Docker

Docker is a utility to pack, ship and run any application as a lightweight container.

Installation

Install docker or, for the i686 architecture, docker-git. Next enable docker.service and verify operation:

# docker info

If you want to be able to run docker as a regular user, add yourself to the docker group and re-login:

# gpasswd -a user docker

To make your session aware of this new group, you can use:

# newgrp docker

Configuration

Tango-emblem-important.png

Tango-emblem-important.png

The factual accuracy of this article or section is disputed.

Reason: http_proxy does not seem to work. (Discuss)

Edit /etc/systemd/system/docker.service, where http_proxy is your proxy server and -g <path> is your docker home. The path defaults to /var/cache/docker.

[Service]
Environment="http_proxy=192.168.1.1:3128"
ExecStart=
ExecStart=/usr/bin/docker -d -g /var/yourDockerDir
Note: This assumes 192.168.1.1 is your proxy server, do not use 127.0.0.1.

The docker daemon listens to a Unix socket by default. To listen on a specified port instead, edit /etc/systemd/system/docker.socket, where ListenStream is the used port:

[Socket]
ListenStream=0.0.0.0:2375

Docker 0.9.0 -- 1.2.x and LXC

Since version 0.9.0 Docker provides a new way to start containers without relying on LXC called libcontainer.

LXC may be removed in near future however, [1]

Hence, you will not be able to use lxc-attach with containers managed by Docker 0.9.0+ by default. It is required to make Docker daemon run with -e lxc as an argument.

You can create a file named lxc.conf under /etc/systemd/system/docker.service.d/ with the following contents:

[Service]
ExecStart=
ExecStart=/usr/bin/docker -d -e lxc

Skype

See Skype#Docker.

Build i686 image

For the i686 architecture, we can not use the x86_64 image pulled with the following command:

# docker pull base/archlinux

ArchLinux image

Instead, check docker base/archlinux registry and click the mkimage-arch.sh link to download mkimage-arch.sh and mkimage-arch-pacman.conf to the same directory as raw files. Next, make the script executable and run it:

$ chmod +x mkimage-arch.sh
$ LC_ALL=C ./mkimage-arch.sh # LC_ALL=C because the script parses the console output
# docker run -t -i --rm archlinux /bin/bash # try it

For slow network connections or CPU, the build timeout can be extended:

$ sed -i 's/timeout 60/timeout 120/' mkimage-arch.sh

Debian image

Build Debian image with debootstrap from the AUR:

# mkdir wheezy-chroot
# debootstrap wheezy ./wheezy-chroot http://http.debian.net/debian/
# cd wheezy-chroot
# tar cpf - . | docker import - debian
# docker run -t -i --rm debian /bin/bash

Troubleshooting

If running docker info gives an error that looks like this:

 FATA[0000] Get http:///var/run/docker.sock/v1.17/info: read unix /var/run/docker.sock: connection reset by peer. Are you trying to connect to a TLS-enabled daemon without TLS? 


... you might not have the bridge module loaded. You can check for it by running lsmod . If it isn't loaded, you can try to load it with modprobe or simply reboot (a reboot might be required if you have upgraded your kernel recently without rebooting and the bridge module was built for the more recent kernel.)

See this issue on GitHub for more information.

See also