omv6:docker_in_omv

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
omv6:docker_in_omv [2023/09/03 08:12] – [7. Customize the stack] chenteomv6:docker_in_omv [2024/04/27 17:17] (current) chente
Line 1: Line 1:
-<html><center><span style="color:#000066;font-size:300%;">Docker in OMV</span></center></html>+{{indexmenu_n>8}} 
 +<html><center><span style="color:#000066;font-size:300%;">Docker in OMV 6</span></center></html>
 \\ \\
- +<html><center><span style="font-size:150%;"> 
-[[omv6:docker_in_omv|{{ :omv6:dockeromv10.jpg?direct&400 |Docker in OMV}}]]+<b>Link to</b> → <a href="https://wiki.omv-extras.org/doku.php?id=omv7:docker_in_omv">Docker in OMV 7</a><br> 
 +<br/></span></center></html> 
 +[[omv6:docker_in_omv|{{ :omv6:dockeromv10.jpg?direct&400 |Docker in OMV 6}}]]
  
 ---- ----
 \\ \\
 \\ \\
-====== Docker in OMV ======+====== Docker in OMV ======
 \\ \\
 \\ \\
Line 49: Line 52:
 Docker is a system that allows you to run an application using the main resources of the system but in such a way that it does not have the capacity to modify (damage) the existing system. The operation is similar to a virtual machine but lighter. Docker is a system that allows you to run an application using the main resources of the system but in such a way that it does not have the capacity to modify (damage) the existing system. The operation is similar to a virtual machine but lighter.
  
-It is based on packages (**images**) that are usually created by a third party and downloaded from a remote repository. Using docker-compose we create a **compose file** that allows us to configure various parameters to define and create a **container** from that image. For example, the access ports to the application or the system folders that will be accessible to that container. If we run that compose file it will download the image and create the container following the instructions we have given it.+Docker can be run from the command line directly. A single command with the right parameters will do all the work. Docker-compose was developed to make it easy to create that command and those parameters using easy-to-read configuration files. The openmediavault-compose plugin uses docker-compose for container management. 
 + 
 +Docker is based on packages (**images**) that are usually created by a third party and downloaded from a remote repository. Using docker-compose we create a **compose file** that allows us to configure various parameters to define and create a **container** from that image. For example, the access ports to the application or the system folders that will be accessible to that container. If we run that compose file it will download the image and create the container following the instructions we have given it.
  
 The author of the image we have downloaded will usually do maintenance and at some point create another updated image, at which point we need to update our container. The way to update a container is to delete it and recreate it again by downloading a new updated image. To recreate it simply run the compose file again after removing the container. The author of the image we have downloaded will usually do maintenance and at some point create another updated image, at which point we need to update our container. The way to update a container is to delete it and recreate it again by downloading a new updated image. To recreate it simply run the compose file again after removing the container.
Line 87: Line 92:
 **data folder (or whatever you want to call it)** **data folder (or whatever you want to call it)**
  
 +  * There is no space in the plugin settings to define this or these folders. The GUI establishes a field where you define a folder to store the persistent data, the appdata folder defined in the previous section. If you use relative paths for this data, nothing else will be necessary. Then you can use this for another purpose, defining a path to the data folder that will make it easier for us to compose later. You can use this field as you see fit, this guide proposes using relative paths for persistent data and using this field to define the data folder.
   * In the plugin GUI this folder corresponds to the Shared folder field in the Data section in **Services** > **Compose** > **Settings**.   * In the plugin GUI this folder corresponds to the Shared folder field in the Data section in **Services** > **Compose** > **Settings**.
   * In many containers you will have the need to "tell" the container where the files it needs for its operation are, for example in Jellyfin we refer to movies, photos, etc. The plugin allows you to set a shared folder so that in the compose file we can refer to it using the ''CHANGE_TO_COMPOSE_DATA_PATH'' expression. This will allow easily reusable paths to be set in compose files.   * In many containers you will have the need to "tell" the container where the files it needs for its operation are, for example in Jellyfin we refer to movies, photos, etc. The plugin allows you to set a shared folder so that in the compose file we can refer to it using the ''CHANGE_TO_COMPOSE_DATA_PATH'' expression. This will allow easily reusable paths to be set in compose files.
Line 99: Line 105:
  
   * In the plugin GUI this folder corresponds to the Docker storage field in **Services** > **Compose** > **Settings**.   * In the plugin GUI this folder corresponds to the Docker storage field in **Services** > **Compose** > **Settings**.
-  * Docker is installed by default in the ''/var/lib/docker'' folder inside the OMV operating system drive. The necessary files for docker to work, containers, downloaded images, docker networks, etc. will be generated in this folder.+  * Docker is installed by default in the ''/var/lib/docker'' folder inside the OMV operating system drive. The necessary files for docker to work, containers, downloaded images, docker networks, etc. will be generated in this folder. This field allows you to modify the default location of this folder.
   * The fact that this folder resides on the operating system drive can cause problems, such as the operating system drive running out of space, or that this drive is a USB flash drive or an SD card and we are not interested in doing more writes of the essential ones in it, are also of low performance (this does not affect OMV but docker does). In addition, in case of reinstallation of OMV we would lose the containers and everything that is in that folder.   * The fact that this folder resides on the operating system drive can cause problems, such as the operating system drive running out of space, or that this drive is a USB flash drive or an SD card and we are not interested in doing more writes of the essential ones in it, are also of low performance (this does not affect OMV but docker does). In addition, in case of reinstallation of OMV we would lose the containers and everything that is in that folder.
   * All these problems can be easily fixed by relocating the docker folder to another drive on our system other than where the OMV operating system is. That unit must meet the following requirements:   * All these problems can be easily fixed by relocating the docker folder to another drive on our system other than where the OMV operating system is. That unit must meet the following requirements:
Line 105: Line 111:
     * If the drive is fast, like an **SSD or nmve**, applications will run faster.     * If the drive is fast, like an **SSD or nmve**, applications will run faster.
     * Make sure you have **enough space**, the docker folder can take up a lot of space. 60GB may be an acceptable minimum depending on what you are going to install.     * Make sure you have **enough space**, the docker folder can take up a lot of space. 60GB may be an acceptable minimum depending on what you are going to install.
-    * **mergerfs** is not suitable for hosting the docker folder spanned across multiple disks. If you don't have alternatives you can use one of the disks in the pool instead of the pool to host the folder. If you want to do it this way create a folder in the mount path of one of the disks instead of using the pool path. This way the mergerfs logic will disappear from the docker procedures.+    * **mergerfs** is not suitable for hosting the docker folder spanned across multiple disks. If you don't have alternatives you can use one of the disks in the pool instead of the pool to host the folder. If you want to do it this way create a folder in the mount path of one of the disks instead of using the pool path. This way the mergerfs logic will disappear from the docker procedures. If you do this never use the mergerfs leveling tool, doing so will break docker.
     * **BTRFS and ZFS** have incompatibilities with docker. They can be used to host the docker folder but doing so requires additional actions. You can consult the docker documentation if you want to use these file systems, in both cases it can be solved by creating block devices.     * **BTRFS and ZFS** have incompatibilities with docker. They can be used to host the docker folder but doing so requires additional actions. You can consult the docker documentation if you want to use these file systems, in both cases it can be solved by creating block devices.
 +    * **NTFS** is prohibited. Docker won't work. Do not use NTFS to host docker folders or you will have permissions issues. Always use native Linux file systems.
 \\ \\
 <html><body><table width="100%" border="0"><tr><td colspan="2" style="background-color:#69A5FF;height:30px;"><strong><span style="color:#FFFFFF;font-size:110%;">&#160;  <html><body><table width="100%" border="0"><tr><td colspan="2" style="background-color:#69A5FF;height:30px;"><strong><span style="color:#FFFFFF;font-size:110%;">&#160; 
Line 114: Line 121:
 Avoid mounting docker folders under mergerfs.<br> Avoid mounting docker folders under mergerfs.<br>
 If you have installed docker on another hard drive you can delete the contents of the /var/lib/docker folder to recover that space on the system drive. This will not affect how docker works. If you have installed docker on another hard drive you can delete the contents of the /var/lib/docker folder to recover that space on the system drive. This will not affect how docker works.
 +</tr></table></body></html>
 +
 +<html><body><table width="100%" border="0"><tr><td colspan="2" style="background-color:#FFB663;height:30px;"><strong><span style="color:#FFFFFF;font-size:110%;">&#160; 
 +Warning 
 +</span></strong></td></tr><tr><td style="background-color:#FFE4A6;height:25px;width:380px;">
 +<b>Never use an NTFS</b> file system to host docker folders.<br>
 +NTFS is not native to Linux and will cause file permission issues.
 </tr></table></body></html> </tr></table></body></html>
  
 ---- ----
  
-=== USER FOR DOCKER. appuser. ===+=== USER FOR DOCKER. appuser.  (or whatever you want to call it) ===
 {{ :omv6:dockeromv12.jpg?direct&300|hacker}} {{ :omv6:dockeromv12.jpg?direct&300|hacker}}
   * A user that will be in charge of executing the container, which we will call **//appuser//**.   * A user that will be in charge of executing the container, which we will call **//appuser//**.
Line 130: Line 144:
     * Generally, one user for all containers is sufficient. If you have any containers that need special permissions, it's a good idea to create a user for that application only.     * Generally, one user for all containers is sufficient. If you have any containers that need special permissions, it's a good idea to create a user for that application only.
     * If you want more security you can create a user for each container, that way you can adjust the permissions of each application separately.     * If you want more security you can create a user for each container, that way you can adjust the permissions of each application separately.
-  * As we are going to configure our system, the user **//appuser//** must have read and write access to at least the **//docker//**, **//appdata//** and **//compose//** folders. We must also grant permissions to the folders where our data is located that needs to be read or written (for example, the movies folder for the jellyfin application)+  * As we are going to configure our system, the user **//appuser//** must have read and write access to at least the **//appdata//** and **//compose//** folders. We must also grant permissions to the folders where our data is located that needs to be read or written (for example, the movies folder for the jellyfin application)
  
 <html><body><table width="100%" border="0"><tr><td colspan="2" style="background-color:#FFB663;height:30px;"><strong><span style="color:#FFFFFF;font-size:110%;">&#160;  <html><body><table width="100%" border="0"><tr><td colspan="2" style="background-color:#FFB663;height:30px;"><strong><span style="color:#FFFFFF;font-size:110%;">&#160; 
Line 209: Line 223:
  
 For paths you could combine this system with symlinks, if you still need to use symlinks for other reasons. If you don't need it you can skip the use of symbolic links, this system is more than enough for handling containers. For paths you could combine this system with symlinks, if you still need to use symlinks for other reasons. If you don't need it you can skip the use of symbolic links, this system is more than enough for handling containers.
 +\\
 +<html><body><table width="100%" border="0"><tr><td colspan="2" style="background-color:#69A5FF;height:30px;"><strong><span style="color:#FFFFFF;font-size:110%;">&#160; Note
 +</span></strong></td></tr><tr><td style="background-color:#E6FEFF;height:25px;width:380px;">
 +At this time, the plug-in backup utility does not resolve variables in volume paths. Define paths using global environment variables only for paths that you do not need to include in a backup.<br>
 +Alternatively you can use symlinks in the compose file.
 +</tr></table></body></html>
  
 ---- ----
Line 214: Line 234:
 === Why use global environment variables === === Why use global environment variables ===
  
 +  * If you change a path or any other variable that affects multiple containers, it is enough to vary this value in the global environment variables file. The value will change automatically in all containers. Useful if you change a data drive, or if you reinstall OMV and change routes, for example.
   * It is integrated into the plugin, it is enough to press a button to access the file to directly introduce the variables without doing anything else.   * It is integrated into the plugin, it is enough to press a button to access the file to directly introduce the variables without doing anything else.
   * They allow us to define a value once and all the containers that we create will use this value automatically.   * They allow us to define a value once and all the containers that we create will use this value automatically.
Line 294: Line 315:
 \\ \\
  
-  * Create the shared folders **//docker//**, **//appdata//** and **//data//** (or whatever you want to call them). [[omv6:new_user_guide#creating_a_network_share|New user guide - creating a network share]]+  * Create the shared folders **//docker//**, **//appdata//** and **//data//** (or whatever you want to call them).
     * Go to the OMV GUI **Storage** > **Shared Folders** Click on **+Create**     * Go to the OMV GUI **Storage** > **Shared Folders** Click on **+Create**
       * In the **Name** field write **//docker//**.       * In the **Name** field write **//docker//**.
Line 332: Line 353:
 === 4. Create the user "appuser" === === 4. Create the user "appuser" ===
 \\ \\
 +{{ :omv6:dockeromv16.jpg?direct&400|UID-GID}}
   * In the OMV GUI go to **Users** > **Users** click on the **+Create** button   * In the OMV GUI go to **Users** > **Users** click on the **+Create** button
-    * Define **//appuser//** name+    * Define **//appuser//** name (or whatever you want to call it).
     * Assign password.     * Assign password.
-    * In the groups field we add it to the //docker// and //users// groups+    * In the groups field we add it to the //users// group (He is probably already in that group, at the time of writing the OMV GUI does this by default)
-    * Membership in these groups should ensure that **//appuser//** has write permissions to the **//appdata//** and **//data//** folders. Check it. If not, make sure the folder permissions are 775, the owner is //root//, and the owner group is //users//. See [[misc_docs:nas_permissions|NAS Permissions In OMV]] +    * Membership in that group should ensure that **//appuser//** has write permissions to the **//appdata//** and **//data//** folders. Check it. If not, make sure the folder permissions are 775, the owner is //root//, and the owner group is //users//. See [[misc_docs:nas_permissions|NAS Permissions In OMV]]
-      * Regarding the **//docker//** folder, it is enough that the user belongs to the docker group.+
       * If you need to reset some permissions on your NAS you can use [[omv6:omv6_plugins:resetperms|Reset Permissions Plugin For OMV6]]. Do not modify the permissions of the **//docker//** folder.       * If you need to reset some permissions on your NAS you can use [[omv6:omv6_plugins:resetperms|Reset Permissions Plugin For OMV6]]. Do not modify the permissions of the **//docker//** folder.
     * Click on **Save**.     * Click on **Save**.
Line 360: Line 380:
   * Replace the values ​​with the appropriate ones in your case.   * Replace the values ​​with the appropriate ones in your case.
     * You can see your local configuration in **System** > **Date & Time** in **//Time zone//** field.     * You can see your local configuration in **System** > **Date & Time** in **//Time zone//** field.
-    * You can see the values ​​of user appdata in **Users** > **Users** in the UID and GID columns.+    * You can see the values ​​of user //appuser// in **Users** > **Users** in the UID and GID columns.
   * In this case we don't need it since we have defined the DATA folder in the plugin GUI at **Services**>**Compose**>**Settings**. But if you need to define other different routes you can also do it here in the same way as the rest of the variables.   * In this case we don't need it since we have defined the DATA folder in the plugin GUI at **Services**>**Compose**>**Settings**. But if you need to define other different routes you can also do it here in the same way as the rest of the variables.
  
  • omv6/docker_in_omv.1693728777.txt.gz
  • Last modified: 2023/09/03 08:12
  • by chente