Hello to all.
It is my first time i install OpenSuse Tumbleweed after using Ubuntu and debian derivatives OSes . I really enjoy using Tumbleweed and i must say that is by far one the most beautiful OSes in the world. Same counts for its simplicity and features.
I intend to use OpenSuse to learn and experiment on Docker (for wordpress and drupal development)
I spent a lot of time reading about installing it and what problems may occur.
What i have seen is that installing Docker in /var/lib/docker with Btrfs filesystem will make things hard since snapper will trace all the changes and the snapshot will be really big.
A solution i read about, is making a subvolume for /var/lib/docker with EXT4 FS and exclude it from the snapper procedure so in case of a rollback containers will remain and problems will not occur.
Since i don’t want to install and reinstall and make foul steps, i need your help in that including the commands i must use as i am a new Suse user that has to read a lot in the way to learn about new commands to me.:shame:
For your information , i haven’t installed Docker yet waiting for a nice reply from you and begin the procedure correctly .
Tumbleweed stays clean at the moment .
a1: Is it better to run sudo docker-compose … etc or add user in the docker group for simplicity ? Many people don’t recommend it since it is not secure .
a2: Supposing that i am the only one using the machine is it ok to leave Default firewalld settings to Public Zone ? ( behind a router) . I am coming from the world of “sudo ufw enable” .
Really appreciate the reading. Waiting for your replies.
First of all, docker is great. Keep on learning it.
Now, I do use docker on btrfs but I do not use snapper. So I cannot really help with the snapper problem. I think the opensuse installer offered to create several subvolumes including some in /var. Is there no way to exclude subvolumes in snapper? Another option is to simply place /var/lib/docker somewhere else, ie a different disk, partition, logical volume.
Whatever you choose for docker storage directly affects the docker storage driver. Meaning not all drivers work for all filesystems. Ext4 is should okay for overlay driver. If you come from debian/ubuntu, then note that tere is no aufs driver here.
On a more general note, mind production setup. You can develop locally but you need to know what docker version and indeed what operation system your production server runs. RHEL/Centos for instance ships fairly old docker version, has very limited choice of storage drivers, and there is no docker-compose.
As for firewalls, I cannot help either as I do not run any firewalls locally and for production systems the firewalls are managed outside the VMs by the data centre.
Sorry for me not actually being able to answer you immediate questions about snapper and firewalls. Maybe others could help. Once you have sorted that out, head over to the virtualization forum and ask some more.
Well, you did ask about install and initial configuration. So your question does fit the install forum
BTW, how much disk space did you allocate to /var (or /, if /var is not separate)? For small scale docker with a handful of images you will need something like 10G minimum available in /var/lib/docker. If you intend to do a lot of builds or test lots of images, it is more like 50G and even that might require frequent cleanup. If you only have the usual 40G in /, then you will probably have to place /var/lib/docker somwhere else.
Indeed i have the usual 40G in / (Btrfs) and 67G in /home (XFS) and 5-6 G in swap . Last time i used Partitioner to resize /home partition to give an EXT4 to /var/lib/docker didn’t allow probably because there is no LVM on it . Will it be helpfull to use gparted and resize /home and format the new partition to EXT4 and assign it to /var/lib/docker ?
Well, you can keep that partitioning but you have to manage snapper snapshots tightly or disable snapper. Even without docker, the nature of tumbleweed quickly uses up all space with snaphots.
Personally, with such a small disk, I would not partition at all and use all of it as / plus swap. The tradeoff is that you would have to backup /home as a reinstall will not preserve it. Also, the documentation says that subvolumes are not included in / snapshots by default. So if you make /var and /home subvolumes of /, then both should not be included in snapper snapshots. That way you could keep the snapper insurance against bad updates. Still, you need to backup /home. Which you would have to do anyway as snapper does not help if the disk fails.
But really, that is all a different discussion and I am not the best person to ask for advice when it comes to partitioning. I think partitioning is a waste of space and snapper is nice but I have no use for it. My /home gets mirrored to local NAS several times a day and I do not even backup anything outside /home lol! .
I suppose this could be ok in partitioning ? Got this screenshot from a virtualbox testing environment. Disk size is not the same as the destination , just used them for practice.
I am not using the installer that often. I think you get presented an auto-generated partitioning scheme. Which you can edit. Just remove /home partition and edit / to span the space freed up by removing /home. In the edit screen of the / partition there is a button subvolume handling (or similar). That will bring up a list of subvolumes to be created on the partition. Just add /var/lib/docker. If /home is not listed there, add that too.
Ext4 would also be fine. I am not sure about snapper on ext4. I think it will not work. And there are no subvolumes on ext4. If you go that route, installation of docker should select overlay2 as storage driver.
So i made up my mind and i will be doing a fresh install with ext4 fs and since there will be no snapper i can have separate /home partition in case i have to reinstall OS .
From what i have read Overlay2 is much better isn’t it?
Also is it more secure to run docker containers with sudo instead of adding a user to the docker group ?
Overlay storage is fine. It is the recommended driver unless special setups like btrfs (which has its own driver) are used.
There is no need to run docker client as root. Just add your user to the group named docker and enable the docker service
sudo zypper in docker
sudo usermod -a -G docker <yourloginname>
sudo systemctl enable docker
Once you have logged out and back in, you can run docker commands. Start with “docker info” and check what storage driver it reports is used. If you need to change anything, check /etc/sysconfig/docker.