Docker Introduction
Docker is a package that allows easy deployment of software environments using containers. It allows complex software installations to be packaged up into containers and shared via a centralised container repository (or by other means). The container can then be easily launched on any platform with no compatibility or dependency problems.
Although Docker is native to Linux, it also runs on Mac OS X and Windows, and the same containers work on all platforms. Versions of Windows prior to 10 require Docker Toolbox, which runs Docker inside a Linux virtual machine; Windows 10 can run Docker CE natively. Docker can be used on all sorts of machines, from laptops to servers.
Running Docker
To launch a container in Docker, simply run:
docker run -ti <tag>
where <tag> is the name of the container in the Docker container repository. For example, to launch the LSST simulations container, run:
docker run -ti jamespepcc/lsstsimulations:1.1
(When using Docker Toolbox on Windows, you must first start the Docker Quickstart Terminal and then run Docker related commands within this terminal).
The Docker command supports many additional options. For full details of these please refer to the official Docker documentation. Some of the most useful options are described below.
Mapping Directories to Docker
By default, the Docker container is a completely self-contained environment. Software within the container cannot access files outside the container, and any data created within the container will be lost when the container exits. Whilst this is good from a security perspective, it can be inconvenient; often it is desirable to be able to access existing files within the Docker environment, or to save a copy of output data generated within the container.
A simple way to do this is to map a local directory to Docker so that it becomes visible within the container. This can be done by passing the -v switch to the docker run command:
docker run -v "<local_directory>:<directory_within_docker>" -ti <tag>
This will make the local directory visible within the container at the path specified. For example, running:
docker run -v "/home/james/data:/data" -ti jamespepcc/lsstsimulations:1.1
will run the LSST simulations container and give it access to the directory /home/james/data. Within the container the directory will be accessed as /data.
When using Docker Toolbox on Windows, the local directory path must be given in MinGW format rather than standard Windows format. For example, to map the Windows directory C:\Users\James\Documents\data to the directory /data within Docker, use the command:
docker run -v "//c/Users/James/Documents/data:/data" -ti jamespepcc/lsstsimulations:1.1
Accessing Ports in Docker
It can be useful to run a server (for example, a Jupyter Notebook server) within Docker and be able to access it from outside the container (for example, using a web browser on your local machine). This can be done by passing the -p switch to the docker run command:
docker run -p 8888:8888 -ti jamespepcc/lsstsimulations1.1
This will forward TCP port 8888 from the container's internal network interface to an external interface from which it can be accessed by the host operating system and applications.
Before accessing the port from the host, it is necessary to find out the IP address of the Docker container. This works differently on each platform:
- On Mac OS X, simply access
localhost - On Linux, run
docker psin another terminal to get the Docker container ID, then rundocker inspect <container ID>to see the container's IP address (along with a lot of other information) - On Windows, the IP address will be printed just below the whale graphic when Docker Quickstart Terminal starts up. It is usually 192.168.99.100
If you require this document in an alternative format, please contact the LSST:UK Project Managers lusc_pm@mlist.is.ed.ac.uk or phone +44 131 651 3577