Running GUI in docker (no ssh, no VNC) - docker

TL;DR: root is not supposed to run GUI app, set a regular user to do so.
I'm trying to run arduino IDE (downloaded, not the package) from within a Docker. I wrote the Dockerfile as follow:
FROM ubuntu:14.04
MAINTAINER Mael Auzias <docker#mael.auzias.net>
ENV HOME /home/arduino
ENV USER arduino
RUN apt-get update && apt-get install -y \
libx11-6 libxext-dev libxrender-dev libxtst-dev \
--no-install-recommends \
&& useradd --create-home --home-dir $HOME $USER \
&& chown -R $USER:$USER $HOME
ADD arduino-1.6.6-linux64.tar.xz $HOME
WORKDIR $HOME/arduino-1.6.6
USER $USER
ENTRYPOINT ["/bin/bash"]
I spent time to understand how does Jessica Frazelle usually starts her graphical containers to rightly start mine with the command:
$docker run --name arduino --rm -it -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix 25af73b6cb3c ./arduino
No protocol specified
Picked up JAVA_TOOL_OPTIONS:
No protocol specified
Exception in thread "main" java.awt.AWTError: Can't connect to X11 window server using ':0' as the value of the DISPLAY variable.
I installed strace and check with xeyes what was wrong, and I get the following error:
connect(3, {sa_family=AF_LOCAL, sun_path=#"/tmp/.X11-unix/X0"}, 20) = -1 ECONNREFUSED (Connection refused)
Did anyone experience this? Can any point me out some doc or see what I'm doing wrong?
Any help would be welcome.
PS: as specified in the title I do not want to use ssh or VNC. No cryptography should be used nor network when a unix socket is faster and enough.
Solution
Got some news...
As the user root I cannot start graphical application. When I su regular-user and start xterm or xeyes it works. I don't really understand why though :/
Here is the working Dockerfile, tested on Fedora 23.
The application must not be ran as root so it starts using X.
Note that, unrelated to this issue, a Java option has been removed from the bash file arduino (so it starts properly).
After a docker build -t arduino-1.6.6 ., docker run --name arduino --rm -it -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix arduino-1.6.6 ./arduino start the arduino IDE.
You will not be able to upload any code into an arduino without adding a --device or -v to share the /dev/ttyUSB0.
FROM ubuntu:14.04
MAINTAINER Mael Auzias <docker#mael.auzias.net>
ENV HOME /home/arduino
ENV USER arduino
RUN apt-get update && apt-get install -y \
libx11-6 libxext-dev libxrender-dev libxtst-dev \
--no-install-recommends \
&& rm -rf /var/lib/apt/lists/* \
&& useradd --create-home --home-dir $HOME $USER \
&& chown -R $USER:$USER $HOME
ADD arduino-1.6.6-linux64.tar.xz $HOME
RUN sed -i 's/"-Dswing.defaultlaf=com.sun.java.swing.plaf.gtk.GTKLookAndFeel"//g' /home/arduino/arduino-1.6.6/arduino
WORKDIR $HOME/arduino-1.6.6
USER $USER
ENTRYPOINT ["/bin/bash"]

Got some news...
As the user root I cannot start graphical application. When I su regular-user and start xterm or xeyes it works. I don't really understand why though :/
Here is the working Dockerfile, tested on Fedora 23.
The application must not be ran as root so it starts using X.
Note that, unrelated to this issue, a Java option has been removed from the bash file arduino (so it starts properly).
After a docker build -t arduino-1.6.6 ., docker run --name arduino --rm -it -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix arduino-1.6.6 ./arduino start the arduino IDE.
You will not be able to upload any code into an arduino without adding a --device or -v to share the /dev/ttyUSB0.
FROM ubuntu:14.04
MAINTAINER Mael Auzias <docker#mael.auzias.net>
ENV HOME /home/arduino
ENV USER arduino
RUN apt-get update && apt-get install -y \
libx11-6 libxext-dev libxrender-dev libxtst-dev \
--no-install-recommends \
&& rm -rf /var/lib/apt/lists/* \
&& useradd --create-home --home-dir $HOME $USER \
&& chown -R $USER:$USER $HOME
ADD arduino-1.6.6-linux64.tar.xz $HOME
RUN sed -i 's/"-Dswing.defaultlaf=com.sun.java.swing.plaf.gtk.GTKLookAndFeel"//g' /home/arduino/arduino-1.6.6/arduino
WORKDIR $HOME/arduino-1.6.6
USER $USER
ENTRYPOINT ["/bin/bash"]

Related

Run Python scripts on command line running Docker images

I built a docker image using Dockerfile with Python and some libraries inside (no my project code inside). In my local work dir, there are some scripts to be run on the docker. So, here what I did
$ cd /path/to/my_workdir
$ docker run -it --name test -v `pwd`:`pwd` -w `pwd` my/code:test python src/main.py --config=test --results-dir=/home/me/Results
The command python src/main.py --config=test --results-dir=/home/me/Results is what I want to run inside the Docker container.
However, it returns,
/home/docker/miniconda3/bin/python: /home/docker/miniconda3/bin/python: cannot execute binary file
How can I fix it and run my code?
Here is my Dockerfile
FROM nvidia/cuda:10.1-cudnn7-runtime-ubuntu18.04
MAINTAINER Me <me#me.com>
RUN apt update -yq && \
apt install -yq curl wget unzip git vim cmake sudo
RUN adduser --disabled-password --gecos '' docker && \
adduser docker sudo && \
echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
USER docker
WORKDIR /home/docker/
RUN chmod a+rwx /home/docker/ && \
wget https://repo.anaconda.com/miniconda/Miniconda3-latest-Linux-x86_64.sh && \
bash Miniconda3-latest-Linux-x86_64.sh -b && rm Miniconda3-latest-Linux-x86_64.sh
ENV PATH /home/docker/miniconda3/bin:$PATH
Run pip install absl-py==0.5.0 atomicwrites==1.2.1 attrs==18.2.0 certifi==2018.8.24 chardet==3.0.4 cycler==0.10.0 docopt==0.6.2 enum34==1.1.6 future==0.16.0 idna==2.7 imageio==2.4.1 jsonpickle==1.2 kiwisolver==1.0.1 matplotlib==3.0.0 mock==2.0.0 more-itertools==4.3.0 mpyq==0.2.5 munch==2.3.2 numpy==1.15.2 pathlib2==2.3.2 pbr==4.3.0 Pillow==5.3.0 pluggy==0.7.1 portpicker==1.2.0 probscale==0.2.3 protobuf==3.6.1 py==1.6.0 pygame==1.9.4 pyparsing==2.2.2 pysc2==3.0.0 pytest==3.8.2 python-dateutil==2.7.3 PyYAML==3.13 requests==2.19.1 s2clientprotocol==4.10.1.75800.0 sacred==0.8.1 scipy==1.1.0 six==1.11.0 sk-video==1.1.10 snakeviz==1.0.0 tensorboard-logger==0.1.0 torch==0.4.1 torchvision==0.2.1 tornado==5.1.1 urllib3==1.23
USER docker
ENTRYPOINT ["/bin/bash"]
Try making the file executable before running it.
as John mentioned to do in the dockerfile
FROM python:latest
COPY src/main.py /usr/local/share/
RUN chmod +x /usr/local/share/src/main.py #<-**--- just add this also
# I have some doubts about the pathing
CMD ["/usr/local/share/src/main.py", "--config=test --results-dir=/home/me/Results"]
You can run a python script in docker by adding this to your docker file:
FROM python:latest
COPY src/main.py /usr/local/share/
CMD ["src/main.py", "--config=test --results-dir=/home/me/Results"]

Permissions in Docker volume

I am struggling with permissions on docker volume, I get access denied for writing.
This is a small part of my docker file
FROM ubuntu:18.04
RUN apt-get update && \
apt-get install -y \
apt-transport-https \
build-essential \
ca-certificates \
curl \
vim && \............
RUN curl -sL https://deb.nodesource.com/setup_8.x | bash - && apt-get install -y nodejs
# Add non-root user
ARG USER=user01
RUN useradd -Um -d /home/$USER -s /bin/bash $USER && \
apt install -y python3-pip && \
pip3 install qrcode[pil]
#Copy that startup.sh into the scripts folder
COPY /scripts/startup.sh /scripts/startup.sh
#Making the startup.sh executable
RUN chmod -v +x /scripts/startup.sh
#Copy node API files
COPY --chown=user1 /node_api/* /home/user1/
USER $USER
WORKDIR /home/$USER
# Expose needed ports
EXPOSE 3000
VOLUME /data_storage
ENTRYPOINT [ "/scripts/startup.sh" ]
Also a small part of my startup.sh
#!/bin/bash
/usr/share/lib/provision.py --enterprise-seed $ENTERPRISE_SEED > config.json
Then my docker builds command:
sudo docker build -t mycontainer .
And the docker run command:
sudo docker run -v data_storage:/home/user01/.client -p 3008:3000 -itd mycontainer
The problem I have is that the Python script will create the folder: /home/user01/.client and it will copy some files in there. That always worked fine. But now I want those files, which are data files, in a volume for backup porpuses. And as I am mapping with my volume I get permissions denied, so the python script is not able to write anymore.
So at the end of my dockerfile this instructions combined with the mapping in the docker run command give me the permission denied:
VOLUME /data_storage
Any suggestions on how to resolve this? some more permissions needed for the "user01"?
Thanks
I was able to resolve my issue by removing the "volume" command from the dockerfile and just doing the mapping at the moment of executing the docker run:
sudo docker run -v data_storage:/home/user01/.client -p 3008:3000 -itd mycontainer

How to troubleshoot error coming from a container

I'm experimenting for the first time to try to create a docker container to run ROS. I am getting a confusing error and I cant figure out how to trouble
bash-3.2$ docker run -ti --name turtlebot3 rosdocker To run a command
as administrator (user "root"), use "sudo <command>". See "man
sudo_root" for details.
bash: /home/ros/catkin_ws/devel/setup.bash: No such file or directory
I am creating rosdocker with this dockerfile, from inside vscode. I am using the Docker plugin and using the "Build Image" command. Here's the Dockerfile:
FROM ros:kinetic-robot-xenial
RUN apt-get update && apt-get install --assume-yes \sudo \
python-pip \
ros-kinetic-desktop-full \
ros-kinetic-turtlebot3 \
ros-kinetic-turtlebot3-bringup \
ros-kinetic-turtlebot3-description \
ros-kinetic-turtlebot3-fake \
ros-kinetic-turtlebot3-gazebo \
ros-kinetic-turtlebot3-msgs \
ros-kinetic-turtlebot3-navigation \
ros-kinetic-turtlebot3-simulations \
ros-kinetic-turtlebot3-slam \
ros-kinetic-turtlebot3-teleop
# install python packages
RUN pip install -U scikit-learn numpy scipy
RUN pip install --upgrade pip
# create non-root user
ENV USERNAME ros
RUN adduser --ingroup sudo --disabled-password --gecos "" --shell /bin/bash --home /home/$USERNAME $USERNAME
RUN bash -c 'echo $USERNAME:ros | chpasswd'
ENV HOME /home/$USERNAME
USER $USERNAME
# create catkin_ws
RUN mkdir /home/$USERNAME/catkin_ws
WORKDIR /home/$USERNAME/catkin_ws
# add catkin env
RUN echo 'source /opt/ros/kinetic/setup.bash' >> /home/$USERNAME/.bashrc
RUN echo 'source /home/$USERNAME/catkin_ws/devel/setup.bash' >> /home/$USERNAME/.bashrc
I am not sure where the error is coming from and I don't know how to debug or troubleshoot it. I would appreciate any pointers!
You are creating an user ros and then in the last line doing this:
RUN echo 'source /home/$USERNAME/catkin_ws/devel/setup.bash' >> /home/$USERNAME/.bashrc
So obviously, system will look for "/home/ros/catkin_ws/devel/setup.bash" which is not created any where inside docker file.
Either create this file or if you are planning to mount from host to docker, then run with
docker run -ti --name turtlebot3 rosdocker -v sourcevolume:destinationvolume

How to run OpenCL + OpenGL inside a Docker container?

The aim is to run an OpenCL/OpenGL (interop) app inside a docker container. But I have not been successful yet.
Intro
I have laptop with an NVidia graphics card so I thought leveraging on NVidia Dockerfiles [1,2] would be a good starting point.
The following Dockerfile:
# Dockerfile to run OpenGL app
FROM nvidia/opengl:1.0-glvnd-runtime-ubuntu16.04
ENV NVIDIA_DRIVER_CAPABILITIES ${NVIDIA_DRIVER_CAPABILITIES},display
RUN apt-get update && apt-get install -y --no-install-recommends \
mesa-utils && \
rm -rf /var/lib/apt/lists/*
works quite well, and I was able to run glxgears.
Running OpenCL on its own container was no big deal either:
# Dockerfile to run OpenCL app
FROM nvidia/opengl:1.0-glvnd-runtime-ubuntu16.04
RUN apt-get update && apt-get install -y --no-install-recommends \
ocl-icd-libopencl1 \
clinfo && \
rm -rf /var/lib/apt/lists/*
RUN mkdir -p /etc/OpenCL/vendors && \
echo "libnvidia-opencl.so.1" > /etc/OpenCL/vendors/nvidia.icd
ENV NVIDIA_VISIBLE_DEVICES all
ENV NVIDIA_DRIVER_CAPABILITIES compute,utility
and clinfo successfully shows information about my device.
Attempt
Finally here's my attempt at creating a container with both OpenGL and OpenCL drivers:
# Dockerfile mixing OpenGL and OpenCL
FROM nvidia/opengl:1.0-glvnd-runtime-ubuntu16.04
ENV NVIDIA_DRIVER_CAPABILITIES ${NVIDIA_DRIVER_CAPABILITIES},display
RUN apt-get update && apt-get install -y --no-install-recommends \
mesa-utils \
ocl-icd-libopencl1 \
clinfo && \
rm -rf /var/lib/apt/lists/*
RUN mkdir -p /etc/OpenCL/vendors && \
echo "libnvidia-opencl.so.1" > /etc/OpenCL/vendors/nvidia.icd
ENV NVIDIA_VISIBLE_DEVICES all
ENV NVIDIA_DRIVER_CAPABILITIES compute,utility
And now, although clinfo still prints OpenCL device information, glxgears on the other hand fails with the following error:
Error: couldn't get an RGB, Double-buffered visual
Any idea how to make this work? Thanks in advance.
References
[1] https://gitlab.com/nvidia/opencl/blob/ubuntu16.04/devel/Dockerfile
[2] https://gitlab.com/nvidia/opencl/blob/ubuntu16.04/runtime/Dockerfile
ENV NVIDIA_DRIVER_CAPABILITIES compute,utility
You forgot the capability display.
What did work for me is the following
STEP 1: added at the end of the Dockerfile the following two lines
ENV NVIDIA_VISIBLE_DEVICES all
ENV NVIDIA_DRIVER_CAPABILITIES compute,utility,display
STEP 2: to run the container
$ sudo xhost +local:root
$ docker run --gpus all -it --rm --name container_name \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e DISPLAY=$DISPLAY \
-e QT_X11_NO_MITSHM=1 \
--net=host \
image_name bash

dbus errrors when trying to start GUI app from Docker CentOS container

I am trying to run a GUI from a CentOS container. I tried to follow this example. This is my Dockerfile:
#!/bin/bash
FROM centos:7
#RUN yum install -y firefox dbus dbus-x11
RUN yum install -y firefox
# Replace 0 with your user / group id
RUN export uid=1000 gid=100
RUN mkdir -p /home/developer
RUN echo "developer:x:${uid}:${gid}:Developer,,,:/home/developer:/bin/bash" >> /etc/passwd
RUN echo "developer:x:${uid}:" >> /etc/group
RUN echo "developer ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
RUN chmod 0440 /etc/sudoers
RUN chown ${uid}:${gid} -R /home/developer
#RUN dbus-uuidgen > /var/lib/dbus/machine-id
#RUN export $(dbus-launch)
USER developer
ENV HOME /home/developer
CMD /usr/bin/firefox
I then run the following commands in my terminal.
docker run -ti --rm \
-e DISPLAY=$DISPLAY \
-v /tmp/.X11-unix:/tmp/.X11-unix \
firefox
process 8: D-Bus library appears to be incorrectly set up; failed to read machine uuid: UUID file '/etc/machine-id' should contain a hex string of length 32, not length 0, with no other text
See the manual page for dbus-uuidgen to correct this issue.
D-Bus not built with -rdynamic so unable to print a backtrace
Running without a11y support!
No protocol specified
Error: cannot open display: :0.0
I have tried this solution, where I add the following lines to my Dockerfile,
# apt-get install -y dbus
# dbus-uuidgen > /var/lib/dbus/machine-id
But that didn't fix the problem. Any ideas?
Edit: My host OS is Arch Linux. And I really am trying to run this example in CentOs.I don't really need a container that runs a Firefox GUI. I was just trying to get the simplest example of a GUI running in a CentOS container running, and I failed at that.
Problem is with your DockerFile, your base image is Centos and rest of command you running for Ubuntu.
FROM ubuntu
RUN apt-get update && apt-get install -y firefox
# Replace 1000 with your user / group id
RUN export uid=1000 gid=1000 && \
mkdir -p /home/developer && \
echo "developer:x:${uid}:${gid}:Developer,,,:/home/developer:/bin/bash" >> /etc/passwd && \
echo "developer:x:${uid}:" >> /etc/group && \
echo "developer ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/developer && \
chmod 0440 /etc/sudoers.d/developer && \
chown ${uid}:${gid} -R /home/developer
USER developer
ENV HOME /home/developer
CMD /usr/bin/firefox
You Run command will be
docker run -ti --rm -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix firefox
The above image is tested in Ubuntu 18.04 and working fine.
For window try like this
docker run -ti --rm -e DISPLAY=$DISPLAY firefox
You check the above image on docker registry.
docker pull adilm7177/firefox

Resources