Docker

AnduinOS Verified App - Open Source

Docker is an AnduinOS verified app. It runs flawlessly on AnduinOS with easy installation and automatic updates.

Docker is a set of platform-as-a-service products that use OS-level virtualization to deliver software in packages called containers.

To install Docker on AnduinOS, run the following commands:

Install Docker

sudo apt install -y docker.io

Also install recommended plugins

It is recommended to install the following packages at the same time:

Package	Purpose
`qemu-user-static`	Enables cross-architecture emulation via the kernel's `binfmt_misc`
`docker-buildx`	BuildKit-backed builder — required for multi-architecture image builds
`docker-compose-v2`	Compose v2 plugin (`docker compose`) for multi-container application management

sudo apt install -y qemu-user-static docker-buildx docker-compose-v2

See the Docker tips handbook for usage details.

To quickly learn how to use Docker, visit the official Docker documentation. You can also view our quick Docker handbook here.

Manage Docker as a Non-Root User

By default, the Docker daemon runs as root. To run Docker commands without prepending sudo, you have two options based on your security needs.

Option 1: Add User to Docker Group (Recommended for Personal Use)

This method allows your current user to control the system-wide Docker daemon. This is the most convenient method for development.

Allow current user to run Docker commands

sudo usermod -aG docker $USER

After running this command, you must log out and log back in (or restart your computer) for the changes to take effect.

Security Notice: Root Equivalence

By adding your user to the docker group, you are granting Root Equivalence.

Global Scope: You are interacting with the system-wide socket at /var/run/docker.sock.
Risk: Any process with access to the Docker daemon can effectively become root on the host system (e.g., by mounting the host's root filesystem / into a container).
Context: This is standard practice for local development environments but requires you to trust the applications you run.

Option 2: Rootless Docker (Isolated Scope)

If you need strict isolation (e.g., for multi-user environments) and do not want to share the system Docker daemon, you can use Rootless Docker.

Configure Rootless Docker

sudo apt install -y uidmap
dockerd-rootless-setuptool.sh install

This creates a separate Docker instance using user namespaces. The socket path will differ, and containers will not have root access to the host by default.

Docker Compose

Install the Compose v2 plugin via apt if it is not already present:

Install Docker Compose v2

sudo apt install -y docker-compose-v2

Verify the installation:

docker compose version

Docker Compose v2 vs v1

Docker Compose v2 is the current standard and is recommended for all users. It is invoked as docker compose (space, no hyphen) and ships as a Docker CLI plugin.

Some older documentation may still reference Docker Compose v1, with the standalone binary docker-compose (hyphenated). The two are functionally equivalent for most use-cases, but v1 is no longer maintained.

Enable Swarm Mode (Optional)

If you need to use Docker Swarm features or deploy stacks across multiple nodes:

sudo docker swarm init --advertise-addr $(hostname -I | awk '{print $1}')

For more details on managing container applications, visit our document.

Docker with Nvidia GPU

If your system features an Nvidia GPU, Docker can utilize it for hardware acceleration (CUDA).

1. Verification & Drivers

First, confirm your Nvidia GPU is detected:

Check Nvidia GPU hardware

lspci | grep -i nvidia

Ensure you have the proprietary Nvidia drivers installed. Refer to the [suspicious link removed].

Verify the driver status:

nvidia-smi

2. Install Nvidia Container Toolkit

If you haven't installed Docker yet, do so now (see the top of this page). Then, install the Nvidia Container Toolkit:

Reference: Nvidia Container Toolkit Install Guide

Install Nvidia Toolkit

# Add the repository
curl -fsSL https://nvidia.github.io/libnvidia-container/gpgkey | sudo gpg --dearmor -o /usr/share/keyrings/nvidia-container-toolkit-keyring.gpg
curl -s -L https://nvidia.github.io/libnvidia-container/stable/deb/nvidia-container-toolkit.list | sed 's#deb https://#deb [signed-by=/usr/share/keyrings/nvidia-container-toolkit-keyring.gpg] https://#g' | sudo tee /etc/apt/sources.list.d/nvidia-container-toolkit.list

# Install packages
sudo apt-get update
sudo apt-get install -y nvidia-container-toolkit nvidia-docker2

# Restart Docker to apply changes
sudo systemctl restart docker

3. Verification

Verify that Docker can see your GPU:

sudo docker run --rm --gpus all nvidia/cuda:11.6.2-base-ubuntu20.04 nvidia-smi

4. Advanced: GPU in Docker Swarm

Using GPUs in Swarm mode requires manual configuration of the Docker daemon resources.

Configuring Docker Daemon for Swarm GPU

echo "Configuring docker daemon for Nvidia GPU..."

# Get the GPU UUIDs and format them as a JSON array
raw_gpu_output=$(nvidia-smi --query-gpu=gpu_uuid --format=csv,noheader)
JSON_GPU_RESOURCES=""
for ID in $raw_gpu_output; do
    JSON_GPU_RESOURCES+="\"NVIDIA-GPU=$ID\","
done
JSON_GPU_RESOURCES=${JSON_GPU_RESOURCES%,}  # Remove trailing comma
echo "Detected GPU resources: $JSON_GPU_RESOURCES"

# Backup existing config
if [ -f /etc/docker/daemon.json ]; then
    sudo cp /etc/docker/daemon.json /etc/docker/daemon.json.bak
fi

# Write new configuration
sudo tee /etc/docker/daemon.json <<EOF
{
  "runtimes": {
    "nvidia": {
      "path": "/usr/bin/nvidia-container-runtime",
      "runtimeArgs": []
    }
  },
  "default-runtime": "nvidia",
  "node-generic-resources": [
    $JSON_GPU_RESOURCES
  ]
}
EOF

# Update Nvidia runtime config
sudo sed -i 's/#swarm-resource = "DOCKER_RESOURCE_GPU"/swarm-resource = "DOCKER_RESOURCE_GPU"/' /etc/nvidia-container-runtime/config.toml

sudo systemctl restart docker

Now you can deploy a Swarm service with GPU resources:

Deploy a GPU service

# Ensure Swarm is initialized
docker swarm init --advertise-addr $(hostname -I | awk '{print $1}') || true

docker service create --replicas 1 \
  --name tensor-qs \
  --generic-resource "NVIDIA-GPU=0" \
  tomlankhorst/tensorflow-quickstart

Check the logs to confirm execution:

docker service logs tensor-qs

Clean up:

docker service rm tensor-qs

GPU in Docker Compose (v2)

To request GPU resources in a docker-compose.yml file:

services:
  cuda_app:
    image: nvidia/cuda:11.6.2-base-ubuntu20.04
    command: nvidia-smi
    deploy:
      resources:
        reservations:
          devices:
            - driver: nvidia
              count: 1
              capabilities: [gpu]

Docker Desktop

Not Recommended for Linux Users

We strongly discourage using Docker Desktop on AnduinOS.

Docker Desktop runs the Docker daemon inside a Virtual Machine (VM), which adds unnecessary overhead and complexity compared to the native Linux Docker engine. It may also conflict with your native Docker installation.

Furthermore, Docker Desktop is proprietary software and may require a paid subscription for commercial use.

If you absolutely must use it (e.g., for specific GUI features), you can install the .deb package manually:

cd ~
wget https://desktop.docker.com/linux/main/amd64/docker-desktop-amd64.deb -O docker-desktop-amd64.deb
sudo apt install ./docker-desktop-amd64.deb -y
rm docker-desktop-amd64.deb

The link above may be outdated

The link above may be outdated. Please visit the official website to get the latest version.

Unable to automatically upgrade this application

The above command only installs the launcher. If you run sudo apt upgrade, it won't upgrade it automatically. You will need to manually rerun the above command to upgrade.

This is because the software provider didn't setup a repository for automatic updates. You will need to check the official website for updates.