What is docker? (src)

Docker is the world’s leading software container platform.

Developers use Docker to eliminate “works on my machine” problems when collaborating on code with co-workers.

Operators use Docker to run and manage apps side-by-side in isolated containers to get better compute density.

Enterprises use Docker to build agile software delivery pipelines to ship new features faster, more securely and with confidence for both Linux and Windows Server apps.

What is a Container?

Using containers, everything required to make a piece of software run is packaged into isolated containers.

Unlike VMs, containers do not bundle a full operating system – only libraries and settings required to make the software work are needed. This makes for efficient, lightweight, self-contained systems and guarantees that software will always run the same, regardless of where it’s deployed.

But docker needs kernel headers… so i guess it is compiling/needs a kernel module?


  1. containers harddisk space once used – does not shrink!? (unless you export/import)
    • i would understand this if all files were in ONE FILE but they are NOT, i really do NOT understand, that when you copy a large file into your container and delete it from the container… the harddisk space is still in USE!
  2. exporting containers takes 3x times the harddisk space it needs for a container
    • so if you have a container that uses 50GBytes of harddisk space and your harddisk is only 100GBytes you are screwed! you can not migrate your docker container to a bigger harddisk by commit and save.
  3. fail2ban / iptables does not work!?
    • not in the container and not on the host!?
  4. more strange problems: „can’t remove directory“ under certain conditions

it seems the docker-complexity is going south!

the concept is great – similar to OpenVZ increasing server density even more – (hardware -> virtualization -> container) but i am seriously thinking about not using it again for exactly those issues.

su; # become root

apt-get install linux-headers-$(uname -r); # install kernel headers

apt-get remove docker docker-engine docker.io; # make sure old version is removed if installed

apt install lsb-release software-properties-common apt-transport-https; # install software

add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable"

wget -q https://download.docker.com/linux/debian/gpg -O- | apt-key add -

apt-get update

apt-get install docker-ce

apt-cache madison docker-ce; # show all available docker verions
apt-get install docker-ce=17.03.2~ce-0~debian-stretch; # install specific docker version

docker -v; # show installed docker version

# enhance security

non root user usage

in order to allow non-root users to use docker add them to the group „docker“

# create group docker
groupadd docker
# add user username to group docker
usermod -aG docker username

re-login to activate changes. non-root user username should be able to run:

docker run hello-world; # download and run image hello-world

hello world

looks like this

docker run hello-world

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:

For more examples and ideas, visit: