2014-03-04 23:40:12 -05:00
|
|
|
# Dear Packager,
|
2013-09-10 02:39:55 -04:00
|
|
|
|
2014-03-05 00:51:34 -05:00
|
|
|
If you are looking to make Docker available on your favorite software
|
2014-03-04 23:40:12 -05:00
|
|
|
distribution, this document is for you. It summarizes the requirements for
|
|
|
|
building and running the Docker client and the Docker daemon.
|
2013-09-10 02:39:55 -04:00
|
|
|
|
2014-03-04 23:40:12 -05:00
|
|
|
## Package Name
|
2013-09-10 02:39:55 -04:00
|
|
|
|
2014-03-04 23:40:12 -05:00
|
|
|
If possible, your package should be called "docker". If that name is already
|
2015-07-15 17:01:04 -04:00
|
|
|
taken, a second choice is "docker-engine". Another possible choice is "docker.io".
|
2013-09-10 14:30:14 -04:00
|
|
|
|
2014-03-04 23:40:12 -05:00
|
|
|
## Official Build vs Distro Build
|
2013-09-10 14:30:14 -04:00
|
|
|
|
2014-03-04 23:40:12 -05:00
|
|
|
The Docker project maintains its own build and release toolchain. It is pretty
|
|
|
|
neat and entirely based on Docker (surprise!). This toolchain is the canonical
|
2014-03-05 00:51:34 -05:00
|
|
|
way to build Docker. We encourage you to give it a try, and if the circumstances
|
|
|
|
allow you to use it, we recommend that you do.
|
2013-09-10 14:30:14 -04:00
|
|
|
|
2014-03-04 23:40:12 -05:00
|
|
|
You might not be able to use the official build toolchain - usually because your
|
|
|
|
distribution has a toolchain and packaging policy of its own. We get it! Your
|
|
|
|
house, your rules. The rest of this document should give you the information you
|
|
|
|
need to package Docker your way, without denaturing it in the process.
|
|
|
|
|
2014-03-05 00:51:34 -05:00
|
|
|
## Build Dependencies
|
2013-09-10 02:39:55 -04:00
|
|
|
|
2021-06-08 11:56:20 -04:00
|
|
|
The Dockerfile contains the most up-to-date list of build-time dependencies.
|
2013-09-10 02:39:55 -04:00
|
|
|
|
2014-03-05 00:51:34 -05:00
|
|
|
### Go Dependencies
|
2013-09-10 02:39:55 -04:00
|
|
|
|
2014-03-05 00:51:34 -05:00
|
|
|
All Go dependencies are vendored under "./vendor". They are used by the official
|
|
|
|
build, so the source of truth for the current version of each dependency is
|
|
|
|
whatever is in "./vendor".
|
2013-09-10 02:39:55 -04:00
|
|
|
|
2014-03-05 00:51:34 -05:00
|
|
|
If you would rather (or must, due to distro policy) package these dependencies
|
2016-10-31 14:22:28 -04:00
|
|
|
yourself, take a look at "vendor.conf" for an easy-to-parse list of the
|
2014-03-05 00:51:34 -05:00
|
|
|
exact version for each.
|
2013-09-10 02:39:55 -04:00
|
|
|
|
2014-02-03 00:40:58 -05:00
|
|
|
## Stripping Binaries
|
2013-09-10 02:39:55 -04:00
|
|
|
|
2014-03-04 23:40:12 -05:00
|
|
|
Please, please, please do not strip any compiled binaries. This is really
|
|
|
|
important.
|
2013-09-10 02:39:55 -04:00
|
|
|
|
2014-03-05 00:51:34 -05:00
|
|
|
In our own testing, stripping the resulting binaries sometimes results in a
|
|
|
|
binary that appears to work, but more often causes random panics, segfaults, and
|
|
|
|
other issues. Even if the binary appears to work, please don't strip.
|
|
|
|
|
2014-02-03 00:40:58 -05:00
|
|
|
See the following quotes from Dave Cheney, which explain this position better
|
|
|
|
from the upstream Golang perspective.
|
|
|
|
|
|
|
|
### [go issue #5855, comment #3](https://code.google.com/p/go/issues/detail?id=5855#c3)
|
|
|
|
|
|
|
|
> Super super important: Do not strip go binaries or archives. It isn't tested,
|
|
|
|
> often breaks, and doesn't work.
|
|
|
|
|
|
|
|
### [launchpad golang issue #1200255, comment #8](https://bugs.launchpad.net/ubuntu/+source/golang/+bug/1200255/comments/8)
|
|
|
|
|
|
|
|
> To quote myself: "Please do not strip Go binaries, it is not supported, not
|
|
|
|
> tested, is often broken, and doesn't do what you want"
|
|
|
|
>
|
|
|
|
> To unpack that a bit
|
|
|
|
>
|
|
|
|
> * not supported, as in, we don't support it, and recommend against it when
|
|
|
|
> asked
|
|
|
|
> * not tested, we don't test stripped binaries as part of the build CI process
|
|
|
|
> * is often broken, stripping a go binary will produce anywhere from no, to
|
|
|
|
> subtle, to outright execution failure, see above
|
|
|
|
|
|
|
|
### [launchpad golang issue #1200255, comment #13](https://bugs.launchpad.net/ubuntu/+source/golang/+bug/1200255/comments/13)
|
|
|
|
|
|
|
|
> To clarify my previous statements.
|
|
|
|
>
|
|
|
|
> * I do not disagree with the debian policy, it is there for a good reason
|
|
|
|
> * Having said that, it stripping Go binaries doesn't work, and nobody is
|
|
|
|
> looking at making it work, so there is that.
|
|
|
|
>
|
|
|
|
> Thanks for patching the build formula.
|
2013-09-10 02:39:55 -04:00
|
|
|
|
|
|
|
## Building Docker
|
|
|
|
|
2021-06-08 11:56:20 -04:00
|
|
|
Please use our build script ("./hack/make.sh") for compilation.
|
2013-09-10 02:39:55 -04:00
|
|
|
|
2014-03-06 15:39:17 -05:00
|
|
|
### `DOCKER_BUILDTAGS`
|
|
|
|
|
2021-06-08 11:56:20 -04:00
|
|
|
If you're building a binary that might be used on platforms that include
|
2016-02-19 16:32:46 -05:00
|
|
|
seccomp, you will need to use the `seccomp` build tag:
|
|
|
|
```bash
|
|
|
|
export DOCKER_BUILDTAGS='seccomp'
|
|
|
|
```
|
|
|
|
|
2014-03-14 14:23:54 -04:00
|
|
|
There are build tags for disabling graphdrivers as well. By default, support
|
|
|
|
for all graphdrivers are built in.
|
|
|
|
|
2014-03-13 17:39:25 -04:00
|
|
|
To disable btrfs:
|
|
|
|
```bash
|
|
|
|
export DOCKER_BUILDTAGS='exclude_graphdriver_btrfs'
|
|
|
|
```
|
|
|
|
|
|
|
|
To disable devicemapper:
|
2014-03-14 14:23:54 -04:00
|
|
|
```bash
|
|
|
|
export DOCKER_BUILDTAGS='exclude_graphdriver_devicemapper'
|
|
|
|
```
|
2014-03-13 17:39:25 -04:00
|
|
|
|
|
|
|
To disable aufs:
|
2014-03-14 14:23:54 -04:00
|
|
|
```bash
|
|
|
|
export DOCKER_BUILDTAGS='exclude_graphdriver_aufs'
|
|
|
|
```
|
|
|
|
|
2014-07-22 00:00:26 -04:00
|
|
|
NOTE: if you need to set more than one build tag, space separate them:
|
2014-03-18 16:49:16 -04:00
|
|
|
```bash
|
2020-12-14 05:46:58 -05:00
|
|
|
export DOCKER_BUILDTAGS='apparmor exclude_graphdriver_aufs'
|
2014-03-18 16:49:16 -04:00
|
|
|
```
|
|
|
|
|
2014-03-04 23:40:12 -05:00
|
|
|
## System Dependencies
|
2014-03-04 23:25:00 -05:00
|
|
|
|
2014-03-05 00:51:34 -05:00
|
|
|
### Runtime Dependencies
|
2013-09-10 02:39:55 -04:00
|
|
|
|
2014-03-05 00:51:34 -05:00
|
|
|
To function properly, the Docker daemon needs the following software to be
|
|
|
|
installed and available at runtime:
|
2013-09-10 02:39:55 -04:00
|
|
|
|
|
|
|
* iptables version 1.4 or later
|
2014-04-15 16:57:43 -04:00
|
|
|
* procps (or similar provider of a "ps" executable)
|
2015-11-11 17:29:02 -05:00
|
|
|
* e2fsprogs version 1.4.12 or later (in use: mkfs.ext4, tune2fs)
|
|
|
|
* xfsprogs (in use: mkfs.xfs)
|
2014-03-05 00:51:34 -05:00
|
|
|
* XZ Utils version 4.9 or later
|
2021-06-08 11:56:20 -04:00
|
|
|
* pigz (optional)
|
2014-03-05 00:51:34 -05:00
|
|
|
|
|
|
|
Additionally, the Docker client needs the following software to be installed and
|
|
|
|
available at runtime:
|
|
|
|
|
2013-10-28 23:57:20 -04:00
|
|
|
* Git version 1.7 or later
|
2013-09-10 02:39:55 -04:00
|
|
|
|
2014-03-05 00:51:34 -05:00
|
|
|
### Kernel Requirements
|
2013-09-10 02:39:55 -04:00
|
|
|
|
2014-03-05 00:51:34 -05:00
|
|
|
The Docker daemon has very specific kernel requirements. Most pre-packaged
|
|
|
|
kernels already include the necessary options enabled. If you are building your
|
2021-06-08 11:56:20 -04:00
|
|
|
own kernel, you should check out `contrib/check-config.sh`.
|
2013-09-10 02:39:55 -04:00
|
|
|
|
2014-03-05 00:51:34 -05:00
|
|
|
Note that in client mode, there are no specific kernel requirements, and that
|
|
|
|
the client will even run on alternative platforms such as Mac OS X / Darwin.
|
2013-09-10 02:39:55 -04:00
|
|
|
|
2014-03-05 00:51:34 -05:00
|
|
|
### Optional Dependencies
|
2014-03-04 23:25:00 -05:00
|
|
|
|
|
|
|
Some of Docker's features are activated by using optional command-line flags or
|
|
|
|
by having support for them in the kernel or userspace. A few examples include:
|
|
|
|
|
|
|
|
* AUFS graph driver (requires AUFS patches/support enabled in the kernel, and at
|
|
|
|
least the "auplink" utility from aufs-tools)
|
2014-08-01 01:37:38 -04:00
|
|
|
* BTRFS graph driver (requires BTRFS support enabled in the kernel)
|
2014-09-03 10:26:19 -04:00
|
|
|
* ZFS graph driver (requires userspace zfs-utils and a corresponding kernel module)
|
2015-11-18 04:42:12 -05:00
|
|
|
* Libseccomp to allow running seccomp profiles with containers
|
2014-03-04 23:25:00 -05:00
|
|
|
|
2014-03-05 00:51:34 -05:00
|
|
|
## Daemon Init Script
|
2013-09-10 02:39:55 -04:00
|
|
|
|
2014-03-04 23:40:12 -05:00
|
|
|
Docker expects to run as a daemon at machine startup. Your package will need to
|
|
|
|
include a script for your distro's process supervisor of choice. Be sure to
|
|
|
|
check out the "contrib/init" folder in case a suitable init script already
|
2021-06-08 11:56:20 -04:00
|
|
|
exists.
|
2013-09-10 02:39:55 -04:00
|
|
|
|
2014-03-05 00:51:34 -05:00
|
|
|
In general, Docker should be run as root, similar to the following:
|
2013-09-10 02:39:55 -04:00
|
|
|
|
2013-10-18 01:36:28 -04:00
|
|
|
```bash
|
2016-12-26 09:27:56 -05:00
|
|
|
dockerd
|
2013-09-10 02:39:55 -04:00
|
|
|
```
|
2014-03-05 00:51:34 -05:00
|
|
|
|
2021-06-08 11:56:20 -04:00
|
|
|
Generally, it is encouraged that additional configuration be placed in
|
|
|
|
`/etc/docker/daemon.json`.
|