Install Docker on Ubuntu

Estimated reading time: 17 minutes

Docker is supported on these Ubuntu operating systems:

  • Ubuntu Xenial 16.04 (LTS)
  • Ubuntu Wily 15.10
  • Ubuntu Trusty 14.04 (LTS)
  • Ubuntu Precise 12.04 (LTS)

This page instructs you to install Docker on Ubuntu, using packages provided by Docker. Using these packages ensures you get the latest official release of Docker. If you are required to install using Ubuntu-managed packages, consult the Ubuntu documentation. Some files and commands may be different if you use Ubuntu-managed packages.

Note: Ubuntu Utopic 14.10 and 15.04 exist in Docker’s APT repository but are no longer officially supported.

Prerequisites

Docker has two important installation requirements:

  • Docker only works on a 64-bit Linux installation.
  • Docker requires version 3.10 or higher of the Linux kernel. Kernels older than 3.10 lack some of the features required to run Docker containers and contain known bugs which cause data loss and frequently panic under certain conditions.

    To check your current kernel version, open a terminal and use uname -r to display your kernel version:

    $ uname -r
    3.11.0-15-generic

Update your apt sources

To set APT to use packages from the Docker repository:

  1. Log into your machine as a user with sudo or root privileges.

  2. Open a terminal window.

  3. Update package information, ensure that APT works with the https method, and that CA certificates are installed.

    $ sudo apt-get update
    $ sudo apt-get install apt-transport-https ca-certificates
  4. Add the new GPG key. This commands downloads the key with the ID58118E89F3A912897C070ADBF76221572C52609D from the keyserverhkp://ha.pool.sks-keyservers.net:80 and adds it to the adv keychain. For more info, see the output of man apt-key.

    $ sudo apt-key adv \
    --keyserver hkp://ha.pool.sks-keyservers.net:80 \
    --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
  5. Find the entry in the table below which corresponds to your Ubuntu version. This determines where APT will search for Docker packages. When possible, run a long-term support (LTS) edition of Ubuntu.

    Ubuntu version Repository
    Precise 12.04 (LTS) deb https://apt.dockerproject.org/repo ubuntu-precise main
    Trusty 14.04 (LTS) deb https://apt.dockerproject.org/repo ubuntu-trusty main
    Wily 15.10 deb https://apt.dockerproject.org/repo ubuntu-wily main
    Xenial 16.04 (LTS) deb https://apt.dockerproject.org/repo ubuntu-xenial main

    Note: Docker does not provide packages for all architectures. Binary artifacts are built nightly, and you can download them from https://master.dockerproject.org. To install docker on a multi-architecture system, add an [arch=...] clause to the entry. Refer to Debian Multiarch wiki for details.

  6. Run the following command, substituting the entry for your operating system for the placeholder <REPO>.

    $ echo "<REPO>" | sudo tee /etc/apt/sources.list.d/docker.list
  7. Update the APT package index.

    $ sudo apt-get update
  8. Verify that APT is pulling from the right repository.

    When you run the following command, an entry is returned for each version of Docker that is available for you to install. Each entry should have the URLhttps://apt.dockerproject.org/repo/. The version currently installed is marked with ***.The output below is truncated.

    $ apt-cache policy docker-engine
    
      docker-engine:
    Installed: 1.12.2-0~trusty
    Candidate: 1.12.2-0~trusty
    Version table:
    *** 1.12.2-0~trusty 0
    500 https://apt.dockerproject.org/repo/ ubuntu-trusty/main amd64 Packages
    100 /var/lib/dpkg/status
    1.12.1-0~trusty 0
    500 https://apt.dockerproject.org/repo/ ubuntu-trusty/main amd64 Packages
    1.12.0-0~trusty 0
    500 https://apt.dockerproject.org/repo/ ubuntu-trusty/main amd64 Packages

    From now on when you run apt-get upgradeAPT pulls from the new repository.

Prerequisites by Ubuntu Version

Ubuntu Xenial 16.04 (LTS), Wily 15.10, Trusty 14.04 (LTS)

For Ubuntu Trusty, Wily, and Xenial, install the linux-image-extra-* kernel packages, which allows you use the aufs storage driver.

To install the linux-image-extra-* packages:

  1. Open a terminal on your Ubuntu host.

  2. Update your package manager.

    $ sudo apt-get update
  3. Install the recommended packages.

    $ sudo apt-get install linux-image-extra-$(uname -r) linux-image-extra-virtual
  4. Go ahead and install Docker.

Ubuntu Precise 12.04 (LTS)

For Ubuntu Precise, Docker requires the 3.13 kernel version. If your kernel version is older than 3.13, you must upgrade it. Refer to this table to see which packages are required for your environment:

Package Description
linux-image-generic-lts-trusty Generic Linux kernel image. This kernel has AUFS built in. This is required to run Docker.
linux-headers-generic-lts-trusty Allows packages such as ZFS and VirtualBox guest additions which depend on them. If you didn’t install the headers for your existing kernel, then you can skip these headers for the”trusty” kernel. If you’re unsure, you should include this package for safety.
xserver-xorg-lts-trusty Optional in non-graphical environments without Unity/Xorg. Required when running Docker on machine with a graphical environment.
ligbl1-mesa-glx-lts-trusty To learn more about the reasons for these packages, read the installation instructions for backported kernels, specifically the LTS Enablement Stack. Refer to note 5 under each version.

To upgrade your kernel and install the additional packages, do the following:

  1. Open a terminal on your Ubuntu host.

  2. Update your package manager.

    $ sudo apt-get update
  3. Install both the required and optional packages.

    $ sudo apt-get install linux-image-generic-lts-trusty

    Repeat this step for other packages you need to install.

  4. Reboot your host to use the updated kernel.

    $ sudo reboot
  5. After your system reboots, go ahead and install Docker.

Install the latest version

Make sure you have satisfied all the prerequisites, then follow these steps.

Note: For production systems, it is recommended that you install a specific versionso that you do not accidentally update Docker. You should plan upgrades for production systems carefully.

  1. Log into your Ubuntu installation as a user with sudo privileges.

  2. Update your APT package index.

    $ sudo apt-get update
  3. Install Docker.

    $ sudo apt-get install docker-engine
  4. Start the docker daemon.

    $ sudo service docker start
  5. Verify that docker is installed correctly by running the hello-world image.

    $ sudo docker run hello-world

    This command downloads a test image and runs it in a container. When the container runs, it prints an informational message and exits.

Install a specific version

To install a specific version of docker-engine:

  1. List all available versions using apt-cache madison:

    $ apt-cache madison docker-engine
    
    docker-engine | 1.12.3-0~xenial | https://apt.dockerproject.org/repo ubuntu-xenial/main amd64 Packages
    docker-engine | 1.12.2-0~xenial | https://apt.dockerproject.org/repo ubuntu-xenial/main amd64 Packages
    docker-engine | 1.12.1-0~xenial | https://apt.dockerproject.org/repo ubuntu-xenial/main amd64 Packages
    docker-engine | 1.12.0-0~xenial | https://apt.dockerproject.org/repo ubuntu-xenial/main amd64 Packages
    docker-engine | 1.11.2-0~xenial | https://apt.dockerproject.org/repo ubuntu-xenial/main amd64 Packages
    docker-engine | 1.11.1-0~xenial | https://apt.dockerproject.org/repo ubuntu-xenial/main amd64 Packages
    docker-engine | 1.11.0-0~xenial | https://apt.dockerproject.org/repo ubuntu-xenial/main amd64 Packages
  2. The second field is the version string. To install exactly 1.12.0-0~xenial, append it after the package name in the apt-get install command, separated from the package name by an equals sign (=). bash $ sudo apt-get install docker-engine=1.12.0-0~xenial

    If you already have a newer version installed, you will be prompted to downgrade Docker. Otherwise, the specific version will be installed.

  3. Follow steps 4 and 5 of Install the latest version.

Install a pre-release version

If you want to test Docker on Ubuntu, on a non-production system, follow these steps. To install a stable released version of Docker afterward, you will need to revert to the previous configuration.

  1. Edit /etc/apt/sources.list.d/docker.list.

    $ sudo nano /etc/apt/sources.list.d/docker.list

    Change main to testing at the end of the top line. Save and close the file.

  2. Update the package list.

    $ sudo apt-get update
  3. List the available testing versions.

    $ sudo apt-cache madison docker-engine
  4. Install a specific version following the same procedure as Install a specific version.

Optional configurations

This section contains optional procedures for configuring Ubuntu to work better with Docker.

Manage Docker as a non-root user

The docker daemon binds to a Unix socket instead of a TCP port. By default that Unix socket is owned by the user root and other users can only access it using sudo. Thedocker daemon always runs as the root user.

If you don’t want to use sudo when you use the docker command, create a Unix group called docker and add users to it. When the docker daemon starts, it makes the ownership of the Unix socket read/writable by the docker group.

Warning: The docker group is equivalent to the root user. For details on how this impacts security in your system, see Docker Daemon Attack Surface for details.

To create the docker group and add your user:

  1. Log into Ubuntu as a user with sudo privileges.

  2. Create the docker group.

    $ sudo groupadd docker
  3. Add your user to the docker group.

    $ sudo usermod -aG docker $USER
  4. Log out and log back in so that your group membership is re-evaluated.

  5. Verify that you can docker commands without sudo.

    $ docker run hello-world

    If this fails, you will see an error:

        Cannot connect to the Docker daemon. Is 'docker daemon' running on this host?

    Check whether the DOCKER_HOST environment variable is set for your shell.

    $ env | grep DOCKER_HOST

    If it is set, the above command will return a result. If so, unset it.

    $ unset DOCKER_HOST

    You may need to edit your environment in files such as ~/.bashrc or ~/.profile to prevent the DOCKER_HOST variable from being set erroneously.

Enable memory and swap accounting

You may see messages similar to the following when working with an image:

WARNING: Your kernel does not support cgroup swap limit. WARNING: Your
kernel does not support swap limit capabilities. Limitation discarded.

If you don’t care about these capabilities, you can ignore the warning. You can enable these capabilities in your kernel by following these instructions. Memory and swap accounting incur an overhead of about 1% of the total available memory and a 10% overall performance degradation, even if Docker is not running.

  1. Log into Ubuntu as a user with sudo privileges.

  2. Edit the /etc/default/grub file.

  3. Add or edit the GRUB_CMDLINE_LINUX line to add the following two key-value pairs:

    GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1"

    Save and close the file.

  4. Update GRUB.

    $ sudo update-grub

    If your GRUB configuration file has incorrect syntax, an error will occur. In this case, steps 3 and 4.

  5. Reboot your system. Memory and swap accounting are enabled and the warning does not occur.

Enable UFW forwarding

If you use UFW (Uncomplicated Firewall) on the same host as you run Docker, you’ll need to do additional configuration. Docker uses a bridge to manage container networking. By default, UFW drops all forwarding traffic. You must set UFW’s forwarding policy appropriately.

In addition, UFW blocks all incoming traffic by default. If you want to access the Docker Remote API from another host and you have enabled remote access, you need to configure UFW to allow incoming connections on the Docker port, which defaults to 2376 if TLS encrypted transport is enabled or 2375 otherwise. By default, Docker runs without TLS enabled. If you do not use TLS, you are strongly discouraged from allowing access to the Docker Remote API from remote hosts, to prevent remote privilege-escalation attacks.

To configure UFW and allow incoming connections on the Docker port:

  1. Log into Ubuntu as a user with sudo privileges.

  2. Verify that UFW is enabled.

    $ sudo ufw status

    If ufw is not enabled, the remaining steps will not be helpful.

  3. Edit the UFW configuration file, which is usually /etc/default/ufw or/etc/sysconfig/ufw. Set the DEFAULT_FORWARD_POLICY policy to ACCEPT.

    DEFAULT_FORWARD_POLICY="ACCEPT"

    Save and close the file.

  4. If you need to enable access to the Docker Remote API from external hosts and understand the security implications (see the section before this procedure), then configure UFW to allow incoming connections on the Docker port, which is 2375 if you do not use TLS, and 2376 if you do.

    $ sudo ufw allow 2376/tcp
  5. Reload UFW. bash $ sudo ufw reload

Configure a DNS server for use by Docker

Ubuntu systems which use networkmanager use a dnsmasq instance that runs on a loopback address such as 127.0.0.1 or 127.0.1.1 and adds this entry to/etc/resolv.conf. The dnsmasq service provides a local DNS cache to speed up DNS look-ups and also provides DHCP services. This configuration will not work within a Docker container which has its own network namespace. This is because the Docker container resolves loopback addresses such as 127.0.0.1 to itself, and it is very unlikely to be running a DNS server on its own loopback address.

If Docker detects that no DNS server referenced in /etc/resolv.conf is a fully functional DNS server, the following warning occurs and Docker uses the public DNS servers provided by Google at 8.8.8.8 and 8.8.4.4 for DNS resolution.

WARNING: Local (127.0.0.1) DNS resolver found in resolv.conf and containers
can't use it. Using default external servers : [8.8.8.8 8.8.4.4]

If you don’t use dnsmasq or NetworkManaager or have never seen this warning, you can skip the rest of this section. To see if you use dnsmasq, use the following command:

$ ps aux |grep dnsmasq

If this warning occurs and cannot use the public nameservers, such as when you run a DNS server which resolves hostnames on your internal network, you have two choices:

  • You can specify a DNS server for Docker to use.
  • You can disable dnsmasq in NetworkManager. If you do this, NetworkManager will add your true DNS nameserver to /etc/resolv.conf, but you will lose the possible benefits of dnsmasq.

You only need to use one of these methods.

Specify DNS servers for Docker

The instructions below work whether your Ubuntu installation uses upstart or systemd.

The default location of the configuration file is /etc/docker/daemon.json. You can change the location of the configuration file using the --config-file daemon flag. The documentation below assumes the configuration file is located at/etc/docker/daemon.json.

  1. Log into Ubuntu as a user with sudo privileges.

  2. Create or edit the Docker daemon configuration file, which defaults to/etc/docker/daemon.json file, which controls the Docker daemon configuration.

    sudo nano /etc/docker/daemon.json
  3. Add a dns key with one or more IP addresses as values. If the file has existing contents, you only need to add or edit the dns line. json { "dns": ["8.8.8.8", "8.8.4.4"] }

    If your internal DNS server cannot resolve public IP addresses, include at least one DNS server which can, so that you can connect to Docker Hub and so that your containers can resolve internet domain names.

    Save and close the file.

  4. Restart the Docker daemon.

    $ sudo service docker restart
  5. Verify that Docker can resolve external IP addresses by trying to pull an image:

    $ docker pull hello-world
  6. If necessary, verify that Docker containers can resolve an internal hostname by pinging it.

    $ docker run --rm -it alpine ping -c4 my_internal_host
    
    PING google.com (192.168.1.2): 56 data bytes
    64 bytes from 192.168.1.2: seq=0 ttl=41 time=7.597 ms
    64 bytes from 192.168.1.2: seq=1 ttl=41 time=7.635 ms
    64 bytes from 192.168.1.2: seq=2 ttl=41 time=7.660 ms
    64 bytes from 192.168.1.2: seq=3 ttl=41 time=7.677 ms

Disable dnsmasq in NetworkManager

If you prefer not to change the Docker daemon’s configuration to use a specific IP address, follow these instructions to disable dnsmasq in NetworkManager.

  1. Edit the /etc/NetworkManager/NetworkManager.conf file.

  2. Comment out the dns=dnsmasq line by adding a # character to the beginning of the line.

    # dns=dnsmasq

    Save and close the file.

  3. Restart both NetworkManager and Docker. As an alternative, you can reboot your system.

    $ sudo restart network-manager
    $ sudo restart docker

Configure Docker to start on boot

Ubuntu uses systemd as its boot and service manager 15.04 onwards and upstart for versions 14.10 and below.

systemd

$ sudo systemctl enable docker

upstart

For 14.10 and below, Docker is automatically configured to start on boot using upstart.

Upgrade Docker

To install the latest version of Docker with apt-get. The following example fetches information about available versions of all system packages, then updates Docker if a new version is available.

$ sudo apt-get update
$ sudo apt-get upgrade docker-engine

Uninstallation

To uninstall the Docker package:

$ sudo apt-get purge docker-engine

To uninstall the Docker package and dependencies that are no longer needed:

$ sudo apt-get autoremove --purge docker-engine

Images, containers, volumes, or customized configuration files on your host are not automatically removed. To delete all images, containers, and volumes run the following command:

$ rm -rf /var/lib/docker

You must delete any edited configuration files manually.

Install Docker on Ubuntu的更多相关文章

  1. How To Install Docker On Ubuntu 18.04

    Docker is an increasingly popular software package that creates a container for application developm ...

  2. Ubuntu install Docker

    首先需要说明的是,根据Docker的官方文档,Docker的安装必须在64位的机子上.这里只说明Ubuntu 14.04与16.04,我成功安装成功过Ubuntu 14.04,16.04还没有测试过, ...

  3. Docker的ubuntu镜像安装的容器无ifconfig和ping命令的解决

    Docker的Ubuntu镜像安装的容器无ifconfig命令和ping命令 解决: apt-get update apt install net-tools       # ifconfig apt ...

  4. Docker学习---ubuntu环境

    添加Docker的ATP仓库 sudo sh -c "echo deb https://get.docker.io/ubuntu docker main > /etc/apt/sour ...

  5. Install Docker on Mac OS X(转)

    Install Docker on Mac OS X You can install Docker using Boot2Docker to run docker commands at your c ...

  6. docker for ubuntu 18 安装

    官网地址: https://docs.docker.com/install/linux/docker-ce/ubuntu/ docker的作用:解决不同机器之间的环境差异问题,方便迁移. 0. 卸载旧 ...

  7. 利用docker搭建ubuntu+nginx+PHP容器

      环境:操作系统(Ubuntu  16.04 64位); php7.1;  nginx/1.14.0   基础环境准备: 整体思路:docker pull一个ubuntu镜像,然后在容器中安装ngi ...

  8. docker的ubuntu镜像无ifconfig和ping netstat命令

    docker的ubuntu镜像无ifconfig和ping命令 或者 ubuntu系统中无ifconfig 和 ping 解决方案: 执行以下鸣冷: apt-get update apt-get in ...

  9. centos Install Docker

    安装必备软件 $ yum -y install iptables iptables-services net-tools vim wget $ wget -P ~ https://github.com ...

随机推荐

  1. Java:Remote Debug

    Java  Remote Debug -Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,add ...

  2. Junit测试Controller(MockMVC使用),传输@RequestBody数据解决办法

    一.单元测试的目的 简单来说就是在我们增加或者改动一些代码以后对所有逻辑的一个检测,尤其是在我们后期修改后(不论是增加新功能,修改bug),都可以做到重新测试的工作.以减少我们在发布的时候出现更过甚至 ...

  3. Linux 下.desktop 桌面程序图标文件编写方式

    [Desktop Entry] //每个desktop文件都以这个标签开始,说明这是一个Desktop Entry文件 Version = 1.0 //标明Desktop Entry的版本(可选) N ...

  4. netty3升netty4一失眼成千古恨

    老项目是netty3的,本来想直接改到netty5,但是netty5居然是只支持jdk1.7,很奇怪jdk1.6和jdk1.8都不行..为了兼容jdk1.6加上netty4本来和netty5就差别不大 ...

  5. RS-232, RS-422, RS-485 Serial Communication General Concepts(转载)

    前面转载的几篇文章重点介绍了UART及RS-232.在工控领域除了RS-232以外,常用的串行通信还有RS-485.本文转载的文章重点介绍了RS-232.RS-422和RS-485. Overview ...

  6. NOIP2009最优贸易[spfa变形|tarjan 缩点 DP]

    题目描述 C 国有 n 个大城市和 m 条道路,每条道路连接这 n 个城市中的某两个城市.任意两个 城市之间最多只有一条道路直接相连.这 m 条道路中有一部分为单向通行的道路,一部分 为双向通行的道路 ...

  7. POJ2406Power Strings[KMP 失配函数]

    Power Strings Time Limit: 3000MS   Memory Limit: 65536K Total Submissions: 45005   Accepted: 18792 D ...

  8. 解决 uuid.h找不到的问题

    http://blog.csdn.net/commshare/article/details/40835407

  9. ReactNative新手学习之路06滚动更新ListView数据的小示例

    本节带领大家学习使用ListView 做一个常用的滚动更新数据示例: 知识点: initialListSize={200} 第一次加载多少数据行 onEndReached={this.onEndRea ...

  10. 遭遇input与button按钮背景图失效不显示的解决办法

    笔者从事网页前端代码页面工程师已有多年,作为一个网页重构人员常常会遇到一些莫名其妙的DIV+CSS(正确的说法是XHTML+CSS)在 IE.FireFox火狐. 谷歌浏览器CHROME.苹果浏览器S ...