Run Free Arm-based Oracle Linux (Install Docker/Docker Compose/Portainer/Ubuntu Virtual Desktop) - NETSEC


Learning, Sharing, Creating

Cybersecurity Memo

Thursday, July 22, 2021

Run Free Arm-based Oracle Linux (Install Docker/Docker Compose/Portainer/Ubuntu Virtual Desktop)

ARM is a RISC architecture. RISC stands for Reduced Instruction Set Computing. This means that the CPU has a limited number of instructions it can use. As a result, each instruction runs in a single cycle and the instructions are simpler. Meanwhile, x86 is a CISC architecture, which stands for Complex Instruction Set Computing.

ARM is designed to be smaller, more energy-efficient, and creates less heat. One problem is that x86 programs can’t run on ARM. Most programming languages can target ARM just fine. Any currently-maintained programs should have few problems. Anything written in Assembly will need to be rewritten to work on ARM though. There’s also an issue of development speed. Since ARM has fewer instructions, developers need to use more time to search and read all related instructions.


For x86_64 architecture 's CentOS 8 and Ubuntu 20.04 version, you can find this post about how to install Docker/Docker-Compose:

Choose Oracle Image. Default username is opc

You also can use Ubuntu 20.04 (not minimum) version to use Arm based shape. The installation for docker and docker compose will be a little different, which you can find out from this post (Install Docker, Docker-Compose, Portainer & Nginx on CentOS 8 & Ubuntu 20.04)

System Update

Check System Public IP:

[root@arm1 ~]# curl
Update Oracle Linux 8 system to latest:

 [root@arm1 ~]# yum upgrade -y && yum update -y
Update Ubuntu system to latest:

 [root@arm1 ~]# apt update -y && apt upgrade -y

Install NodeQuery Monitor Sensor

Nodequery stopped the service since Sep 2021. Check other services in my post:

Free Cloud Server Monitoring Services: Netdata, New Relic, Datadog, Instrumental

You will get a one line sensor installation code from NodeQuery add a new server page. 

root@opc3arm2ubuntu:~# wget -N --no-check-certificate && bash gRa6yhaYPTkpogsqZRMFy0CMgfmj05
--2021-08-02 13:43:44--
Resolving (,,, ...
Connecting to (||:443... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: [following]
--2021-08-02 13:43:44--
Resolving (,,, ...
Connecting to (||:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 4781 (4.7K) [text/plain]
Saving to: ‘’                                            100%[===============================================================================================================================>]   4.67K  --.-KB/s    in 0s

Last-modified header missing -- time-stamps turned off.
2021-08-02 13:43:44 (71.0 MB/s) - ‘’ saved [4781/4781]

|   NodeQuery Installer
|   ===================
|   Downloading to /etc/nodequery
|   + 2021-08-02 13:43:45 URL: [8537/8537] -> "/etc/nodequery/" [1]
|   Success: The NodeQuery agent has been installed

Install Docker

dnf install -y dnf-utils zip unzip
dnf config-manager --add-repo=

dnf remove -y runc
dnf install -y docker-ce --nobest

systemctl enable docker.service
systemctl start docker.service

systemctl status docker.service
docker info
docker version
Ubuntu System:

apt install -y && apt install docker-compose

Install Docker-Compose

yum install -y libffi libffi-devel openssl-devel python3 python3-pip python3-devel
pip3 install docker-compose
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose

Install Portainer

Commands to install Portainer:

[root@arm1 ~]# docker volume create portainer_data
[root@arm1 ~]# docker run -d -p 9000:9000 --name portainer --restart always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest

If you had Nginx installed and also you have your own domain, you can configure Nginx to do reverse proxy for your Portainer using your own domain. 

Nginx configuration:

root@4ccb3643b7e4:/etc/nginx/conf.d# cat portainer.conf 
server {
    listen       80;

location / {
    proxy_pass       http://portainer:9000;
    proxy_http_version         1.1;
    proxy_read_timeout 300;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Real-PORT $remote_port;

Run a Ubuntu 20.04 Desktop

Docer hub image repository: This is a good docker image for ARM architect machines. If you are looking for one for x86 / AMD type machines, you can check next section in this blog to find a right one. 

The fredblgr/ubuntu-novnc docker image will consume about 1.4GB space, plus the space running this docker, you are looking for at least 3GB spare space on your machine. 

docker run -p 6080:80 fredblgr/ubuntu-novnc:20.04

Note: This docker image is good for ARM based host. If you want to use on other architecture platform, you can use other 32b or 64b i386 version's docker, check post:

http://<Public IP>:6080

The docker support basic http password authentication:

docker run -d -p 6080:80 -v $PWD:/workspace:rw -e HTTP_PASSWORD=P@ssword1234 -e RESOLUTION=1680x1050 --name ubuntu-novnc fredblgr/ubuntu-novnc:20.04
  • Authenticate username is default one: root
  • Password is the one you set using environment variable, HTTP_PASSWORD.

Default log in user is root. But you can user variables, user and password to change it. 
-e USER=netsec -e PASSWORD=password1234

--rm parameter will remove docker after it stopped.

From Ubuntu terminal, you can install firefox to have a browser for your internet. 

User name is root, and password is what we set using "docker run" command.

To install Firefox, here is a command after logged in noVNC.

apt update -y && apt install firefox -y
another way to install firefox  is using snap:

snap install firefox

Unfortunately NPM (Nginx Proxy Manager) does not work with noVNC. I have to configure NGINX manually with following Nginx reverse proxy configuration:
root@4ccb3643b7e4:/# cd /etc/nginx/          
root@4ccb3643b7e4:/etc/nginx# cd conf.d/
root@4ccb3643b7e4:/etc/nginx/conf.d# cat novnc.conf 
server {
    listen       80;

location / {
    proxy_http_version         1.1;
    proxy_read_timeout 300;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Real-PORT $remote_port;

After this, works well. 

If there is anything happened to your this docker, just stop it and duplicate/edit to recreate one. 


1) At present, the entire Oracle region should have arm. Except for popular areas, such as India and Sydney, arm machines are still very good. In addition, Japan and South Korea are in hell mode.

2) When terminating the server, be sure to pay attention to whether the boot volume is also terminated together!

3) The opened server currently does not have the [Always Free] logo, but there is a boot volume!

4) For a new account (without the trial period), the ARM server will be stopped after the trial period expires, and your arm will be released after about 60 days. You need to re-open the arm to release it, and your machine will be stable after activation.

5) As for dd, it is not recommended, the title is very risky, but there may also be metaphysical factors in it.

6) Bill query, if you are worried about the non-free content you have opened, you can check it if you have incurred a fee!

7) Free resources are 3,000 OCPU hours + 18,000GB memory usage per month. Regardless of charging and trial users, there are so many free resources. Converted to 4+24, it is about 750 hours, and it should be no problem to play for a month.

8) The previous ordinary machine is still limited to 2 permanent free machines, this has not changed.

9) Your permanent free resources are still network traffic of 10TB per month, total disk quota space of 200G , a total of 4 IPV4 addresses (*3 temporary + 1 reserved), and the IPV6 address is the number of /16. That is to say, you can open 6 machines, and finally two use pure IPV6.

10) Regarding the size of the boot volume, because the default is 45G, if you think it is too small, you can modify the size online, but the premise is that your 200G has not been used up by you. How to modify it, click on the block storage boot volume, 


Issue 1: Your Firefox profile cannot be loaded. It may be missing or inaccessible

Duplicate Docker and Re-deploy it. 

Other noVNC docker image

Another good docker image : dorowu/ubuntu-desktop-lxde-vnc on blog post;

HTTP Base Authentication

This image provides base access authentication of HTTP via HTTP_PASSWORD

docker run -p 6080:80 -e HTTP_PASSWORD=mypassword -v /dev/shm:/dev/shm dorowu/ubuntu-desktop-lxde-vnc

  • If you are using ARM-based linux, the docker image will be "dorowu/ubuntu-desktop-lxde-vnc:focal-arm64". The whole command will be:

docker run -p 6080:80 -e HTTP_PASSWORD=P@ssword1234 -v /dev/shm:/dev/shm dorowu/ubuntu-desktop-lxde-vnc:focal-arm64

Further detail about docker "dorowu/ubuntu-desktop-lxde-vnc" can be found from this URL


It is also possible to enable sound support in this docker image but I tested it and it does not work well with ARM based machine


No comments:

Post a Comment