Table of Contents
Choosing a Installation Method on Linux
On Linux, Docker integrates deeply with the operating system. This gives you flexibility, but it also means you must pay attention to distribution specific details, package sources, and permissions. In this chapter you will focus on what is special about installing Docker on Linux, without covering general Docker concepts.
For most users, the recommended way to install Docker on Linux is to use the official Docker packages provided by Docker, not the versions that come from your distribution’s default repositories. The exact commands differ between distributions, but the overall approach is similar.
Before you begin, you should have root access on the machine, either by logging in as root or by using sudo for commands that need administrative privileges.
Using Official Docker Packages vs Distribution Packages
Most popular Linux distributions provide a docker or docker.io package in their main repositories. These are often older than the current Docker Community Edition (Docker CE) and sometimes use different service names or filesystem paths.
You will generally prefer the official Docker repository for up to date fixes, security patches, and features. This involves adding Docker’s own package repository to your system, then installing from there.
Always verify that you are installing from Docker’s official repository when you want the latest supported version. Distribution provided docker packages can be outdated and behave differently.
If you are on a tightly controlled corporate or production environment, you might be required to use distribution packages only. In that case, follow your organization’s policies and security guidelines.
Preparing Your Linux System
Regardless of the distribution, there are a few common preparation steps. You should ensure that:
The system is 64 bit and supported by Docker. Very old kernels or 32 bit installations are not supported.
Your user can run sudo or you have root access.
The system package index is up to date, for example by running apt update, dnf check-update, or zypper refresh according to your distribution.
Existing container related packages like docker, docker.io, podman, or runc from distribution repositories may conflict with Docker’s own packages. If such packages are installed, you usually remove them before switching to Docker’s official packages.
Do not mix Docker from the official repository with conflicting distribution packages on the same system. Remove old or conflicting container packages before installing Docker CE.
Installing Docker on Debian and Ubuntu Families
For Debian, Ubuntu, and distributions that derive from them, the general process is to install required tools, add Docker’s GPG key and repository, update the package list, and then install the Docker packages.
You usually begin by installing ca-certificates, curl, and gnupg so the system can securely fetch and verify Docker’s repository information. Docker’s GPG key is stored under /etc/apt/keyrings, then an entry is added under /etc/apt/sources.list.d/ that points to Docker’s repository for your specific release, such as jammy for Ubuntu 22.04 or bookworm for Debian 12.
After you add the repository, you run apt update to fetch the package list from Docker’s servers. Then you install packages named docker-ce, docker-ce-cli, containerd.io, and any necessary plugins like docker-buildx-plugin and docker-compose-plugin.
The Docker service starts automatically on most Ubuntu and Debian systems once installed. If it does not, you usually start it with sudo systemctl start docker and enable it at boot with sudo systemctl enable docker.
Installing Docker on Fedora and CentOS / RHEL Families
On Fedora, CentOS Stream, and Red Hat Enterprise Linux based systems, package management is done with dnf or yum. The approach is similar but uses .repo files instead of apt sources.
You first remove any existing docker, docker-client, or docker-engine packages from the distribution. Then you install utilities such as dnf-plugins-core that let you manage external repositories. Docker’s repository is then added using a dnf config-manager command that defines a new docker-ce repository pointing to Docker’s official RPM repository for your version.
Once the repository is configured, you run dnf install docker-ce docker-ce-cli containerd.io to install Docker. On RHEL and CentOS, you may need to accept GPG keys and repository prompts the first time.
The Docker service on systemd based RPM systems is also controlled with systemctl. After installation, you typically run sudo systemctl enable docker and sudo systemctl start docker so that the Docker daemon is active and will start on boot.
SELinux is enabled by default on many RHEL family systems. Docker works with SELinux, but if you see permission related issues later, you may need to install SELinux related Docker packages or adjust policies according to the Docker documentation and your security team’s requirements.
Installing Docker on Other Linux Distributions
Other distributions like openSUSE, Arch Linux, or niche distributions also support Docker, but the details differ.
On openSUSE, you may use zypper and a dedicated Docker repository or a distribution provided package. On Arch Linux, Docker is in the official repositories and usually installed with pacman -S docker. For such systems, it is often appropriate to follow the distribution’s official wiki, which is usually well maintained for these platforms.
Some minimal or container focused distributions such as Alpine Linux can run Docker too, but may require extra manual configuration, such as installing and enabling cgroups, creating required groups, or configuring the networking stack.
Because these distributions can be quite different, it is essential to follow their official documentation side by side with Docker’s own guides.
Managing the Docker Service on Linux
On modern Linux distributions that use systemd, the Docker daemon runs as a systemd service called docker.service. Managing this service is essential when you install Docker on Linux.
To start Docker, you typically use sudo systemctl start docker. To stop it, you use sudo systemctl stop docker. To restart it after a configuration change, you use sudo systemctl restart docker.
If you want Docker to start automatically whenever the machine boots, you enable the service with sudo systemctl enable docker. If for some reason you do not want it to start automatically, you can disable it with sudo systemctl disable docker.
On older or more specialized distributions that do not use systemd, Docker might be controlled via other init systems, such as SysV init scripts or OpenRC. In such cases, the commands will be different, and you must follow the distribution’s service management conventions.
Running Docker as a Non Root User
By default, the Docker daemon runs as root and requires root privileges to control containers and images. If you run docker commands with sudo, they will usually work once Docker is installed. However, running everything with sudo can be inconvenient for daily use.
On Linux, you can run Docker commands as a regular user by adding your user to a group that has permission to talk to the Docker daemon. Most installations create a docker group. After installation, you typically run a command like sudo usermod -aG docker your_username to add your user to this group.
After you change group membership, you usually must log out and log back in or restart your session in order for the new group memberships to be applied. Once that is done, you can run docker commands without sudo.
Members of the docker group can effectively gain root level access to the system, because the Docker daemon runs with elevated privileges. Only add trusted users to the docker group.
In hardened environments, security policies might forbid adding users to this group. In that case you may be required to keep using sudo with Docker or use alternative mechanisms like rootless Docker.
Rootless Docker on Linux
Rootless Docker is a special configuration in which the Docker daemon and containers run as a non root user. This reduces the risk of a full system compromise if a container is taken over, at the cost of some limitations and extra configuration.
Rootless Docker relies on user namespaces and specific kernel features. Not all distributions have everything enabled by default, so you may need to adjust /etc/subuid, /etc/subgid, or enable certain kernel options.
When installing Docker on Linux, you have the choice between the classic rootful daemon and rootless mode. For most beginners on personal or development machines, the standard rootful setup with the docker group is simpler. For high security environments, rootless Docker can be an important tool.
Using Alternative Install Methods on Linux
In some settings, you might not be able to add external repositories or you may lack root access. Docker also provides alternative methods that are specific to Linux.
You can use a static binary that you download and place manually somewhere in your PATH. This avoids a package manager but requires manual upgrades and service management.
Some distributions offer Docker in containerized packaging systems like Snap or Flatpak. These may be easy to install but can introduce their own quirks, especially around filesystem access and networking.
There are also installation scripts provided by Docker that automate repository setup and installation. While convenient, scripts that run as root should always be inspected and used with caution, especially in corporate or production environments.
When choosing a method, consider who manages the system, how often you can apply updates, and what level of control and auditing you need over installed software.
Post Installation Checks on Linux
After you install Docker on Linux and start the daemon, you typically perform a simple functional test specific to your system.
You can confirm that the service is running with something like systemctl status docker. The output should indicate that the service is active and running.
Then, as either root or a user in the docker group, you run a simple container, such as docker run hello-world. This pulls a small image from the registry and runs it, printing a confirmation message if everything is working.
On Linux, this test is especially useful to confirm three things. First, that networking is correctly set up so images can be pulled from the internet. Second, that your user permissions are correctly configured. Third, that the Docker daemon is correctly integrated with the system’s init system.
If you encounter issues at this stage, they often relate to missing group membership, a service that is not running, firewall restrictions, or DNS problems. These topics will be explored in more detail in later chapters that focus on verifying installations and fixing common issues.
Summary of Linux Specific Considerations
Installing Docker on Linux gives you control and flexibility that are different from the experience on desktop operating systems. You make explicit choices about repositories, service management, and user permissions.
You must decide whether to rely on your distribution’s packages or Docker’s official repository, and you must take care not to mix conflicting sources. You also control how the Docker daemon runs in relation to the operating system, either as a rootful service with a special group or in rootless mode with stricter isolation.
In all cases, Linux installation requires attention to the distribution’s package manager, systemd or other init systems, and the system’s security model. Later chapters will show you how to verify your installation and how to handle issues that are particularly common on Linux, such as permission errors and service startup problems.