Merge pull request #10900 from moxiegirl/connection-reset-by-peer-faq

Adding info to faq per customer problem.
2022-11-09 12:21:53 -05:00 · 2015-02-20 13:20:28 -08:00 · 2015-02-20 13:20:28 -08:00 · f70567e9a9
commit f70567e9a9
parent aa057fd3b3 a61766be9f
1 changed files with 157 additions and 171 deletions
--- a/docs/sources/faq.md
+++ b/docs/sources/faq.md
@ -1,15 +1,17 @@
-page_title: FAQ
+page_title: FAQ page_description: Most frequently asked questions.
 page_description: Most frequently asked questions.
 page_keywords: faq, questions, documentation, docker
-# FAQ
+# Frequently Asked Questions (FAQ)
 If you don't see your question here, feel free to submit new ones to
 <docs@docker.com>.  Or, you can fork [the
 repo](https://github.com/docker/docker) and contribute them yourself by editing
 the documentation sources.
 ## Most frequently asked questions
 ### How much does Docker cost?
-Docker is 100% free. It is open source, so you can use it without
+Docker is 100% free. It is open source, so you can use it without paying.
 paying.
 ### What open source license are you using?
@ -19,144 +21,126 @@ https://github.com/docker/docker/blob/master/LICENSE)
 ### Does Docker run on Mac OS X or Windows?
-Docker currently runs only on Linux, but you can use VirtualBox to run
+Docker currently runs only on Linux, but you can use VirtualBox to run Docker in
-Docker in a virtual machine on your box, and get the best of both worlds.
+a virtual machine on your box, and get the best of both worlds. Check out the
-Check out the [*Mac OS X*](../installation/mac/#macosx) and [*Microsoft
+[*Mac OS X*](../installation/mac/#macosx) and [*Microsoft
-Windows*](../installation/windows/#windows) installation guides. The small
+Windows*](../installation/windows/#windows) installation guides. The small Linux
-Linux distribution boot2docker can be run inside virtual machines on these
+distribution boot2docker can be run inside virtual machines on these two
-two operating systems.
+operating systems.
 {{ include "no-remote-sudo.md" }}
 ### How do containers compare to virtual machines?
-They are complementary. VMs are best used to allocate chunks of
+They are complementary. VMs are best used to allocate chunks of hardware
-hardware resources. Containers operate at the process level, which
+resources. Containers operate at the process level, which makes them very
-makes them very lightweight and perfect as a unit of software
+lightweight and perfect as a unit of software delivery.
 delivery.
 ### What does Docker add to just plain LXC?
-Docker is not a replacement for LXC. "LXC" refers to capabilities of
+Docker is not a replacement for LXC. "LXC" refers to capabilities of the Linux
-the Linux kernel (specifically namespaces and control groups) which
+kernel (specifically namespaces and control groups) which allow sandboxing
-allow sandboxing processes from one another, and controlling their
+processes from one another, and controlling their resource allocations. On top
-resource allocations. On top of this low-level foundation of kernel
+of this low-level foundation of kernel features, Docker offers a high-level tool
-features, Docker offers a high-level tool with several powerful
+with several powerful functionalities:
 functionalities:
- - *Portable deployment across machines.*
+ - *Portable deployment across machines.* Docker defines a format for bundling
-   Docker defines a format for bundling an application and all
+ an application and all its dependencies into a single object which can be
-   its dependencies into a single object which can be transferred
+ transferred to any Docker-enabled machine, and executed there with the
-   to any Docker-enabled machine, and executed there with the
+ guarantee that the execution environment exposed to the application will be the
-   guarantee that the execution environment exposed to the
+ same. LXC implements process sandboxing, which is an important pre-requisite
-   application will be the same. LXC implements process
+ for portable deployment, but that alone is not enough for portable deployment.
-   sandboxing, which is an important pre-requisite for portable
+ If you sent me a copy of your application installed in a custom LXC
-   deployment, but that alone is not enough for portable
+ configuration, it would almost certainly not run on my machine the way it does
-   deployment. If you sent me a copy of your application
+ on yours, because it is tied to your machine's specific configuration:
-   installed in a custom LXC configuration, it would almost
+ networking, storage, logging, distro, etc. Docker defines an abstraction for
-   certainly not run on my machine the way it does on yours,
+ these machine-specific settings, so that the exact same Docker container can
-   because it is tied to your machine's specific configuration:
+ run - unchanged - on many different machines, with many different
-   networking, storage, logging, distro, etc. Docker defines an
+ configurations.
   abstraction for these machine-specific settings, so that the
   exact same Docker container can run - unchanged - on many
   different machines, with many different configurations.
- - *Application-centric.*
+ - *Application-centric.* Docker is optimized for the deployment of
-   Docker is optimized for the deployment of applications, as
+ applications, as opposed to machines. This is reflected in its API, user
-   opposed to machines. This is reflected in its API, user
+ interface, design philosophy and documentation. By contrast, the `lxc` helper
-   interface, design philosophy and documentation. By contrast,
+ scripts focus on containers as lightweight machines - basically servers that
-   the `lxc` helper scripts focus on
+ boot faster and need less RAM. We think there's more to containers than just
-   containers as lightweight machines - basically servers that
+ that.
   boot faster and need less RAM. We think there's more to
   containers than just that.
- - *Automatic build.*
+ - *Automatic build.* Docker includes [*a tool for developers to automatically
   Docker includes [*a tool for developers to automatically
 assemble a container from their source
-   code*](../reference/builder/#dockerbuilder), with full control
+ code*](../reference/builder/#dockerbuilder), with full control over application
-   over application dependencies, build tools, packaging etc.
+ dependencies, build tools, packaging etc. They are free to use `make`, `maven`,
-   They are free to use `make`, `maven`, `chef`, `puppet`, `salt,` 
+ `chef`, `puppet`, `salt,` Debian packages, RPMs, source tarballs, or any
-   Debian packages, RPMs, source tarballs, or any combination of the
+ combination of the above, regardless of the configuration of the machines.
   above, regardless of the configuration of the machines.
- - *Versioning.*
+ - *Versioning.* Docker includes git-like capabilities for tracking successive
-   Docker includes git-like capabilities for tracking successive
+ versions of a container, inspecting the diff between versions, committing new
-   versions of a container, inspecting the diff between versions,
+ versions, rolling back etc. The history also includes how a container was
-   committing new versions, rolling back etc. The history also
+ assembled and by whom, so you get full traceability from the production server
-   includes how a container was assembled and by whom, so you get
+ all the way back to the upstream developer. Docker also implements incremental
-   full traceability from the production server all the way back
+ uploads and downloads, similar to `git pull`, so new versions of a container
-   to the upstream developer. Docker also implements incremental
+ can be transferred by only sending diffs.
   uploads and downloads, similar to `git pull`, so new versions
   of a container can be transferred by only sending diffs.
- - *Component re-use.*
+ - *Component re-use.* Any container can be used as a [*"base image"*](
-   Any container can be used as a [*"base image"*](
+ ../terms/image/#base-image-def) to create more specialized components. This can
-   ../terms/image/#base-image-def) to create more specialized components.
+ be done manually or as part of an automated build. For example you can prepare
-   This can be done manually or as part of an automated build. For example
+ the ideal Python environment, and use it as a base for 10 different
-   you can prepare the ideal Python environment, and use it as a base for
+ applications. Your ideal Postgresql setup can be re-used for all your future
-   10 different applications. Your ideal Postgresql setup can be re-used for
+ projects. And so on.
   all your future projects. And so on.
- - *Sharing.*
+ - *Sharing.* Docker has access to a [public registry](https://hub.docker.com)
-   Docker has access to a [public registry](https://hub.docker.com) where
+ where thousands of people have uploaded useful containers: anything from Redis,
-   thousands of people have uploaded useful containers: anything from Redis,
+ CouchDB, Postgres to IRC bouncers to Rails app servers to Hadoop to base images
-   CouchDB, Postgres to IRC bouncers to Rails app servers to Hadoop to
+ for various Linux distros. The
-   base images for various Linux distros. The
+ [*registry*](../reference/api/registry_index_spec/#registryindexspec) also
-   [*registry*](../reference/api/registry_index_spec/#registryindexspec)
+ includes an official "standard library" of useful containers maintained by the
-   also includes an official "standard library" of useful
+ Docker team. The registry itself is open-source, so anyone can deploy their own
-   containers maintained by the Docker team. The registry itself
+ registry to store and transfer private containers, for internal server
   is open-source, so anyone can deploy their own registry to
   store and transfer private containers, for internal server
 deployments for example.
- - *Tool ecosystem.*
+ - *Tool ecosystem.* Docker defines an API for automating and customizing the
-   Docker defines an API for automating and customizing the
+ creation and deployment of containers. There are a huge number of tools
-   creation and deployment of containers. There are a huge number
+ integrating with Docker to extend its capabilities. PaaS-like deployment
-   of tools integrating with Docker to extend its capabilities.
+ (Dokku, Deis, Flynn), multi-node orchestration (Maestro, Salt, Mesos, Openstack
-   PaaS-like deployment (Dokku, Deis, Flynn), multi-node
+ Nova), management dashboards (docker-ui, Openstack Horizon, Shipyard),
-   orchestration (Maestro, Salt, Mesos, Openstack Nova),
+ configuration management (Chef, Puppet), continuous integration (Jenkins,
-   management dashboards (docker-ui, Openstack Horizon,
+ Strider, Travis), etc. Docker is rapidly establishing itself as the standard
-   Shipyard), configuration management (Chef, Puppet), continuous
+ for container-based tooling.
   integration (Jenkins, Strider, Travis), etc. Docker is rapidly
   establishing itself as the standard for container-based
   tooling.
 ### What is different between a Docker container and a VM?
 There's a great StackOverflow answer [showing the differences](
-http://stackoverflow.com/questions/16047306/how-is-docker-io-different-from-a-normal-virtual-machine).
+http://stackoverflow.com/questions/16047306/how-is-docker-io-different-from-a-
 normal-virtual-machine).
 ### Do I lose my data when the container exits?
-Not at all! Any data that your application writes to disk gets preserved
+Not at all! Any data that your application writes to disk gets preserved in its
-in its container until you explicitly delete the container. The file
+container until you explicitly delete the container. The file system for the
-system for the container persists even after the container halts.
+container persists even after the container halts.
 ### How far do Docker containers scale?
-Some of the largest server farms in the world today are based on
+Some of the largest server farms in the world today are based on containers.
-containers. Large web deployments like Google and Twitter, and platform
+Large web deployments like Google and Twitter, and platform providers such as
-providers such as Heroku and dotCloud all run on container technology,
+Heroku and dotCloud all run on container technology, at a scale of hundreds of
-at a scale of hundreds of thousands or even millions of containers
+thousands or even millions of containers running in parallel.
 running in parallel.
 ### How do I connect Docker containers?
-Currently the recommended way to link containers is via the link
+Currently the recommended way to link containers is via the link primitive. You
-primitive. You can see details of how to [work with links
+can see details of how to [work with links here](/userguide/dockerlinks).
 here](/userguide/dockerlinks).
-Also useful for more flexible service portability is the
+Also useful for more flexible service portability is the [Ambassador linking
-[Ambassador linking pattern](/articles/ambassador_pattern_linking/).
+pattern](/articles/ambassador_pattern_linking/).
 ### How do I run more than one process in a Docker container?
 Any capable process supervisor such as [http://supervisord.org/](
-http://supervisord.org/), runit, s6, or daemontools can do the trick.
+http://supervisord.org/), runit, s6, or daemontools can do the trick. Docker
-Docker will start up the process management daemon which will then fork
+will start up the process management daemon which will then fork to run
-to run additional processes. As long as the processor manager daemon continues
+additional processes. As long as the processor manager daemon continues to run,
-to run, the container will continue to as well. You can see a more substantial
+the container will continue to as well. You can see a more substantial example
-example [that uses supervisord here](/articles/using_supervisord/).
+[that uses supervisord here](/articles/using_supervisord/).
 ### What platforms does Docker run on?
@ -180,52 +164,51 @@ Cloud:
 ### How do I report a security issue with Docker?
 You can learn about the project's security policy
-[here](https://www.docker.com/security/) and report security issues to
+[here](https://www.docker.com/security/) and report security issues to this
-this [mailbox](mailto:security@docker.com).
+[mailbox](mailto:security@docker.com).
 ### Why do I need to sign my commits to Docker with the DCO?
 Please read [our blog post](
-http://blog.docker.com/2014/01/docker-code-contributions-require-developer-certificate-of-origin/)
+http://blog.docker.com/2014/01/docker-code-contributions-require-developer-
-on the introduction of the DCO.
+certificate-of-origin/) on the introduction of the DCO.
 ### When building an image, should I prefer system libraries or bundled ones?
 *This is a summary of a discussion on the [docker-dev mailing list](
 https://groups.google.com/forum/#!topic/docker-dev/L2RBSPDu1L0).*
-Virtually all programs depend on third-party libraries. Most frequently,
+Virtually all programs depend on third-party libraries. Most frequently, they
-they will use dynamic linking and some kind of package dependency, so
+will use dynamic linking and some kind of package dependency, so that when
-that when multiple programs need the same library, it is installed only once.
+multiple programs need the same library, it is installed only once.
-Some programs, however, will bundle their third-party libraries, because
+Some programs, however, will bundle their third-party libraries, because they
-they rely on very specific versions of those libraries. For instance,
+rely on very specific versions of those libraries. For instance, Node.js bundles
-Node.js bundles OpenSSL; MongoDB bundles V8 and Boost (among others).
+OpenSSL; MongoDB bundles V8 and Boost (among others).
-When creating a Docker image, is it better to use the bundled libraries,
+When creating a Docker image, is it better to use the bundled libraries, or
-or should you build those programs so that they use the default system
+should you build those programs so that they use the default system libraries
-libraries instead?
+instead?
-The key point about system libraries is not about saving disk or memory
+The key point about system libraries is not about saving disk or memory space.
-space. It is about security. All major distributions handle security
+It is about security. All major distributions handle security seriously, by
-seriously, by having dedicated security teams, following up closely
+having dedicated security teams, following up closely with published
-with published vulnerabilities, and disclosing advisories themselves.
+vulnerabilities, and disclosing advisories themselves. (Look at the [Debian
-(Look at the [Debian Security Information](https://www.debian.org/security/)
+Security Information](https://www.debian.org/security/) for an example of those
-for an example of those procedures.) Upstream developers, however,
+procedures.) Upstream developers, however, do not always implement similar
-do not always implement similar practices.
+practices.
-Before setting up a Docker image to compile a program from source,
+Before setting up a Docker image to compile a program from source, if you want
-if you want to use bundled libraries, you should check if the upstream
+to use bundled libraries, you should check if the upstream authors provide a
-authors provide a convenient way to announce security vulnerabilities,
+convenient way to announce security vulnerabilities, and if they update their
-and if they update their bundled libraries in a timely manner. If they
+bundled libraries in a timely manner. If they don't, you are exposing yourself
-don't, you are exposing yourself (and the users of your image) to
+(and the users of your image) to security vulnerabilities.
 security vulnerabilities.
 Likewise, before using packages built by others, you should check if the
 channels providing those packages implement similar security best practices.
 Downloading and installing an "all-in-one" .deb or .rpm sounds great at first,
-except if you have no way to figure out that it contains a copy of the
+except if you have no way to figure out that it contains a copy of the OpenSSL
-OpenSSL library vulnerable to the [Heartbleed](http://heartbleed.com/) bug.
+library vulnerable to the [Heartbleed](http://heartbleed.com/) bug.
 ### Why is `DEBIAN_FRONTEND=noninteractive` discouraged in Dockerfiles?
@ -234,40 +217,44 @@ When building Docker images on Debian and Ubuntu you may have seen errors like:
    unable to initialize frontend: Dialog
 These errors don't stop the image from being built but inform you that the
-installation process tried to open a dialog box, but was unable to. 
+installation process tried to open a dialog box, but was unable to. Generally,
-Generally, these errors are safe to ignore.
+these errors are safe to ignore.
 Some people circumvent these errors by changing the `DEBIAN_FRONTEND`
 environment variable inside the Dockerfile using:
    ENV DEBIAN_FRONTEND=noninteractive
-This prevents the installer from opening dialog boxes during installation 
+This prevents the installer from opening dialog boxes during installation which
-which stops the errors.
+stops the errors.
-While this may sound like a good idea, it *may* have side effects. 
+While this may sound like a good idea, it *may* have side effects. The
-The `DEBIAN_FRONTEND` environment variable will be inherited by all 
+`DEBIAN_FRONTEND` environment variable will be inherited by all images and
-images and containers built from your image, effectively changing
+containers built from your image, effectively changing their behavior. People
-their behavior. People using those images will run into problems when
+using those images will run into problems when installing software
-installing software interactively, because installers will not show
+interactively, because installers will not show any dialog boxes.
 any dialog boxes.
 Because of this, and because setting `DEBIAN_FRONTEND` to `noninteractive` is
 mainly a 'cosmetic' change, we *discourage* changing it.
-If you *really* need to change its setting, make sure to change it
+If you *really* need to change its setting, make sure to change it back to its
-back to its [default value](https://www.debian.org/releases/stable/i386/ch05s03.html.en) 
+[default value](https://www.debian.org/releases/stable/i386/ch05s03.html.en)
 afterwards.
-### Can I help by adding some questions and answers?
+### Why do I get `Connection reset by peer` when making a request to a service running in a container?
 Typically, this message is returned if the service is already bound to your
 localhost. As a result, requests coming to the container from outside are
 dropped. To correct this problem, change the service's configuration on your
 localhost so that the service accepts requests from all IPs.  If you aren't sure
 how to do this, check the documentation for your OS.
 Definitely! You can fork [the repo](https://github.com/docker/docker) and
 edit the documentation sources.
 ### Where can I find more answers?
 You can find more answers on:
 - [Docker user mailinglist](https://groups.google.com/d/forum/docker-user) 
 - [Docker developer mailinglist](https://groups.google.com/d/forum/docker-dev) 
 - [IRC, docker on freenode](irc://chat.freenode.net#docker) 
@ -275,5 +262,4 @@ You can find more answers on:
 - [Ask questions on Stackoverflow](http://stackoverflow.com/search?q=docker) 
 - [Join the conversation on Twitter](http://twitter.com/docker)
-Looking for something else to read? Checkout the [User
+Looking for something else to read? Checkout the [User Guide](/userguide/).
 Guide](/userguide/).