diff --git a/docs/mkdocs.yml b/docs/mkdocs.yml index 97e0bf197f..49449f7843 100644 --- a/docs/mkdocs.yml +++ b/docs/mkdocs.yml @@ -31,24 +31,24 @@ pages: # Installation: - ['installation/index.md', '**HIDDEN**'] -- ['installation/mac.md', 'Installation', 'Mac OS X'] - ['installation/ubuntulinux.md', 'Installation', 'Ubuntu'] +- ['installation/mac.md', 'Installation', 'Mac OS X'] +- ['installation/windows.md', 'Installation', 'Microsoft Windows'] +- ['installation/amazon.md', 'Installation', 'Amazon EC2'] +- ['installation/archlinux.md', 'Installation', 'Arch Linux'] +- ['installation/binaries.md', 'Installation', 'Binaries'] +- ['installation/centos.md', 'Installation', 'CentOS'] +- ['installation/cruxlinux.md', 'Installation', 'CRUX Linux'] +- ['installation/debian.md', 'Installation', 'Debian'] +- ['installation/fedora.md', 'Installation', 'Fedora'] +- ['installation/frugalware.md', 'Installation', 'FrugalWare'] +- ['installation/google.md', 'Installation', 'Google Cloud Platform'] +- ['installation/gentoolinux.md', 'Installation', 'Gentoo'] +- ['installation/softlayer.md', 'Installation', 'IBM Softlayer'] +- ['installation/rackspace.md', 'Installation', 'Rackspace Cloud'] - ['installation/rhel.md', 'Installation', 'Red Hat Enterprise Linux'] - ['installation/oracle.md', 'Installation', 'Oracle Linux'] -- ['installation/centos.md', 'Installation', 'CentOS'] -- ['installation/debian.md', 'Installation', 'Debian'] -- ['installation/gentoolinux.md', 'Installation', 'Gentoo'] -- ['installation/google.md', 'Installation', 'Google Cloud Platform'] -- ['installation/rackspace.md', 'Installation', 'Rackspace Cloud'] -- ['installation/amazon.md', 'Installation', 'Amazon EC2'] -- ['installation/softlayer.md', 'Installation', 'IBM Softlayer'] -- ['installation/archlinux.md', 'Installation', 'Arch Linux'] -- ['installation/frugalware.md', 'Installation', 'FrugalWare'] -- ['installation/fedora.md', 'Installation', 'Fedora'] - ['installation/SUSE.md', 'Installation', 'SUSE'] -- ['installation/cruxlinux.md', 'Installation', 'CRUX Linux'] -- ['installation/windows.md', 'Installation', 'Microsoft Windows'] -- ['installation/binaries.md', 'Installation', 'Binaries'] - ['compose/install.md', 'Installation', 'Docker Compose'] # User Guide: @@ -187,3 +187,4 @@ pages: - ['project/get-help.md', 'Contributor Guide', 'Where to get help'] - ['project/coding-style.md', 'Contributor Guide', 'Coding style guide'] - ['project/doc-style.md', 'Contributor Guide', 'Documentation style guide'] + diff --git a/docs/sources/installation/ubuntulinux.md b/docs/sources/installation/ubuntulinux.md index 9261734c26..85a37d768d 100644 --- a/docs/sources/installation/ubuntulinux.md +++ b/docs/sources/installation/ubuntulinux.md @@ -1,395 +1,305 @@ -page_title: Installation on Ubuntu -page_description: Instructions for installing Docker on Ubuntu. +page_title: Installation on Ubuntu +page_description: Instructions for installing Docker on Ubuntu. page_keywords: Docker, Docker documentation, requirements, virtualbox, installation, ubuntu -# Ubuntu +#Ubuntu -Docker is supported on the following versions of Ubuntu: +Docker is supported on these Ubuntu operating systems: - - [*Ubuntu Trusty 14.04 (LTS) (64-bit)*](#ubuntu-trusty-1404-lts-64-bit) - - [*Ubuntu Precise 12.04 (LTS) (64-bit)*](#ubuntu-precise-1204-lts-64-bit) - - [*Ubuntu Raring 13.04 and Saucy 13.10 (64 - bit)*](#ubuntu-raring-1304-and-saucy-1310-64-bit) +- Ubuntu Trusty 14.04 (LTS) +- Ubuntu Precise 12.04 (LTS) +- Ubuntu Saucy 13.10 -Please read [*Docker and UFW*](#docker-and-ufw), if you plan to use [UFW -(Uncomplicated Firewall)](https://help.ubuntu.com/community/UFW) +This page instructs you to install using Docker-managed release packages and +installation mechanisms. Using these packages ensures you get the latest release +of Docker. If you wish to install using Ubuntu-managed packages, consult your +Ubuntu documentation. -## Ubuntu Trusty 14.04 (LTS) (64-bit) +##Prerequisites -Ubuntu Trusty comes with a 3.13.0 Linux kernel, and a `docker.io` package which -installs Docker 1.0.1 and all its prerequisites from Ubuntu's repository. +Docker requires a 64-bit installation regardless of your Ubuntu version. +Additionally, your kernel must be 3.10 at minimum. The latest 3.10 minor version +or a newer maintained version are also acceptable. -> **Note**: -> Ubuntu (and Debian) contain a much older KDE3/GNOME2 package called ``docker``, so the -> Ubuntu-maintained package and executable are named ``docker.io``. +Kernels older than 3.10 lack some of the features required to run Docker +containers. These older versions are known to have bugs which cause data loss +and frequently panic under certain conditions. -### Ubuntu-maintained Package Installation +To check your current kernel version, open a terminal and use `uname -r` to display +your kernel version: -To install the latest Ubuntu package (this is **not** the most recent Docker release): + $ uname -r + 3.11.0-15-generic - $ sudo apt-get update - $ sudo apt-get install docker.io +>**Caution** Some Ubuntu OS versions **require a version higher than 3.10** to +>run Docker, see the prerequisites on this page that apply to your Ubuntu +>version. -Then, to enable tab-completion of Docker commands in BASH, either restart BASH or: +###For Trusty 14.04 - $ source /etc/bash_completion.d/docker* +There are no prerequisites for this version. -> **Note**: -> Since the Ubuntu package is quite dated at this point, you may want to use -> the following section to install the most recent release of Docker. -> If you install the Docker version, you do not need to install ``docker.io`` from Ubuntu. +###For Precise 12.04 (LTS) -### Docker-maintained Package Installation +For Ubuntu Precise, Docker requires the 3.13 kernel version. If your kernel +version is older than 3.13, you must upgrade it. Refer to this table to see +which packages are required for your environment: -If you'd like to try the latest version of Docker: + + +
linux-image-generic-lts-trusty Generic +Linux kernel image. This kernel has AUFS built in. This is required to run +Docker.
linux-headers-generic-lts-trustyAllows packages such as ZFS and VirtualBox guest additions +which depend on them. If you didn't install the headers for your existing +kernel, then you can skip these headers for the"trusty" kernel. If you're +unsure, you should include this package for safety.
xserver-xorg-lts-trusty Optional in non-graphical environments without Unity/Xorg. +Required when running Docker on machine with a graphical environment. -First, check that your APT system can deal with `https` -URLs: the file `/usr/lib/apt/methods/https` -should exist. If it doesn't, you need to install the package -`apt-transport-https`. +

To learn more about the reasons for these packages, read the installation +instructions for backported kernels, specifically the LTS +Enablement Stack — refer to note 5 under each version.

libgl1-mesa-glx-lts-trusty
  - [ -e /usr/lib/apt/methods/https ] || { - apt-get update - apt-get install apt-transport-https - } +To upgrade your kernel and install the additional packages, do the following: -Then, add the Docker repository key to your local keychain. +1. Open a terminal on your Ubuntu host. - $ sudo apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9 +2. Update your package manager. -Add the Docker repository to your apt sources list, update and install -the `lxc-docker` package. + $ sudo apt-get update -*You may receive a warning that the package isn't trusted. Answer yes to -continue installation.* +3. Install both the required and optional packages. - $ sudo sh -c "echo deb https://get.docker.com/ubuntu docker main\ - > /etc/apt/sources.list.d/docker.list" - $ sudo apt-get update - $ sudo apt-get install lxc-docker + $ sudo apt-get install linux-image-generic-lts-trusty -> **Note**: -> -> There is also a simple `curl` script available to help with this process. -> -> $ curl -sSL https://get.docker.com/ubuntu/ | sudo sh + Depending on your environment, you may install more as described in the preceding table. -To verify that everything has worked as expected: +4. Reboot your host. - $ sudo docker run -i -t ubuntu /bin/bash + $ sudo reboot -Which should download the `ubuntu` image, and then start `bash` in a container. +5. After your system reboots, go ahead and [install Docker](#installing-docker-on-ubuntu). -Type `exit` to exit -**Done!**, continue with the [User Guide](/userguide/). +###For Saucy 13.10 (64 bit) +Docker uses AUFS as the default storage backend. If you don't have this +prerequisite installed, Docker's installation process adds it. -## Ubuntu Precise 12.04 (LTS) (64-bit) +##Installing Docker on Ubuntu -This installation path should work at all times. +Make sure you have intalled the prerequisites for your Ubuntu version. Then, +install Docker using the following: -### Dependencies +1. Log into your Ubuntu installation as a user with `sudo` privileges. -**Linux kernel 3.13** +2. Verify that you have `wget` installed. -For Ubuntu Precise, the currently recommended kernel version is 3.13. -Ubuntu Precise installations with older kernels must be upgraded. The -kernel you'll install when following these steps has AUFS built in. -We also include the generic headers to enable packages that depend on them, -like ZFS and the VirtualBox guest additions. If you didn't install the -headers for your "precise" kernel, then you can skip these headers for the -"trusty" kernel. If you're unsure, you should include the headers for safety. + $ which wget -> **Warning**: -> Kernels 3.8 and 3.11 are no longer supported by Canonical. Systems -> running these kernels need to be updated using the instructions below. -> Running Docker on these unsupported systems isn't supported either. -> These old kernels are no longer patched for security vulnerabilities -> and severe bugs which lead to data loss. + If `wget` isn't installed, install it after updating your manager: -Please read the installation instructions for backported kernels at -Ubuntu.org to understand why you also need to install the Xorg packages -when running Docker on a machine with a graphical environment like Unity. -[LTS Enablement Stack](https://wiki.ubuntu.com/Kernel/LTSEnablementStack) refer to note 5 under -each version. + $ sudo apt-get update $ sudo apt-get install wget - # install the backported kernel - $ sudo apt-get update - $ sudo apt-get install linux-image-generic-lts-trusty linux-headers-generic-lts-trusty - - # install the backported kernel and xorg if using Unity/Xorg - $ sudo apt-get install --install-recommends linux-generic-lts-trusty xserver-xorg-lts-trusty libgl1-mesa-glx-lts-trusty +3. Get the latest Docker package. - # reboot - $ sudo reboot + $ wget -qO- https://get.docker.com/ | sh -### Installation + The system prompts you for your `sudo` password. Then, it downloads and + installs Docker and its dependencies. -> **Warning**: -> These instructions have changed for 0.6. If you are upgrading from an -> earlier version, you will need to follow them again. +4. Verify `docker` is installed correctly. -Docker is available as a Debian package, which makes installation easy. -**See the** [*Mirrors*](#mirrors) **section below if you are not -in the United States.** Other sources of the Debian packages may be -faster for you to install. + $ sudo docker run hello-world -First, check that your APT system can deal with `https` -URLs: the file `/usr/lib/apt/methods/https` -should exist. If it doesn't, you need to install the package -`apt-transport-https`. + This command downloads a test image and runs it in a container. - [ -e /usr/lib/apt/methods/https ] || { - apt-get update - apt-get install apt-transport-https - } +## Optional Configurations for Docker on Ubuntu -Then, add the Docker repository key to your local keychain. +This section contains optional procedures for configuring your Ubuntu to work +better with Docker. - $ sudo apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9 +* [Create a docker group](#create-a-docker-group) +* [Adjust memory and swap accounting](#adjust-memory-and-swap-accounting) +* [Enable UFW forwarding](#enable-ufw-forwarding) +* [Configure a DNS server for use by Docker](#configure-a-dns-server-for-docker) -Add the Docker repository to your apt sources list, update and install -the `lxc-docker` package. +### Create a docker group -*You may receive a warning that the package isn't trusted. Answer yes to -continue installation.* +The `docker` daemon binds to a Unix socket instead of a TCP port. By default +that Unix socket is owned by the user `root` and other users can access it with +`sudo`. For this reason, `docker` daemon always runs as the `root` user. - $ sudo sh -c "echo deb https://get.docker.com/ubuntu docker main\ - > /etc/apt/sources.list.d/docker.list" - $ sudo apt-get update - $ sudo apt-get install lxc-docker +To avoid having to use `sudo` when you use the `docker` command, create a Unix +group called `docker` and add users to it. When the `docker` daemon starts, it +makes the ownership of the Unix socket read/writable by the `docker` group. -> **Note**: -> -> There is also a simple `curl` script available to help with this process. -> -> $ curl -sSL https://get.docker.com/ubuntu/ | sudo sh +>**Warning**: The `docker` group is equivalent to the `root` user; For details +>on how this impacts security in your system, see [*Docker Daemon Attack +>Surface*](/articles/security/#docker-daemon-attack-surface) for details. -Now verify that the installation has worked by downloading the -`ubuntu` image and launching a container. +To create the `docker` group and add your user: - $ sudo docker run -i -t ubuntu /bin/bash +1. Log into Ubuntu as a user with `sudo` privileges. -Type `exit` to exit + This procedure assumes you log in as the `ubuntu` user. -**Done!**, continue with the [User Guide](/userguide/). +3. Create the `docker` group and add your user. -## Ubuntu Raring 13.04 and Saucy 13.10 (64 bit) + $ sudo usermod -aG docker ubuntu -These instructions cover both Ubuntu Raring 13.04 and Saucy 13.10. +3. Log out and log back in. -### Dependencies + This ensures your user is running with the correct permissions. -**Optional AUFS filesystem support** +4. Verify your work by running `docker` without `sudo`. -Ubuntu Raring already comes with the 3.8 kernel, so we don't need to -install it. However, not all systems have AUFS filesystem support -enabled. AUFS support is optional as of version 0.7, but it's still -available as a driver and we recommend using it if you can. + $ docker run hello-world -To make sure AUFS is installed, run the following commands: - $ sudo apt-get update - $ sudo apt-get install linux-image-extra-`uname -r` +### Adjust memory and swap accounting -### Installation +When users run Docker, they may see these messages when working with an image: -Docker is available as a Debian package, which makes installation easy. + WARNING: Your kernel does not support cgroup swap limit. WARNING: Your + kernel does not support swap limit capabilities. Limitation discarded. -> **Warning**: -> Please note that these instructions have changed for 0.6. If you are -> upgrading from an earlier version, you will need to follow them again. +To prevent these messages, enable memory and swap accounting on your system. To +enable these on system using GNU GRUB (GNU GRand Unified Bootloader), do the +following. -First add the Docker repository key to your local keychain. +1. Log into Ubuntu as a user with `sudo` privileges. - $ sudo apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9 +2. Edit the `/etc/default/grub` file. -Add the Docker repository to your apt sources list, update and install -the `lxc-docker` package. +3. Set the `GRUB_CMDLINE_LINUX` value as follows: - $ sudo sh -c "echo deb http://get.docker.com/ubuntu docker main\ - > /etc/apt/sources.list.d/docker.list" - $ sudo apt-get update - $ sudo apt-get install lxc-docker + GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1" -Now verify that the installation has worked by downloading the -`ubuntu` image and launching a container. +4. Save and close the file. - $ sudo docker run -i -t ubuntu /bin/bash +5. Update GRUB. -Type `exit` to exit + $ sudo update-grub -**Done!**, now continue with the [User Guide](/userguide/). +6. Reboot your system. -### Upgrade -To install the latest version of Docker, use the standard -`apt-get` method: +### Enable UFW forwarding - # update your sources list - $ sudo apt-get update +If you use [UFW (Uncomplicated Firewall)](https://help.ubuntu.com/community/UFW) +on the same host as you run Docker, you'll need to do additional configuration. +Docker uses a bridge to manage container networking. By default, UFW drops all +forwarding traffic. As a result, for Docker to run when UFW is +enabled, you must set UFW's forwarding policy appropriately. - # install the latest - $ sudo apt-get install lxc-docker +Also, UFW's default set of rules denies all incoming traffic. If you want to be able +to reach your containers from another host then you should also allow incoming +connections on the Docker port (default `2375`). -## Giving non-root access +To configure UFW and allow incoming connections on the Docker port: -The `docker` daemon always runs as the `root` user, and since Docker -version 0.5.2, the `docker` daemon binds to a Unix socket instead of a -TCP port. By default that Unix socket is owned by the user `root`, and -so, by default, you can access it with `sudo`. +1. Log into Ubuntu as a user with `sudo` privileges. -Starting in version 0.5.3, if you (or your Docker installer) create a -Unix group called `docker` and add users to it, then the `docker` daemon -will make the ownership of the Unix socket read/writable by the `docker` -group when the daemon starts. The `docker` daemon must always run as the -`root` user, but if you run the `docker` client as a user in the -`docker` group then you don't need to add `sudo` to all the client -commands. From Docker 0.9.0 you can use the `-G` flag to specify an -alternative group. +2. Verify that UFW is installed and enabled. -> **Warning**: -> The `docker` group (or the group specified with the `-G` flag) is -> `root`-equivalent; see [*Docker Daemon Attack Surface*]( -> /articles/security/#docker-daemon-attack-surface) for details. + $ sudo ufw status -**Example:** +3. Open the `/etc/default/ufw` file for editing. - # Add the docker group if it doesn't already exist. - $ sudo groupadd docker + $ sudo nano /etc/default/ufw - # Add the connected user "${USER}" to the docker group. - # Change the user name to match your preferred user. - # You may have to logout and log back in again for - # this to take effect. - $ sudo gpasswd -a ${USER} docker +4. Set the `DEFAULT_FORWARD_POLICY` policy to: - # Restart the Docker daemon. - # If you are in Ubuntu 14.04, use docker.io instead of docker - $ sudo service docker restart + DEFAULT_FORWARD_POLICY="ACCEPT" -## Memory and Swap Accounting +5. Save and close the file. -If you want to enable memory and swap accounting, you must add the -following command-line parameters to your kernel: +6. Reload UFW to use the new setting. - cgroup_enable=memory swapaccount=1 + $ sudo ufw reload -On systems using GRUB (which is the default for Ubuntu), you can add -those parameters by editing `/etc/default/grub` and -extending `GRUB_CMDLINE_LINUX`. Look for the -following line: +7. Allow incoming connections on the Docker port. - GRUB_CMDLINE_LINUX="" + $ sudo ufw allow 2375/tcp -And replace it by the following one: +### Configure a DNS server for use by Docker - GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1" +Systems that run Ubuntu or an Ubuntu derivative on the desktop typically use +`127.0.0.1` as the default `nameserver` in `/etc/resolv.conf` file. The +NetworkManager also sets up `dnsmasq` to use the real DNS servers of the +connection and sets up `nameserver 127.0.0.1` in /`etc/resolv.conf`. -Then run `sudo update-grub`, and reboot. +When starting containers on desktop machines with these configurations, Docker +users see this warning: -These parameters will help you get rid of the following warnings: + WARNING: Local (127.0.0.1) DNS resolver found in resolv.conf and containers + can't use it. Using default external servers : [8.8.8.8 8.8.4.4] - WARNING: Your kernel does not support cgroup swap limit. - WARNING: Your kernel does not support swap limit capabilities. Limitation discarded. +The warning occurs because Docker containers can't use the local DNS nameserver. +Instead, Docker defaults to using an external nameserver. -## Troubleshooting +To avoid this warning, you can specify a DNS server for use by Docker +containers. Or, you can disable `dnsmasq` in NetworkManager. Though, disabiling +`dnsmasq` might make DNS resolution slower on some networks. -On Linux Mint, the `cgroup-lite` and `apparmor` packages are not -installed by default. Before Docker will work correctly, you will need -to install this via: +To specify a DNS server for use by Docker: - $ sudo apt-get update && sudo apt-get install cgroup-lite apparmor +1. Log into Ubuntu as a user with `sudo` privileges. -## Docker and UFW +2. Open the `/etc/default/docker` file for editing. -Docker uses a bridge to manage container networking. By default, UFW -drops all forwarding traffic. As a result you will need to enable UFW -forwarding: + $ sudo nano /etc/default/docker - $ sudo nano /etc/default/ufw +3. Add a setting for Docker. - # Change: - # DEFAULT_FORWARD_POLICY="DROP" - # to - DEFAULT_FORWARD_POLICY="ACCEPT" + DOCKER_OPTS="--dns 8.8.8.8" -Then reload UFW: + Replace `8.8.8.8` with a local DNS server such as `192.168.1.1`. You can also + specify multiple DNS servers. Separated them with spaces, for example: - $ sudo ufw reload + --dns 8.8.8.8 --dns 192.168.1.1 -UFW's default set of rules denies all incoming traffic. If you want to -be able to reach your containers from another host then you should allow -incoming connections on the Docker port (default 2375): + >**Warning**: If you're doing this on a laptop which connects to various + >networks, make sure to choose a public DNS server. - $ sudo ufw allow 2375/tcp +4. Save and close the file. -## Docker and local DNS server warnings +5. Restart the Docker daemon. -Systems which are running Ubuntu or an Ubuntu derivative on the desktop -will use 127.0.0.1 as the default nameserver in /etc/resolv.conf. -NetworkManager sets up dnsmasq to use the real DNS servers of the -connection and sets up nameserver 127.0.0.1 in /etc/resolv.conf. + $ sudo restart docker -When starting containers on these desktop machines, users will see a -warning: - WARNING: Local (127.0.0.1) DNS resolver found in resolv.conf and containers can't use it. Using default external servers : [8.8.8.8 8.8.4.4] +  +  -This warning is shown because the containers can't use the local DNS -nameserver and Docker will default to using an external nameserver. +**Or, as an alternative to the previous procedure,** disable `dnsmasq` in +NetworkManager (this might slow your network). -This can be worked around by specifying a DNS server to be used by the -Docker daemon for the containers: +1. Open the `/etc/default/docker` file for editing. - $ sudo nano /etc/default/docker - --- - # Add: - DOCKER_OPTS="--dns 8.8.8.8" - # 8.8.8.8 could be replaced with a local DNS server, such as 192.168.1.1 - # multiple DNS servers can be specified: --dns 8.8.8.8 --dns 192.168.1.1 + $ sudo nano /etc/NetworkManager/NetworkManager.conf -The Docker daemon has to be restarted: +2. Comment out the `dns=dsnmasq` line: - $ sudo restart docker + dns=dnsmasq -> **Warning**: -> If you're doing this on a laptop which connects to various networks, -> make sure to choose a public DNS server. +3. Save and close the file. -An alternative solution involves disabling dnsmasq in NetworkManager by -following these steps: +4. Restart both the NetworkManager and Docker. - $ sudo nano /etc/NetworkManager/NetworkManager.conf - ---- - # Change: - dns=dnsmasq - # to - #dns=dnsmasq + $ sudo restart network-manager $ sudo restart docker -NetworkManager and Docker need to be restarted afterwards: - $ sudo restart network-manager - $ sudo restart docker +## Upgrade Docker -> **Warning**: This might make DNS resolution slower on some networks. +To install the latest version of Docker, use the standard `-N` flag with `wget`: -## Mirrors + $ wget -N https://get.docker.com/ | sh -You should `ping get.docker.com` and compare the -latency to the following mirrors, and pick whichever one is best for -you. - -### Yandex - -[Yandex](http://yandex.ru/) in Russia is mirroring the Docker Debian -packages, updating every 6 hours. -Substitute `http://mirror.yandex.ru/mirrors/docker/` for -`http://get.docker.com/ubuntu` in the instructions above. -For example: - - $ sudo sh -c "echo deb http://mirror.yandex.ru/mirrors/docker/ docker main\ - > /etc/apt/sources.list.d/docker.list" - $ sudo apt-get update - $ sudo apt-get install lxc-docker