I jumped into Docker feet first a few months ago and have not had a real good time with it. Networking doesn’t make sense, I can’t ever seem to access config files without dropping to su -, all the tutorials and videos I find are pretty top level and assume the user already has a firm grasp on it. It’s great for drop in stuff like open speed test and Vaultwarden but I recently tried setting up dashy and I can’t even find the config files to edit. The Dashy documentation says the easiest way to edit the configs is to use code-server, so I spun up a code-server VM and can’t even get it to open the files because the web based VSC doesn’t allow for SSH editing. There’s nothing explained in the documentation beyond that.

Yes I’m frustrated but I’m not bitching as if these solutions are trash, I’m simply asking where can I go to learn this shit from the ground up? It doesn’t make any sense to me from the perspective that I’ve approached it. Networking seems to be silly and weird, entering an interactive TTY to the container seems to be useless as there’s no package manager and doesn’t seem to have vim, nano, or any native way to edit configs. It’s been extremely frustrating so I ask you, where can I learn what I’m doing wrong and how to properly work with Docker?

  • flubba86@lemmy.world
    link
    fedilink
    English
    arrow-up
    13
    ·
    1 year ago

    Sounds like you, like a lot of others, have come to docker from the perspective of “it’s like a mini virtual machine”. Maybe you’ve used VMs before, like virtualbox or VMware or EC2. Maybe you have experience with setting up a cluster of VMs, each with their own OS, own SSH client, own suite of applications, and an overlay network between them all. Maybe someone told you “you should use docker instead, it’s like mini lightweight VMs”. And you’d be right to assume this is the wrong perspective to approach docker, because it leads to the problems you have faced.

    Instead, try to think of docker containers as standalone applications. They don’t contain a kernel, they don’t have SSH, no Nano or VIM, just simply the Application, in a container, with enough supporting filesystem and OS libraries to make the application work.

    That perspective is what helped me to get better at docker, I know it’s not exactly answering your question, but it might help.

    • dartanjinn@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      2
      ·
      1 year ago

      “like mini lightweight VMs”

      That’s exactly how I’ve approached it cause that’s exactly how it was explained. But it’s not at all like that. Thanks for your explanation.

      • flubba86@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        Same, that’s how it was explained to me too. It spent over a year learning docker the wrong way, and trying to use it as a replacement for VMs, after a coworker told me that.

        • jcg@halubilo.social
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Heh I remember searching for an hour about how to see the GUI of a docker container when I was first getting into it. Didn’t help that I was using windows to run docker, either, it’s a whole other layer of abstraction.

  • ryapric@lemmy.world
    link
    fedilink
    English
    arrow-up
    11
    ·
    1 year ago

    Echoing the sentiment that you should adjust your perspective in approaching containerization, otherwise you’re in for a tough time.

    Jerome Petazzoni, one of the more recognizable names in the container community, has a site where he puts all of his workshops, slides, etc. This is his one for getting started with Docker.

  • ColdCreasent@lemmy.ca
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    Lots of great information and suggestions in this discussion. Thank you everyone who are offering your input. I’d like to ask as well, how easy is it to setup docker for use in windows? I ask this because almost every guide I’ve found has docker running in Linux. I realize you are able to setup a docker in windows, but I was struggling to get basic instructions for windows, and even the tutorial in docker required me to switch back to docker types that don’t work in windows.

    • NekuSoul@lemmy.nekusoul.de
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      From my experience the “default” experience, which is Docker Desktop, is a pain, due to what you described. In particular, Linux containers and Windows file permissions just don’t mix well.

      Other than that, there’s three options:

      1. Docker Desktop, but used from WSL 2. This seems to be the cleanest solution nowadays. Never personally used it though. Officially supported.
      2. Installing Docker inside WSL 2. Configuring this correctly is a bit of a pain and not really supported AFAIK.
      3. Installing Docker in a VM, using the integrated Hyper-V functionality for example. The least amount of integration, but most reliable.
      • markr@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        Docker Desktop for windows (DDW) using wsl2 for hosting containers is very easy to get started with. It also integrates directly with visual studio code.

        Long term you will likely want any useful container services hosted on a Linux vm rather than wsl, as wsl (and DDW) are tied to and start with your Windows user account.

      • ColdCreasent@lemmy.ca
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        And WSL 2 is the “Linux within windows” if I recall. And your other recommendation is a Linux vm with dockers running inside it? I’ll give that a try if I decide to switch to dockers again instead of just a vm. My original use case was to have a downloader and vpn bundled inside one docker so the rest of the system doesn’t see the vpn connection, but decided to use a vm to accomplish it instead due to “windows+docker” issues.

  • PriorProject@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    ·
    edit-2
    1 year ago

    Others have pointed out that docker containers aren’t idiomatically like VMs and you interact with them differently. Some workflow tips:

    • Don’t edit configs in containers. Mount your config files as a volume. Edit them from your host using your normal editor and restart your container when they change.
    • Don’t exec into your running container and then try to install debugging tools as you need them. Use a Dockerfile to build an image that has the debugging tools you need and launch your container using that.
    • In general, mess with your container less while its running. Use dockerfiles, compose, and entry point scripts to set things up in your container so it’s the way you want it on startup. While its running, just use docker logs to see what it’s doing or run the occasional debugging command via exec if you must… but do more during container-build and startup and less after it’s running. Rebuild and restart the container a lot during debugging to make your changes take effect.

    The other issue in play here is that the fundamentals necessary to understand how docker containers run aren’t actually docker fundamentals. They’re:

    • Networking fundamentals. The container networking stack is really configurable and really complicated.
    • Volumes and config mounts are based on overlay filesystems.
    • Lots of docker issues are related to complex security systems like Linux capabilities.
    • All of these systems are configurable, and different docker setups use them different ways.

    These things aren’t trivial to learn, a thorough understanding of these things is the difference between a junior sysadmin and a senior one, and you WILL get exposed to them when things break. But step one in learning more is definitely to recognize that the hards parts of docker are rarely docker itself. Rather, the hard parts are their own thing. Figure out what Linux system you’re struggling with and start learning about that and how docker uses it rather than narrowly focusing your research on docker itself. Anything focusing on the docker piece must necessarily gloss over the real foundations which are often very complex… so this will start you expose you to deeper material that you can assemble in your own mind into an understanding of your own specific docker setup.

      • PriorProject@lemmy.world
        link
        fedilink
        arrow-up
        3
        ·
        edit-2
        1 year ago

        I went through that phase too, but people haven’t widely adopted the idioms around immutable infrastructure for no reason. My LXC setup was more work to maintain and left me with much MUCH more upgrade uncertainty than my idiomatic/immutable container setup does. I have a deep understanding of both systems and both approaches and I would never go back to using LXC like VMs.

    • Voroxpete@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      I was in the process of writing basically this same post, but you’ve already said it very well.

      Docker isn’t really a technology in and of itself; its an applicable of many of the fundamental components of Linux to create a specific result. To really understand it you have to understand the technologies it’s built from.

      A recommendation I’ll throw in here for OP is How Linux Works by Brian Ward. This book is an excellent first step in really understanding those Linux fundamentals.

  • HousePanther@lemmy.goblackcat.com
    link
    fedilink
    English
    arrow-up
    3
    ·
    edit-2
    1 year ago

    I started learning docker first by how to customize an image. Since Alpine Linux is a popular light weight distro, I started with customizing it and moved from there. I also explored other people’s Dockerfiles to see how to use a Dockerfile to customize an image to containerize an app.

    I found almost every YouTube howto on the subject matter very frustrating and often making the assumptions that you note. I also read the reference documentation on docker’s website. It’s not easy and it’s time consuming. I’d say I am good enough to be dangerous, not much more than that. Mostly, I’ve modified other people’s images to suite my needs

    • dartanjinn@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      0
      arrow-down
      2
      ·
      1 year ago

      Thanks I’ll look into that. It doesn’t help that my introduction to Docker was using portainer so I haven’t really had much experience in the terminal outside of docker ps. I really put the cart before the horse there and am regretting it.

      • HousePanther@lemmy.goblackcat.com
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Hey, it’s okay. I’ve been there and done that myself. You’ll find it useful to look at both Dockerfile and docker-compose.yml files. A mistake I made early on was thinking I could replace a Dockerfile with a docker-compose.yml one. The Dockerfile itself describes how an image should be built. The docker-compose.yml file describes the environment and fetches images. It also may pass variables to the Dockerfile.

  • redcalcium@lemmy.institute
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    1 year ago

    Some pointers that might help you:

    You can mount the same directory in multiple containers. So you can totally have a container reading files from a directory, and access the same files on that directory from, say, a VSCode server container. Just make sure the containers both use the same UID and GID to prevent permission issues.

  • Ducks@ducks.dev
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    This might not be a popular opinion, but I had a very short period of time between graduating school and starting work where I needed to learn docker and I found this course: https://serversforhackers.com/shipping-docker to be very helpful, they had a sale and I got the course and it taught me everything I needed in a few days.

    You absolutely don’t need a course to learn it, but sometimes these can be easy shortcuts.

  • unscholarly_source@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    1 year ago

    I took a look at Dashy, I think I see the confusion. If you are looking at this article, then yes they mention Code Server, but that’s purely in the context of using Dashy in a non-docker context. But to be honest, any text editor works.

    But I think that’s a red herring. That in itself has nothing to do with docker.

    What you’ll need to do, once you understand the fundamentals of running docker, pull images, start a container based on an imagine, is to expose a docker volume that points to /public/conf.yaml. A docker volume ensures that the file or directory it’s mapped to in the container is available and persists outside of the container. This allows you to persist files and directories without losing them once the container stops or restarts.

    Once the volume is exposed, then you can use your favorite text editor to update the dashy config file. Code Server is fine, powerful, but overkill.

    But first, try getting familiar with pulling, starting stopping docker images using the cli. Gotta start there first before tinkering with docker parameters like volumes.

    • dartanjinn@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      0
      arrow-down
      2
      ·
      1 year ago

      Yeah Dashy isn’t really important to me, it’s just another fun project to learn more about Docker. However, what I learned is that I don’t know shit about what I’m doing lol. It proved to be a great tool at exposing my absolute ignorance of something I thought I was getting a good grasp on.

      Yeah I think I’m gonna shit can Portainer and go through that LinkedIn course someone else posted. Thanks for your insight.

      • unscholarly_source@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        1 year ago

        Portainer is definitely useful (I use it on a daily basis), but probably a bad place to start…

        I started with the following progression:

        1. Docker CLI
        2. Docker-Compose
        3. Writing my own scripts to build and manage docker-compose configs (purely optional and skippable)
        4. Portainer
        5. Purely optional, but in a professional setting, kubernetes and various container orchestration tools.

        Good luck in your journey!

        • dartanjinn@lemm.eeOP
          link
          fedilink
          English
          arrow-up
          0
          arrow-down
          2
          ·
          1 year ago

          Docker-compose got it done. Once I learned about Volumes and using compose to pass in volumes from other instances I was able to pass in a directory with a custom yaml to the Dashy container then pass the same directory into the code-server container and both are working as I expected they should. Compose and volumes were the missing pieces. I also learned that stacks is how to use compose in Portainer. Not sure why they felt the need to change the naming but it works.

    • Falmarri@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      This is almost worse than using sudo. Because now you essentially have full sudo access without having the protections of sudo, like asking for your password

    • subtext@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      1 year ago

      Podman is supposed to be a sudo-less container manager. Though fair warning I hear it is also quite frustrating to start.

      • PriorProject@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        Rootless podman (or docker) is a very different thing that adding yourself to the docker group. Rootless is an advanced topic that makes networking and other fundamental aspects of the container runtime work differently so it’s harder to exploit the runtime itself. Adding yourself to the docker group just gives your account permission access the docker daemon running as root… which is a much less fundamental change.

        I don’t recommend beginners to mess with rootless docker or rootless podman. Rootful podman is much more straightforward (though less well documented than docker).

      • dartanjinn@lemm.eeOP
        link
        fedilink
        English
        arrow-up
        0
        arrow-down
        2
        ·
        1 year ago

        Yeah I spent a few hours with Podman before I went straight back to Docker.

        • Dandroid@dandroid.app
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          What was different? I learned podman first because that’s what my work wanted to use. I feel like 99% of the time I can just alias docker=podman and everything just works the same way you would expect.

          Obviously podman has pods instead of docker compose, but you can get docker compose working for podman if you prefer to do it that way.

          The one thing that I feel is extremely wonky about podman is UIDs in rootless containers. But when I want to figure out what the UID a user has outside the container, I just mount an empty volume that has permissions 777, touch a file, then check the UID of that file outside the container.