How to Install and Configure Docker on Alibaba Cloud ECS Instance

Posted on 2 January 2022 by Alberto Roura.
alibaba clouddockercontainersecsdevops

If you’re running applications on Alibaba Cloud ECS instances, you probably want to use Docker. It’s the easiest way to package your applications with all their dependencies and run them consistently. Let me show you how to get Docker up and running on your Alibaba Cloud instance.

What You’ll Need

Before we start, make sure you have:

  • An Alibaba Cloud ECS instance (Ubuntu, CentOS, or Alibaba Cloud Linux work great)
  • Root or sudo access
  • SSH access to the instance

Getting Docker Installed

Ubuntu/Debian Setup

If you’re on Ubuntu or Debian, here’s the clean way to install Docker:

# First, update your package list
sudo apt-get update

# Install some prerequisites
sudo apt-get install -y \
    ca-certificates \
    curl \
    gnupg \
    lsb-release

# Add Docker's official GPG key
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg

# Add the Docker repository
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

# Install Docker Engine and related tools
sudo apt-get update
sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin

# Check that it's working
sudo docker --version

CentOS/RHEL Installation

For CentOS or RHEL systems:

# Install some utilities
sudo yum install -y yum-utils

# Add the Docker repository
sudo yum-config-manager \
    --add-repo \
    https://download.docker.com/linux/centos/docker-ce.repo

# Install Docker
sudo yum install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin

# Start and enable the service
sudo systemctl start docker
sudo systemctl enable docker

# Verify it works
sudo docker --version

Alibaba Cloud Linux

If you’re using Alibaba Cloud’s own Linux distribution:

# Simple yum install
sudo yum install -y docker

# Start and enable
sudo systemctl start docker
sudo systemctl enable docker

# Check version
sudo docker --version

The Quick Way (Convenience Script)

If you want to get up and running fast without worrying about repositories:

# Download and run the convenience script
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh

# Start Docker
sudo systemctl start docker
sudo systemctl enable docker

Setting Things Up After Installation

Let Users Run Docker Without Sudo

By default, Docker requires root privileges. To make life easier:

# Add your user to the docker group
sudo usermod -aG docker $USER

# Apply the changes (or log out and back in)
newgrp docker

# Test that it works without sudo
docker run hello-world

Optimize Docker for China

If you’re in China, Docker image downloads can be slow. Let’s fix that by adding some local mirrors:

# Edit the Docker daemon configuration
sudo nano /etc/docker/daemon.json

Add this configuration:

{
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "10m",
    "max-file": "3"
  },
  "registry-mirrors": [
    "https://registry.cn-hangzhou.aliyuncs.com",
    "https://dockerhub.azk8s.cn",
    "https://reg-mirror.qiniu.com"
  ]
}

Restart Docker to apply:

sudo systemctl daemon-reload
sudo systemctl restart docker

Your First Docker Commands

Now that Docker is installed, let’s play with it:

# Download an image
docker pull nginx:latest

# Run a web server
docker run -d -p 80:80 --name my-web-server nginx:latest

# See what's running
docker ps

# Check the logs
docker logs my-web-server

# Stop it
docker stop my-web-server

# Clean up
docker rm my-web-server

Building Your Own Images

Want to create custom containers? Here’s a simple example:

# Create a Dockerfile
cat > Dockerfile <<EOF
FROM ubuntu:20.04
RUN apt-get update && apt-get install -y nginx
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]
EOF

# Build your image
docker build -t my-custom-nginx:latest .

# Run it
docker run -d -p 8080:80 my-custom-nginx:latest

Running Multi-Container Apps with Compose

For more complex applications, Docker Compose is your friend:

# Install Compose if needed
sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose

# Create a compose file
cat > docker-compose.yml <<EOF
version: '3.8'
services:
  web:
    image: nginx:latest
    ports:
      - "80:80"
    volumes:
      - ./html:/usr/share/nginx/html
  db:
    image: mysql:8.0
    environment:
      MYSQL_ROOT_PASSWORD: my-secret-password
EOF

# Start everything
docker-compose up -d

Security Tips

Don’t Run Everything as Root

# Create a dedicated Docker user
sudo useradd -m -s /bin/bash dockeruser
sudo usermod -aG docker dockeruser

Limit Container Resources

# Run containers with limits
docker run -d \
  --memory="512m" \
  --cpus="1.0" \
  --name safe-container \
  nginx:latest

Enable Content Trust

# Verify image signatures
export DOCKER_CONTENT_TRUST=1

Keeping Docker Healthy

Monitor Your Setup

# Check system usage
docker system df

# View detailed usage
docker system df -v

# Watch system events
docker events

Clean Up Regularly

# Remove unused stuff
docker system prune

# Be more aggressive
docker system prune -a --volumes

# Target specific cleanup
docker image prune
docker container prune
docker volume prune

Monitor Container Performance

# Live stats
docker stats

# Detailed inspection
docker inspect container-name

# Process list
docker top container-name

Working with Alibaba Cloud Services

Container Registry Integration

# Login to ACR
docker login --username=your-username registry.cn-hangzhou.aliyuncs.com

# Tag and push
docker tag my-app:latest registry.cn-hangzhou.aliyuncs.com/my-namespace/my-app:latest
docker push registry.cn-hangzhou.aliyuncs.com/my-namespace/my-app:latest

Kubernetes Integration

If you’re using ACK (Alibaba Cloud Container Service for Kubernetes), Docker is already set up on the worker nodes. Just deploy your containers like you normally would.

When Things Go Wrong

Docker Won’t Start

# Check status
sudo systemctl status docker

# Try starting it
sudo systemctl start docker

Permission Problems

# Make sure you're in the docker group
sudo usermod -aG docker $USER
newgrp docker

Storage Issues

# Check what storage driver you're using
docker info | grep Storage

# Clean restart if needed
sudo systemctl stop docker
sudo rm -rf /var/lib/docker
sudo systemctl start docker

Conclusion

Getting Docker running on Alibaba Cloud ECS is pretty straightforward once you know the steps. The China-specific optimizations make a big difference in performance, and the integration with Alibaba Cloud’s container registry and Kubernetes service makes it a seamless experience.

Start with the basics, play around with some containers, and before you know it, you’ll be building and deploying containerized applications like a pro. Docker opens up a whole world of application packaging and deployment possibilities on your Alibaba Cloud infrastructure.

✉️ Contact

Ready to take the next step? Don't wait any longer! If you're interested in learning more about Guztia products and services, or if you have any questions or concerns, book a meeting today.

Book a Meeting

Our team of experts is standing by, ready to assist you with anything you need. Book a Meeting, and Guztia will take care of the rest.