curl -fsSL https://get.docker.com | sh
sudo gpasswd -a $USER docker
newgrp docker
# NOTE: you may remove the lines below, if you prefer to use rootful docker, not rootless
sudo systemctl disable --now docker
sudo apt-get install -y uidmap
dockerd-rootless-setuptool.sh install
docker context use rootless
Last active
September 19, 2021 04:35
-
-
Save outro56/6c621f50a5548d6403a3aca99d5c694b to your computer and use it in GitHub Desktop.
Alternative to docker-desktop
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# k3d configuration file, saved as e.g. /home/me/myk3dcluster.yaml | |
# to create cluster run | |
# `k3d cluster create --config /home/me/myk3dcluster.yaml` | |
# | |
apiVersion: k3d.io/v1alpha2 # this will change in the future as we make everything more stable | |
kind: Simple # internally, we also have a Cluster config, which is not yet available externally | |
name: prod # name that you want to give to your cluster (will still be prefixed with `k3d-`) | |
servers: 1 # same as `--servers 1` | |
agents: 2 # same as `--agents 2` | |
kubeAPI: # same as `--api-port 127.0.0.1:6550` | |
hostIP: "127.0.0.1" | |
hostPort: "6550" | |
ports: | |
- port: 8080:80 # same as `--port 8080:80@loadbalancer | |
nodeFilters: | |
- loadbalancer | |
options: | |
k3d: # k3d runtime settings | |
wait: true # wait for cluster to be usable before returining; same as `--wait` (default: true) | |
timeout: "60s" # wait timeout before aborting; same as `--timeout 60s` | |
k3s: # options passed on to K3s itself | |
extraServerArgs: # additional arguments passed to the `k3s server` command | |
- --tls-san=192.168.1.151 | |
extraAgentArgs: [] # addditional arguments passed to the `k3s agent` command | |
kubeconfig: | |
updateDefaultKubeconfig: true # add new cluster to your default Kubeconfig; same as `--kubeconfig-update-default` (default: true) | |
switchCurrentContext: true # also set current-context to the new cluster's context; same as `--kubeconfig-switch-context` (default: true) |
# install k3d
curl -s https://raw.githubusercontent.com/rancher/k3d/main/install.sh | bash
echo 'source <(k3d completion zsh)' >> ~/.zshrc
echo 'source <(kubectl completion zsh)' >> ~/.zshrc
# create a sample cluster
# k3d cluster create prod --agents 2 --agents-memory 2G --servers-memory 1G --api-port 6550 -p "8081:80@loadbalancer" --k3s-server-arg "--tls-san=192.168.1.151"
# install kubectl
sudo apt-get install kubectl
# install krew for kubectl
# see: https://krew.sigs.k8s.io/docs/user-guide/setup/install/
# then install [kubectx & kubens](https://github.com/ahmetb/kubectx)
$ kubectl krew install ctx ns
# https://github.com/lima-vm/lima
$ brew install lima
$ limactl start default ## probably edit defaults to increase RAM for app-core deps
$ lima nerdctl run -d --name nginx -p 127.0.0.1:8080:80 nginx:alpine
$ echo "alias docker='lima nerdctl'" >> ~/.zshrc
# to enable cgroups v2
# see: https://rootlesscontaine.rs/getting-started/common/cgroup2/
# if you want to also run podman from host
$ lima sudo apt-get -y update
$ lima sudo apt-get install -y podman
# to install version 3.0.1
$ brew extract --version=3.0.1 podman homebrew/cask
$ brew install podman@3.0.1
$ alias podman='CONTAINER_HOST=ssh://$(id -un)@localhost:60022/run/user/$(id -u)/podman/podman.sock CONTAINER_SSHKEY=$HOME/.lima/_config/user podman run -it --rm alpine'
# Hint: To allow `docker` CLI on the host to connect to the Podman daemon running inside the guest, run the following commands:
$ ssh -f -N -p 60906 -i ~/.lima/_config/user -o NoHostAuthenticationForLocalhost=yes -L $HOME/podman.sock:/run/user/$(id -u)/podman/podman.sock 127.0.0.1
$ export DOCKER_HOST=unix://$HOME/podman.sock
$ docker ...
#Start the systemd user session on boot
sudo loginctl enable-linger $(whoami)
#Enable dbus user session
systemctl --user is-active dbus
# allow pings and listening on TCP/UDP ports below 1024
sudo touch /etc/sysctl.d/99-rootless.conf
sudo echo "net.ipv4.ping_group_range = 0 2147483647" >> /etc/sysctl.d/99-rootless.conf
sudo echo "net.ipv4.ip_unprivileged_port_start=0" >> /etc/sysctl.d/99-rootless.conf
sudo sysctl --system
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment