NOTE: Docker 0.7 has now been released and is packaged in Fedora 20, so you should ignore these instructions completely. I will leave them here in any case.
I’ve been hearing about Docker recently and it turns out the project is really, really cool. In a nutshell Docker makes it pretty easy to use Linux Containers, which let you run images of different operating systems in a quicker and less resource-intensive manner than virtualisation methods like KVM, The only downside with Docker is you must share the kernel and architecture of the host machine.
A virtual machine can’t share the host’s memory, so if you want to run much inside one you have to allocate half of your machine’s RAM to it and spend the rest of the day watching your machine write to swap memory. Containers don’t do that. Docker also uses copy-on-write storage and tracks your containers so that you don’t accumulate opaque 2GB disk image files all over the place.
Docker 0.6 is the current version, but it depends on the slightly esoteric AUFS and so the only supported way to run it is on Ubuntu, or in an Ubuntu VM. I stopped using Ubuntu a while back due to the lack of up-to-date (or even functional) GNOME packages, the increasing number use of slow and memory-hungry Python scripts running in the background, the spyware and them silently dropping support for my laptop, and I didn’t really want to install a VM to try out Docker when the whole reason I wanted to play with Docker was so that I didn’t have to use virtual machines any more!
Docker 0.7, which is unreleased, has a Linux Device-mapper backend to implement copy-on-write storage, instead of needing AUFS, with the explicit goal of getting it packaged it in Fedora and then RHEL. So it seemed reasonable to think I might be able to get it to work on Fedora today.
Docker is written in Go, which is a build
system and compiler in one. It’s actually pretty good; I went from having
never used Go to working out the quirky way it wants to build stuff fairly
fast, and everything really did just work. Kudos to everyone behind Docker and Go.
Here is what I did to get it to run (you may need to install more packages than the one I list on a bare Fedora install; I’m sure you can work it out).
yum install device-mapper-devel golang lxc git clone git://github.com/dotcloud/docker cd docker # Check out latest 0.7 branch; the name may be different by the # time you read this. git checkout --track origin/v0.7.0-rc4 # Go seems to look for all source code within 'GOPATH'. Docker's Git # tree contains the source code of most of the dependencies inside # the 'vendor' directory. If we symlink the Docker source tree there # we can add that directory to GOPATH and Go will find all the code. ln -s `pwd` vendor/src/github.com/dotcloud/docker mkdir build GOPATH=`pwd`/vendor go build -o build/docker ./docker GOPATH=`pwd`/vendor go build -o build/dockerinit ./dockerinit
If you run ‘go test’ at this point, it fails in all sorts of interesting places, but I found that my build seems to work well enough.
For networking to work in Fedora, you need IPv4 forwarding to be enabled.
# Enable IPv4 forwarding in Linux sudo sysctl net.ipv4.ip_forward=1 sudo sh -c 'echo net.ipv4.ip_forward=1 > /etc/sysctl.d/docker.conf' # Enable IPv4 forwarding in firewalld (this might need doing every # time you boot; please tell me if you know a better way. The # firewalld documentation is terrifying). sudo firewall-cmd --add-masquerade # Start Docker daemon. If you want it to store data somewhere other # than /var/lib then use the -g flag, e.g.: '-g ~/.docker'. sudo build/docker -d
In a seperate shell, you can now do fun things, like start a shell inside an Ubuntu!
sudo build/docker run -i -t base /bin/bash
The first run needs to download the base Ubuntu system so it’s a little slow. Exit and try again. It loads in under a second! You should be able to access the internet from in there.
Remember that we had to build an unreleased version Docker and various bits are probably broken? Now you can also use Docker to do a clean build of Docker, inside your Ubuntu container!
sudo build/docker build -t docker .
This is as far as I have got so far. I am impressed with the high quality of the engineering in Docker, and with the cool features in Linux itself that make this all possible in the first place! Hopefully I’ll get the chance to get Baserock running in there — the idea with Baserock is that you do your development inside a Baserock VM, which is pretty unweildy. Running Baserock inside a container is much more practical. Docker should be pretty useful for Gnome Continuous as well (although I have a feeling it overlaps a lot with the functionality of OSTree). There are all sorts of tasks that I do on my laptop directly because a VM would take too long to spin up I can now do in containers without installing all sorts of unstable libraries or messing about in prefixes with LD_LIBRARY_PATH, dbus-launch and friends. Good times!