Docker really makes it easier to create, deploy, and run applications by using containers, and containers allow a developer to package up an application with all of the parts it needs, such as libraries and other dependencies, and ship it all out as one package [1].
I would like to share the script vyos-docker-install.sh, which can be used to install Docker on VyOS router. The script is a fork of the script written by Georgi Chompalov.
Your VyOS instance must have an Internet connection before you can actually run the script. The following is an example of such VyOS configuration.
vyos@vyos:~$ configure
[edit]
vyos@vyos# set interfaces ethernet eth0 address '172.17.100.99/24'
vyos@vyos# set protocols static route 0.0.0.0/0 next-hop 172.17.100.1
vyos@vyos# set service ssh listen-address '172.17.100.99'
vyos@vyos# set system name-server '8.8.8.8'
vyos@vyos# commit
vyos@vyos# save
vyos@vyos# exit
Now, open vi editor and copy the content of the script VyOS in to the file vyos-docker-install.sh.
vyos@vyos:~$ sudo su
root@vyos:/home/vyos# vi vyos-docker-install.sh
Assign the script run privilleges.
root@vyos:/home/vyos# chmod +x vyos-docker-install.sh
Run the script vyos-docker-install.sh.
root@vyos:/home/vyos# ./vyos-docker-install.sh
If Docker is installed successfully, you should end up with the message "Docker successfully installed".
1. Docker Testing
To make the test more fun, we will run a docker image running the UrbanTerror game server.
1. VyOS Configuration
Firstly, create a directory /my_server/q3ut4 directory on our yOS docker host machine
vyos@vyos# mkdir -p /my_server/q3ut4
Copy UrT server.cfg config file from existing Urban Terror installation into the directory /my_server/q3ut4 directory.
Finally, run the docker container. It takes a while to download and extract the image.
vyos@vyos# docker run -d --net host -v /my_server/q3ut4:/q3ut4 tomdesinto/urbanterror:4.3.4
1.2 Urban Terror Client Configuration
We will start Urban Terror Client on Debian 10 Linux (IP 172.17.101.7/16).
$ ./Quake3-UrT.x86_64
Enter the game console pressing the key ` and connect to the server (IP address of the eth0 interface of our VyOS instance):
] connect 172.17.100.99:27960
Picture 1 - Urban Terror Client connected to Server Running Within Docker Container on VyOS Instance
TCPdump started on the host where Urban Terror client is running confirms communication on UDP port 27960 between Urban Terror client (172.17.101.7) and server 172.17.100.99 (VyOS).
$ sudo tcpdump -i eth0 host 172.17.100.99 and port 27960 -n
Picture 2 - Communication Between Urban Terror Client and Server
End.
Aloha Radovan,
thanks for this post.
Its really a good idea to have docker on a VyOS router.
Unfortunately I ran into an error.
When I run this script it removes some VyOS packages via the apt installation procedure.
:-)
....
The following packages will be REMOVED:
podman runc vyos-1x vyos-1x-smoketest vyos-1x-vmware vyos-world
The following NEW packages will be installed:
containerd.io docker-ce docker-ce-cli
0 upgraded, 3 newly installed, 6 to remove and 3 not upgraded.
Need to get 94.4 MB of archives.
After this operation, 359 MB of additional disk space will be used.
Get:1 https://download.docker.com/linux/debian buster/stable amd64 containerd.io amd64 1.4.4-1 [28.3 MB]
Get:2 https://download.docker.com/linux/debian buster/stable amd64 docker-ce-cli amd64 5:20.10.6~3-0~debian-buster [41.4 MB]
Get:3 https://download.docker.com/linux/debian buster/stable amd64 docker-ce amd64 5:20.10.6~3-0~debian-buster [24.8 MB]
Fetched 94.4 MB in 2s (46.2 MB/s)
(Reading database ... 63998 files and directories currently installed.)
Removing vyos-1x-smoketest (1.4dev0-678-gb6301bfd) ...
Removing vyos-world (1.3.0+vyos3+equuleus1) ...
Removing vyos-1x-vmware (1.4dev0-678-gb6301bfd) ...
Removing vyos-1x (1.4dev0-678-gb6301bfd) ...
Removing podman (3.0.1+dfsg1-1+b2) ...
Removing runc (1.0.0~rc93+ds1-2+b2) ...
...
Any idea on this?
Thanks and cheers Marcel
Not a bug. Newer VyOS images include podman for running containers, which conflicts with docker. Running docker on VyOS is only compatible with versions prior to the inclusion of podman.