Applications Azure

Docker Engine 29 on Ubuntu 24.04 on Azure User Guide

| Product: Docker Engine 29 on Ubuntu 24.04 LTS on Azure

Overview

Docker Engine is the industry standard container runtime — the cloudimg image installs the latest Docker CE 29.x from Docker Inc.'s official noble repository alongside containerd 2.2, BuildKit 0.33 (buildx), and Compose v5 (docker compose). The azureuser account is added to the docker group at first boot via a oneshot systemd unit, so the operator can docker ps immediately after SSH without sudo.

What is included:

  • docker-ce 29.4 + docker-ce-cli 29.4 from download.docker.com/linux/ubuntu noble/stable
  • containerd.io 2.2.x as the default container runtime
  • docker-buildx-plugin 0.33 — BuildKit-powered multi-platform builds
  • docker-compose-plugin v5 — Compose-spec stack orchestration
  • docker-firstboot.service adds azureuser to docker group on first boot
  • overlayfs storage driver, json-file logging, systemd cgroup driver
  • docker.service running, docker.socket listening on /var/run/docker.sock
  • 24/7 cloudimg support

Prerequisites

Active Azure subscription, SSH key, VNet + subnet. Standard_B2s (4 GB RAM) is sufficient for development workloads; bump to D2s/D4s for image build farms or production container hosts.

Step 1-3: Deploy + SSH (standard pattern)

# Deploy from the Marketplace listing (or via az vm create from your gallery image).
ssh azureuser@<vm-ip>

Step 4: Verify

sudo systemctl status docker.service --no-pager | head -15
sudo systemctl is-active docker.service containerd.service docker-firstboot.service

docker.service active (running) for 5 minutes; containerd + docker-firstboot also active

Step 5: Versions and Daemon Info

sudo docker version --format 'Client: {{.Client.Version}}  Server: {{.Server.Version}}  containerd: {{(index .Server.Components 1).Version}}  runc: {{(index .Server.Components 2).Version}}'
sudo docker compose version
sudo docker buildx version
sudo docker info --format 'Storage Driver: {{.Driver}}  Logging Driver: {{.LoggingDriver}}  Cgroup: {{.CgroupDriver}}/{{.CgroupVersion}}  Containers: {{.Containers}}  Images: {{.Images}}'

Docker 29.4.1, containerd v2.2.3, runc 1.3.5, Compose v5.1.3, buildx 0.33.0, overlayfs storage

Step 6: Run a Container

sudo docker run --rm hello-world

hello-world container ran successfully — message confirms client + daemon + image pull + container exec all work

Step 7: Compose Stack

mkdir -p /tmp/stack && cd /tmp/stack
cat > compose.yaml <<'EOF'
services:
  redis:
    image: redis:7-alpine
    ports: ['6379:6379']
EOF
sudo docker compose up -d
sudo docker compose ps
sudo docker exec stack-redis-1 redis-cli SET hello cloudimg
sudo docker exec stack-redis-1 redis-cli GET hello
sudo docker compose down

docker compose v5 stack: redis:7-alpine container running on :6379, redis-cli SET/GET round-trip

Step 8: Components

Component Path
dockerd binary /usr/bin/dockerd
docker CLI /usr/bin/docker
containerd /usr/bin/containerd
compose plugin /usr/libexec/docker/cli-plugins/docker-compose
buildx plugin /usr/libexec/docker/cli-plugins/docker-buildx
Docker socket /var/run/docker.sock
Daemon config /etc/docker/daemon.json (create as needed)
Image storage /var/lib/docker
containerd state /var/lib/containerd
Firstboot script /usr/local/sbin/docker-firstboot.sh
Group membership note /stage/scripts/docker-credentials.log

Step 9: Security

  • Restrict NSG so the Docker socket is never exposed on the network — keep dockerd on the local Unix socket only
  • Use rootless mode for multi-tenant hosts: dockerd-rootless-setuptool.sh install
  • Pin image digests in production Compose files (image: nginx@sha256:...) instead of floating tags
  • Patch monthly: apt-get update && apt-get upgrade && reboot — Docker publishes security advisories at https://docs.docker.com/engine/security/
  • Scan images: docker scout cves <image> (Scout is bundled in 29.x)

Licensing

Docker Engine (Moby project) is Apache 2.0 — free to use commercially. Docker Desktop is a separate, paid product not included here. cloudimg provides commercial support for the Engine deployment separately. support@cloudimg.co.uk.