Skip to content

Instantly share code, notes, and snippets.

@tikg

tikg/sre-setup.md

Created October 25, 2025 10:57
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save tikg/de0130d38ba1209e7e2c16484e281391 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save tikg/de0130d38ba1209e7e2c16484e281391 to your computer and use it in GitHub Desktop.
Download ZIP
Setting up my SRE environment
Raw
sre-setup.md

Setting up my SRE environment

Install the following

  • Docker
  • Colima (Linux/Mac)
  • Nginx
  • Kubernetes
  • Ansible / Chef
  • Terraform
  • Ruby on Rails
  • Springboot
@tikg
Copy link
Author

tikg commented Oct 25, 2025

Linux Ubuntu 24.04 LTS

tik@tik-1tb:~$ sudo apt update
Hit:1 http://security.ubuntu.com/ubuntu noble-security InRelease
Hit:2 http://jp.archive.ubuntu.com/ubuntu noble InRelease     
Hit:3 http://jp.archive.ubuntu.com/ubuntu noble-updates InRelease
Hit:4 http://jp.archive.ubuntu.com/ubuntu noble-backports InRelease
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
73 packages can be upgraded. Run 'apt list --upgradable' to see them.
tik@tik-1tb:~$ 
tik@tik-1tb:~$ 
tik@tik-1tb:~$ modprobe kvm
tik@tik-1tb:~$ kvm-ok
Command 'kvm-ok' not found, but can be installed with:
sudo apt install cpu-checker
tik@tik-1tb:~$ sudo su -
root@tik-1tb:~# apt install cpu-checker
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)      
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)      
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)      
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)      
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)      
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)      
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)      
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)      
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)      
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)      
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Waiting for cache lock: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7262 (aptd)       
Reading package lists... Done                                                                            
Building dependency tree... Done
Reading state information... Done
The following package was automatically installed and is no longer required:
  libllvm19
Use 'apt autoremove' to remove it.
The following additional packages will be installed:
  msr-tools
The following NEW packages will be installed:
  cpu-checker msr-tools
0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
Need to get 15.8 kB of archives.
After this operation, 65.5 kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://jp.archive.ubuntu.com/ubuntu noble/main amd64 msr-tools amd64 1.3-5build1 [9,610 B]
Get:2 http://jp.archive.ubuntu.com/ubuntu noble/main amd64 cpu-checker amd64 0.7-1.3build2 [6,148 B]
Fetched 15.8 kB in 1s (17.2 kB/s)       
Selecting previously unselected package msr-tools.
(Reading database ... 171936 files and directories currently installed.)
Preparing to unpack .../msr-tools_1.3-5build1_amd64.deb ...
Unpacking msr-tools (1.3-5build1) ...
Selecting previously unselected package cpu-checker.
Preparing to unpack .../cpu-checker_0.7-1.3build2_amd64.deb ...
Unpacking cpu-checker (0.7-1.3build2) ...
Setting up msr-tools (1.3-5build1) ...
Setting up cpu-checker (0.7-1.3build2) ...
Processing triggers for man-db (2.12.0-4build2) ...
root@tik-1tb:~# kvm-ok
INFO: /dev/kvm exists
KVM acceleration can be used
root@tik-1tb:~# 
root@tik-1tb:~# 
root@tik-1tb:~# lsmod | grep kvm
kvm_intel             487424  0
kvm                  1425408  1 kvm_intel
irqbypass              12288  1 kvm
root@tik-1tb:~# modprobe kvm_intel
root@tik-1tb:~# ls a-l /dev/kvm 
ls: cannot access 'a-l': No such file or directory
/dev/kvm
root@tik-1tb:~# ls -al /dev/kvm 
crw-rw----+ 1 root kvm 10, 232 Oct 25 21:02 /dev/kvm
root@tik-1tb:~# apt install gnome-terminal
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
gnome-terminal is already the newest version (3.52.0-1ubuntu2).
gnome-terminal set to manually installed.
The following package was automatically installed and is no longer required:
  libllvm19
Use 'apt autoremove' to remove it.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@tik-1tb:~# apt-get update
Hit:1 http://security.ubuntu.com/ubuntu noble-security InRelease
Hit:2 http://jp.archive.ubuntu.com/ubuntu noble InRelease     
Hit:3 http://jp.archive.ubuntu.com/ubuntu noble-updates InRelease
Hit:4 http://jp.archive.ubuntu.com/ubuntu noble-backports InRelease
Reading package lists... Done
root@tik-1tb:~# apt-get install ./docker-desktop-amd64.deb
Reading package lists... Done
E: Unsupported file ./docker-desktop-amd64.deb given on commandline
root@tik-1tb:~# 
root@tik-1tb:~# 
root@tik-1tb:~# # Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc

# Add the repository to Apt sources:
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
  $(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
Hit:1 http://jp.archive.ubuntu.com/ubuntu noble InRelease
Hit:2 http://security.ubuntu.com/ubuntu noble-security InRelease
Hit:3 http://jp.archive.ubuntu.com/ubuntu noble-updates InRelease
Hit:4 http://jp.archive.ubuntu.com/ubuntu noble-backports InRelease
Reading package lists... Done
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
ca-certificates is already the newest version (20240203).
ca-certificates set to manually installed.
The following package was automatically installed and is no longer required:
  libllvm19
Use 'sudo apt autoremove' to remove it.
The following NEW packages will be installed:
  curl
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 226 kB of archives.
After this operation, 534 kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://jp.archive.ubuntu.com/ubuntu noble-updates/main amd64 curl amd64 8.5.0-2ubuntu10.6 [226 kB]
Fetched 226 kB in 1s (194 kB/s)
Selecting previously unselected package curl.
(Reading database ... 171950 files and directories currently installed.)
Preparing to unpack .../curl_8.5.0-2ubuntu10.6_amd64.deb ...
Unpacking curl (8.5.0-2ubuntu10.6) ...
Setting up curl (8.5.0-2ubuntu10.6) ...
Processing triggers for man-db (2.12.0-4build2) ...
Get:1 https://download.docker.com/linux/ubuntu noble InRelease [48.5 kB]
Get:2 https://download.docker.com/linux/ubuntu noble/stable amd64 Packages [33.3 kB]                                                                      
Hit:3 http://jp.archive.ubuntu.com/ubuntu noble InRelease                                                                                                
Hit:4 http://security.ubuntu.com/ubuntu noble-security InRelease                                                        
Hit:5 http://jp.archive.ubuntu.com/ubuntu noble-updates InRelease
Hit:6 http://jp.archive.ubuntu.com/ubuntu noble-backports InRelease
Fetched 81.7 kB in 1s (67.1 kB/s)
Reading package lists... Done
root@tik-1tb:~# sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following package was automatically installed and is no longer required:
  libllvm19
Use 'sudo apt autoremove' to remove it.
The following additional packages will be installed:
  docker-ce-rootless-extras git git-man liberror-perl libslirp0 pigz slirp4netns
Suggested packages:
  cgroupfs-mount | cgroup-lite docker-model-plugin git-daemon-run | git-daemon-sysvinit git-doc git-email git-gui gitk gitweb git-cvs git-mediawiki git-svn
The following NEW packages will be installed:
  containerd.io docker-buildx-plugin docker-ce docker-ce-cli docker-ce-rootless-extras docker-compose-plugin git git-man liberror-perl libslirp0 pigz slirp4netns
0 upgraded, 12 newly installed, 0 to remove and 0 not upgraded.
Need to get 110 MB of archives.
After this operation, 461 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 https://download.docker.com/linux/ubuntu noble/stable amd64 containerd.io amd64 1.7.28-1~ubuntu.24.04~noble [31.9 MB]
Get:2 http://jp.archive.ubuntu.com/ubuntu noble/universe amd64 pigz amd64 2.8-1 [65.6 kB]          
Get:3 https://download.docker.com/linux/ubuntu noble/stable amd64 docker-ce-cli amd64 5:28.5.1-1~ubuntu.24.04~noble [16.5 MB]
Get:4 http://jp.archive.ubuntu.com/ubuntu noble/main amd64 liberror-perl all 0.17029-2 [25.6 kB]
Get:5 https://download.docker.com/linux/ubuntu noble/stable amd64 docker-ce amd64 5:28.5.1-1~ubuntu.24.04~noble [19.7 MB]
Get:6 http://jp.archive.ubuntu.com/ubuntu noble-updates/main amd64 git-man all 1:2.43.0-1ubuntu7.3 [1,100 kB]
Get:7 https://download.docker.com/linux/ubuntu noble/stable amd64 docker-buildx-plugin amd64 0.29.1-1~ubuntu.24.04~noble [15.9 MB]
Get:8 https://download.docker.com/linux/ubuntu noble/stable amd64 docker-ce-rootless-extras amd64 5:28.5.1-1~ubuntu.24.04~noble [6,481 kB]
Get:9 https://download.docker.com/linux/ubuntu noble/stable amd64 docker-compose-plugin amd64 2.40.2-1~ubuntu.24.04~noble [14.3 MB]
Get:10 http://jp.archive.ubuntu.com/ubuntu noble-updates/main amd64 git amd64 1:2.43.0-1ubuntu7.3 [3,680 kB]
Get:11 http://jp.archive.ubuntu.com/ubuntu noble/main amd64 libslirp0 amd64 4.7.0-1ubuntu3 [63.8 kB]
Get:12 http://jp.archive.ubuntu.com/ubuntu noble/universe amd64 slirp4netns amd64 1.2.1-1build2 [34.9 kB]
Fetched 110 MB in 2s (56.0 MB/s)        
Selecting previously unselected package containerd.io.
(Reading database ... 171957 files and directories currently installed.)
Preparing to unpack .../00-containerd.io_1.7.28-1~ubuntu.24.04~noble_amd64.deb ...
Unpacking containerd.io (1.7.28-1~ubuntu.24.04~noble) ...
Selecting previously unselected package docker-ce-cli.
Preparing to unpack .../01-docker-ce-cli_5%3a28.5.1-1~ubuntu.24.04~noble_amd64.deb ...
Unpacking docker-ce-cli (5:28.5.1-1~ubuntu.24.04~noble) ...
Selecting previously unselected package docker-ce.
Preparing to unpack .../02-docker-ce_5%3a28.5.1-1~ubuntu.24.04~noble_amd64.deb ...
Unpacking docker-ce (5:28.5.1-1~ubuntu.24.04~noble) ...
Selecting previously unselected package pigz.
Preparing to unpack .../03-pigz_2.8-1_amd64.deb ...
Unpacking pigz (2.8-1) ...
Selecting previously unselected package docker-buildx-plugin.
Preparing to unpack .../04-docker-buildx-plugin_0.29.1-1~ubuntu.24.04~noble_amd64.deb ...
Unpacking docker-buildx-plugin (0.29.1-1~ubuntu.24.04~noble) ...
Selecting previously unselected package docker-ce-rootless-extras.
Preparing to unpack .../05-docker-ce-rootless-extras_5%3a28.5.1-1~ubuntu.24.04~noble_amd64.deb ...
Unpacking docker-ce-rootless-extras (5:28.5.1-1~ubuntu.24.04~noble) ...
Selecting previously unselected package docker-compose-plugin.
Preparing to unpack .../06-docker-compose-plugin_2.40.2-1~ubuntu.24.04~noble_amd64.deb ...
Unpacking docker-compose-plugin (2.40.2-1~ubuntu.24.04~noble) ...
Selecting previously unselected package liberror-perl.
Preparing to unpack .../07-liberror-perl_0.17029-2_all.deb ...
Unpacking liberror-perl (0.17029-2) ...
Selecting previously unselected package git-man.
Preparing to unpack .../08-git-man_1%3a2.43.0-1ubuntu7.3_all.deb ...
Unpacking git-man (1:2.43.0-1ubuntu7.3) ...
Selecting previously unselected package git.
Preparing to unpack .../09-git_1%3a2.43.0-1ubuntu7.3_amd64.deb ...
Unpacking git (1:2.43.0-1ubuntu7.3) ...
Selecting previously unselected package libslirp0:amd64.
Preparing to unpack .../10-libslirp0_4.7.0-1ubuntu3_amd64.deb ...
Unpacking libslirp0:amd64 (4.7.0-1ubuntu3) ...
Selecting previously unselected package slirp4netns.
Preparing to unpack .../11-slirp4netns_1.2.1-1build2_amd64.deb ...
Unpacking slirp4netns (1.2.1-1build2) ...
Setting up liberror-perl (0.17029-2) ...
Setting up docker-buildx-plugin (0.29.1-1~ubuntu.24.04~noble) ...
Setting up containerd.io (1.7.28-1~ubuntu.24.04~noble) ...
Created symlink /etc/systemd/system/multi-user.target.wants/containerd.service → /usr/lib/systemd/system/containerd.service.
Setting up docker-compose-plugin (2.40.2-1~ubuntu.24.04~noble) ...
Setting up docker-ce-cli (5:28.5.1-1~ubuntu.24.04~noble) ...
Setting up libslirp0:amd64 (4.7.0-1ubuntu3) ...
Setting up pigz (2.8-1) ...
Setting up git-man (1:2.43.0-1ubuntu7.3) ...
Setting up docker-ce-rootless-extras (5:28.5.1-1~ubuntu.24.04~noble) ...
Setting up slirp4netns (1.2.1-1build2) ...
Setting up docker-ce (5:28.5.1-1~ubuntu.24.04~noble) ...
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.
Created symlink /etc/systemd/system/sockets.target.wants/docker.socket → /usr/lib/systemd/system/docker.socket.
Setting up git (1:2.43.0-1ubuntu7.3) ...
Processing triggers for man-db (2.12.0-4build2) ...
Processing triggers for libc-bin (2.39-0ubuntu8.6) ...
root@tik-1tb:~# 
root@tik-1tb:~# 
root@tik-1tb:~# 
root@tik-1tb:~# systemctl status docker
● docker.service - Docker Application Container Engine
     Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; preset: enabled)
     Active: active (running) since Sat 2025-10-25 21:05:12 JST; 10s ago
TriggeredBy: ● docker.socket
       Docs: https://docs.docker.com
   Main PID: 20587 (dockerd)
      Tasks: 13
     Memory: 23.0M (peak: 24.4M)
        CPU: 327ms
     CGroup: /system.slice/docker.service
             └─20587 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

Oct 25 21:05:11 tik-1tb dockerd[20587]: time="2025-10-25T21:05:11.773367938+09:00" level=info msg="detected 127.0.0.53 nameserver, assuming systemd-resolved, so using resolv.conf: />
Oct 25 21:05:11 tik-1tb dockerd[20587]: time="2025-10-25T21:05:11.804046352+09:00" level=info msg="Creating a containerd client" address=/run/containerd/containerd.sock timeout=1m0s
Oct 25 21:05:12 tik-1tb dockerd[20587]: time="2025-10-25T21:05:12.195985954+09:00" level=info msg="Loading containers: start."
Oct 25 21:05:12 tik-1tb dockerd[20587]: time="2025-10-25T21:05:12.490419328+09:00" level=info msg="Loading containers: done."
Oct 25 21:05:12 tik-1tb dockerd[20587]: time="2025-10-25T21:05:12.509547679+09:00" level=info msg="Docker daemon" commit=f8215cc containerd-snapshotter=false storage-driver=overlay2>
Oct 25 21:05:12 tik-1tb dockerd[20587]: time="2025-10-25T21:05:12.509617718+09:00" level=info msg="Initializing buildkit"
Oct 25 21:05:12 tik-1tb dockerd[20587]: time="2025-10-25T21:05:12.527237513+09:00" level=info msg="Completed buildkit initialization"
Oct 25 21:05:12 tik-1tb dockerd[20587]: time="2025-10-25T21:05:12.547153851+09:00" level=info msg="Daemon has completed initialization"
Oct 25 21:05:12 tik-1tb dockerd[20587]: time="2025-10-25T21:05:12.547290642+09:00" level=info msg="API listen on /run/docker.sock"
Oct 25 21:05:12 tik-1tb systemd[1]: Started docker.service - Docker Application Container Engine.
root@tik-1tb:~# exit
logout
tik@tik-1tb:~$ systemctl status docker
● docker.service - Docker Application Container Engine
     Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; preset: enabled)
     Active: active (running) since Sat 2025-10-25 21:05:12 JST; 17s ago
TriggeredBy: ● docker.socket
       Docs: https://docs.docker.com
   Main PID: 20587 (dockerd)
      Tasks: 13
     Memory: 23.0M (peak: 24.4M)
        CPU: 327ms
     CGroup: /system.slice/docker.service
             └─20587 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

Oct 25 21:05:11 tik-1tb dockerd[20587]: time="2025-10-25T21:05:11.773367938+09:00" level=info msg="detected 127.0.0.53 nameserver, assuming systemd-resolved, so using resolv.conf: />
Oct 25 21:05:11 tik-1tb dockerd[20587]: time="2025-10-25T21:05:11.804046352+09:00" level=info msg="Creating a containerd client" address=/run/containerd/containerd.sock timeout=1m0s
Oct 25 21:05:12 tik-1tb dockerd[20587]: time="2025-10-25T21:05:12.195985954+09:00" level=info msg="Loading containers: start."
Oct 25 21:05:12 tik-1tb dockerd[20587]: time="2025-10-25T21:05:12.490419328+09:00" level=info msg="Loading containers: done."
Oct 25 21:05:12 tik-1tb dockerd[20587]: time="2025-10-25T21:05:12.509547679+09:00" level=info msg="Docker daemon" commit=f8215cc containerd-snapshotter=false storage-driver=overlay2>
Oct 25 21:05:12 tik-1tb dockerd[20587]: time="2025-10-25T21:05:12.509617718+09:00" level=info msg="Initializing buildkit"
Oct 25 21:05:12 tik-1tb dockerd[20587]: time="2025-10-25T21:05:12.527237513+09:00" level=info msg="Completed buildkit initialization"
Oct 25 21:05:12 tik-1tb dockerd[20587]: time="2025-10-25T21:05:12.547153851+09:00" level=info msg="Daemon has completed initialization"
Oct 25 21:05:12 tik-1tb dockerd[20587]: time="2025-10-25T21:05:12.547290642+09:00" level=info msg="API listen on /run/docker.sock"
Oct 25 21:05:12 tik-1tb systemd[1]: Started docker.service - Docker Application Container Engine.
tik@tik-1tb:~$ docker ps
permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.51/containers/json": dial unix /var/run/docker.sock: connect: permission denied
tik@tik-1tb:~$ sudo groupadd docker
groupadd: group 'docker' already exists
tik@tik-1tb:~$ sudo usermod -aG docker $USER
tik@tik-1tb:~$ 
tik@tik-1tb:~$ 
tik@tik-1tb:~$ docker ps
permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.51/containers/json": dial unix /var/run/docker.sock: connect: permission denied
tik@tik-1tb:~$ newgrp docker
tik@tik-1tb:~$ docker ps
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES
tik@tik-1tb:~$ docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
17eec7bbc9d7: Pull complete 
Digest: sha256:56433a6be3fda188089fb548eae3d91df3ed0d6589f7c2656121b911198df065
Status: Downloaded newer image for hello-world:latest

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
    (amd64)
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
 https://hub.docker.com/

For more examples and ideas, visit:
 https://docs.docker.com/get-started/

tik@tik-1tb:~$ sudo systemctl enable docker.service
Synchronizing state of docker.service with SysV service script with /usr/lib/systemd/systemd-sysv-install.
Executing: /usr/lib/systemd/systemd-sysv-install enable docker
tik@tik-1tb:~$ sudo systemctl enable containerd.service
tik@tik-1tb:~$    curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   138  100   138    0     0    800      0 --:--:-- --:--:-- --:--:--   802
100 57.7M  100 57.7M    0     0  52.8M      0  0:00:01  0:00:01 --:--:-- 73.6M
tik@tik-1tb:~$ uname -m
x86_64
tik@tik-1tb:~$    curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl.sha256"
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   138  100   138    0     0    488      0 --:--:-- --:--:-- --:--:--   489
100    64  100    64    0     0    181      0 --:--:-- --:--:-- --:--:--   181
tik@tik-1tb:~$ echo "$(cat kubectl.sha256)  kubectl" | sha256sum --check
kubectl: OK
tik@tik-1tb:~$ sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
tik@tik-1tb:~$ kubectl version --client
Client Version: v1.34.1
Kustomize Version: v5.7.1
tik@tik-1tb:~$ 
tik@tik-1tb:~$ kubectl version --client --output=yaml
clientVersion:
  buildDate: "2025-09-09T19:44:50Z"
  compiler: gc
  gitCommit: 93248f9ae092f571eb870b7664c534bfc7d00f03
  gitTreeState: clean
  gitVersion: v1.34.1
  goVersion: go1.24.6
  major: "1"
  minor: "34"
  platform: linux/amd64
kustomizeVersion: v5.7.1

tik@tik-1tb:~$ ^C
tik@tik-1tb:~$

@tikg
Copy link
Author

tikg commented Oct 25, 2025
edited
Loading

Prometheus and Grafana with docker compose

Compose file here:

Verify Docker Compose UP
image

Verify Prometheus
image

Verify Grafana
image

Setup Prometheus on Grafana
image

Confirm Prometheus in Grafana
image

Grafana admin
image

Reconfirm Docker Compose Up with Mimir
image

Checking Targets from Prom
image

Check if mimir is healthy

tik@tik-1tb:~/Desktop/dockerz$ docker compose down; docker compose up -d
[+] Running 4/4
 ✔ Container grafana           Removed                                                                                                                                           0.2s 
 ✔ Container prometheus        Removed                                                                                                                                          10.2s 
 ✔ Container mimir             Removed                                                                                                                                           0.1s 
 ✔ Network dockerz_monitoring  Removed                                                                                                                                           0.2s 
[+] Running 4/4
 ✔ Network dockerz_monitoring  Created                                                                                                                                           0.0s 
 ✔ Container mimir             Started                                                                                                                                           0.4s 
 ✔ Container prometheus        Started                                                                                                                                           0.4s 
 ✔ Container grafana           Started                                                                                                                                           0.5s 
tik@tik-1tb:~/Desktop/dockerz$ 
tik@tik-1tb:~/Desktop/dockerz$ curl http://localhost:9009/prometheus/api/v1/status/buildinfo
{"status":"success","data":{"application":"Grafana Mimir","version":"2.16.2","revision":"12bba40","branch":"HEAD","goVersion":"go1.23.12","features":{"ruler_config_api":"true","alertmanager_config_api":"true","query_sharding":"false","federated_rules":"false"}}}tik@tik-1tb:~/Desktop/dockerz$

curl http://localhost:9009/prometheus/api/v1/status/buildinfo

@tikg
Copy link
Author

tikg commented Oct 25, 2025
edited
Loading

Docker Compose file Prometheus, Grafana, Mimir

tik@tik-1tb:~/Desktop/SRE$ cat monitoring-stack.yml 
services:
  
  nginx:
    image: nginx:latest
    container_name: nginx
    ports:
      - "8080:80"
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf:ro
    networks:
      - monitoring

  nginx-exporter:
    image: nginx/nginx-prometheus-exporter:latest
    container_name: nginx-exporter
    command: ["-nginx.scrape-uri", "http://nginx:80/stub_status"]
    ports:
      - "9113:9113"
    depends_on:
      - nginx
    networks:
      - monitoring

  prometheus:
    image: prom/prometheus:latest
    container_name: prometheus
    ports:
      - "9090:9090"
    volumes:
      - ./prometheus.yml:/etc/prometheus/prometheus.yml
    command:
      - "--config.file=/etc/prometheus/prometheus.yml"
      - "--web.enable-lifecycle"
    networks:
      - monitoring

  mimir:
    image: grafana/mimir:latest
    container_name: mimir
    command:
      - "-target=all"
      - "-config.expand-env=true"
      - "-server.http-listen-port=9009"
      - "-auth.multitenancy-enabled=false"
    ports:
      - "9009:9009"
    networks:
      - monitoring

#  mimir:
#    image: grafana/mimir:latest
#    container_name: mimir
#    ports:
#      - "9009:9009"
#    command: ["-config.expand-env=true"]
#    networks:
#      - monitoring

  grafana:
    image: grafana/grafana:latest
    container_name: grafana
    ports:
      - "3000:3000"
    depends_on:
      - prometheus
      - mimir
    networks:
      - monitoring
    environment:
      - GF_SECURITY_ADMIN_USER=admin
      - GF_SECURITY_ADMIN_PASSWORD=admin

networks:
  monitoring:
    driver: bridge

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment