Last active
March 16, 2018 09:59
-
-
Save bluefangs/f454a61bddab62ba28aa73eebf65f857 to your computer and use it in GitHub Desktop.
Bring-up instructions for alpine VM with docker
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Install and run alpine linux. follow through with the setup procedure (setup-alpine) | |
Login as root user. | |
#### Install sudo #### | |
apk is the default package manager. | |
apk update <-- updates to the latest packages. | |
apk add sudo <-- installs sudo | |
#### Install docker #### | |
vi /etc/apk/repositories and uncomment http://dl-cdn.alpinelinux.org/alpine/edge/community and save | |
apk update | |
apk add docker <-- installs docker | |
rc-update add docker boot <-- to start docker at boot time | |
service docker start <-- start docker service manually | |
#Note: On older version of Alpine Linux with older version of docker you'll also need to disable some kernel security flags in order to build images: | |
sysctl -w kernel.grsecurity.chroot_deny_chmod=0 | |
sysctl -w kernel.grsecurity.chroot_deny_mknod=0 | |
apk add py-pip <-- install python pip | |
pip install docker-compose <-- install docker compose | |
apk del py-pip <-- we no longer require this package. | |
More info here: https://wiki.alpinelinux.org/wiki/Docker | |
#### Configure sshd #### | |
vi /etc/ssh/sshd_config | |
Port 22 <-- uncomment this | |
PermitRootLogin yes <-- add this if you want ssh access to root | |
save | |
service sshd restart <-- restart the shh daemon | |
#### Create non sudo user #### | |
adduser potato <-- provide requested details such as pwd etc. | |
#### Mechanism to allow non sudo user to change ip #### | |
vi setip | |
#!/bin/sh | |
usage() { | |
echo "setip" | |
echo "usage: setip IPADDRESS" | |
echo "Configures the eth0 interface with specified IP address" | |
} | |
if [ $# -ne 1 ]; then | |
usage | |
exit 1 | |
fi | |
IPADDR=$1 | |
ifconfig eth1 $IPADDR | |
save this file in /usr/local/bin/ | |
chmod +x /usr/local/bin/setip <-- give execute permission | |
visudo <-- open sudoers file | |
Add the below line to it. | |
potato ALL = NOPASSWD: /home/potato/bin/setip <--allow potato userto execute setip executable | |
save | |
More info here: https://forums.fedoraforum.org/showthread.php?180471-Editing-sudoers-to-allow-ifconfig-only-on-certain-interfaces | |
potatop user can now setip using: sudo setip 1.2.3.4 | |
apk add bash <-- install bash shell (reqd for some custom written scritps) | |
apk add bash-completion <-- bash automatic command completion | |
apk add inotify-tools <--for the filewatcher methods | |
apk add openssl <--for encryption |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment