github.com/nalind/docker@v1.5.0/docs/sources/installation/ubuntulinux.md (about) 1 page_title: Installation on Ubuntu 2 page_description: Instructions for installing Docker on Ubuntu. 3 page_keywords: Docker, Docker documentation, requirements, virtualbox, installation, ubuntu 4 5 # Ubuntu 6 7 Docker is supported on the following versions of Ubuntu: 8 9 - [*Ubuntu Trusty 14.04 (LTS) (64-bit)*](#ubuntu-trusty-1404-lts-64-bit) 10 - [*Ubuntu Precise 12.04 (LTS) (64-bit)*](#ubuntu-precise-1204-lts-64-bit) 11 - [*Ubuntu Raring 13.04 and Saucy 13.10 (64 12 bit)*](#ubuntu-raring-1304-and-saucy-1310-64-bit) 13 14 Please read [*Docker and UFW*](#docker-and-ufw), if you plan to use [UFW 15 (Uncomplicated Firewall)](https://help.ubuntu.com/community/UFW) 16 17 ## Ubuntu Trusty 14.04 (LTS) (64-bit) 18 19 Ubuntu Trusty comes with a 3.13.0 Linux kernel, and a `docker.io` package which 20 installs Docker 1.0.1 and all its prerequisites from Ubuntu's repository. 21 22 > **Note**: 23 > Ubuntu (and Debian) contain a much older KDE3/GNOME2 package called ``docker``, so the 24 > Ubuntu-maintained package and executable are named ``docker.io``. 25 26 ### Ubuntu-maintained Package Installation 27 28 To install the latest Ubuntu package (this is **not** the most recent Docker release): 29 30 $ sudo apt-get update 31 $ sudo apt-get install docker.io 32 33 Then, to enable tab-completion of Docker commands in BASH, either restart BASH or: 34 35 $ source /etc/bash_completion.d/docker.io 36 37 > **Note**: 38 > Since the Ubuntu package is quite dated at this point, you may want to use 39 > the following section to install the most recent release of Docker. 40 > If you install the Docker version, you do not need to install ``docker.io`` from Ubuntu. 41 42 ### Docker-maintained Package Installation 43 44 If you'd like to try the latest version of Docker: 45 46 First, check that your APT system can deal with `https` 47 URLs: the file `/usr/lib/apt/methods/https` 48 should exist. If it doesn't, you need to install the package 49 `apt-transport-https`. 50 51 [ -e /usr/lib/apt/methods/https ] || { 52 apt-get update 53 apt-get install apt-transport-https 54 } 55 56 Then, add the Docker repository key to your local keychain. 57 58 $ sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9 59 60 Add the Docker repository to your apt sources list, update and install 61 the `lxc-docker` package. 62 63 *You may receive a warning that the package isn't trusted. Answer yes to 64 continue installation.* 65 66 $ sudo sh -c "echo deb https://get.docker.com/ubuntu docker main\ 67 > /etc/apt/sources.list.d/docker.list" 68 $ sudo apt-get update 69 $ sudo apt-get install lxc-docker 70 71 > **Note**: 72 > 73 > There is also a simple `curl` script available to help with this process. 74 > 75 > $ curl -sSL https://get.docker.com/ubuntu/ | sudo sh 76 77 To verify that everything has worked as expected: 78 79 $ sudo docker run -i -t ubuntu /bin/bash 80 81 Which should download the `ubuntu` image, and then start `bash` in a container. 82 83 Type `exit` to exit 84 85 **Done!**, continue with the [User Guide](/userguide/). 86 87 88 ## Ubuntu Precise 12.04 (LTS) (64-bit) 89 90 This installation path should work at all times. 91 92 ### Dependencies 93 94 **Linux kernel 3.13** 95 96 For Ubuntu Precise, the currently recommended kernel version is 3.13. 97 Ubuntu Precise installations with older kernels must be upgraded. The 98 kernel you'll install when following these steps has AUFS built in. 99 We also include the generic headers to enable packages that depend on them, 100 like ZFS and the VirtualBox guest additions. If you didn't install the 101 headers for your "precise" kernel, then you can skip these headers for the 102 "trusty" kernel. If you're unsure, you should include the headers for safety. 103 104 > **Warning**: 105 > Kernels 3.8 and 3.11 are no longer supported by Canonical. Systems 106 > running these kernels need to be updated using the instructions below. 107 > Running Docker on these unsupported systems isn't supported either. 108 > These old kernels are no longer patched for security vulnerabilities 109 > and severe bugs which lead to data loss. 110 111 Please read the installation instructions for backported kernels at 112 Ubuntu.org to understand why you also need to install the Xorg packages 113 when running Docker on a machine with a graphical environment like Unity. 114 [LTS Enablement Stack](https://wiki.ubuntu.com/Kernel/LTSEnablementStack) refer to note 5 under 115 each version. 116 117 # install the backported kernel 118 $ sudo apt-get update 119 $ sudo apt-get install linux-image-generic-lts-trusty linux-headers-generic-lts-trusty 120 121 # install the backported kernel and xorg if using Unity/Xorg 122 $ sudo apt-get install --install-recommends linux-generic-lts-trusty xserver-xorg-lts-trusty libgl1-mesa-glx-lts-trusty 123 124 # reboot 125 $ sudo reboot 126 127 ### Installation 128 129 > **Warning**: 130 > These instructions have changed for 0.6. If you are upgrading from an 131 > earlier version, you will need to follow them again. 132 133 Docker is available as a Debian package, which makes installation easy. 134 **See the** [*Mirrors*](#mirrors) **section below if you are not 135 in the United States.** Other sources of the Debian packages may be 136 faster for you to install. 137 138 First, check that your APT system can deal with `https` 139 URLs: the file `/usr/lib/apt/methods/https` 140 should exist. If it doesn't, you need to install the package 141 `apt-transport-https`. 142 143 [ -e /usr/lib/apt/methods/https ] || { 144 apt-get update 145 apt-get install apt-transport-https 146 } 147 148 Then, add the Docker repository key to your local keychain. 149 150 $ sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9 151 152 Add the Docker repository to your apt sources list, update and install 153 the `lxc-docker` package. 154 155 *You may receive a warning that the package isn't trusted. Answer yes to 156 continue installation.* 157 158 $ sudo sh -c "echo deb https://get.docker.com/ubuntu docker main\ 159 > /etc/apt/sources.list.d/docker.list" 160 $ sudo apt-get update 161 $ sudo apt-get install lxc-docker 162 163 > **Note**: 164 > 165 > There is also a simple `curl` script available to help with this process. 166 > 167 > $ curl -sSL https://get.docker.com/ubuntu/ | sudo sh 168 169 Now verify that the installation has worked by downloading the 170 `ubuntu` image and launching a container. 171 172 $ sudo docker run -i -t ubuntu /bin/bash 173 174 Type `exit` to exit 175 176 **Done!**, continue with the [User Guide](/userguide/). 177 178 ## Ubuntu Raring 13.04 and Saucy 13.10 (64 bit) 179 180 These instructions cover both Ubuntu Raring 13.04 and Saucy 13.10. 181 182 ### Dependencies 183 184 **Optional AUFS filesystem support** 185 186 Ubuntu Raring already comes with the 3.8 kernel, so we don't need to 187 install it. However, not all systems have AUFS filesystem support 188 enabled. AUFS support is optional as of version 0.7, but it's still 189 available as a driver and we recommend using it if you can. 190 191 To make sure AUFS is installed, run the following commands: 192 193 $ sudo apt-get update 194 $ sudo apt-get install linux-image-extra-`uname -r` 195 196 ### Installation 197 198 Docker is available as a Debian package, which makes installation easy. 199 200 > **Warning**: 201 > Please note that these instructions have changed for 0.6. If you are 202 > upgrading from an earlier version, you will need to follow them again. 203 204 First add the Docker repository key to your local keychain. 205 206 $ sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9 207 208 Add the Docker repository to your apt sources list, update and install 209 the `lxc-docker` package. 210 211 $ sudo sh -c "echo deb http://get.docker.com/ubuntu docker main\ 212 > /etc/apt/sources.list.d/docker.list" 213 $ sudo apt-get update 214 $ sudo apt-get install lxc-docker 215 216 Now verify that the installation has worked by downloading the 217 `ubuntu` image and launching a container. 218 219 $ sudo docker run -i -t ubuntu /bin/bash 220 221 Type `exit` to exit 222 223 **Done!**, now continue with the [User Guide](/userguide/). 224 225 ### Upgrade 226 227 To install the latest version of Docker, use the standard 228 `apt-get` method: 229 230 # update your sources list 231 $ sudo apt-get update 232 233 # install the latest 234 $ sudo apt-get install lxc-docker 235 236 ## Giving non-root access 237 238 The `docker` daemon always runs as the `root` user, and since Docker 239 version 0.5.2, the `docker` daemon binds to a Unix socket instead of a 240 TCP port. By default that Unix socket is owned by the user `root`, and 241 so, by default, you can access it with `sudo`. 242 243 Starting in version 0.5.3, if you (or your Docker installer) create a 244 Unix group called `docker` and add users to it, then the `docker` daemon 245 will make the ownership of the Unix socket read/writable by the `docker` 246 group when the daemon starts. The `docker` daemon must always run as the 247 `root` user, but if you run the `docker` client as a user in the 248 `docker` group then you don't need to add `sudo` to all the client 249 commands. From Docker 0.9.0 you can use the `-G` flag to specify an 250 alternative group. 251 252 > **Warning**: 253 > The `docker` group (or the group specified with the `-G` flag) is 254 > `root`-equivalent; see [*Docker Daemon Attack Surface*]( 255 > /articles/security/#docker-daemon-attack-surface) for details. 256 257 **Example:** 258 259 # Add the docker group if it doesn't already exist. 260 $ sudo groupadd docker 261 262 # Add the connected user "${USER}" to the docker group. 263 # Change the user name to match your preferred user. 264 # You may have to logout and log back in again for 265 # this to take effect. 266 $ sudo gpasswd -a ${USER} docker 267 268 # Restart the Docker daemon. 269 # If you are in Ubuntu 14.04, use docker.io instead of docker 270 $ sudo service docker restart 271 272 ## Memory and Swap Accounting 273 274 If you want to enable memory and swap accounting, you must add the 275 following command-line parameters to your kernel: 276 277 cgroup_enable=memory swapaccount=1 278 279 On systems using GRUB (which is the default for Ubuntu), you can add 280 those parameters by editing `/etc/default/grub` and 281 extending `GRUB_CMDLINE_LINUX`. Look for the 282 following line: 283 284 GRUB_CMDLINE_LINUX="" 285 286 And replace it by the following one: 287 288 GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1" 289 290 Then run `sudo update-grub`, and reboot. 291 292 These parameters will help you get rid of the following warnings: 293 294 WARNING: Your kernel does not support cgroup swap limit. 295 WARNING: Your kernel does not support swap limit capabilities. Limitation discarded. 296 297 ## Troubleshooting 298 299 On Linux Mint, the `cgroup-lite` and `apparmor` packages are not 300 installed by default. Before Docker will work correctly, you will need 301 to install this via: 302 303 $ sudo apt-get update && sudo apt-get install cgroup-lite apparmor 304 305 ## Docker and UFW 306 307 Docker uses a bridge to manage container networking. By default, UFW 308 drops all forwarding traffic. As a result you will need to enable UFW 309 forwarding: 310 311 $ sudo nano /etc/default/ufw 312 313 # Change: 314 # DEFAULT_FORWARD_POLICY="DROP" 315 # to 316 DEFAULT_FORWARD_POLICY="ACCEPT" 317 318 Then reload UFW: 319 320 $ sudo ufw reload 321 322 UFW's default set of rules denies all incoming traffic. If you want to 323 be able to reach your containers from another host then you should allow 324 incoming connections on the Docker port (default 2375): 325 326 $ sudo ufw allow 2375/tcp 327 328 ## Docker and local DNS server warnings 329 330 Systems which are running Ubuntu or an Ubuntu derivative on the desktop 331 will use 127.0.0.1 as the default nameserver in /etc/resolv.conf. 332 NetworkManager sets up dnsmasq to use the real DNS servers of the 333 connection and sets up nameserver 127.0.0.1 in /etc/resolv.conf. 334 335 When starting containers on these desktop machines, users will see a 336 warning: 337 338 WARNING: Local (127.0.0.1) DNS resolver found in resolv.conf and containers can't use it. Using default external servers : [8.8.8.8 8.8.4.4] 339 340 This warning is shown because the containers can't use the local DNS 341 nameserver and Docker will default to using an external nameserver. 342 343 This can be worked around by specifying a DNS server to be used by the 344 Docker daemon for the containers: 345 346 $ sudo nano /etc/default/docker 347 --- 348 # Add: 349 DOCKER_OPTS="--dns 8.8.8.8" 350 # 8.8.8.8 could be replaced with a local DNS server, such as 192.168.1.1 351 # multiple DNS servers can be specified: --dns 8.8.8.8 --dns 192.168.1.1 352 353 The Docker daemon has to be restarted: 354 355 $ sudo restart docker 356 357 > **Warning**: 358 > If you're doing this on a laptop which connects to various networks, 359 > make sure to choose a public DNS server. 360 361 An alternative solution involves disabling dnsmasq in NetworkManager by 362 following these steps: 363 364 $ sudo nano /etc/NetworkManager/NetworkManager.conf 365 ---- 366 # Change: 367 dns=dnsmasq 368 # to 369 #dns=dnsmasq 370 371 NetworkManager and Docker need to be restarted afterwards: 372 373 $ sudo restart network-manager 374 $ sudo restart docker 375 376 > **Warning**: This might make DNS resolution slower on some networks. 377 378 ## Mirrors 379 380 You should `ping get.docker.com` and compare the 381 latency to the following mirrors, and pick whichever one is best for 382 you. 383 384 ### Yandex 385 386 [Yandex](http://yandex.ru/) in Russia is mirroring the Docker Debian 387 packages, updating every 6 hours. 388 Substitute `http://mirror.yandex.ru/mirrors/docker/` for 389 `http://get.docker.com/ubuntu` in the instructions above. 390 For example: 391 392 $ sudo sh -c "echo deb http://mirror.yandex.ru/mirrors/docker/ docker main\ 393 > /etc/apt/sources.list.d/docker.list" 394 $ sudo apt-get update 395 $ sudo apt-get install lxc-docker