This page documents the installation and baseline configuration of Docker Engine on the production server.

Snapshot date: 2026-02
Docker Version: 29.2.1
Environment: Ubuntu 24.04.3 LTS

---

1. Install Dependencies

sudo apt update
sudo apt install -y ca-certificates curl gnupg

---

2. Add Official Docker Repository

Create keyring directory:

sudo install -m 0755 -d /etc/apt/keyrings

Add Docker GPG key:

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | \
sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg

Add Docker repository:

echo \
"deb [arch=$(dpkg --print-architecture) \
signed-by=/etc/apt/keyrings/docker.gpg] \
https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

---

3. Install Docker Engine

sudo apt update
sudo apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

---

4. Verify Installation

Check Docker version:

docker --version

Check daemon status:

sudo systemctl status docker

---

5. Enable Docker at Boot

sudo systemctl enable docker

Verify:

sudo systemctl is-enabled docker

Expected result:

enabled

---

6. Test Docker

Run test container:

sudo docker run hello-world

Expected result:

Docker pulls image and prints confirmation message.

---

7. Minimal Daemon Hardening

Create or edit daemon configuration:

sudo nano /etc/docker/daemon.json

Recommended baseline configuration:

{
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "10m",
    "max-file": "3"
  }
}

Explanation:

• Limits container log size
• Prevents unlimited disk growth
• Keeps containers running during daemon restart

Restart Docker:

sudo systemctl restart docker

---

8. Verify Docker Info

sudo docker info

Important fields to check:

• Server Version
• Storage Driver
• Cgroup Version
• Swarm: inactive (before initialization)