github.com/feiyang21687/docker@v1.5.0/docs/sources/installation/binaries.md (about) 1 page_title: Installation from Binaries 2 page_description: Instructions for installing Docker as a binary. Mostly meant for hackers who want to try out Docker on a variety of environments. 3 page_keywords: binaries, installation, docker, documentation, linux 4 5 # Binaries 6 7 **This instruction set is meant for hackers who want to try out Docker 8 on a variety of environments.** 9 10 Before following these directions, you should really check if a packaged 11 version of Docker is already available for your distribution. We have 12 packages for many distributions, and more keep showing up all the time! 13 14 ## Check runtime dependencies 15 16 To run properly, docker needs the following software to be installed at 17 runtime: 18 19 - iptables version 1.4 or later 20 - Git version 1.7 or later 21 - procps (or similar provider of a "ps" executable) 22 - XZ Utils 4.9 or later 23 - a [properly mounted]( 24 https://github.com/tianon/cgroupfs-mount/blob/master/cgroupfs-mount) 25 cgroupfs hierarchy (having a single, all-encompassing "cgroup" mount 26 point [is](https://github.com/docker/docker/issues/2683) 27 [not](https://github.com/docker/docker/issues/3485) 28 [sufficient](https://github.com/docker/docker/issues/4568)) 29 30 ## Check kernel dependencies 31 32 Docker in daemon mode has specific kernel requirements. For details, 33 check your distribution in [*Installation*](../#installation-list). 34 35 A 3.10 Linux kernel is the minimum requirement for Docker. 36 Kernels older than 3.10 lack some of the features required to run Docker 37 containers. These older versions are known to have bugs which cause data loss 38 and frequently panic under certain conditions. 39 40 The latest minor version (3.x.y) of the 3.10 (or a newer maintained version) 41 Linux kernel is recommended. Keeping the kernel up to date with the latest 42 minor version will ensure critical kernel bugs get fixed. 43 44 > **Warning**: 45 > Installing custom kernels and kernel packages is probably not 46 > supported by your Linux distribution's vendor. Please make sure to 47 > ask your vendor about Docker support first before attempting to 48 > install custom kernels on your distribution. 49 50 > **Warning**: 51 > Installing a newer kernel might not be enough for some distributions 52 > which provide packages which are too old or incompatible with 53 > newer kernels. 54 55 Note that Docker also has a client mode, which can run on virtually any 56 Linux kernel (it even builds on OS X!). 57 58 ## Enable AppArmor and SELinux when possible 59 60 Please use AppArmor or SELinux if your Linux distribution supports 61 either of the two. This helps improve security and blocks certain 62 types of exploits. Your distribution's documentation should provide 63 detailed steps on how to enable the recommended security mechanism. 64 65 Some Linux distributions enable AppArmor or SELinux by default and 66 they run a kernel which doesn't meet the minimum requirements (3.10 67 or newer). Updating the kernel to 3.10 or newer on such a system 68 might not be enough to start Docker and run containers. 69 Incompatibilities between the version of AppArmor/SELinux user 70 space utilities provided by the system and the kernel could prevent 71 Docker from running, from starting containers or, cause containers to 72 exhibit unexpected behaviour. 73 74 > **Warning**: 75 > If either of the security mechanisms is enabled, it should not be 76 > disabled to make Docker or its containers run. This will reduce 77 > security in that environment, lose support from the distribution's 78 > vendor for the system, and might break regulations and security 79 > policies in heavily regulated environments. 80 81 ## Get the docker binary: 82 83 $ wget https://get.docker.com/builds/Linux/x86_64/docker-latest -O docker 84 $ chmod +x docker 85 86 > **Note**: 87 > If you have trouble downloading the binary, you can also get the smaller 88 > compressed release file: 89 > [https://get.docker.com/builds/Linux/x86_64/docker-latest.tgz]( 90 > https://get.docker.com/builds/Linux/x86_64/docker-latest.tgz) 91 92 ## Run the docker daemon 93 94 # start the docker in daemon mode from the directory you unpacked 95 $ sudo ./docker -d & 96 97 ## Giving non-root access 98 99 The `docker` daemon always runs as the root user, and the `docker` 100 daemon binds to a Unix socket instead of a TCP port. By default that 101 Unix socket is owned by the user *root*, and so, by default, you can 102 access it with `sudo`. 103 104 If you (or your Docker installer) create a Unix group called *docker* 105 and add users to it, then the `docker` daemon will make the ownership of 106 the Unix socket read/writable by the *docker* group when the daemon 107 starts. The `docker` daemon must always run as the root user, but if you 108 run the `docker` client as a user in the *docker* group then you don't 109 need to add `sudo` to all the client commands. 110 111 > **Warning**: 112 > The *docker* group (or the group specified with `-G`) is root-equivalent; 113 > see [*Docker Daemon Attack Surface*]( 114 > /articles/security/#docker-daemon-attack-surface) details. 115 116 ## Upgrades 117 118 To upgrade your manual installation of Docker, first kill the docker 119 daemon: 120 121 $ killall docker 122 123 Then follow the regular installation steps. 124 125 ## Run your first container! 126 127 # check your docker version 128 $ sudo ./docker version 129 130 # run a container and open an interactive shell in the container 131 $ sudo ./docker run -i -t ubuntu /bin/bash 132 133 Continue with the [User Guide](/userguide/).