204-06:00] failed to mount overlay: invalid argument     storage-driver=overlay2
INFO[2021-02-06T07:59:07.332726224-06:00] stopping healthcheck following graceful shutdown  module=libcontainerd
INFO[2021-02-06T07:59:07.332739655-06:00] stopping event stream following graceful shutdown  error="context canceled" module=libcontainerd namespace=plugins.moby
failed to start daemon: error initializing graphdriver: driver not supported
[rootlesskit:child ] error: command [/home/ncrmro/bin/dockerd-rootless.sh] exited: exit status 1
[rootlesskit:parent] error: child exited: exit status 1

VFS

VFS is pretty heavy-handed when looking into the details, Each layer for a downloaded container image is stored separately taking up exponentially more space than other storage drivers, we will address that caveat in a second.

Stop Docker

systemctl --user stop docker

Create or modify the daemon.json

nano ~/.config/docker/daemon.json

Content should be as follows.

{
  "storage-driver": "vfs",
}

Start Docker

systemctl --user start docker

Check Status of Docker Daemon

systemctl --user status docker.service

VFS Capping Usage

  • note for now, i've had a little trouble getting this to start with storage-opts *

To keep our VFS from consuming all of our disk space we can set a max amount of storage the VFS storage driver will use.

{
  "storage-driver": "vfs",
  "storage-opts": ["size=25G"],
}