Docker offline installation? Do it right!
Utilizing Docker containers becomes more and more popular for software development companies. Why? Because it’s quite convenient to build, deploy and run one application in one separate container packaging it up with all the parts it needs including libraries and other dependencies. Although Docker delivers some level of security, containers themselves do not provide all necessary security measures. For many organizations security is a big issue when dealing with open-source tools. As such, we decided to share how to install Docker images from Docker Hub without the Internet connection for organizations that do not work with Internet-facing servers no matter what the reasons are.
What’s Docker and what’s it for?
In case you are unfamiliar with Docker, it can be described as an open-source tool constructed to design, deploy and run software utilizing containers. In a way, Docker might be considered a virtual machine but unlike VMs, with Docker, you don’t need to build an OS from scratch as it uses the same Linux core your host system leverages. In other words, Docker expects apps to be exported with new features not initiated on the anchor machine.
Docker is the kind of tool suitable for both — devs and IT specialists which shapes it into a perfect DevOps instrument. With Docker, developers mainly concentrate on code creation letting the tool take care of the system running it. Not to mention, the fact that they can get the first crack if they choose an already-crafted, code-running program to operate in a Docker container. With Docker, system admins get the possibility to discard the number of frameworks demanded due to its little required space and lower overhead.
How to launch? Here are some helpful datasets for you to start implementing Docker in your flow: Docker tutorial combined with Docker emulator for you to test it. Plus, Docker guide for beginners and quite an informative video on introduction to Docker from Docker Inc. co-founder and former Docker Inc. CTO and Chief Architect Solomon Hykes.
Docker offline installation in 4 steps
That being said, Docker containers themselves do not provide all necessary security measures. For that reason or otherwise, some venture servers are not presented to the Internet and are frequently sitting behind firewalls with limitations to preclude any vindictive movement on an Internet-based server. The main challenge here is that to introduce a Docker image from the Docker Hub, you have to be connected to the Internet. Usually, you would install Docker using apt-get, but it’s impossible without the Internet. One solution might be mirroring the entire Ubuntu [apt] repository, but due to its enormous size, this route is not efficient.
Here we propose Docker Offline installation in 4 steps:
Step 1 — Deal with a Dockerfile. We save packages during the building of the images on Docker. And, not to worry — it does nothing but store the artifacts.
Here you can specify the Docker package version you want.
ENV DOCKER_VERSION 5:19.03.13~3–0~ubuntu-focal
Install curl and basic software
RUN apt-get update -qqy && \ apt-get install -qqy — no-install-recommends \ apt-transport-https \ ca-certificates \ curl \ gnupg-agent \ software-properties-common && \ apt-get clean -qqy && \ rm -rf /var/cache/apt
Add official Docker repository
RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -RUN add-apt-repository \ “deb [arch=amd64] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) \ stable”
Run this block in order to list available docker versions to install
RUN apt-get update -qqy && \ apt-cache madison docker-ce && \ apt-get clean -qqy && \ rm -rf /var/cache/apt
Download all packages including docker, containers, python3
RUN apt-get update -qqy && \ apt-get reinstall -qqy — download-only \ docker-ce=”$DOCKER_VERSION” \ docker-ce-cli=”$DOCKER_VERSION” \ containerd.io \ python3 \ python3-pip \ python-is-python3 && \ mkdir -p /archives && \ mv /var/cache/apt/archives/*.deb /archives/ && \ apt-get clean -qqy && \ rm -rf /var/cache/apt
Step 2 — Get artifacts. To get artifacts you have to run the image and copy folder with *.deb packages taken out. Let’s build the image and get artifacts out.
docker build -t test .docker run \ --rm -it \ -v “$(pwd):/host” \ --entrypoint sh test \ -c ‘rm -rf /host/archives; mv /archives /host’
Or you can make an archive. Also, you do not need to compress them, packages are already compressed.
docker run \ --rm -it \ -v “$(pwd):/host” \ --entrypoint sh test \ -c ‘tar -cpvf /host/archives.tar /archives’
Step 3 — Installation. Now we can install all the packages we have.
cd artifactssudo dpkg -i *.deb
Step 4 — Testing. Let’s check whether Docker is ready.
docker ps -q || sudo systemctl enable --now dockerdocker info
Wrapping things up
With Docker being a very convenient tool for building, deploying and running products, but some organizations are hesitant to use not wanting to expose sensitive data to the internet. For these companies, an offline Docker setup could be a great solution. Hope this guide will help to resolve at least several headaches. Shoutout to the amazing DevOps team here at IT Svit for helping compile this guide.