This howto describes how to get docker working on the older Debian version 6 (Squeeze) on a VPS which you maybe haven’t migrated to Debian 7 (Wheezy) yet since its release in May 2013. The steps below are also absolutely fine for your desktop Linux.
Docker is a software which helps you to isolate applications in containers. Basically a Docker container is a linux process with a chroot environment that a root file system is resolved to. It’s able to enumerate other processes and while not starting a discussion about its security, if it is a root process, it can still take over the machine.
Install docker and run the service
It’s not well documented but you can flawlessly install the ubuntu package.
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9 echo "deb http://get.docker.io/ubuntu docker main" > /etc/apt/sources.list.d/docker.list aptitude update aptitude install lxc-docker
Now try to launch the docker service if it’s not yet running.
If you get the following warning the kernel module bridge hasn’t been loaded.
2014/08/10 11:37:04 WARNING: You are running linux kernel version 3.2.17-015stab087.4, which might be unstable running docker. Please upgrade your kernel to 3.8.0. 2014/08/10 11:37:04 docker daemon: 1.1.2 d84a070; execdriver: native; graphdriver: [b5c0f7ad] +job serveapi(unix:///var/run/docker.sock) [b5c0f7ad] +job initserver() [b5c0f7ad.initserver()] Creating server 2014/08/10 11:37:04 Listening for HTTP on unix (/var/run/docker.sock) [b5c0f7ad] +job init_networkdriver() [b5c0f7ad.init_networkdriver()] creating new bridge for docker0 package not installed [b5c0f7ad] -job init_networkdriver() = ERR (1) package not installed [b5c0f7ad] -job initserver() = ERR (1) 2014/08/10 11:37:04 package not installed
Get a working bridge
On a VPS you have most probably no chance to load the module but give it a whirl before digging into more software dependencies.
$ sudo modprobe bridge
If this shows up …
libkmod: ERROR ../libkmod/libkmod.c:505 kmod_lookup_alias_from_builtin_file: could not open builtin file '/lib/modules/3.2.17-015stab087.4/modules.builtin.bin' FATAL: Module bridge not found.
… you don’t have the bridge module available on your system, however, you’re not required to use docker’s bridges.
Create your own bridge
You can create your own virtual network device and tell docker to use that one as the bridge by passing the device name as a parameter.
$ docker -d --bridge="docker0"
Follow the steps discussed in Create virtual network devices on a VPS except that you only need one network device.
After docker has successfully tested on an OpenVZ-based VPS we’ll do a final configuration. Instead of launching the docker service ourselves we change the docker’s service configuration. Thus open
/etc/default/docker in a text editor and change the content of the following line from
#DOCKER_OPTS="--dns 18.104.22.168 --dns 22.214.171.124"
to something looking like this:
DOCKER_OPTS="--dns 126.96.36.199 --dns 188.8.131.52" --bridge="tap0" --iptables=false
In an up-coming article I’ll give you an introduction into creating docker containers. You’ll get taught how to create a new image and how to run services such as a web server in a chroot environment.