Install and Use Docker on Ubuntu 24 – Step-by-Step Hosting Setup
Docker has transformed the way developers deploy and manage their applications by encapsulating them into compact, portable units that operate uniformly across diverse environments. Ubuntu 24 provides robust Docker support right from the start, establishing it as the preferred platform for hosting configurations that require scalability and isolation. This guide will instruct you on the installation of Docker on Ubuntu 24, its optimal configuration for hosting, and the deployment of real-world applications while steering clear of common pitfalls that could lead to complications later.
<h2>Understanding Docker on Ubuntu 24</h2>
<p>Docker employs a client-server architecture where the Docker daemon oversees containers, images, networks, and volumes. On Ubuntu 24, Docker utilises the kernel’s cgroup and namespace functionalities to generate isolated environments without the demands of full virtualisation. Unlike conventional VMs that virtualise hardware, Docker containers utilise the host operating system's kernel, leading to extremely efficient resource usage.</p>
<p>The containerisation technique works by layering filesystem modifications atop base images. When a container is initiated, Docker constructs a slim writable layer over the read-only image layers, permitting several containers to share shared base layers while ensuring independence. This method decreases storage needs and drastically improves container startup speeds.</p>
<table>
<tbody>
<tr>
<th>Feature</th>
<th>Docker Containers</th>
<th>Traditional VMs</th>
<th>LXC Containers</th>
</tr>
<tr>
<td>Resource Overhead</td>
<td>Low (10-50MB)</td>
<td>High (512MB-2GB)</td>
<td>Low (20-100MB)</td>
</tr>
<tr>
<td>Startup Time</td>
<td>1-3 seconds</td>
<td>30-60 seconds</td>
<td>2-5 seconds</td>
</tr>
<tr>
<td>Isolation Level</td>
<td>Process-level</td>
<td>Hardware-level</td>
<td>OS-level</td>
</tr>
<tr>
<td>Portability</td>
<td>Excellent</td>
<td>Limited</td>
<td>Good</td>
</tr>
</tbody>
</table>
<h2>Guide to Installing Docker on Ubuntu 24</h2>
<p>Begin by updating your system and removing any packages that may conflict with the official Docker installation:</p>
<pre><code>sudo apt updatesudo apt upgrade -y
sudo apt remove docker docker-engine docker.io containerd runc
Next, install the requisite dependencies for integrating Docker’s official repository:
sudo apt install -y \
ca-certificates \
curl \
gnupg \
lsb-release \
software-properties-common
Add Docker’s official GPG key and repository:
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
Install Docker Engine, CLI, and containerd:
sudo apt update
sudo apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
Ensure Docker starts automatically at boot and initiate the service:
sudo systemctl enable docker
sudo systemctl start docker
sudo systemctl status docker
Add your user account to the Docker group to run Docker commands without needing sudo:
sudo usermod -aG docker $USER
newgrp docker
Confirm the installation by executing the hello-world container:
docker run hello-world
<h2>Key Docker Configurations for Hosting</h2>
<p>For hosting in production environments, it’s vital to configure Docker with settings that enhance both performance and security. Create a daemon configuration file:</p>
<pre><code>sudo mkdir -p /etc/dockersudo tee /etc/docker/daemon.json > /dev/null <
Restart Docker to apply the new configuration:
sudo systemctl restart docker
Set UFW firewall rules compatible with Docker:
sudo ufw --force enable
sudo ufw allow ssh
sudo ufw allow 2376/tcp
sudo ufw allow 2377/tcp
sudo ufw allow 7946/tcp
sudo ufw allow 7946/udp
sudo ufw allow 4789/udp
<h2>Deploying Real-World Hosting Examples</h2>
<p>Let's set up a complete web application stack using Docker Compose. Create a project directory along with the compose file:</p>
<pre><code>mkdir ~/docker-hosting-democd ~/docker-hosting-demo
Generate a docker-compose.yml file for a WordPress site, with MySQL and Nginx configured as a reverse proxy:
version: '3.8'
services:
nginx:
image: nginx:alpine
ports:
- "80:80"
- "443:443"
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf:ro
- ./ssl:/etc/nginx/ssl:ro
depends_on:
- wordpress
restart: unless-stopped
wordpress:
image: wordpress:latest
environment:
WORDPRESS_DB_HOST: db:3306
WORDPRESS_DB_USER: wpuser
WORDPRESS_DB_PASSWORD: secure_password_123
WORDPRESS_DB_NAME: wordpress
volumes:
- wordpress_data:/var/www/html
depends_on:
- db
restart: unless-stopped
db:
image: mysql:8.0
environment:
MYSQL_DATABASE: wordpress
MYSQL_USER: wpuser
MYSQL_PASSWORD: secure_password_123
MYSQL_ROOT_PASSWORD: root_password_456
volumes:
- db_data:/var/lib/mysql
restart: unless-stopped
volumes:
wordpress_data:
db_data:
Create a simple Nginx configuration:
cat > nginx.conf << 'EOF' events { worker_connections 1024; }http { upstream wordpress { server wordpress:80; }
server { listen 80; server_name your-domain.com; location / { proxy_pass http://wordpress; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }}
EOF
Deploy the application stack:
docker compose up -dMonitor the deployment process:
docker compose ps docker compose logs -f<h2>Optimising Performance and Monitoring</h2> <p>Docker on Ubuntu 24 delivers outstanding performance when configured appropriately. Below are key performance metrics and potential optimisations:</p> <table> <tbody> <tr> <th>Configuration</th> <th>Default Performance</th> <th>Optimised Performance</th> <th>Improvement</th> </tr> <tr> <td>Container Startup</td> <td>2-3 seconds</td> <td>0.5-1 second</td> <td>Speed up of 60-75%</td> </tr> <tr> <td>Image Pull Speed</td> <td>50-100 MB/s</td> <td>200-500 MB/s</td> <td>4-5 times faster</td> </tr> <tr> <td>Memory Usage</td> <td>100-200MB overhead</td> <td>50-75MB overhead</td> <td>50% reduction</td> </tr> <tr> <td>I/O Performance</td> <td>80% of native</td> <td>95% of native</td> <td>Improvement of 18%</td> </tr> </tbody> </table> <p>Deploy monitoring tools for Docker:</p> <pre><code>docker run -d \–name=cadvisor \
–restart=unless-stopped \
–volume=/:/rootfs:ro \
–volume=/var/run:/var/run:ro \
–volume=/sys:/sys:ro \
–volume=/var/lib/docker/:/var/lib/docker:ro \
–volume=/dev/disk/:/dev/disk:ro \
–publish=8080:8080 \
–detach=true \
gcr.io/cadvisor/cadvisor:latest
Establish system limits for container resources:
docker run -d \ --name nginx-limited \ --memory="512m" \ --cpus="1.0" \ --restart=unless-stopped \ nginx:alpine<h2>Handling Common Issues and Troubleshooting</h2> <p>When working with Docker installations, you may encounter various common challenges. Here’s how to address the most frequent issues:</p> <p><strong>Permission Denied Error:</strong> If you encounter permission errors while executing Docker commands, ensure your user is included in the Docker group:</p> <pre><code>groups $USERsudo usermod -aG docker $USER
logoutLog back in
Docker Daemon Not Starting: Check the status and logs of the daemon:
sudo systemctl status docker sudo journalctl -u docker.service -fStorage Space Problems: Clear up unneeded Docker resources:
docker system df docker system prune -a docker volume prune docker image prune -aNetwork Connectivity Issues: Reset Docker’s network settings:
sudo systemctl stop docker sudo ip link delete docker0 sudo systemctl start dockerContainer Memory Limits: Track and modify container resource usage:
docker stats docker update --memory="1g" --cpus="2.0" container_name<h2>Best Practices for Production Hosting</h2> <p>When operating Docker in production settings, adhere to these essential recommendations:</p> <ul> <li>Always utilise specific image tags rather than ‘latest’ for consistent deployments.</li> <li>Incorporate health checks within your Dockerfiles and compose files.</li> <li>Implement multi-stage builds to decrease image sizes and minimise potential vulnerabilities.</li> <li>Set resource constraints (CPU, memory, disk I/O) for all containers.</li> <li>Arrange log rotation to prevent disk space issues.</li> <li>Utilise secrets management instead of environment variables for confidential data.</li> <li>Periodically update base images and scan for vulnerabilities.</li> <li>Establish suitable backup mechanisms for persistent volumes.</li> </ul> <p>Here is an example of a production-optimised Dockerfile:</p> <pre><code>FROM de:18-alpine AS builderWORKDIR /app
COPY package*.json ./
RUN npm ci –only=productionFROM de:18-alpine AS runtime
RUN addgroup -g 1001 -S dejs && \
adduser -S nextjs -u 1001
WORKDIR /app
COPY –from=builder –chown=nextjs:dejs /app/de_modules ./de_modules
COPY –chown=nextjs:dejs . .
USER nextjs
EXPOSE 3000
HEALTHCHECK –interval=30s –timeout=3s –start-period=5s –retries=3 \
CMD curl -f http://localhost:3000/health || exit 1
CMD [“npm”, “start”]
Utilise automated container updates via Watchtower:
docker run -d \ --name watchtower \ --restart=unless-stopped \ -v /var/run/docker.sock:/var/run/docker.sock \ containrrr/watchtower \ --schedule "0 0 4 * * *" \ --cleanup<h2>Fortifying Security for Docker Hosting</h2> <p>Security must be a fundamental focus in any hosting environment. Enhance Docker with the following security measures:</p> <p>Activate Docker Content Trust for image verification:</p> <pre><code>export DOCKER_CONTENT_TRUST=1echo ‘export DOCKER_CONTENT_TRUST=1’ >> ~/.bashrc
Create a custom AppArmor profile for added security in containers:
sudo tee /etc/apparmor.d/docker-custom << 'EOF' profile docker-custom flags=(attach_disconnected,mediate_deleted) { network, capability, file, umount, deny @{PROC}/* w, deny @{PROC}/sys/kernel/{?,??} w, deny @{PROC}/sys/kernel/shm* w, deny @{PROC}/sysrq-trigger rwklx, deny @{PROC}/mem rwklx, deny @{PROC}/kmem rwklx, } EOFsudo apparmor_parser -r /etc/apparmor.d/docker-custom
Run containers using the custom security profile:
docker run --security-opt apparmor=docker-custom \ --user 1000:1000 \ --read-only \ --tmpfs /tmp \ nginx:alpine<p>Docker on Ubuntu 24 provides a solid basis for contemporary hosting environments. The combination of the stability of Ubuntu and Docker’s containerization capabilities offers an ideal platform for scalable applications. Always monitor your containers actively, keep images up to date, and adhere to security best practices to ensure a dependable hosting infrastructure. For more information, see the <a href="https://docs.docker.com/engine/install/ubuntu/" target="_blank" rel="follow opener">official Docker installation documentation</a> and the <a href="https://docs.docker.com/compose/" target="_blank" rel="follow opener">Docker Compose reference</a>.</p> <hr/> <img src="https://Digitalberg.net/blog/wp-content/themes/defaults/img/register.jpg" alt=""/> <hr/> <p><em class="after">This article includes information and material from various online sources. We acknowledge and appreciate the efforts of all original authors, publishers, and websites. While every effort has been made to properly attribute the source material, any unintentional oversight or omission does not amount to copyright infringement. All trademarks, logos, and images mentioned are the property of their respective owners. If you believe that any content used in this article infringes your copyright, please contact us promptly for review and prompt action.</em></p> <p><em class="after">This article is for informational and educational purposes and does not violate copyright owners' rights. If any copyrighted material has been used without proper credit or in violation of copyright laws, this is unintentional, and we will correct it as soon as notified. Please note that the republishing, redistribution, or reproduction of part or all of the contents in any form is strictly prohibited without express written consent from the author and website owner. For permissions or further inquiries, please contact us.</em></p>
