| 4 min read
Docker’s normally used to containerise background applications and CLI programs. You might also use it to run graphic apps though! You may either use an existing X Server, in which the server machine is currently running a graphical environment, or you can run a VNC server inside the container.
First it’s important to know what Docker actually does. A Docker”container” is a sort of encapsulation which appears to be superficially similar to a virtual machine. Unlike a virtual server, containers reveal the same Linux kernel as their server system.
The following component is the X Window System. X Servers such as Xorg provide the fundamental graphical capabilities of Unix systems. GUI applications can not render with no X Server accessible. (Alternative windowing systems, such as Wayland, can be found — we are focusing on X in this report.)
Trying to run an X Server in Docker is possible but rarely used. You would want to run Docker in privileged mode (
--privileged) so it could get into your host’s hardware. Starting the server will attempt to claim your video devices, usually resulting in lack of video output because your host’s unique X server has its apparatus yanked away.
A better strategy is to mount your host’s X Server socket into the Docker container. This allows your container to use the X Server you already have. GUI applications running in the container will then look in your current desktop.
Why Run GUI Apps in Docker?
Running a GUI application in Docker can be a helpful technique when you’re evaluating a new piece of software. You are able to set up the applications in a clean container, instead of having to pollute your host with new packages.
This strategy also helps you prevent any incompatibilities with other packages in your environment. If you want to temporarily run two versions of a program, you can utilize Docker to avoid having to remove and reinstall the applications on your server.
Forwarding An X Socket into A Docker Container
Providing a Docker container together with access to your host’s X socket is a straightforward procedure. The X socket are located in
/tmp/. X11-unix on your server. The contents of the directory ought to be mounted to some Docker volume delegated to the container. You’ll want to use the
host media mode in order for this to work.
You must also provide the container with a
DISPLAY environment variable. This instructs X customers — your graphical applications — which X server to connect to. Set
DISPLAY in the container to the value of
$DISPLAY on your host.
You can encapsulate all this configuration in one
docker-compose. Yml document:
variant:"3" Services: Program: Image: my-app:newest Construct:. Environment: - DISPLAY=$DISPLAY Volumes: - /tmp/. X11-unix:/tmp/. X11-unix Network_mode: server
Next, you need to create a
Dockerfile to your application. Here’s an example that runs on the Firefox web browser:
FROM ubuntu:newest RUN apt-get upgrade &apt-get install -y firefox CMD ["/usr/bin/firefox"]
Now build and run the picture:
docker-compose construct Docker-compose upward
A brand new Firefox window should show up on your desktop computer! The Firefox case will run inside the container, independently of another open Firefox windows. The container will share your host X socket, so the containerised Firefox still shows up on your desktop.
This approach should only be used if you anticipate your Docker container. Exposing the host display server is a security hazard if you’re not completely certain what lies inside the container.
Handling X Authentication
You may have to authenticate the container to get into the X Server. First get an X authentication token from the server machine. Run
xauth list and note down one of those listed cookies. You’ll need to copy the entire line.
Inside the Docker container, install the
xauth bundle ) Then run
xauth include , passing the token you copied in the previous step.
apt install -y xauth Xauth include
Your container must now successfully authenticate to the X Server.
Another Approach — Running a VNC Server
If you’re not able to use X socket forwarding, then you may setup a VNC server within your container. This approach allows you see graphic programs in the container by linking by a VNC client running on the host.
Add the VNC server software to your container:
FROM ubuntu:newest RUN apt-get update &apt-get install -y firefox x11vnc xvfb RUN echo"exec firefox" > ~/.xinitrc && chmod +x ~/.xinitrc CMD ["v11vnc", "-create", "-forever"]
When you run this container, then a VNC server will be generated automatically. You have to bind a host interface to the container’s port 5900 — this is the interface that the VNC server is going to be subjected on.
Firefox becomes launched on startup as it’s added to
.xinitrc. This file will be executed when the VNC server starts and initialises a new display.
To connect to the host, you are going to need a VNC client on your server. Find the IP address of your container by conducting
docker ps, noting down the container ID and passing it into
docker inspect . You’ll find the IP address near the bottom of the output, inside the
Use the container IP address with your VNC client. Connect port 5900 without authentication. You should now be able to interact with the graphical applications running within your Docker container.
You have the option of two strategies when conducting graphical programs within a containerised atmosphere. For general usage, sharing the host X socket usually provides the simplest solution. You may also choose to conduct a VNC server within the container. This strategy may be safer if you didn’t create the container picture.
Containerised graphical apps are helpful when you’re evaluating software or wish to conduct two versions of a bundle. It’s possible to use programs on your current desktop without having to touch your host’s configuration.