Computer Science Docker
Do not install Docker without reading this, even on a computer that you manage yourself.
This page is designed to tell you how to install Docker on Computer Science systems.
What is Docker?
Docker is a system for creating and using "containers." A container is somewhat like a virtual machine, except that it doesn't have its own kernel. There are two main uses:
- To package up a set of programs, in a way that you can use it from any versions of Linux, MacOS or Windows.
- To package up services, e.g. a web server or database system, in a way that you can use them from any version of Linux, MacOS or Windows.
Do you need Docker or should you use Singularity?
Docker images are often used to package software for AI and data analysis. If you find a docker image that has software you want to use, we suggest that you use the program singularity to run the docker image, especially, if you are doing Cuda and AI/Learning tools and need GPUs on CS machines. Singularity is easier to use than Docker, and gives you access to your normal files within the container. It can run most Docker images. See Basic Singularity Command and Utilization
Note: Currently, rootless docker will not run along with Slurm job scheduler on our system which is required if you need to use GPUs.
However if you are trying to create a new Docker image, rather than
just run an existing one, you'll need the actual Docker
software. You'll also need the actual Docker if you need to run a
Docker image that has servers such as a web server in it.
This section is for people who run their own Linux systems. If
you're using a system that we run, such as the ilab systems, please
see the next section.
If you can do su or sudo, you
can do a normal Docker installation. You can install it using apt (Ubuntu)
or yum (Centos), or get the most recent release directy from the Docker
web page. But there's one thing you must do first .
If you simply install Docker without doing anything else, your system
may lose access to the network. To prevent this, before installing Docker create the file /etc/docker/daemon.json . It should contain the
following:
One other warning: Docker images and volumes must be on
a local disk. Docker doesn't work with NFS, i.e. file systems
mounted from file servers. On most systens, your home directory
is on a file server. So make sure you put Docker files on /usr, /var,
/freespace, etc.
Until recently, Docker could only be used by people who could
do su or sudo. However the most recent release can be used by
normal users. Here is a page that describes that:
Run the Docker daemon as a non-root user .
However there are some things you must do before you try
this out on one of the systems we run. The example below
shows all of these things.
If you can become root
{
"bip": "192.168.100.2/24",
"mtu": 1500
}
This will cause Docker to use a network that doesn't conflict with
any of ours.
If you can't become root -- i.e. you're a normal user
sudo /usr/libexec/addsubusers.py will do this.
If the command doesn't work,
please ask help@cs.rutgers.edu to install the necessary files
on your system.
df and verify that there's at least
10G free on that file system. If not, please send email
to help@cs.rutgers.edu.
systemctl --user status docker
If it is not running, you can run it again via:
systemctl --user start docker
If it fails to start, make sure that you are running your docker on the same machine you setup your docker because it sits in a local filesystem.
Installing & Setting up Docker as a User without
root
Here's an example of installing Docker as a
user. Follow below, if you are setting up docker on the first iLab
machine.
df -h /freespace/local
#if /freespace/local has less than 15GB, use another machine
# WARNING: we may remove files from /freespace between semesters.
# Because this setup uses /freespace/local, this setup is only
# effective on machine you setup this docker.
# Note: /freespace/local is a local filesystem, therefore
# its content is only available locally.
# make a directory for docker on a local file system
mkdir -p /freespace/local/$USER/docker
# link it to where docker expects it to be
mkdir -p ~/.local/share
ln -s /freespace/local/$USER/docker ~/.local/share
sudo /usr/libexec/addsubusers.py
# if the previous command fails, contact help@cs.rutgers.edu
# the system you're usin isn't properly set up
# create the network config file
mkdir -p ~/.config/docker
cp /etc/docker/daemon.json ~/.config/docker/daemon.json
# now do the installation as documented on the web page
# make sure we start in the home directory
cd
curl -fsSL https://get.docker.com/rootless | sh
### up to here should only be done once
### below here has to be done every time you login
# the curl command will print two export commands. do them
export PATH="$HOME/bin:$PATH"
export DOCKER_HOST=unix://$XDG_RUNTIME_DIR/docker.sock
# put those two export commands in .bashrc if you are
# going to do this a lot
# you must do the following command again every time
# you login.
systemctl --user start docker
# verify that docker started with no errors
systemctl --user status docker
# now try it. fetch a copy of alpine and run it
# To give docker access to /freespace/local
# add -v hostpath/dockerpath parameter.
# You can add multiple -v options for more disks.
# I've picked alpine because it's a Linux system, but it's only 5 MB
docker run -v /freespace/local:/freespace/local -it alpine
# you'll get a prompt like / #
# try something that uses the network
apk update
# exit back to your normal shell
exit
only the following needs to be done on additional machines.
df -h /freespace/local
#if /freespace/local has less than 15GB, use another machine
# WARNING: we may remove files from /freespace between semesters.
# Because this setup uses /freespace/local, this setup is only
# effective on machine you setup this docker.
# Note: /freespace/local is a local filesystem, therefore
# its content is only available locally.
# add entries to /etc/subuid and /etc/subgid
sudo /usr/libexec/addsubusers.py
# if the previous command fails, contact help@cs.rutgers.edu
# the system you're usin isn't properly set up
# make a directory for docker on a local file system
mkdir -p /freespace/local/$USER/docker
# you must do the following command again every time
# you login.
systemctl --user start docker
# verify that docker started with no errors
systemctl --user status docker
# now try it. fetch a copy of alpine and run it
# To give docker access to /freespace/local
# add -v hostpath/dockerpath parameter.
# You can add multiple -v options for more disks.
# I've picked alpine because it's a Linux system, but it's only 5 MB
docker run -v /freespace/local:/freespace/local -it alpine
# you'll get a prompt like / #
# try something that uses the network
apk update
# exit back to your normal shell
exit
Important Notes
We recommend using only one system for Docker, or at least one system per home directory. (E.g., in your home directory on /common/home or /freespace/local directory.
- ~/.local/share/docker will end up pointing to a local file system, e.g. in /freespace. As long as the name of that directory is the same everywhere you're OK. But if the local file systens are different, there's a conflict.
- Your Docker images will end up on the local storage. If you use more than one system, you'll have copies on each system that you use.