The Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
Find a file
James Allen 37fcbfa1f4 Add RWMutex lock into TruncIndex to fix race condition when inserting values
The idx.index array is overwritten when a new value is inserted to the index.
When two containers are created concurrently, their ids are inserted to the
index and one can overwrite the other leaving one of ids missing from the
index. Adding a RWMutex lock around read/write operations fixes this.

Docker-DCO-1.1-Signed-off-by: James Allen <jamesallen0108@gmail.com> (github: jpallen)
2014-01-15 17:30:00 +00:00
archive Revert "Add -S option to tar for efficient sparse file handling" 2014-01-08 02:58:39 +02:00
auth small batch of edits/corrections to comments 2013-12-24 16:40:14 -08:00
cgroups Extract cgroups utilities to own submodule. 2014-01-02 17:54:57 -05:00
contrib Merge pull request #3508 from tutumcloud/seccomp 2014-01-14 18:55:53 -08:00
docker Add DOCKER_HOST env var for client 2013-12-28 16:42:18 -08:00
dockerinit Rename all cases of "docker-init" to "dockerinit" for consistency 2013-10-25 15:13:25 -07:00
docs Merge pull request #3585 from tianon/remove-uid-ns-reference 2014-01-14 11:37:00 -08:00
engine move legacy stuff outside the job 2014-01-13 16:20:05 -08:00
graphdriver Make vfs error more explicit 2014-01-07 16:02:41 -08:00
hack Merge pull request #3581 from tianon/deb-xz-utils 2014-01-14 12:07:10 -08:00
integration Add compat 1.8 2014-01-13 15:50:20 -08:00
mount Add remount for bind mounts in ro 2014-01-14 15:20:21 -08:00
pkg Fix misspelled Hawkings -> Hawking, Archimede -> Archimedes, Euclide -> Euclid 2014-01-09 10:02:55 -05:00
proxy Add links for container relationships and introspection 2013-10-25 15:13:24 -07:00
registry move legacy stuff outside the job 2014-01-13 16:20:05 -08:00
sysinit Move utility package 'netlink' to pkg/netlink 2013-12-23 23:39:39 +00:00
utils Add RWMutex lock into TruncIndex to fix race condition when inserting values 2014-01-15 17:30:00 +00:00
vendor/src Un-gofmt ./vendor 2014-01-14 10:54:19 -07:00
.gitignore tell anyone that might want to ignore their editor choice's backup files that there is a better way - thanks @pnasrat 2013-11-27 13:19:06 +10:00
.mailmap Update AUTHORS 2013-10-08 23:51:38 -04:00
.travis.yml Fix Travis PR testing to not overwrite the "master" that Travis creates with our "upstream master", and to also ignore commits with no content (like a Merge commit - there's no need to sign off on literally nothing) 2014-01-07 13:45:40 -07:00
api.go move legacy stuff outside the job 2014-01-13 16:20:05 -08:00
api_params.go add legacy compat 2014-01-13 15:50:20 -08:00
api_unit_test.go rename file to remove testing flags from docker binary 2013-11-19 12:41:29 -08:00
AUTHORS Don't compress the archive made from git's output. 2014-01-09 18:23:19 +00:00
buildfile.go Fix "foo: no such file or directory" test failure, and normalize creation of custom error to always depend on if os.IsNotExist(err) so we don't hide other errors that might crop up in these tests 2014-01-14 11:42:03 -07:00
CHANGELOG.md Bump to version v0.7.5 2014-01-09 10:34:50 -08:00
commands.go Add compat 1.8 2014-01-13 15:50:20 -08:00
commands_unit_test.go prevent a panic with docker run -v / 2013-12-18 13:57:49 -08:00
config.go Allow mtu to be configured at daemon start 2013-12-20 12:12:03 -05:00
config_test.go Move integration tests to integration/, expose missing public methods in the core 2013-11-14 10:50:00 -08:00
container.go Add remount for bind mounts in ro 2014-01-14 15:20:21 -08:00
container_unit_test.go bring back tests about LXCConfig 2013-11-15 11:48:18 -08:00
CONTRIBUTING.md CONTRIBUTING.md: wrap DCO to 78 chars per line 2014-01-09 10:08:52 -08:00
Dockerfile Use gzip compression in Ubuntu packages to make it at least possible to install on Lucid. 2014-01-10 11:45:00 -08:00
FIXME Clean out a few outdated FIXME items 2013-10-06 13:55:26 -06:00
graph.go Only get rootfs when we need to calculate the image size 2014-01-07 13:56:26 -08:00
http_test.go gofmt 2013-11-14 10:50:43 -08:00
image.go Add dynamic os/arch detection to Images 2013-12-20 08:20:08 -08:00
LICENSE Docker is now licensed under the Apache 2.0 license 2013-02-18 09:56:20 -08:00
links.go Move utility package 'iptables' to pkg/iptables 2014-01-06 15:41:24 -08:00
links_test.go Expose IP, port, proto as sep. env vars when linking, Closes #2430 2013-10-28 23:02:28 -07:00
lxc_template.go Move MTU setting outside of lxc and set with netlink 2013-12-19 11:51:44 -08:00
lxc_template_unit_test.go dockerinit: set hostname 2013-12-12 19:56:05 -06:00
MAINTAINERS Add Travis CI configuration to validate DCO and gofmt 2014-01-07 08:25:54 -07:00
Makefile Update Makefile to use "docker:GIT_BRANCH" as the generated image name for increased versatility 2014-01-07 18:38:07 -07:00
network.go Merge pull request #3435 from roylee17/3149-fix_port_mapping_of_tcp_plus_udp 2014-01-07 10:08:13 -08:00
network_test.go Move utility package 'iptables' to pkg/iptables 2014-01-06 15:41:24 -08:00
NOTICE Change crypto export notice to meet Debian requirements 2013-11-11 22:08:37 +00:00
opts.go Allow to use -H unix:// like -H tcp:// 2013-12-16 16:30:23 -08:00
opts_unit_test.go Add unit test for ValidateIp4Address 2013-12-02 17:33:33 -05:00
README.md Change crypto export notice to meet Debian requirements 2013-11-11 22:08:37 +00:00
reflink_copy_darwin.go Run 'gofmt -s -w' 2014-01-06 22:14:35 -07:00
reflink_copy_linux.go Run 'gofmt -s -w' 2014-01-06 22:14:35 -07:00
REMOTE_TODO.md update REMOTE_TODO.md 2014-01-08 14:50:52 -08:00
runtime.go Merge pull request #3420 from RoelVanNyen/getfullname 2014-01-06 13:59:04 -08:00
server.go move legacy stuff outside the job 2014-01-13 16:20:05 -08:00
server_unit_test.go Merge pull request #2609 from shykes/0.6.5-dm-plugin 2013-11-25 18:58:26 -08:00
sorter.go add legacy compat 2014-01-13 15:50:20 -08:00
sorter_unit_test.go Move integration tests to integration/, expose missing public methods in the core 2013-11-14 10:50:00 -08:00
state.go Use UTC for time 2013-11-21 16:43:36 -08:00
tags.go Search for repo first before image id 2013-11-29 11:06:35 -08:00
tags_unit_test.go tags test: cleanup driver 2013-11-20 14:52:06 +01:00
utils.go Run 'gofmt -s -w' 2014-01-06 22:14:35 -07:00
utils_test.go go fmt. 2013-11-29 22:20:59 -02:00
Vagrantfile Makes sure the GPG key fingerprint is inlined in the doc everywhere. 2014-01-08 01:07:04 +00:00
VERSION Change version to v0.7.5 2014-01-09 11:36:30 -08:00
version.go Add arch/os info to user agent (Registry) 2013-12-20 08:19:25 -08:00

Docker: the Linux container engine

Docker is an open source project to pack, ship and run any application as a lightweight container

Docker containers are both hardware-agnostic and platform-agnostic. This means that they can run anywhere, from your laptop to the largest EC2 compute instance and everything in between - and they don't require that you use a particular language, framework or packaging system. That makes them great building blocks for deploying and scaling web apps, databases and backend services without depending on a particular stack or provider.

Docker is an open-source implementation of the deployment engine which powers dotCloud, a popular Platform-as-a-Service. It benefits directly from the experience accumulated over several years of large-scale operation and support of hundreds of thousands of applications and databases.

Docker L

Better than VMs

A common method for distributing applications and sandbox their execution is to use virtual machines, or VMs. Typical VM formats are VMWare's vmdk, Oracle Virtualbox's vdi, and Amazon EC2's ami. In theory these formats should allow every developer to automatically package their application into a "machine" for easy distribution and deployment. In practice, that almost never happens, for a few reasons:

  • Size: VMs are very large which makes them impractical to store and transfer.
  • Performance: running VMs consumes significant CPU and memory, which makes them impractical in many scenarios, for example local development of multi-tier applications, and large-scale deployment of cpu and memory-intensive applications on large numbers of machines.
  • Portability: competing VM environments don't play well with each other. Although conversion tools do exist, they are limited and add even more overhead.
  • Hardware-centric: VMs were designed with machine operators in mind, not software developers. As a result, they offer very limited tooling for what developers need most: building, testing and running their software. For example, VMs offer no facilities for application versioning, monitoring, configuration, logging or service discovery.

By contrast, Docker relies on a different sandboxing method known as containerization. Unlike traditional virtualization, containerization takes place at the kernel level. Most modern operating system kernels now support the primitives necessary for containerization, including Linux with openvz, vserver and more recently lxc, Solaris with zones and FreeBSD with Jails.

Docker builds on top of these low-level primitives to offer developers a portable format and runtime environment that solves all 4 problems. Docker containers are small (and their transfer can be optimized with layers), they have basically zero memory and cpu overhead, they are completely portable and are designed from the ground up with an application-centric design.

The best part: because docker operates at the OS level, it can still be run inside a VM!

Plays well with others

Docker does not require that you buy into a particular programming language, framework, packaging system or configuration language.

Is your application a Unix process? Does it use files, tcp connections, environment variables, standard Unix streams and command-line arguments as inputs and outputs? Then docker can run it.

Can your application's build be expressed as a sequence of such commands? Then docker can build it.

Escape dependency hell

A common problem for developers is the difficulty of managing all their application's dependencies in a simple and automated way.

This is usually difficult for several reasons:

  • Cross-platform dependencies. Modern applications often depend on a combination of system libraries and binaries, language-specific packages, framework-specific modules, internal components developed for another project, etc. These dependencies live in different "worlds" and require different tools - these tools typically don't work well with each other, requiring awkward custom integrations.

  • Conflicting dependencies. Different applications may depend on different versions of the same dependency. Packaging tools handle these situations with various degrees of ease - but they all handle them in different and incompatible ways, which again forces the developer to do extra work.

  • Custom dependencies. A developer may need to prepare a custom version of their application's dependency. Some packaging systems can handle custom versions of a dependency, others can't - and all of them handle it differently.

Docker solves dependency hell by giving the developer a simple way to express all their application's dependencies in one place, and streamline the process of assembling them. If this makes you think of XKCD 927, don't worry. Docker doesn't replace your favorite packaging systems. It simply orchestrates their use in a simple and repeatable way. How does it do that? With layers.

Docker defines a build as running a sequence of Unix commands, one after the other, in the same container. Build commands modify the contents of the container (usually by installing new files on the filesystem), the next command modifies it some more, etc. Since each build command inherits the result of the previous commands, the order in which the commands are executed expresses dependencies.

Here's a typical Docker build process:

from ubuntu:12.10
run apt-get update
run DEBIAN_FRONTEND=noninteractive apt-get install -q -y python
run DEBIAN_FRONTEND=noninteractive apt-get install -q -y python-pip
run pip install django
run DEBIAN_FRONTEND=noninteractive apt-get install -q -y curl
run curl -L https://github.com/shykes/helloflask/archive/master.tar.gz | tar -xzv
run cd helloflask-master && pip install -r requirements.txt

Note that Docker doesn't care how dependencies are built - as long as they can be built by running a Unix command in a container.

Getting started

Docker can be installed on your local machine as well as servers - both bare metal and virtualized. It is available as a binary on most modern Linux systems, or as a VM on Windows, Mac and other systems.

We also offer an interactive tutorial for quickly learning the basics of using Docker.

For up-to-date install instructions and online tutorials, see the Getting Started page.

Usage examples

Docker can be used to run short-lived commands, long-running daemons (app servers, databases etc.), interactive shell sessions, etc.

You can find a list of real-world examples in the documentation.

Under the hood

Under the hood, Docker is built on the following components:

  • The cgroup and namespacing capabilities of the Linux kernel;
  • AUFS, a powerful union filesystem with copy-on-write capabilities;
  • The Go programming language;
  • lxc, a set of convenience scripts to simplify the creation of Linux containers.

Contributing to Docker

Want to hack on Docker? Awesome! There are instructions to get you started here.

They are probably not perfect, please let us know if anything feels wrong or incomplete.

Brought to you courtesy of our legal counsel. For more context, please see the Notice document.

Use and transfer of Docker may be subject to certain restrictions by the United States and other governments.
It is your responsibility to ensure that your use and/or transfer does not violate applicable laws.

For more information, please see http://www.bis.doc.gov