First steps in docker

First steps in docker

If you don’t know anything about docker then search the internet for information, there is a lot of information, generally complex and sometimes difficult to understand. Perhaps if you like philosophy and logic you have a better chance of understanding the concepts related to docker. You can start here https://docs.linuxserver.io/. Every docker application (image) thinks it is alone in the universe, without access to our home network, without access to CoreELEC storage space, and without access to hardware. For this reason the startup parameters of the docker (container) application are very important.

To start with CoreELEC docker I recommend that you first install the following add-ons:

  • LinuxServer.io’s Docker Add-ons Repository
  • Docker
  • Docker Image Updater (LinuxServer.io)
  • Portainer (LinuxServer.io)
  • no more add-ons related to docker because some have errors and do not do what is expected of them

Warnings:

  • A docker container (= application) is a docker image added to the execution parameters. I recommend that all containers that need access to storage use the following convention:
Virtual Storage -> Real CoreELEC Storage
/storage        -> /storage
/media          -> /media
/config         -> /storage/.config/dockers/<app_name>/config
  (in my CoreELEC /storage/dockers link to /storage/.config/dockers)
  • The main docker image repository is hub.docker.com and the main source of container creation/execution information. Remember to filter the docker images for ‘arm’ processors. Obviously the others will not work :rofl:

  • Take a little time to understand how Portainer works (http://COREELEC_IP:9000), you will see that it is very useful. For example, you will see that a network has appeared, named ‘bridge’ 172.17.0.0/16 to which the running docker applications are added. All docker applications see the domain ‘bridge’ but do not see others (for example, 192.168.xx.xx / 24) and each docker application has a unique IP address.

  • The --privileged parameter is needed to access the hardware (example: internal or USB tuners). I always use the --restart unless-stopped parameter for obvious reasons. The --net=host parameter allow access to network interfaces of CoreELEC.

Examples of container creation/execution commands:

tvheadend

docker create \
   --name=tvheadend \
   -e PUID=1000 \
   -e PGID=1000 \
   -e TZ=Europe/Amsterdam \
   -e RUN_OPTS="--satip_xml http://10.10.10.19:9999/desc.xml" \
   --net=host \
   -v /storage/dockers/tvheadend/config:/config \
   -v /storage/dockers/tvheadend/recordings:/recordings \
   -v /storage/dockers/tvheadend/picons:/picons \
   -v /storage:/storage \
   -v /media:/media \
   --restart unless-stopped \
   --privileged \
   linuxserver/tvheadend

Note.- Here tvheadend uses the --net=host parameter so that it has access to the home network and can use IPTV sources. In this case it is not necessary to publish ports. It also includes a -e RUN_OPTS parameter to access a remote SATIP tuner at another point on the planet via zerotier.

oscam

 docker create \
   --name=oscam \
   -e PUID=0 \
   -e PGID=0 \
   -e TZ=Europe/Amsterdam \
   --net=host \
   -v /storage/dockers/oscam:/config \
   --restart unless-stopped \
   linuxserver/oscam

syncthing

docker create \
  --name=syncthing \
  -e PUID=0 \
  -e PGID=0 \
  -e TZ=Europe/Amsterdam \
  -e UMASK_SET=022 \
  -p 8384:8384 \
  -p 22000:22000 \
  -p 21027:21027/udp \
  -v /storage/dockers/syncthing/config:/config \
  -v /storage:/storage \
  -v /media:/media \
  --restart unless-stopped \
  linuxserver/syncthing

minisatip

docker create \
   --name=minisatip \
   -e PUID=0 \
   -e PGID=0 \
   -e TZ=Europe/Amsterdam \
   -e RUN_OPTS="" \
   -p 8875:8875 \
   -p 554:554 \
   -p 1900:1900/udp \
   -v /storage/dockers/minisatip/config:/config \
   --restart unless-stopped \
   --privileged \
   linuxserver/minisatip

zerotier-one

docker run \
    --name zerotier-one \
    --device=/dev/net/tun \
    --net=host \
    --cap-add=NET_ADMIN \
    --cap-add=SYS_ADMIN \
    --cap-add=SYS_RAWIO \
    -v /storage/dockers/zerotier-one:/var/lib/zerotier-one \
    --restart unless-stopped \
    --privileged \
    -d bltavares/zerotier

If you have used zerotier you will know the zerotier-cli command. An easy way to run this command is with Portainer. Go to the zerotier-one container and click “Console”, from there you can already use the command. Example: zerotier-cli join 34b6234ad

PS.- When you find scripts that automate the task of installing applications on the internet, check them out, I have seen some cases in which obsolete versions (zerotier-one, syncthing, …) are installed without the possibility of updating, it seems that the experts want the others learn, but little and for a very short time. Always use reliable repositories.

10 Likes

Nice.

I’m sure that this simplification will further expand the use and appeal of CE.

Nice.

Trying to get a pleroma-server(& soapbox) going, however not having much luck when trying something like this through portainer.

I found another alternative, however this does depends on installing docker-compose, which in turn needs dependencies such as; " For alpine , the following dependency packages are needed: py-pip , python-dev , libffi-dev , openssl-dev , gcc , libc-dev , and make .".

Would very much appreciate some pointers. It would be really great to harness the N2’s capabilities.

1 Like

I have wasted a few minutes looking for information about pleroma. I have only found a single arm version for docker, pulpox / pleroma, no information about how to install and 28 docker image downloads, that is, almost nothing.

However the documentation about pleroma describes the installation under the Alpine Linux operating system. Alpine Linux for docker is highly documented and well updated.

Have you tried installing Alpine Linux first and then installing pleroma from within Alpine Linux?

1 Like

Oh man… “ofc”, that would probably be so much easier as I’m point and click-challenged. Thanks.

Hm, alpine seems ideal. If I can get the rc-service and nothing else in relation to being in docker shows up, I got a proper linux to work with!

Alas;

After I start a alpine-container and work through the install, I come to the point of:
rc-service postgresql restart
* WARNING: postgresql is already starting
Which is a no go, however after some digging I found this.

But how do I utilize one of those commands?
Since I can’t seem to combine it with: docker run -it alpine /bin/sh

1 Like

You do not explain how you launched the Alpine container. I am not an expert but I ask: did you access the CoreELEC network interfaces (–net=host) to the Alpine container?

PS.- It may not be a good idea to assign CoreELEC network interfaces to Alpine. Instead of this I would make sure, with the help of ‘portainer’, that ‘alpine’ is simply joined to ‘bridge’ (172.17.0.0/16) interface.

1 Like

Yep. I put it on the bridge. Potentially big risk.

However, I just got so ticked off I raked the net after the most cost-effective VPS I could find. After all, on the one hand, why have whole distro in a container, when you just can’t launch a service? I’m sure there are variants alpine with openrc and other small systems systemctl etc are on the menu per default.

On the other hand, it’s instances we are really talking about, so one container for database, one for webhosting and so forth. All in all, I’m glad I got ticked of because of this, I needed the VPS anyhow and it simplifies some things with and together with zero-tier, vpn’s etc.

Thanks for this and turning my eyes toward portainer!!

1 Like

chown: changing ownership of ‘/app/rec’: Operation not permitted

-v /media/sdcard/recordings:/app/rec:rw
–privileged \

If I change this to a say

-v /storage/dockings/recordings:/app/rec:rw
–privileged \

It works. Is there another way to allow access to my external storage?

edit: Fixed this. I formatted the drive to EXT4, gave it a label, and now use

/var/media/External/recordings:/app/rec:rw \

You answer to me but I don’t know what you are talking about, or what container / image. If something doesn’t work for you, try other things. So that a container can access the external storage I always try the following parameter:

-v /media:/media

or

-v /media:/mnt

this will work or not depending on the container, sometimes you have to enter the container with the help of the portainer and see the internal directories that can be candidates for mounting the external storage.

I fixed it. Edited above.

Portainer is showing only 2 cores

Hostname CoreELEC-X96
OS Information linux aarch64 CoreELEC (official): 9.2.7
Kernel Version 4.9.113
Total CPU 2
Total memory 4 GB

Can this be increased to 3 or 4?

Very helpful thread for those beginners (like me :wink: ) that want to explore docker.
Thanks very much for the information, appreciated!

Would you be so kind to share your working / running Docker-compose file / stack? I am trying to get Pleroma + Soapbox going too!

Hi,
I have Docker, Portainer and watchover running fine on my CoreElec device. And today I tried to install RoonBridge, using this command: docker run --name RoonBridge --net=host -d -v /home/roon:/var/roon dubodubonduponey/roon-bridge:latest

It downloaded, intstalled, but not running. In Portainer it’s marked blue instead of green and says “created”. So it’s there but not running. And there’s following error:

docker: Error response from daemon: error while creating mount source path ‘/home/roon’: mkdir /home: read-only file system.

Can anyone help me fix this please?

Read this topic again from the beginning and you will see that here is recommended to replace the /home directory with /storage/.config/dockers

OK, I’ll try delete the container and set it up again with modified command. Will let you know how it went.

This is the log:

00:00:00.015 Warn: get lock file path: /tmp/.rnbgem0-

00:00:00.367 Trace: [childprocess] using unix child process

Initializing

00:00:00.557 Info: Starting /boot/bin/RoonBridge/Bridge/RoonBridgeHelper

00:00:00.594 Info: ConnectOrStartAndWaitForExit RAATServer, path: /boot/bin/RoonBridge/Bridge/RAATServer

Not Running (.o)

00:00:00.034 Warn: get lock file path: /tmp/.rnbhgem0-

Running

Hello guys! I habe successfully configured docker and portainer on CoreELEC 19.3 . Unfortunately I have to SSH to device after every restart and enter the command systemctl restart service.system.docker to make the containers and portainer run… Can you tell me how to change that so it would run automatically?

systemctl enable service.system.docker ?

1 Like