Moving docker to SD card on Firewalla Purple

Comments

15 comments

  • Avatar
    Michael Bierman

    Why not update the yaml file? 

    0
    Comment actions Permalink
  • Avatar
    David Koppenhofer

    Hi Michael,

    I don't understand what you mean. Update my docker-compose.yml files to make those apps use the SD card? I wasn't aware that was an option.

    I'm hardly a docker expert; everything I know, I've learned in the past few weeks. When I searched for information about using something other than /var/lib/docker, I found info about changing the service itself, or using the /etc/docker/daemon.json file.

    Also, I may not always use docker-compose, and would like those components to use the external location as well.

    0
    Comment actions Permalink
  • Avatar
    Michael Bierman

    If you look at this example,

    https://github.com/mbierman/homebridge-installer/blob/main/docker-compose.yaml

    The part under `volumes`. The left side would be out mount point /mnt/docker or whatever leaving the right side of the statement alone. This permanently tells this is your config and assuming the SD card is mounted, docker will use that file system.

     

    if you are using command line and not yaml, then adjust the “-v” parameter in the same way. https://docs.portainer.io/v/ce-2.11/start/install/server/docker/linux

    0
    Comment actions Permalink
  • Avatar
    David Koppenhofer

    I _do_ like the idea of explicitly specifying where the volumes are.

    My question is whether containers (and images) would go on the SD card with this method. The issue I was facing is that my partition was running out of space because of image sizes, though moving the user data volumes off the internal partition to the card would help the issue to some extent.

    0
    Comment actions Permalink
  • Avatar
    Michael Bierman

    What I suggested puts the all of the data for the docker image where you specify. So it does address disk space to an extent. Using: 

    sudo docker info

    You can find where containers and images are stored. The default on Ubuntu is: /var/lib/docker

    I have been able to install two large docker images on Purple by just setting the volumes as I described above so I have not needed to do it, but you can relocate the docker root: 

    https://www.ibm.com/docs/en/z-logdata-analytics/5.1.0?topic=compose-relocating-docker-root-directory

    another good reference: https://www.freecodecamp.org/news/where-are-docker-images-stored-docker-container-paths-explained/

    Also, be sure to read up and use docker prune appropriately. 

    0
    Comment actions Permalink
  • Avatar
    Michael Bierman

    I just thought about it and I suppose if you do it right, you could link /mnt/docker to /var/lib/docker be sure to move anything you have in /var/lib/docker first. Something like: 

    1. stop all docker images and docker itself. 
    2. cp everything in /var/lib/docker to /mnt/docker 
    3. remove /var/lib/docker
    4. then create a link from /mnt/docker to /var/lib/docker

    If you do this, I would put the volumes of your containers in like, /mnt/docker_images or something different than /mnt/docker. I think you want them separated. 

    I have not tried this so do it at your own risk. :) 

    0
    Comment actions Permalink
  • Avatar
    David Koppenhofer

    That IBM article is what I ended up doing. The HomeAssisstant image alone is 1.2 gigs. Portainer isn't nearly as large, but it obviously takes up space, too. Since I hadn't relocated the volumes I had made (including a Webthings volume), that 2 gig was getting mighty full.

    Everything I read about moving the docker stuff out of /var/lib/docker recommended against doing it via a link, though that would have been easier for me to grasp. 😏

    I'll definitely keep those docker prune commands handy. I played with them while trying to minimize /var/lib/docker usage, and running them from time to time will help keep things heathy.

    Thanks for your help and feedback. The Firewalla community is pretty awesome.

    0
    Comment actions Permalink
  • Avatar
    Michael Bierman

    Hi David, 

    I put this together based on your excellent work. Thought I'd share. 

    #!/bin/bash 
    if [ -z "$(mount | grep mnt )" ] ; then
            sudo mount /dev/mmcblk1p1 /mnt
            sudo chown 1000:1000 /mnt
    else
            echo "/mnt is already mounted..."
    fi

    if [ -z $(grep foo /etc/docker/daemon.json) ] ; then
            echo -e '{\n"data-root": "/mnt/docker"\n}' > /etc/docker/daemon.json
            sudo systemctl restart docker
    else
            echo "modified docker location already set"
    fi 
    0
    Comment actions Permalink
  • Avatar
    David Koppenhofer

    What little bash knowledge I had, it was rusty, so thank you for that updated script.

    One issue is that the pi user can't write to /etc/docker, so I had to update that line with
    sudo bash -c "echo -e '{\n\"data-root\": \"/mnt/docker\"\n}' > /etc/docker/daemon.json"

    Now, to figure out how to write a script to show ports on the host which were opened via a container (in host networking mode, in my case).

    0
    Comment actions Permalink
  • Avatar
    Michael Bierman

    I think 

     

    sudo echo -e '{\n"data-root": "/mnt/docker"\n}' > /etc/docker/daemon.json

    should work.

    0
    Comment actions Permalink
  • Avatar
    David Koppenhofer

    That's the first thing I tried, and got permission denied. I'm guessing the sudo doesn't pass through to the output redirection.

    I made a few tweaks to the conditionals of the script. Using findmnt to determine if the filesystem is mounted, and bash testing to see if the file exists.

    #!/bin/bash
    if [ -z "$(findmnt -n /mnt)" ] ; then
    sudo mount /dev/mmcblk1p1 /mnt
    sudo chown 1000:1000 /mnt
    else
    echo "/mnt is already mounted..."
    fi


    if [[ ! -f /etc/docker/daemon.json ]] ; then
    sudo bash -c "echo -e '{\n\"data-root\": \"/mnt/docker\"\n}' > /etc/docker/daemon.json"
    sudo systemctl restart docker
    else
    echo "modified docker location already set"
    fi
    0
    Comment actions Permalink
  • Avatar
    Steve

    When I try to save to I get permission denied. Any Idea why that is happening? Also the default setting is only Root has RW access to the card. Did you make any changes to include pi as well?

     

     

    0
    Comment actions Permalink
  • Avatar
    David Koppenhofer

    @steve, what are you trying to save when getting that error? The sdcard_docker.sh script?

    0
    Comment actions Permalink
  • Avatar
    Steve

    @David, Thanks for your help. Yes, It was the startup script. I did not create that folder, Once that was done I was able to save. Thanks!

    0
    Comment actions Permalink
  • Avatar
    David Koppenhofer

    @Steve, BTW, I updated the OP to include the mkdir.

    0
    Comment actions Permalink

Please sign in to leave a comment.