Docker: the Linux container runtime

Docker complements LXC with a high-level API which operates at the process level. It runs unix processes with strong guarantees of isolation and repeatability across servers.

Docker is a great building block for automating distributed systems: large-scale web deployments, database clusters, continuous deployment systems, private PaaS, service-oriented architectures, etc.

Heterogeneous payloads: any combination of binaries, libraries, configuration files, scripts, virtualenvs, jars, gems, tarballs, you name it. No more juggling between domain-specific tools. Docker can deploy and run them all.
Any server: docker can run on any x64 machine with a modern linux kernel - whether it's a laptop, a bare metal server or a VM. This makes it perfect for multi-cloud deployments.
Isolation: docker isolates processes from each other and from the underlying host, using lightweight containers.
Repeatability: because containers are isolated in their own filesystem, they behave the same regardless of where, when, and alongside what they run.

Notable features

Filesystem isolation: each process container runs in a completely separate root filesystem.
Resource isolation: system resources like cpu and memory can be allocated differently to each process container, using cgroups.
Network isolation: each process container runs in its own network namespace, with a virtual interface and IP address of its own.
Copy-on-write: root filesystems are created using copy-on-write, which makes deployment extremeley fast, memory-cheap and disk-cheap.
Logging: the standard streams (stdout/stderr/stdin) of each process container are collected and logged for real-time or batch retrieval.
Change management: changes to a container's filesystem can be committed into a new image and re-used to create more containers. No templating or manual configuration required.
Interactive shell: docker can allocate a pseudo-tty and attach to the standard input of any container, for example to run a throwaway interactive shell.

Under the hood

Under the hood, Docker is built on the following components:

The cgroup and namespacing capabilities of the Linux kernel;
AUFS, a powerful union filesystem with copy-on-write capabilities;
The Go programming language;
lxc, a set of convenience scripts to simplify the creation of linux containers.

Install instructions

Installing on Ubuntu 12.04 and 12.10

Install dependencies:
```
sudo apt-get install lxc wget bsdtar curl
sudo apt-get install linux-image-extra-`uname -r`
```
The linux-image-extra package is needed on standard Ubuntu EC2 AMIs in order to install the aufs kernel module.

Install the latest docker binary:

wget http://get.docker.io/builds/$(uname -s)/$(uname -m)/docker-master.tgz
tar -xf docker-master.tgz

Run your first container!
```
cd docker-master
sudo ./docker run -i -t base /bin/bash
```
Consider adding docker to your PATH for simplicity.

Installing on other Linux distributions

Right now, the officially supported distributions are:

Ubuntu 12.04 (precise LTS)
Ubuntu 12.10 (quantal)

Docker probably works on other distributions featuring a recent kernel, the AUFS patch, and up-to-date lxc. However this has not been tested.

Some streamlined (but possibly outdated) installation paths' are available from the website: http://docker.io/documentation/

Usage examples

Running an interactive shell

# Download a base image
docker pull base

# Run an interactive shell in the base image,
# allocate a tty, attach stdin and stdout
docker run -i -t base /bin/bash

Starting a long-running worker process

# Run docker in daemon mode
(docker -d || echo "Docker daemon already running") &

# Start a very useful long-running process
JOB=$(docker run -d base /bin/sh -c "while true; do echo Hello world; sleep 1; done")

# Collect the output of the job so far
docker logs $JOB

# Kill the job
docker kill $JOB

Listing all running containers

docker ps

Expose a service on a TCP port

# Expose port 4444 of this container, and tell netcat to listen on it
JOB=$(docker run -d -p 4444 base /bin/nc -l -p 4444)

# Which public port is NATed to my container?
PORT=$(docker port $JOB 4444)

# Connect to the public port via the host's public address
echo hello world | nc $(hostname) $PORT

# Verify that the network connection worked
echo "Daemon received: $(docker logs $JOB)"

Contributing to Docker

Want to hack on Docker? Awesome! There are instructions to get you started on the website: http://docker.io/documentation/contributing/contributing.html

They are probably not perfect, please let us know if anything feels wrong or incomplete.

Note

We also keep the documentation in this repository. The website documentation is generated using sphinx using these sources. Please find it under docs/sources/ and read more about it https://github.com/dotcloud/docker/master/docs/README.md

Please feel free to fix / update the documentation and send us pull requests. More tutorials are also welcome.

Name		Name	Last commit message	Last commit date
Latest commit History 591 Commits
auth		auth
contrib		contrib
deb		deb
docker		docker
docs		docs
puppet		puppet
rcli		rcli
term		term
.gitignore		.gitignore
AUTHORS		AUTHORS
LICENSE		LICENSE
NOTICE		NOTICE
README.md		README.md
Vagrantfile		Vagrantfile
archive.go		archive.go
archive_test.go		archive_test.go
changes.go		changes.go
commands.go		commands.go
container.go		container.go
container_test.go		container_test.go
graph.go		graph.go
graph_test.go		graph_test.go
image.go		image.go
lxc_template.go		lxc_template.go
mount.go		mount.go
mount_darwin.go		mount_darwin.go
mount_linux.go		mount_linux.go
network.go		network.go
network_test.go		network_test.go
registry.go		registry.go
runtime.go		runtime.go
runtime_test.go		runtime_test.go
state.go		state.go
sysinit.go		sysinit.go
tags.go		tags.go
utils.go		utils.go
utils_test.go		utils_test.go

License

rebaze/docker

Folders and files

Latest commit

History

Repository files navigation