See I run freenas 9.* and the jails are fantastic. The issue I have with docker on the new corral is that I dont have the resources to dedicate to a vm for EVERY docker instance, plex, nextcloud, etc. I liked the way it handled it pre-corral, and docker is a good idea for people with lots of cores, just not for home server instances. /offtopic
to be beautiful it is very beautiful
1’ but like the guy said on is demo they try (but they don’t) to not over user local resource
I means I had a hard time with my old MacBookPro 8.1 to run it.
2’ My second point is I don’t like the fact they force me to use Chrome.
But at the end it’s look like a https://my-netdata.io/ with over kill demand of resource.
As you probably figure I try a lot of stuff 
One cockpit I try these days for Docker is : http://portainer.io/
It’s light but give you power to dig and is quite intuitive.
Yes it looks nice, did you try it On NS ?
hum netdata ? yes I try it on nethserver
portainer ? yes and no, it’s what I use with my CoreOS which is in KVM on Nethserver.
I recall a conference at the fosdem last year…5 levels of virtualisation… It could be nice to test it directly in NS.
Hi it’s me again 
I just understood @davidep made it happen, I mean Docker on Nethserver 7
But like @indra
How We could fix this ?
That package was just an experiment and is now obsolete, since Shorewall implemented a builtin support for Docker net filter chain.
Doh I just force the installation with yum --nogpgcheck 
1 Like
How did this go, not breaking to much other things? I would do it too, but mine is a production server with 50+ email accounts, file sharing, etc . Breaking it would be hell (and mess up my holiday).
Never be too prudent, so you could try it in a VM and have validate backup
but it when surprisingly very well I instead of using apache as proxy I dockerise it with HAProxy.
O btw, @stephdl; Portainer run well on Nethserver with Docker.
The only thing is the package is not maintained so it’s not a viable solution for production.
PS: I also stop the services and uninstall it, without any issue or need to reboot
Are you talking that you installed portainer by a rpm…you have a docker image for that. Does portainer is merely used ?
easy to play with portainer, on a NS7
curl -fsSL https://get.docker.com/ | sh
systemctl enable docker
systemctl start docker
docker run -d -p 9000:9000 -v "/var/run/docker.sock:/var/run/docker.sock" portainer/portainer
then go to http://IP:9000
create the first user admin, then set to run portainer ond the localhost. That’s all
Probably a zillion things more to do, but I can create a basic httpd ‘hello word’ reachable on port 32768
2 Likes
hum to clarify my tough, and following what “Discourse” propose, which means talking about one idea per post
the package is not maintained was related to nethserver-doker
so now my turn to ask you to clarify
you means if I install docker [quote=“stephdl, post:47, topic:1127”]
curl -fsSL https://get.docker.com/ | sh
systemctl enable docker
systemctl start docker
docker run -d -p 9000:9000 -v “/var/run/docker.sock:/var/run/docker.sock” portainer/portainer
[/quote]
I will have no firewall issue ?
You can try this after installing portainer:
config setprop firewall Docker enabled
signal-event firewall-adjust
I know you will have some troubles, but I don’t rember exactly when. Usually a firewall-adjust is enough to fix it.
1 Like
Guys; @stephdl & @giacomo
I love both of you so much, and everyone in this forum, but specially both of you 
I’m going to get ride of my CoreOS VM to put everything at the Nethserver level.
3 Likes
I’ll love you more once you will share with us your achievements! 
I’m eager to know what are you working on
The road is long but the way is free…please wait a bit, it is even not an alpha stage.
something more workable with the portainer container (persistent data and start at boot if not stopped)
yum update -y
curl -fsSL https://get.docker.com/ | sh
the service docker must be tricked with shorewall
cp /lib/systemd/system/docker.service /etc/systemd/system/docker.service
vim /etc/systemd/system/docker.service
then change
-After=network.target firewalld.service
+After=network.target shorewall.service
and to bind the 0.0.0.0 IP to your real IP, like this you will be able to reach the tcp port of your container directly in portainer (set the IP of your server)
-ExecStart=/usr/bin/dockerd
+ExecStart=/usr/bin/dockerd --ip=xxx.xxx.xxx.xxx
then update the docker service
systemctl daemon-reload
systemctl enable docker
systemctl start docker
create default entries
mkdir /etc/e-smith/db/configuration/defaults/docker
echo 'service' > /etc/e-smith/db/configuration/defaults/docker/type
echo 'enabled' > /etc/e-smith/db/configuration/defaults/docker/status
/etc/e-smith/events/actions/initialize-default-databases
config setprop firewall Docker enabled
signal-event firewall-adjust
create and launch the portainer docker
mkdir /var/lib/portainer
docker run -d -p 9000:9000 --restart unless-stopped --name portainer-container -v /var/lib/portainer:/data -v "/var/run/docker.sock:/var/run/docker.sock" portainer/portainer
a good article to read : https://media-glass.es/portainer-the-ui-for-docker-d067f6335f23
to update portainer, you need to update the image, then remove the container and create it again. Since the data is persistent on the host, you will found all your settings.
- update all your images
docker images | awk '/^REPOSITORY|\<none\>/ {next} {print $1}' | xargs -n 1 docker pull
- stop portainer
docker kill portainer-container
- remove portainer
docker rm portainer-container
- create again portainer
docker run -d -p 9000:9000 --restart unless-stopped --name portainer-container -v /var/lib/portainer:/data -v "/var/run/docker.sock:/var/run/docker.sock" portainer/portainer
4 Likes
What I would be interested in to know is how docker containers vs local install of an application relate in terms of resources needed. Anyone has any documentation or hands-on experience with that?
I’d love to see some comparison data.