Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen der Seite angezeigt.

--- content:serverbasics:docker [2025/02/08 12:30] – [Update] obel1x
+++ content:serverbasics:docker [2026/03/01 11:44] (aktuell) – [Fast Stop of all Containers] obel1x
@@ Zeile 28: / Zeile 28: @@
 A short hint: Docker rootless uses Sub(g)uids, which is a feature of Linux. That means each user has a range of userids (quite a huge range) and groupid which the user may use. Those will be exclusive reserved for that user. But it does not mean, that the User can acces the Files created by those Subuids! Also the UIDs are onyl a number - not a real user in Linux having a username- They cannot be used to logon or to work with. Docker manages internally which Host-Subuserid is assigned to which caontainer and to which userid inside the running container/service. Inside the Container, you may become that user having a real username and a (different) uid.
+===== Which Devices / Raid- Level =====
+I strongly do not advise to use Raid5 with classical harddrives to run docker on it. If you plan to have large Data in /home/docker and you want to use xfs + Raid5 to better use your drive- space, than you should use another disc for the overlays of docker.
+For me, i switched to RAID1 on SSD an mounted that to /home/docker/.local - where all Docker files will be stored. Large Data is than stored somewhere else if needed.
 ===== Packages NOT to install =====
@@ Zeile 318: / Zeile 324: @@
 ''~/.config/docker/daemon.json''
-**by default, the path and the file is not existent, __create it new__  within the docker user**.
+**by default, the path and the file is not existent, __create it new__ within the docker user**.
 For example, enable IPv6. See [[https://docs.docker.com/config/daemon/ipv6/|https://docs.docker.com/config/daemon/ipv6/]] for details.
@@ Zeile 324: / Zeile 330: @@
 {
- "ip6tables": true,
  "ipv6": true,
- "fixed-cidr-v6": "fd12:3456:789a:1::/64",
+ "ip6tables": true,
+ "fixed-cidr-v6": "fd12:3456:1:::/48",
+ "iptables": true,
+ "fixed-cidr": "172.1.0.0/16",
  "log-opts": {
    "max-size": "10m",
@@ Zeile 335: / Zeile 343: @@
 </file>
-Notice: Don't use ''userns-remap''  - this won't work and makes no sense in rootless!
+Notice: Don't use ''userns-remap'' - this won't work and makes no sense in rootless!
 Edit: "experimental": true has been removed for ipv6 with docker v27.
@@ Zeile 342: / Zeile 350: @@
 Maybe use this tool to generate: [[https://www.unique-local-ipv6.com|https://www.unique-local-ipv6.com]]
+==== The default Network is not IPV6- enabled by default ====
+If you specify no network, or use the network: default - than as the time of writing, IPV6 will not be enabled by default.
+So, in your docker-compose.yml you need the lines:
+<file>
+networks:
+# Still needs to be defined while without it won't enable ipv6
+  default:
+    driver: bridge
+    enable_ipv6: true
+</file>
 ===== Networking in Docker rootless =====
@@ Zeile 348: / Zeile 372: @@
 Instead the network is encapsulated in the environement of rootlesskit and not visible to the host. From the Hosts view Docker is just another Application running on your Host talking to the internet like some app would do.
+===== Performance =====
+when you install pasta- networking driver, you can edit your docker systemd and use a much improved networking-driver.
+Also you can make Docker a higher Priority and Nice-Value:
+<code>
+docker@server:~> systemctl --user edit docker.service
+[Service]
+# Higher Prio for Docker
+Nice=10
+IOSchedulingClass=best-effort
+IOSchedulingPriority=7
+# Use Pasta- network Driver (of your Host - Pasta needs to be installed)
+Environment="DOCKERD_ROOTLESS_ROOTLESSKIT_NET=pasta"
+Environment="DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER=implicit"
+Environment="DOCKERD_ROOTLESS_ROOTLESSKIT_FLAGS=--ipv6"
+</code>
 ===== Install docker compose =====
@@ Zeile 411: / Zeile 456: @@
 </file>
 ===== Create a place for Yamls =====
@@ Zeile 484: / Zeile 528: @@
 Now you can go to [[http://localhost:9000|http://localhost:9000]] and pick a password to finish the setup of Portainer using the local Environment and enjoy the docker-party:
-{{  .:screenshot_20231221_101150.png?968x260  }}
+{{  :content:serverbasics:screenshot_20231221_101150.png?968x260  }}
 Thats all: Docker is running and serving your services, cheers!
@@ Zeile 492: / Zeile 536: @@
 This makes life easy ''docker_stop_all.sh'':
 <file>
 #!/bin/bash
 docker stop $(docker ps -a -q)
@@ Zeile 498: / Zeile 541: @@
 </file>
+===== Find the latest Commit in git =====
+Sometimes the Repository does not offer a latest Tatg, so its hard to find the right Tag to use. Maybe this coding helps (not testet wheter to get the right commitid for the Image):
+<code>
+ if [ -z ${TVHEADEND_COMMIT+x} ]; then \
+    TVHEADEND_COMMIT=$(curl -sX GET https://api.github.com/repos/tvheadend/tvheadend/commits/master \
+    | jq -r '. | .sha'); \
+  fi && \
+</code>