Docker Desktop: Your Desktop over ssh running inside of a Docker container

Motivation

I’ve worked for the last 4 years in the financial market and I’m a heavy Excel user. I also use the browser a lot and since I started my summer job as financial intern at dotCloud I’ve been playing with docker. So, why don’t we take advantage of the cloud and use these and other heavy applications (in terms of processing and memory usage) within a container (lighter than a normal VM).

Let’s get started!

Docker Installation

  • On Linux:

    Docker is available as a Ubuntu PPA (Personal Package Archive), hosted on launchpad which makes installing Docker on Ubuntu very easy.

    # Add the PPA sources to your apt sources list.
    sudo apt-get install python-software-properties && sudo add-apt-repository ppa:dotcloud/lxc-docker
    
    # Update your sources
    sudo apt-get update
    
    # Install, you will see another warning that the package cannot be authenticated. Confirm install.
    sudo apt-get install lxc-docker

Introduction

I used a Dockerfile in order to guarantee the integrity of the steps and also to automate the creation of the docker image. This Dockerfile creates a docker image that, once  executed, generates a container that runs X11 and SSH services.

The ssh is used to forward X11 and provide you encrypted data communication between the docker container and your local machine.

Xpra + Xephyr allows to display the applications running inside of the container such as FirefoxLibreOfficexterm, etc. with recovery session capabilities. So, you can open your desktop any where without losing the status of your applications, even if the connection drops.

Xpra also uses a custom protocol that is self-tuning and relatively latency-insensitive, and thus is usable over worse links than standard X.

The applications can be rootless, so the client machine manages the windows that are displayed.

Fluxbox and ROX-Filer creates a very minimalist way to manages the windows and files.

 creates a very minimalist way to manage files and icons on the desktop.

docker-desktop

OBS: The client machine needs to have a X11 server installed (Xpra). See the “Notes” below.

Installation

Building the docker image

$ docker build -t [username]/docker-desktop git://github.com/rogaha/docker-desktop.git

The parameter [-t] gives you the ability to name the image that is going to be created from the GitHub repository that contains the Dockerfile. In this case, the image will be called rogaha/docker-desktop. This image has the docker-desktop (Xephyr+Fluxbox+ROX-filer), Firefox with Flash Player plugin, LibreOffice and xterm. You can either use xterm or the ssh terminal to install/uninstall other GUI applications and use them remotely.

Verifying the existing images

$ docker images

REPOSITORY                                     TAG                 ID                  CREATED             SIZE
base                                           latest              b750fe79269d        3 months ago        24.65 kB (virtual 180.1 MB)
rogaha/docker-dektop                           latest              5b07bd6027bd        5 days ago          12.29 kB (virtual  1.39 GB)
ubuntu                                         12.10               b750fe79269d        3 months ago        24.65 kB (virtual 180.1 MB)

As we can see the image rogaha/docker-desktop was created and is ready to run.

Running the docker image created -d: detached mode -P: expose all the ports to the host machine

$ CONTAINER_ID=$(docker run -d -P [username]/docker-desktop)

The environment variable $CONTAINER_ID contains the ID of the new running container created from the rogaha/docker-desktop image. The -P was introduced with docker version 0.6.6

Getting the password generated during runtime

$ echo $(docker logs $CONTAINER_ID | sed -n 1p)
User: docker Password: xxxxxxxxxxxx

A new password is generated by PWGen every time that a container is created. The password contains 12 characters with at least one capital letter and one number.

Usage

Getting the container’s external ssh port

$ docker port $CONTAINER_ID 22
49153 # This is the external port that forwards to the ssh service
      # running inside of the container as port 22

We are going to use this port later to connect to the machine where docker daemon is running.

Connecting to the container

Starting the a new session

First, we need to get the IP of the machine where docker is running.

$ ifconfig | grep "inet addr:"
inet addr:192.168.56.102 Bcast:192.168.56.255 Mask:255.255.255.0
# This is the LAN's IP for this machine

Then, we connect to that IP using the external port that we got previously (49153) in order to start a new session inside of the container

$ ssh docker@192.168.56.102 -p 49153 ./docker-desktop -s 800x600 -d 10
docker@192.168.56.102's password: xxxxxxxxxxxx

$ ./docker-desktop -h

-----------------------------------------------------------
Usage: docker-desktop [-s screen_size] [-d session_number]
-s : screen resolution (Default = 800x600
-d : session number (Default = 10)
-h : help
-----------------------------------------------------------

Attaching to the session started

$ xpra --ssh="ssh -p 49153" attach ssh:docker@192.168.56.102:10 # user@ip_address:session_number
docker@192.168.56.102's password: xxxxxxxxxxxx

If you want to execute rootless applications, you just need to connect to the container via ssh and type: DISPLAY=:[session_number] [program_name] &

Eg. DISPLAY=:10 firefox &

Conclusion

It took me only a few hours to create this Dockerfile and now I’m able to use it anywhere at any time and everything is configured and ready to run.

Developers can save a lot of time with docker by automating their workflow and normal users can take advantage of the cloud and run heavy applications remotely and save their local processing and memory usage.

If you have any questions, please feel free to contact me at roberto.hashioka@dotcloud.com

Docker r0x!

Notes

      • On Linux: 
      • Xpra: You can use apt-get to install it
$ sudo apt-get install xpra

About Roberto Hashioka

RobertoDiploma in Global Business Management at University of California, Berkeley Extension (2013). Graduated in Information Systems at Mackenzie University, São Paulo (2011) and Business Administration at Fundação Getúlio Vargas, São Paulo (2010). Roberto began his career at Credit Suisse Hedging-Griffo (Hedge Fund with more than $15 Billion under management) in 2008 as Financial Advisor for Private Equity Funds. In 2009, he joined Neo Investimentos and worked for almost 4 years as Risk Analyst and most recently as Quantititve Analyst focused on developing quantitative strategies and tools for the fully automated and proprietary electronic trading platform (C# and SQL Server). He was also responsible for coordinating the electronic trading team ( Eletronic Trading Platform: Flextrade). He joined dotCloud as Financial Intern in May of 2013.

Connect with Roberto on LinkedIn

22 Responses to “Docker Desktop: Your Desktop over ssh running inside of a Docker container”

  1. Matthew Fisher

    Thank you Roberto for the inspiration on this Dockerfile. Anything visual like this example will help show anyone who is unfamiliar with Docker how powerful this new tech really is!

    Reply
  2. Christopher Perrin

    Cool Tutorial! One thing I would change: blowfish is not a compression but an encryption algorhythm. ;) Anyways good post :)

    Reply
  3. tony

    I got to the end of the tutorial and it asks me for a password … any idea what it is ? I installed on a mac. Thanks

    Reply
    • Roberto

      Hi Tony,

      Now the password is generated when you create the container! Please let me know if you have any doubt.

      Thanks

      Reply
  4. tony

    the password is docker if anyone is interested.

    however when i login i get this error …

    Xephyr cannot open host display. Is DISPLAY set?
    docker@649a0fad3140:~$ Warning: Failed to set locale, reverting to “C”
    Error
    (process:160): Gdk-WARNING **: locale not supported by C library

    (process:160): Gtk-WARNING **: Locale not supported by C library.
    Using the fallback ‘C’ locale.
    : Couldn’t connect to XServer

    (rox:160): Gtk-WARNING **: cannot open display: :1
    dk-WARNING **: locale not supported by C library
    -bash: dk-WARNING: command not found
    [1]- Exit 1 DISPLAY=:1 fluxbox
    [2]+ Exit 1 DISPLAY=:1 rox –pinboard=Default

    Reply
    • Roberto

      Are you accessing it from your local terminal?! Please post your output since the begging (including the ssh command line)

      Reply
  5. Kata

    So wait, you think creating a user with a known username on password on your machine is a good idea? This is a security hole just *begging* to happen.

    Reply
    • Roberto

      Hi Kata!

      Thanks for your reply! I will address this issue in the next release. I will create the password during run time. So, every time you run the image, you will receive a new strong password for docker user. ;)

      But for now, you can simply change the password once you login in by typing passwd in the ssh terminal.

      Reply
  6. Patrick

    Thanks for putting this together and making it available! One small edit: under “Verifying the existing images”, the command should be “docker images”. What you have (“docker ps”) shows containers, not images.

    Reply
  7. alex

    Thanks for this, I followed docker for some time not knowing what to do with it but now I realise the power of docker.

    I followed the instruction and it works as a charme.

    When running LibreOffice spreadsheet I see a lot of errors concerning missing Java runtime. Maybe you could update the script to include it.

    thanks !

    Reply
    • Roberto

      Hi Alex,

      Thanks for your comment! I will look into it and I will hopefully address this issue with the next release!

      Regards

      Reply
  8. simon

    when i try to “use xterm or the ssh terminal to install/uninstall other GUI applications” i get “docker is not in the sudoer list file”, and if i try to log in as su the password isn’t set, i think (an ubuntu thing) but to set root password dont you need sudo to let me, so how do i install?

    Reply
    • Roberto

      Hi Simon,

      I’ve updated the version and the new version should fix this issue. Please, build another image with the most recent version and let me know how it goes!

      Thanks for you feedback!

      Reply
  9. Imre

    Hi Roberto,

    first – thank you for the docker image!

    my feedback:
    on my Ubuntu 13.04 – only the older ( Xephyr based) version is working. and the newer – ( xpra based ) version is not.

    is it possible to keep “xephyr” code with parallel with the “xpra” code ?
    like:
    - docker-desktop-xpra.sh
    - docker-desktop-xephyr.sh

    my other wish list – setting the screen size from parameter
    now the default – hidden in the tar file -is 1440×900 -
    but my Lenovo X201 only has 1280 × 800 resolution.

    example:
    docker-desktop-xephyr.sh -screen 640×480

    Regards,
    Imre

    Reply
    • Roberto

      Hi Imre,

      Thanks for your feedback! I’ll add the screen size parameter setting to the next version. Could you please show me in details what happen when you login in with the new version. It should be working fine. Please note that now we are executing the script /home/docker/docker-desktop in order to start the session.

      Regards,
      Roberto

      Reply
    • Roberto

      Hi Imre,

      I was running some tests on Linux and it has some issues with Xpra. On Windows and Mac it works fine! Meanwhile, I will release a new version with Xephyr and Xpra support as you suggested.

      Thanks again for your feedback!

      Regards,
      Roberto

      Reply

Leave a Reply