Alexei Boronine's blog, resume & projects.

Installing Docker on Debian Jessie

While visiting family for the holidays, I’ve been lovingly crafting a new Debian-based work environment. After spending days tweaking my Xmonad configuration, I finally decided to install Docker, which I’ve been happily using at work and in my side projects. Currently, Docker does not support Debian, so it took some digging to get it to work.

This guide assumes a clean Debian installation. Note that currently Docker requires a 64bit OS.

First we need to get LXC to work:

# apt-get install lxc
# lxc-checkconfig

Here is the output generated by lxc-checkconfig:

Kernel configuration not found at /proc/config.gz; searching...
Kernel configuration found at /boot/config-3.11-2-amd64
--- Namespaces ---
Namespaces: enabled
Utsname namespace: enabled
Ipc namespace: enabled
Pid namespace: enabled
User namespace: missing
Network namespace: enabled
Multiple /dev/pts instances: enabled

--- Control groups ---
Cgroup: enabled
Cgroup namespace: required
Cgroup device: enabled
Cgroup sched: enabled
Cgroup cpu account: enabled
Cgroup memory controller: enabled
Cgroup cpuset: enabled

--- Misc ---
Veth pair device: enabled
Macvlan: enabled
Vlan: enabled
File capabilities: enabled

Note : Before booting a new kernel, you can check its configuration
usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig

As you can see, user namespace support is missing. We need a kernel compiled with CONFIG_USER_NS=y. Instead of compiling our own, let’s grab a newer kernel from unstable, where this is enabled by default:

# echo "deb http://cdn.debian.net/debian unstable main" > /etc/apt/sources.list.d/unstable.list
# apt-get update

Find the appropriate linux-image package and install it:

# apt-cache search linux-image
# apt-get install linux-image-3.12-1-amd64

If you don’t want unstable packages to pollute your apt cache, you should clean up:

# rm /etc/apt/sources.list.d/unstable.list
# apt-get update

Next, we need to tweak cgroups. Add a new mount to /etc/fstab:

# echo "cgroup /sys/fs/cgroup cgroup defaults 0 0" >> /etc/fstab

And add the following config to /etc/default/grub:

GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1"

Now we need to reinstall GRUB for the last change to take effect (replace sdX with wherever you want GRUB to go):

# update-grub
# grub-install /dev/sdX

Lastly before rebooting, we need to enable port forwarding by uncommenting the following config in /etc/sysctl.conf:

net.ipv4.ip_forward=1

After rebooting into the new kernel (which should become the default option), let’s check the output of lxc-checkconfig:

Kernel configuration not found at /proc/config.gz; searching...
Kernel configuration found at /boot/config-3.12-1-amd64
--- Namespaces ---
Namespaces: enabled
Utsname namespace: enabled
Ipc namespace: enabled
Pid namespace: enabled
User namespace: enabled
Network namespace: enabled
Multiple /dev/pts instances: enabled

--- Control groups ---
Cgroup: enabled
Cgroup clone_children flag: enabled
Cgroup device: enabled
Cgroup sched: enabled
Cgroup cpu account: enabled
Cgroup memory controller: enabled
Cgroup cpuset: enabled

--- Misc ---
Veth pair device: enabled
Macvlan: enabled
Vlan: enabled
File capabilities: enabled

Note : Before booting a new kernel, you can check its configuration
usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig

Looking good.

If you like, you can build Docker from source. I had some trouble doing it, so for the purpose of this tutorial let’s keep things real simple and grab the binary:

# wget https://get.docker.io/builds/Linux/x86_64/docker-latest -O docker
# chmod +x docker
# mv docker /usr/bin/

Start the docker daemon (it’s up to you to make it auto-start, as for me, I like to do it manually):

# docker -d &

Docker should now be running:

# docker version
Client version: 0.7.2
Go version (client): go1.2
Git commit (client): 28b162e
Server version: 0.7.2
Git commit (server): 28b162e
Go version (server): go1.2
Last stable version: 0.7.2
# docker pull ubuntu
# docker run ubuntu echo 'ubuntu on debian'
ubuntu on debian

If you’re having troubles with this tutorial, leave a note in the comments. Have fun!