Run A GUI APPs inside a Docker Container
In this article, we are going to run a Firefox application which is basically a GUI Software inside a Docker Container.
What are Linux containers?
Linux containers are technologies that allow you to package and isolate applications with their entire runtime environment — all of the files necessary to run. This makes it easy to move the contained application between environments (dev, test, production, etc.) while retaining full functionality. Containers are also an important part of IT security. By building security into the container pipeline and defending your infrastructure, you can make sure your containers are reliable, scalable, and trusted.
Why use Linux containers?
Linux containers help reduce conflicts between your development and operations teams by separating areas of responsibility. Developers can focus on their apps and operations teams can focus on the infrastructure. And, because Linux containers are based on open source technology, you get the latest and greatest advancements as soon as they’re available. Container technologies — including CRI-O, Kubernetes, and Docker — help your team simplify, speed up, and orchestrate application development and deployment.
What is Docker?
The Docker technology uses the Linux kernel and features of the kernel, like Cgroups and namespaces, to segregate processes so they can run independently. This independence is the intention of containers — the ability to run multiple processes and apps separately from one another to make better use of your infrastructure while retaining the security you would have with separate systems.
Container tools, including Docker, provide an image-based deployment model. This makes it easy to share an application, or set of services, with all of their dependencies across multiple environments. Docker also automates deploying the application (or combined sets of processes that make up an app) inside this container environment.
These tools built on top of Linux containers — what makes Docker user-friendly and unique — gives users unprecedented access to apps, the ability to rapidly deploy, and control over versions and version distribution.
👨💻 Docker vs. Linux containers: Is there a difference?
Although sometimes confused, Docker is not the same as a traditional Linux container. Docker technology was initially built on top of the LXC technology — which most people associate with “traditional” Linux containers — though it’s since moved away from that dependency. LXC was useful as lightweight virtualization, but it didn’t have a great developer or user experience. The Docker technology brings more than the ability to run containers — it also eases the process of creating and building containers, shipping images, and versioning images, among other things.
Traditional Linux containers use an init system that can manage multiple processes. This means entire applications can run as one. The Docker technology encourages applications to be broken down into their separate processes and provides the tools to do that. This granular approach has its advantages.
🚀 Advantages of Docker containers 🚀
- Layers and image version control
- Rapid deployment
💡 So, Docker technology is a more granular, controllable, microservices-based approach that places greater value on efficiency.
⚡ Installation Of Docker
You can check my other article regarding the installation of Docker Engine and CLI Client.
What is X11?
The X Window System (also known as X11, or simply X) is a client/server windowing system for bitmap displays. It is implemented on most UNIX-like operating systems and has been ported to many other systems. The X server is the program or dedicated terminal that displays the windows and handles input devices such as keyboards, mice, and touchscreens. The clients are applications.
We are going to use X11 as a shared component between the host system and the docker container. We are going to use the Socket files, which is a UNIX technology that helps the daemon or the services running in the host Linux system to communicate with each other.
Use-Cases of GUI APPs in Containers
- App Consistency
Consistent App for workloads like Developments or Productivity app.
- App Delivery
Distributed apps without the need for something remote desktop services.
Security auditor or a security professional, who wants to run a sandbox version of Firefox.
- Vulnerability assessment
Wants to access a vulnerable side, and examine the strength of the security updates.
We are going to do all our practicals in RedHat Linux Enterprise 8 (RHEL8) Workstation. Note that the Base OS is in its GUI form.
Step — 1: Start the Docker Service
We need to make sure the Docker Service is up and running.
systemctl is-active docker
This command checks whether the Docker Service is active or inactive.
systemctl start docker
This command starts the Docker Service.
systemctl status docker
This provides a detailed overview of the docker service.
As we can see the last line saying
Started Docker Application Container Engine
Step — 2: Pull the Centos Image from DockerHub
We are going to make a Docker Container using Centos Image, which is available in DockerHub Repository.
This command Shows all the images present in our system local or downloaded from the Public Or Private repository or registry.
docker pull centos
This will by-default pull the centos image from the DockerHub and store it in our local system.
Step — 3: Providing Necessary Permissions
Displaying a GUI-based application in Docker is typically a moment of stackoverflow search, for the sake of time, and for the reckless lazy ones, the easiest solution is to give xhost permission and then remove the permission.
# Allow X server connection
# Disallow X server connection
Step — 4: Creating Dockerfile
We can create a Docker Container using Dockerfile.
A Dockerfile is a text document that contains all the commands a user could call on the command line to assemble an image. Using docker build users can create an automated build that executes several command-line instructions in succession.
# We are going to use the Latest version of Centos
FROM centos:latest# Installing the sources for the locales
RUN yum install -y glibc-locale-source# Setting up the default locale to en_US.UTF-8
RUN localedef --no-archive -i en_US -f UTF-8 en_US.UTF-8 && \
export LANG=en_US.UTF-8# Installing Necessary packages including firefox
RUN yum install -y dbus-x11 PackageKit-gtk3-module libcanberra-gtk2 firefox# Generating a universally unique ID for the Container
RUN dbus-uuidgen > /etc/machine-id# Starting Firefox application
- glibc-locale-source is the source file of many locales.
- dbus-X11 is X11 -requiring add-ons for D-Bus.
- PackageKit-gtk3-module is used to install fonts automatically using PackageKit
- Libcanberra is an implementation of the XDG Sound Theme and Name Specifications, for generating event sounds on free desktops, such as GNOME. It comes with several backends (ALSA, PulseAudio, OSS, GStreamer, null) and is designed to be portable.
Step — 5: Building the Docker image from Dockerfile
Now we have to build the Docker image using the docker build command.
docker build -t <container_image> .
-t— Tag option helps us to tag the image with a proper name.
- Dot operator at the last means that the Dockerfile is present in the current folder.
Step — 6: Launch GUI Container from the Image
We will use the docker run command to launch the container.
- We must provide the container with a
DISPLAYenvironment variable. This instructs X clients – your graphical programs – which X server to connect to. Set
DISPLAYin the container to the value of
$DISPLAYon your host.
- Providing a Docker container with access to your host’s X socket is a straightforward procedure. The X socket can be found in
/tmp/.X11-unixon your host. The contents of this directory should be mounted into a Docker volume assigned to the container.
These extra arguments are used to set up the base OS environment inside the container.
docker run -e DISPLAY=$DISPLAY \
-v /tmp/.X11-unix/:/tmp/.X11-unix/ \
--name firefox gui-container
😍 Our GUI Software Firefox is up and running.
You might be thinking “What is the industry Use-case?”.
- Well, if you have used Google Cloud Platform, then you might have used Cloud Shell and Eclipse editor both of them are in a Container made only for your account with GCloud SDK pre-installed. Because not everyone is good with CLI.
- Well if you have used Google Colab, you would know that it is also running inside a container.
“Sleep is good, he said, and books are better.”