github.com/raychaser/docker@v1.5.0/project/PACKAGERS.md (about) 1 # Dear Packager, 2 3 If you are looking to make Docker available on your favorite software 4 distribution, this document is for you. It summarizes the requirements for 5 building and running the Docker client and the Docker daemon. 6 7 ## Getting Started 8 9 We want to help you package Docker successfully. Before doing any packaging, a 10 good first step is to introduce yourself on the [docker-dev mailing 11 list](https://groups.google.com/d/forum/docker-dev), explain what you're trying 12 to achieve, and tell us how we can help. Don't worry, we don't bite! There might 13 even be someone already working on packaging for the same distro! 14 15 You can also join the IRC channel - #docker and #docker-dev on Freenode are both 16 active and friendly. 17 18 We like to refer to Tianon ("@tianon" on GitHub and "tianon" on IRC) as our 19 "Packagers Relations", since he's always working to make sure our packagers have 20 a good, healthy upstream to work with (both in our communication and in our 21 build scripts). If you're having any kind of trouble, feel free to ping him 22 directly. He also likes to keep track of what distributions we have packagers 23 for, so feel free to reach out to him even just to say "Hi!" 24 25 ## Package Name 26 27 If possible, your package should be called "docker". If that name is already 28 taken, a second choice is "lxc-docker", but with the caveat that "LXC" is now an 29 optional dependency (as noted below). Another possible choice is "docker.io". 30 31 ## Official Build vs Distro Build 32 33 The Docker project maintains its own build and release toolchain. It is pretty 34 neat and entirely based on Docker (surprise!). This toolchain is the canonical 35 way to build Docker. We encourage you to give it a try, and if the circumstances 36 allow you to use it, we recommend that you do. 37 38 You might not be able to use the official build toolchain - usually because your 39 distribution has a toolchain and packaging policy of its own. We get it! Your 40 house, your rules. The rest of this document should give you the information you 41 need to package Docker your way, without denaturing it in the process. 42 43 ## Build Dependencies 44 45 To build Docker, you will need the following: 46 47 * A recent version of Git and Mercurial 48 * Go version 1.3 or later 49 * A clean checkout of the source added to a valid [Go 50 workspace](http://golang.org/doc/code.html#Workspaces) under the path 51 *src/github.com/docker/docker* (unless you plan to use `AUTO_GOPATH`, 52 explained in more detail below) 53 54 To build the Docker daemon, you will additionally need: 55 56 * An amd64/x86_64 machine running Linux 57 * SQLite version 3.7.9 or later 58 * libdevmapper version 1.02.68-cvs (2012-01-26) or later from lvm2 version 59 2.02.89 or later 60 * btrfs-progs version 3.16.1 or later (unless using an older version is 61 absolutely necessary, in which case 3.8 is the minimum and the note below 62 regarding `btrfs_noversion` applies) 63 64 Be sure to also check out Docker's Dockerfile for the most up-to-date list of 65 these build-time dependencies. 66 67 ### Go Dependencies 68 69 All Go dependencies are vendored under "./vendor". They are used by the official 70 build, so the source of truth for the current version of each dependency is 71 whatever is in "./vendor". 72 73 To use the vendored dependencies, simply make sure the path to "./vendor" is 74 included in `GOPATH` (or use `AUTO_GOPATH`, as explained below). 75 76 If you would rather (or must, due to distro policy) package these dependencies 77 yourself, take a look at "./hack/vendor.sh" for an easy-to-parse list of the 78 exact version for each. 79 80 NOTE: if you're not able to package the exact version (to the exact commit) of a 81 given dependency, please get in touch so we can remediate! Who knows what 82 discrepancies can be caused by even the slightest deviation. We promise to do 83 our best to make everybody happy. 84 85 ## Stripping Binaries 86 87 Please, please, please do not strip any compiled binaries. This is really 88 important. 89 90 In our own testing, stripping the resulting binaries sometimes results in a 91 binary that appears to work, but more often causes random panics, segfaults, and 92 other issues. Even if the binary appears to work, please don't strip. 93 94 See the following quotes from Dave Cheney, which explain this position better 95 from the upstream Golang perspective. 96 97 ### [go issue #5855, comment #3](https://code.google.com/p/go/issues/detail?id=5855#c3) 98 99 > Super super important: Do not strip go binaries or archives. It isn't tested, 100 > often breaks, and doesn't work. 101 102 ### [launchpad golang issue #1200255, comment #8](https://bugs.launchpad.net/ubuntu/+source/golang/+bug/1200255/comments/8) 103 104 > To quote myself: "Please do not strip Go binaries, it is not supported, not 105 > tested, is often broken, and doesn't do what you want" 106 > 107 > To unpack that a bit 108 > 109 > * not supported, as in, we don't support it, and recommend against it when 110 > asked 111 > * not tested, we don't test stripped binaries as part of the build CI process 112 > * is often broken, stripping a go binary will produce anywhere from no, to 113 > subtle, to outright execution failure, see above 114 115 ### [launchpad golang issue #1200255, comment #13](https://bugs.launchpad.net/ubuntu/+source/golang/+bug/1200255/comments/13) 116 117 > To clarify my previous statements. 118 > 119 > * I do not disagree with the debian policy, it is there for a good reason 120 > * Having said that, it stripping Go binaries doesn't work, and nobody is 121 > looking at making it work, so there is that. 122 > 123 > Thanks for patching the build formula. 124 125 ## Building Docker 126 127 Please use our build script ("./hack/make.sh") for all your compilation of 128 Docker. If there's something you need that it isn't doing, or something it could 129 be doing to make your life as a packager easier, please get in touch with Tianon 130 and help us rectify the situation. Chances are good that other packagers have 131 probably run into the same problems and a fix might already be in the works, but 132 none of us will know for sure unless you harass Tianon about it. :) 133 134 All the commands listed within this section should be run with the Docker source 135 checkout as the current working directory. 136 137 ### `AUTO_GOPATH` 138 139 If you'd rather not be bothered with the hassles that setting up `GOPATH` 140 appropriately can be, and prefer to just get a "build that works", you should 141 add something similar to this to whatever script or process you're using to 142 build Docker: 143 144 ```bash 145 export AUTO_GOPATH=1 146 ``` 147 148 This will cause the build scripts to set up a reasonable `GOPATH` that 149 automatically and properly includes both docker/docker from the local 150 directory, and the local "./vendor" directory as necessary. 151 152 ### `DOCKER_BUILDTAGS` 153 154 If you're building a binary that may need to be used on platforms that include 155 AppArmor, you will need to set `DOCKER_BUILDTAGS` as follows: 156 ```bash 157 export DOCKER_BUILDTAGS='apparmor' 158 ``` 159 160 If you're building a binary that may need to be used on platforms that include 161 SELinux, you will need to use the `selinux` build tag: 162 ```bash 163 export DOCKER_BUILDTAGS='selinux' 164 ``` 165 166 If your version of btrfs-progs (also called btrfs-tools) is < 3.16.1, then you 167 will need the following tag to not check for btrfs version headers: 168 ```bash 169 export DOCKER_BUILDTAGS='btrfs_noversion' 170 ``` 171 172 There are build tags for disabling graphdrivers as well. By default, support 173 for all graphdrivers are built in. 174 175 To disable btrfs: 176 ```bash 177 export DOCKER_BUILDTAGS='exclude_graphdriver_btrfs' 178 ``` 179 180 To disable devicemapper: 181 ```bash 182 export DOCKER_BUILDTAGS='exclude_graphdriver_devicemapper' 183 ``` 184 185 To disable aufs: 186 ```bash 187 export DOCKER_BUILDTAGS='exclude_graphdriver_aufs' 188 ``` 189 190 NOTE: if you need to set more than one build tag, space separate them: 191 ```bash 192 export DOCKER_BUILDTAGS='apparmor selinux exclude_graphdriver_aufs' 193 ``` 194 195 ### Static Daemon 196 197 If it is feasible within the constraints of your distribution, you should 198 seriously consider packaging Docker as a single static binary. A good comparison 199 is Busybox, which is often packaged statically as a feature to enable mass 200 portability. Because of the unique way Docker operates, being similarly static 201 is a "feature". 202 203 To build a static Docker daemon binary, run the following command (first 204 ensuring that all the necessary libraries are available in static form for 205 linking - see the "Build Dependencies" section above, and the relevant lines 206 within Docker's own Dockerfile that set up our official build environment): 207 208 ```bash 209 ./hack/make.sh binary 210 ``` 211 212 This will create a static binary under 213 "./bundles/$VERSION/binary/docker-$VERSION", where "$VERSION" is the contents of 214 the file "./VERSION". This binary is usually installed somewhere like 215 "/usr/bin/docker". 216 217 ### Dynamic Daemon / Client-only Binary 218 219 If you are only interested in a Docker client binary, set `DOCKER_CLIENTONLY` to a non-empty value using something similar to the following: (which will prevent the extra step of compiling dockerinit) 220 221 ```bash 222 export DOCKER_CLIENTONLY=1 223 ``` 224 225 If you need to (due to distro policy, distro library availability, or for other 226 reasons) create a dynamically compiled daemon binary, or if you are only 227 interested in creating a client binary for Docker, use something similar to the 228 following: 229 230 ```bash 231 ./hack/make.sh dynbinary 232 ``` 233 234 This will create "./bundles/$VERSION/dynbinary/docker-$VERSION", which for 235 client-only builds is the important file to grab and install as appropriate. 236 237 For daemon builds, you will also need to grab and install 238 "./bundles/$VERSION/dynbinary/dockerinit-$VERSION", which is created from the 239 minimal set of Docker's codebase that _must_ be compiled statically (and is thus 240 a pure static binary). The acceptable locations Docker will search for this file 241 are as follows (in order): 242 243 * as "dockerinit" in the same directory as the daemon binary (ie, if docker is 244 installed at "/usr/bin/docker", then "/usr/bin/dockerinit" will be the first 245 place this file is searched for) 246 * "/usr/libexec/docker/dockerinit" or "/usr/local/libexec/docker/dockerinit" 247 ([FHS 3.0 Draft](http://www.linuxbase.org/betaspecs/fhs/fhs.html#usrlibexec)) 248 * "/usr/lib/docker/dockerinit" or "/usr/local/lib/docker/dockerinit" ([FHS 249 2.3](http://refspecs.linuxfoundation.org/FHS_2.3/fhs-2.3.html#USRLIBLIBRARIESFORPROGRAMMINGANDPA)) 250 251 If (and please, only if) one of the paths above is insufficient due to distro 252 policy or similar issues, you may use the `DOCKER_INITPATH` environment variable 253 at compile-time as follows to set a different path for Docker to search: 254 255 ```bash 256 export DOCKER_INITPATH=/usr/lib/docker.io/dockerinit 257 ``` 258 259 If you find yourself needing this, please don't hesitate to reach out to Tianon 260 to see if it would be reasonable or helpful to add more paths to Docker's list, 261 especially if there's a relevant standard worth referencing (such as the FHS). 262 263 Also, it goes without saying, but for the purposes of the daemon please consider 264 these two binaries ("docker" and "dockerinit") as if they were a single unit. 265 Mixing and matching can cause undesired consequences, and will fail to run 266 properly. 267 268 ## System Dependencies 269 270 ### Runtime Dependencies 271 272 To function properly, the Docker daemon needs the following software to be 273 installed and available at runtime: 274 275 * iptables version 1.4 or later 276 * procps (or similar provider of a "ps" executable) 277 * e2fsprogs version 1.4.12 or later (in use: mkfs.ext4, mkfs.xfs, tune2fs) 278 * XZ Utils version 4.9 or later 279 * a [properly 280 mounted](https://github.com/tianon/cgroupfs-mount/blob/master/cgroupfs-mount) 281 cgroupfs hierarchy (having a single, all-encompassing "cgroup" mount point 282 [is](https://github.com/docker/docker/issues/2683) 283 [not](https://github.com/docker/docker/issues/3485) 284 [sufficient](https://github.com/docker/docker/issues/4568)) 285 286 Additionally, the Docker client needs the following software to be installed and 287 available at runtime: 288 289 * Git version 1.7 or later 290 291 ### Kernel Requirements 292 293 The Docker daemon has very specific kernel requirements. Most pre-packaged 294 kernels already include the necessary options enabled. If you are building your 295 own kernel, you will either need to discover the options necessary via trial and 296 error, or check out the [Gentoo 297 ebuild](https://github.com/tianon/docker-overlay/blob/master/app-emulation/docker/docker-9999.ebuild), 298 in which a list is maintained (and if there are any issues or discrepancies in 299 that list, please contact Tianon so they can be rectified). 300 301 Note that in client mode, there are no specific kernel requirements, and that 302 the client will even run on alternative platforms such as Mac OS X / Darwin. 303 304 ### Optional Dependencies 305 306 Some of Docker's features are activated by using optional command-line flags or 307 by having support for them in the kernel or userspace. A few examples include: 308 309 * LXC execution driver (requires version 1.0.7 or later of lxc and the lxc-libs) 310 * AUFS graph driver (requires AUFS patches/support enabled in the kernel, and at 311 least the "auplink" utility from aufs-tools) 312 * BTRFS graph driver (requires BTRFS support enabled in the kernel) 313 314 ## Daemon Init Script 315 316 Docker expects to run as a daemon at machine startup. Your package will need to 317 include a script for your distro's process supervisor of choice. Be sure to 318 check out the "contrib/init" folder in case a suitable init script already 319 exists (and if one does not, contact Tianon about whether it might be 320 appropriate for your distro's init script to live there too!). 321 322 In general, Docker should be run as root, similar to the following: 323 324 ```bash 325 docker -d 326 ``` 327 328 Generally, a `DOCKER_OPTS` variable of some kind is available for adding more 329 flags (such as changing the graph driver to use BTRFS, switching the location of 330 "/var/lib/docker", etc). 331 332 ## Communicate 333 334 As a final note, please do feel free to reach out to Tianon at any time for 335 pretty much anything. He really does love hearing from our packagers and wants 336 to make sure we're not being a "hostile upstream". As should be a given, we 337 appreciate the work our packagers do to make sure we have broad distribution!