This article explains how to install Docker on a Raspberry Pi, how to build a simple image, and how to run a container based on it.
Update 20/9/22: This procedure has been updated and tested successfully on RaspiOS “Bullseye”, release date 2022-09-06 (lite version).
Docker provides a mobile execution environment in which to run software. It is a very popular container technology. Docker is useful in the rapid deployment of applications and in application isolation. It is a valuable tool for developers, users and systems administrators. In this procedure, it will be used to install a simple video processing application called “comskip“.
Although the article is entitled Install Docker on Raspberry Pi, this procedure will work unaltered on most Linux distros, which is one of the advantages of Docker.
Besides acting as a demonstration for those wanting to learn about Docker, this article is aimed at readers of my previous articles How to Watch and Record Live TV with a Raspberry Pi and How to Install Comskip on a Rasperry Pi (without Docker).
Use the following command to install Docker.
$ sudo apt-get install docker.io
wait a few minutes for the install to complete.
Create a Docker File
A Docker image will be created from the definition below. First, create a sub directory:
$ cd $ mkdir -p docker/comskip $ cd docker/comskip
Now, using vi, nano or another editor, create a new file. Name the file “Dockerfile” and make its contents as below:
##Comskip image. ##Pull the ubuntu base image FROM ubuntu ## The maintainer name and email LABEL maintainer="Pi user" ## List all packages that we want to install ENV PACKAGES sudo cifs-utils comskip RUN apt-get update && apt-get install -y $PACKAGES #RUN sudo mkdir /Recordings #RUN echo //<osmc ip address>/Recordings /Recordings cifs \ #uid=nobody,gid=nogroup,user=<smb user>,password=<smb password>,\ #acl,noauto \ #0 0 >> /etc/fstab
Save the file.
Build the Image
Build the image as follows:
$ sudo docker build --rm=true -t comskipimg .
(Note for Buster users: If the command failed with errors like “Err:1 http://ports.ubuntu.com/ubuntu-ports focal InRelease. At least one invalid signature was encountered.”, it’s likely due to a known bug in libseccom2. For a fix, see the Appendix)
This command will perform many tasks. The standard base image “ubuntu” is pulled (downloaded) from Docker Hub. Several libraries and tools are installed into it. Next, the comskip source code is obtained (cloned) from Github. Lastly, comskip is compiled. The whole process took about 16 minutes on a Pi2, so be patient.
Note the last four lines of the Docker file are commented out and don’t do anything for the moment. More on that later.
Run the Docker Container
We have freshly built Docker image, containing comskip and a couple of dependencies. Note that although sudo, cifs-utils and comskip have been installed, they have not been installed onto your Pi. Instead, they have been installed into the Docker image. All that has been installed on the Pi is Docker itself.
In order to bring that image to life, run a container. Run a container based on the image as follows.
$ sudo docker run -i -t --privileged --cap-add SYS_ADMIN --cap-add DAC_READ_SEARCH comskipimg root@747fbdb287ca:/#
The container is running and you are left with a prompt. This is a container shell and commands issued here are executed in the container, not directly on the host (your Pi).
The command we want to run is comskip. For this demonstration, I have uploaded a video file into the container.
root@747fbdb287ca:/# comskip Minder.2020-04-06.09-15.ts ... 72586 frames decoded in 667.17 seconds (108.96 fps) Commercials were found.
Success! The video file, a 50 minute episode of Minder, was processed in 667 seconds, about 11 minutes.
Access to Video Files on a Remote Server
Comskip can be used to process TV recordings created by apps like OSMC and Kodi. The Docker container can mount remote directories, such as the directory used to storeTV recordings on a media center PC or similar. If you have shared out the recordings directory on your media center, eg. by configuring Samba on an OSMC server, then the last 5 lines of the Docker file can be used to mount the share.
To try it, first log out of the docker container, if you are still logged, in by typing ctrl-d. This will also stop the container. Edit the Dockerfile and uncomment the last 5 lines, replacing <osmc ip address>, <smb user> and <smb password> as necessary. Re-run the docker build and docker run commands from above. Then, at the container prompt, mount the share:
root@747fbdb287ca:/# mount /Recordings root@747fbdb287ca:/# df /Recordings Filesystem 1K-blocks Used Available Use% Mounted on //192.168.7.28/Recordings 499594916 247341468 252253448 50% /Recordings root@747fbdb287ca:/# cd /Recordings/Minder root@747fbdb287ca:/Recordings/Minder# ls Minder.2020-04-14.01-35.ts Minder.2020-04-14.15-40.ts Minder.2020-04-15.15-40.ts root@747fbdb287ca:/Recordings/Minder# comskip Minder.2020-04-14.15-40.ts ... and so on.
Exit the Container
When you are finished messing around in the Docker container, type exit or press ctrl-d.
root@747fbdb287ca:/# exit $
You are returned to the Pi command prompt. To run the container again, just repeat the docker run command above. Incidentally, the “–cap add” flags in that command are needed only so that the mount command works within the container.
Docker has different benefits in different situations. Here, it enabled us to get comskip up and running on our Pi, without splattering new libraries and modules all over the system. sudo, cifs-utils and comskip (as named under ENV PACKAGES) were installed within the Docker image, not into the Pi’s system folders. Out host system thus remains “clean” and unchanged.
When the Docker container exits, any files we created on the fly are lost, including files created by comskip. Storage is ephemeral. One solution is to use Docker storage volumes. Another is to mount a remote data area directly into the container, which is what we did above.
The following bug affects only the Buster release of RaspiOS, which was superceded by Bullseye in August 2021. However it remains here, as a reference.
libseccomp2 Bug (December 2020)
If the docker build resulted in errors like “Err:1 http://ports.ubuntu.com/ubuntu-ports focal InRelease. At least one invalid signature was encountered.“, it will most likely be due to a known bug in libseccom2. The bug has been fixed but the fix has not yet made its way into the stable Debian repositories. If you get this error, you can forcibly update libseccomp2 from the unstable repos. (at your own risk – they are called “unstable”, after all. I recommend proceeding only on a system that can be rebuilt and isn’t performing a critical function for you).
Check your current version of libseccomp2. I encountered the error with version 2.3.3-4:
# dpkg --list | grep libseccomp
ii libseccomp2:armhf 2.3.3-4 armhf high level interface to Linux seccomp filter
Download the latest version from the Debian Sid. You will need to choose the right architecture for your device and also check your installed libc version is high enough (compare the output of “dpkg -l libc6” on your system with the libc notes on the aforementioned page). I am using a Raspberry Pi 4, so the architecture is “armf” (as it is for the Pi 2 and Pi 3). I downloaded libseccomp2 version 5.2.0-3 from the armf page, using “wget” and choosing a mirror located here in the UK. Alternatively, you could download with a browser.
Note this URL is likely to change and might no longer work when you are reading this.
# wget http://ftp.uk.debian.org/debian/pool/main/libs/libseccomp/libseccomp2_2.5.0-3+b1_armhf.deb
Install the package:
# dpkg -i libseccomp2_2.5.0-3+b1_armhf.deb
Check the new version:
# dpkg -l | grep libseccomp ii libseccomp2:armhf 2.5.0-3+b1 armhf high level interface to Linux seccomp filter
If you return to the main procedure, the docker build command should now work
Thanks to Igor Velkov for posting this solution on AskUbuntu.