Morning Musings

I'm not ready to wake up yet...

Running Docker in Qubes

| Comments

This is a quick post describing how to run Docker inside of a Qubes Appvm.

Create a new template

I chose to clone my existing Debian template. This tutorial assumes the template is Debian-based. Ideally your template would be very minimal, only requiring basic packages such as the following:

  • git
  • gedit

If you are also planning on using the dockerfile generator, you will need the following:

  • ruby
  • ruby-dev
  • gcc
  • make
  • fpm (sudo gem install fpm)

Here is my template:

Template

Make sure that the update proxy is disabled in the firewall settings:

Firewall

Install Docker to the template1

Run the following commands in the terminal:

sudo apt-get update
sudo apt-get install curl
curl -fsSL https://get.docker.com/ | sh

Next, enable the default user to use Docker:

sudo usermod -aG docker user

Change the default directory2

sudo vim /etc/systemd/system/docker.service

Add the following to the file:

[Service]
ExecStart=
ExecStart=/usr/bin/docker daemon -H fd:// -g /home/user/docker

Finally, run the following command to apply the configuration:

sudo systemctl daemon-reload

Create an Appvm

First, poweroff the template. Then create an Appvm based on the template. Increase the available disk space, since the docker images are being stored in the persistent private storage.

Appvm

Test it out

Run the following command in the Appvm as the normal user:

docker run -it --rm hello-world

You should see the following:

Testing Docker

Comments