Install Docker

Docker has become a cornerstone of modern software development and deployment practices. It provides an isolated environment, known as a container, to build, package, and run applications along with all their dependencies. This tutorial will guide you through installing Docker and Docker Compose on Ubuntu 22.04 LTS, managing Docker containers and images, and working with Docker networks and iptables rules.

The recommended method of installing Docker on Ubuntu systems is from Docker’s own repositories. Before starting the installation process, ensure your system package database is up-to-date. Then, install the necessary dependencies for Docker. We’ll be using the apt package manager in the commands.

Next, you’ll need to download Docker’s official GPG key and add it to your apt keyring. After this, you can add Docker’s repository to your apt sources.

Finally, update your package database again and install Docker, Docker CLI, and the containerd.io package. With these steps, Docker should now be installed on your Ubuntu system.

sudo apt-get update
sudo apt upgrade

sudo apt-get install \
    ca-certificates \
    curl \
    gnupg \
    lsb-release

sudo mkdir -p /etc/apt/keyrings

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg

echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

sudo apt-get update

sudo apt-get install docker-ce docker-ce-cli containerd.io

Docker Compose is a tool for defining and managing multi-container Docker applications. Install Docker Compose by downloading it from the official Docker GitHub repository, making it executable, and creating a symbolic link to the binary.

As an alternative, Docker Compose can be installed as a Docker plugin. To do this, create a directory for Docker CLI plugins and download Docker Compose into this directory. Then, make the Docker Compose binary executable.

Install docker compose - releases https://github.com/docker/compose/releases

sudo curl -L "https://github.com/docker/compose/releases/download/v2.12.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose

Optional Install docker compose as docker plugin

sudo apt install docker-compose-plugin
mkdir $HOME/.docker/cli-plugins
curl -L "https://github.com/docker/compose/releases/download/v2.12.2/docker-compose-$(uname -s)-$(uname -m)" -o $HOME/.docker/cli-plugins/docker-compose

Or copy it into one of these folders to install it system-wide:
/usr/local/lib/docker/cli-plugins OR /usr/local/libexec/docker/cli-plugins
/usr/lib/docker/cli-plugins OR /usr/libexec/docker/cli-plugins

chmod +x $HOME/.docker/cli-plugins/docker-compose

Using Docker Compose involves three steps: defining your application environment with a Dockerfile, defining the services that comprise your application in a docker-compose.yml file, and running the application with the docker compose up command.

Once you’ve installed Docker and Docker Compose, it’s essential to understand some basic Docker management commands. These commands will allow you to stop all Docker containers, remove all Docker containers and images, and clear unused Docker volumes. There’s also a docker system prune -a command that allows you to remove all unused Docker resources.

You may also want to specify the restart policy of your Docker containers. You can set a container to restart unless it’s manually stopped with the --restart unless-stopped flag. This flag can also be added to an already running container with the docker update command.

docker stop $(docker ps -a -q)

Docker remove all containers

docker rm $(docker ps -a -q)

Remove All Docker Images

docker rmi $(docker images -q)

Clear unused volumes

docker volume prune

Docker system prune , remove all unused resource

docker system prune -a

Run container unless stop

docker run -d --restart unless-stopped redis

Changes the restart policy for an already running container

docker update --restart unless-stopped redis

Update unless stopped for all running containers

docker update --restart unless-stopped $(docker ps -q)

Create docker network with IP network 172.30.0.0/16 network docker net name and interface net0

docker network create \
	-o com.docker.network.bridge.name=net0 \
	--subnet=172.30.0.0/16 \
	net

Docker allows you to create a custom network for your Docker containers. For example, you can create a network named net with a subnet of 172.30.0.0/16 and a bridge name of net0.

When working with Docker networks, you may need to inspect or modify your iptables rules. Use the iptables -t nat -L DOCKER -n -v and iptables -L DOCKER-USER -n -v commands to list the iptables rules for Docker containers.

In some cases, you might want to modify your iptables rules to control traffic to your Docker containers. For instance, you can drop all incoming packets on a specific network interface, allow only established and related connections, or accept packets from a specific IP address to a certain port. If you make a mistake, you can also remove an iptables rule with the -D option.

List iptables rules for docker container

iptables -t nat -L DOCKER -n -v
iptables -L DOCKER-USER -n -v

Add IP tables for Public network eno2 interface, DROM and ESTABLISHED,RELATED

iptables -I DOCKER-USER -i eno2 -j DROP
iptables -I DOCKER-USER -m conntrack --ctstate ESTABLISHED,RELATED -j RETURN

Add iptable rule, Accept tcp from source IP and dst port 80

iptables -I DOCKER-USER -i eno2 -s 178.16.30.14 -p tcp --dport 80 -j RETURN

Remove iptable rule

iptables -D DOCKER-USER -i eno2 -s 178.16.30.14 -p tcp --dport 80 -j RETURN

In conclusion, Docker provides a powerful and flexible platform for managing and deploying software applications. With the steps in this guide, you should be well-prepared to install and manage Docker on an Ubuntu 22.04 LTS system.