$ sudo service docker start
To avoid having to use
sudowhen you use the
dockercommand, create a Unix group called
dockerand add users to it. When the
dockerdaemon starts, it makes the ownership of the Unix socket read/writable by the
dockergroup is equivalent to the
rootuser; For details on how this impacts security in your system, see Docker Daemon Attack Surface for details.
$ sudo groupadd docker
$ sudo usermod -aG docker your_username
Log out and login again to ensure your user is running with the correct permissions. You can run the unix id command to confirm that you have the docker group privileges. e.g.
$ id -a uid=1000(mbhangui) gid=1000(mbhangui) groups=1000(mbhangui),10(wheel),545(docker) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
Now we need to pull the docker image for IndiMail. use the docker pull command. The values for tag can be fedora-23, centos7, debian8, ubuntu-15.10, ubuntu-14.03. If your favourite OS is missing, let me know. You can find the list of all images here.
$ docker pull cprogrammer/indimail:tag
(for indimail-mta image, execute docker pull cprogrammer/indimail-mta:tag
You can now list the docker image by executing the docker images command.
$ docker images REPOSITORY TAG IMAGE ID CREATED SIZE cprogrammer/indimail fedora-23 a02e6014a67b 53 minutes ago 1.774 GB
Now let us run a container with this image using the image id a02e6014a67b listed above by running the docker run command. The
--privilegedflag gives all capabilities to the container, and it also lifts all the limitations enforced by the
devicecgroup controller. In other words, the container can then do almost everything that the host can do. This flag exists to allow special use-cases, like running Docker within Docker. In our case, I want the systemctl command to work and the container run like a normal host.
$ docker run -d -h indimail.org --privileged a02e6014a67b /sbin/init fd09c7ca75bef86f4f9796afcff79316f36512944a18d066d832a99d8803ce7b
I have now figured out the you don't require the --privileged flag. This flag gives the container access to the host's systemd. A better way is to add SYS_ADMIN capability
$ docker run -ti --cap-add=SYS_ADMIN -e "container-docker" -v /sys/fs/cgroup:/sys/fs/cgroup:ro a02e6014a67b /sbin/initfd09c7ca75bef86f4f9796afcff79316f36512944a18d066d832a99d8803ce7b
The above will start a fully functional Fedora 23 OS with IndiMail, MySQL, sshd, httpd services up and running.
We can list the running container by running the docker ps command
$ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fd09c7ca75be a02e6014a67b "/sbin/init" 38 seconds ago Up 37 seconds desperate_jones
We now have a running container and can attach to it and use it like any functional host. Run the docker exec command. The -ti option attaches a pseudo terminal and makes the session interactive.
$ docker exec -ti fd09c7ca75be /bin/bash --login # # /var/indimail/bin/svstat /service/* /service/fetchmail: down 32 seconds /service/greylist.1999: up (pid 203) 32 seconds /service/indisrvr.4000: up (pid 178) 32 seconds /service/inlookup.infifo: up (pid 192) 32 seconds /service/mysql.3306: up (pid 181) 32 seconds /service/proxy-imapd.4143: up (pid 191) 32 seconds /service/proxy-imapd-ssl.9143: up (pid 188) 32 seconds /service/proxy-pop3d.4110: up (pid 197) 32 seconds /service/proxy-pop3d-ssl.9110: up (pid 179) 32 seconds /service/pwdlookup: up (pid 195) 32 seconds /service/qmail-imapd.143: up (pid 222) 32 seconds /service/qmail-imapd-ssl.993: up (pid 200) 32 seconds /service/qmail-pop3d.110: up (pid 212) 32 seconds /service/qmail-pop3d-ssl.995: up (pid 184) 32 seconds /service/qmail-poppass.106: up (pid 216) 32 seconds /service/qmail-qmqpd.628: down 32 seconds /service/qmail-qmtpd.209: up (pid 153) 32 seconds /service/qmail-send.25: up (pid 182) 32 seconds /service/qmail-smtpd.25: up (pid 187) 32 seconds /service/qmail-smtpd.366: up (pid 208) 32 seconds /service/qmail-smtpd.465: up (pid 194) 32 seconds /service/qmail-smtpd.587: up (pid 196) 32 seconds /service/qmail-spamlog: up (pid 221) 32 seconds /service/qscanq: up (pid 213) 32 seconds /service/udplogger.3000: up (pid 211) 32 seconds
You can stop the container by executing the docker stop command.
$ docker stop fd09c7ca75be
You can make your changes to the container and commit changes by using the docker commit command. Learning how to use docker is not difficult. Just follow the Docker Documentation. If you are lazy like me, just read the Getting Started guide.
I am also a newbie as far as docker is concerned. Do let me know your experience with network settings and other advanced docker topics, that you may be familiar with. Do send few bottles of beer my way if you can.
NOTE: There are few defaults for the indimail docker container image
- root password is passxxx@xxx
- mysql user, password for indimail is indimail, ssh-1.5-
- mysql privileged user, password is mysql, 4-57343-
- password for firstname.lastname@example.org virtual imap/pop3 account is passxxx
- password for email@example.com virtual imap/pop3 account is passxxx