Setting up Docker CE

tested on slackware current (aug 2021)

Overall requirements

XFS or EXT4 is required for OverlayFS2 though XFS has an advantage: you can specify a max file-system size for the container. You need to enable quota for that matter.

mkfs.xfs /dev/nvme0n1p3
vi /etc/fstab

/dev/nvme0n1p3  /docker xfs defaults,noatime,nodiratime,prjquota 0 2

mkdir /docker/
touch /docker/XFS_NOT_MOUNTED
mount /docker/
#rm -rf /var/lib/docker/
ln -s ../../docker /var/lib/docker


    slackpkg search iptables
    slackpkg search git-2
    slackpkg search procps-ng
    slackpkg search xz
    ls -lF /proc/cgroups

    curl >
    chmod +x

grab the latest Docker CE release as binaries

    tar xzf docker-$rel.tgz
ls -lF /usr/local/bin/
    cp -i docker/* /usr/local/bin/

note it is also available on github as release tag.

#git clone

see alternate host install for other systems


make the docker commands available to some user

grep docker /etc/group
grep docker /etc/passwd

groupadd -g 331 docker
usermod -aG docker OPERATOR


we define bridge rather than bridge IP as it sets both gateway and cidr. we want instances to survive daemon down-time and even a host system reboot, hence we enable live-restore. and we’re giving a try to no-new-privileges.

vi /etc/docker/daemon.json # new file

    "bridge":               "br0",
    "data-root":        "/docker",
    "debug":        false,
    "exec-opts": [
    "ip-masq":      false,
    "iptables":     false,
    "ip6tables":        false,
    "live-restore":     true,
    "log-level":        "warn",
    "no-new-privileges":    true,
    "storage-driver":   "overlay2",
    "storage-opts": [

moar options

# "bip": "",
# "dns": [],
# "dns-search": [],
# "hosts": [],
# "ipv6": false,

by default you get an hosts file with instance’s IP only and same resolv.conf as on the host.

Ready to go

enable at boot-time

vi /etc/rc.d/rc.inet1

brctl addbr br0
brctl addif br0 eth1
ifconfig br0 up

vi /etc/rc.d/rc.local


sysctl -w net.ipv4.ip_forward=1
echo starting dockerd
dockerd >> /var/log/dockerd.log 2>&1 &
pgrep -a dockerd

vi /etc/rc.d/rc.local_shutdown

echo -n killing dockerd...
pkill dockerd && echo done || echo FAIL


pgrep -a docker
ls -lF /var/run/docker.sock
brctl show br0


pgrep -a dockerd


xfs prjquota

as user

docker run -d --name devuan --hostname devuan --workdir /root pbraun9/devuan

docker exec -ti devuan /bin/bash

df -h

live restore

we could not validate that running instances come back after a reboot. the best we’ve got is a come back after killing and starting the docker daemon again.


you can now operate your Docker host

as user

newgrp docker
docker images -a
docker ps -a
docker pull pbraun9/devuan
docker pull pbraun9/devuan-svr4

see ops-image and ops


failed to start containerd: exec: "containerd": executable file not found in $PATH

==> add PATH into rc.local



Install Docker Engine from binaries

Post-installation steps for Linux

daemon options


Configure and troubleshoot the Docker daemon

Daemon user namespace options🔗

Set ulimits in container (–ulimit)🔗

Enable IPv6 support

How to run dockerd in the background without logs

Local File logging driver

storage xfs

How to Enable Disk Quotas on an XFS File System

Docker Per-Container Disk Quota on Bind Mounted Volumes

Storage quota per container - overlay2 backed by xfs

Docker Container Size Quota

storage misc

About storage drivers

Docker storage drivers

Use the OverlayFS storage driver

Storage Drivers in Docker: A Deep Dive

Docker Issues and Tips (aufs/overlay/btrfs..)

BTRFS vs OverlayFS

storage advanced

how to clean up docker overlay directory?


Isolate containers with a user namespace

Run the Docker daemon as a non-root user (Rootless mode)

User privileges in Docker containers

Understanding root inside and outside a container

Running Docker Containers as ROOT:

live restore

Keep containers alive during daemon downtime

Copyright © 2022 Pierre-Philipp Braun