How to run the Docker daemon?

[UncleScrooge]

Hi gals and guys,

I installed the whole Docker 19.03.6 pet with Package Manager.

does anyone know how to have the docker daemon up and running?

in ubuntu (forget the sudo) is:

Code: Select all

systemctl start docker

now, if I try to start any container I get:

Code: Select all

Cannot connect to the Docker daemon at unix:///var/run/docker.sock . Is the docker daemon running?

[Semme]

Careful with that systemd stuff - you'll break Pup.

As for your daemon, both docker-containerd & docker.io provide >> docker-containerd

Hmm, containers in a container logic? Get your AppImages here >> https://dockstation.io/

[UncleScrooge]

Careful with that systemd stuff - you'll break Pup.

As for your daemon, both docker-containerd & docker.io provide >> docker-containerd

Hmm, containers in a container logic? Get your AppImages here >> https://dockstation.io/

I am a complete illiterate on Docker.
All I know is that my colleagues in R&D, now getting interested in the final result of this (we are a few weeks away from going live) want to see if it's possible to run some of their app.

this is the message I got from them:

...
Roughly, this tool consists two docker containers, with docker container orchestration being handled by docker compose.

Do you think it would be possible for you getting this tool up and running on this service USB drive?, e.g. a virtual machine?

I have attached the full tool if you could have a look? The tool can be run on linux by installing docker + docker-compose, and then executing the run.sh script.

run.sh:

Code: Select all

cd docker
docker-compose up -d
docker logs -f mqtt-receiver

when launching it I get this:
Traceback (most recent call last):

Code: Select all

  File "/usr/bin/docker-compose", line 11, in <module>
    load_entry_point('docker-compose==1.17.1', 'console_scripts', 'docker-compose')()
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 480, in load_entry_point
    return get_distribution(dist).load_entry_point(group, name)
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 2693, in load_entry_point
    return ep.load()
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 2324, in load
    return self.resolve()
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 2330, in resolve
    module = __import__(self.module_name, fromlist=['__name__'], level=0)
  File "/usr/lib/python2.7/dist-packages/compose/cli/main.py", line 17, in <module>
    from . import errors
  File "/usr/lib/python2.7/dist-packages/compose/cli/errors.py", line 11, in <module>
    from docker.errors import APIError
  File "/usr/lib/python2.7/dist-packages/docker/__init__.py", line 2, in <module>
    from .api import APIClient
  File "/usr/lib/python2.7/dist-packages/docker/api/__init__.py", line 2, in <module>
    from .client import APIClient
  File "/usr/lib/python2.7/dist-packages/docker/api/client.py", line 11, in <module>
    from .build import BuildApiMixin
  File "/usr/lib/python2.7/dist-packages/docker/api/build.py", line 9, in <module>
    from .. import utils
  File "/usr/lib/python2.7/dist-packages/docker/utils/__init__.py", line 2, in <module>
    from .build import tar, exclude_paths
  File "/usr/lib/python2.7/dist-packages/docker/utils/build.py", line 5, in <module>
    from .utils import create_archive
  File "/usr/lib/python2.7/dist-packages/docker/utils/utils.py", line 18, in <module>
    from .. import tls
  File "/usr/lib/python2.7/dist-packages/docker/tls.py", line 5, in <module>
    from .transport import SSLAdapter
  File "/usr/lib/python2.7/dist-packages/docker/transport/__init__.py", line 3, in <module>
    from .ssladapter import SSLAdapter
  File "/usr/lib/python2.7/dist-packages/docker/transport/ssladapter.py", line 21, in <module>
    from backports.ssl_match_hostname import match_hostname
ImportError: No module named backports.ssl_match_hostname

the last line

Code: Select all

 No module named backports.ssl_match_hostname

it's the current culprit I guess, so disregard my previous babbling about the daemon. lurking around the web I found something where they suggest to run

Code: Select all

sudo pip install --upgrade docker

in ubuntu. How can I try the same in BionicPup?

[Semme]

Pup'n Python's a crap shoot!

Consider *carefully* these comments from REAL Python users:

http://www.murga-linux.com/puppy/viewto ... 94#1009794

http://murga-linux.com/puppy/viewtopic. ... 460#960460

http://www.murga-linux.com/puppy/viewto ... 30#1054530

I'm in total agreement BTW.

[mikeslr]

Hi UncleScrooge,

AFAIK, this is the only post suggesting how Docker could be run under Bionicpup64. http://www.murga-linux.com/puppy/viewto ... 29#1046529. But I don't know if anyone has actually done it. By way of comparison, see http://murga-linux.com/puppy/viewtopic. ... 665#903665 under FatDog64.

As the previous post suggest, Docker is just a 'brand' of Containers, which --unless its Devs have kept pace-- may already have been left behind, http://murga-linux.com/puppy/viewtopic. ... 248#852248, and in any event, is --or is equivalent to-- running an application is a chroot environment. http://murga-linux.com/puppy/viewtopic. ... 98#1025598. If that were essential, starting from scratch with EasyOS, FatDog or Void would likely be less time-consuming that trying to get Docker or Containers to work under Bionicpup64.

But there is/are one or two other alternatives for accomplishing the same goal: running an application in a Chroot environment. [My 'number' confusion results from the fact that not having constructed 'either' 'they' may be the same technique or two ways to employ the same technique. Haven't really yet 'gotten my head around' Chroot]. The first is firejail, available via PPM. Seems to be builtin or works OOTB in FatDog. And under Puli –the latest is based on Bionicpup64- AFAIK, Ubuntu’s firejail deb is used OOTB, but included in Puli’s repo for convenience. Puli’s packages –including firejail and web-browsers-- can be found here, https://sourceforge.net/projects/puppys ... /packages/

The ‘second?’ technique is ‘simply’ to build apps in a chroot environment and use them that way. That requires that all necessary structures and libraries be included in the application: tantamount to including almost another operating system. Watchdog built firefox 73 that way. You can download and examine it from here, http://www.murga-linux.com/puppy/viewto ... 62#1050962. [My recollection is that somewhere watchdog mentioned that he used the entire core of an OS and did not try to strip out what may not have been needed]. Similarly, employing Watchdog's technique, Mike Walsh’s 'chrooted' Iron 69 browser includes 900 Mbs of Tahrpup so that it could be run under precise, http://murga-linux.com/puppy/viewtopic. ... 76#1035276.

My experience with watchdog’s firefox under Bionicpup64 is that it runs like a sloth. Sort of to be expected as you are running one operating system to run another operating system to run an app (firefox) which is, itself, a memory hog.

As I’ve mentioned elsewhere, as far as I know the only applications where such extreme security measures may make sense are web-browsers: the Web being the mother of all malware: threats to privacy and security. I would suggest that there is a far more efficient method of accomplishing the same goal.

Both the ‘non-portable’ Google-Chrome, http://www.murga-linux.com/puppy/viewto ... 95#1056295 and AFAIK any version of firefox can be run as spot, honoring spot’s permission restrictions that such application, itself, has no access to any folder other than the spot folder: a hacker can not access any application, file or folder which is not within the spot folder. Downloaded files lack root permissions, and files copied/moved there are ‘stripped’ of their root permissions. To facilitate spot’s use, Mike Walsh published a permission changer, last version available from here, http://www.murga-linux.com/puppy/viewto ... 71#1048371. When installed (it’s builtin to non-portable Chrome) it places a launcher on the taskbar. When activated, the launcher provides a choice of (a) moving a file from /spot/Downloads to /root/Downloads changing its permissions while doing so; and (b) changing the permissions of a file already in /spot/Uploads from root to spot. You can add the folder /spot/uploads to Bionic’s right-click ‘copy-to’ function. But I think from a security viewpoint, permissionchanger’s root-to-spot module can be fairly easily modified to first run an encryption app. That way, files you want to transmit are already encrypted before they are placed in a folder exposed to the internet. Or perhaps another right-click ‘copy-to’ version can be added which runs encryption, changes permissions and then copies to /spot/uploads.

[UncleScrooge]

@ semme & mikesir

gotcha.

I am going to give it a last try and then give up on this, since he scope of my initial project/assignment wasn't supposed to cope with this stuff (OS running a container, which runs an evironment which may load another container... and so on). Plus it's really getting out of hand (and as mikesir likes to say: "well above my paygrade")

now:

1. I have four clones of the same thumbdrive/full BionicPup (customized etc.), so I am not all that worried of screwing up one of those, while fiddling around
2. I do have python 2.7 installed from the Puppy Package Manager
3. I do have docker 19.03.6 installed from the Puppy Package Manager

for the particular issue at hand
according to the links posted by semme

http://www.murga-linux.com/puppy/viewto ... 30#1054530

Once you have a standard Python installed, adding 3rd-party bells and whistles is no harder in Puppy than it is on any other Linux (or for that matter Windows) setup. Puppy makes things harder with its half-assed, incomplete support for Python, but if you start with a standard commercial-grade Python package such as the free ones from ActiveState, you will have no problem adding on 3rd-party packages.

I follwed the link:
https://www.activestate.com/activepython/downloads
and gotten the .tar.gz

do I have to uninstall all the python 2.7 packages beforehand (see point 2 above)?
I think so...

[Semme]

Nope. No uninstalling anything >> Installing ActivePython using the tarball installer

You can have multiple versions onboard and control which is employed through the use of "venv" or "pyenv," whichever the build supports.

It's been a while for me so you'll have to read up on "managing multiple python versions."

[bullpup]

As I’ve mentioned elsewhere, as far as I know the only applications where such extreme security measures may make sense are web-browsers: the Web being the mother of all malware: threats to privacy and security. I would suggest that there is a far more efficient method of accomplishing the same goal.

Firejail perhaps?

[UncleScrooge]

Nope. No uninstalling anything >> Installing ActivePython using the tarball installer

You can have multiple versions onboard and control which is employed through the use of "venv" or "pyenv," whichever the build supports.

It's been a while for me so you'll have to read up on "managing multiple python versions."

sorry to keep pestering

I'm runing into the same prolem/error even after installing ActivePython-2.7

checking:

Code: Select all

root# which python
/opt/ActivePython-2.7/bin/python
root# 

I also installed pip and tried to uninstall/reinstall backports.ssl-match-hostname with pip, nothing. also:

Code: Select all

pip install --upgrade docker

to no avail: still have the "No module named backports.ssl_match_hostname"

Now I noticed that the run.sh script shown above still uses /usr/lib/python2.7 instead of /opt/ActivePython-2.7

Shall I try to install pyenv to manage which python docker will be using? you seem to suggest so in your prvious post

and if so how do I emulate

Code: Select all

sudo apt install curl git-core gcc make zlib1g-dev libbz2-dev libreadline-dev libsqlite3-dev libssl-dev
git clone https://github.com/pyenv/pyenv.git /root/.pyenv

in BionicPup? is it doable at all?

[UncleScrooge]

It's been a while for me so you'll have to read up on "managing multiple python versions."

Anyone has a hint on how to install pyenv in bionicpup64 8.0?

[mikeslr]

Sorry, ignore below written before my second cup of coffee. After remedying that condition and carefully re-reading techrepublic's tutorial It seems like dockerstation makes it 'easy' to use dockers once you have them. But to have them you have to install docker.io and docker-compose. And the latter depends on python. https://ubuntu.pkgs.org/18.04/ubuntu-un ... l.deb.html: a basket full. Read last paragraph for an actual work-around.

Hi UncleScrooge,

As I'm rather fond of saying, "The only thing I know about python is that it bites." So I can't help in choosing between the fang of (a) abandoning the effort or (b) pressing on with an uncertain outcome except to suggest (c) use a snake tong.

By which I mean following semme's sage advice that I overlooked : follow the link he provided on the 2nd post to this thread. The Dockstation AppImage powered right up under Bionicpup64. [Linux-phobes may be happy: Dockstation is cross-platform].

You can find out how to use Dockstation here*, https://www.techrepublic.com/article/ho ... er-builds/. See also links at bottom of that page and by googling.

* That web-pages screenshots seem to have gone missing.

Decompressing either the AppImage or the version 1.5.1 deb from the same location and examining the dockstation binary with Listdd (list-dynamic-dependencies) reveals that none are missing under Bionicpup64. An AppImage is not actually part of your System. If it needs to be, you can decompress it with UExtract, move it to /opt and 'on the path' create a link to its binary. Or install the deb.

I didn't try to set it up. Well, I don't have a project nor a network which others use. Not sure how you use it individually or on a LAN. Starting it seems to want to take you to github or elsewhere. Maybe I'm wrong or maybe you can clone the github application and use "locally".

Edited after 2nd cup of coffee. If I read gjuhasz correctly, Ubuntu's firejail runs OOTB under Puli, which is a modified Bionicpup64. It's likely my principal problem with firejail is my ignorance. A good starting place to overcome that may be here: https://www.linux.com/topic/desktop/loc ... -firejail/

[mikeslr]

Wondering if I spoke too soon, lead me to some experimentation and this post: http://www.murga-linux.com/puppy/viewto ... 29#1061029. Further experimentation and problems lead here: https://github.com/netblue30/firejail/issues/1590. Just having discovered that discussion, I haven't yet got my head-around it, its implication for Puppy and --noting the date of that discussion-- what effect Puppy's recent adoption of FatDog's move of /spot from /root to /home/spot may have. Further considerations will be posted to the above referred to thread on this Forum.

[jplt3]

i succed to run docker in puppy http://murga-linux.com/puppy/viewtopic.php?t=119037