Dockerize desktop apps with NVIDIA GPU and audio support

It's 2018 and it's time to Dockerize all desktop applications, isn't it? Don't pollute your system with package dependencies which makes system updates harder and adds possible attack surface and vulnerabilities to your system. Run every application inside Docker, even GUIs and full desktops with Wayland or X11. You think it's not possible, then read this post.

x11docker

Martin Viereck has created an awesome Docker project called x11docker - Run GUI applications in docker. This bash script is a wrapper around the Docker arguments to run GUI applications. Even more, it simplifies to start and manage GUI applications. It comes with much security in place. The goal of x11docker is to provide isolation from host as good as possible and works also on Windows. Hardware accelerated OpenGL rendering is supported, even for closed NVIDIA drivers and CUDA. Clipboard and sound can be activated. So much WOW!

See also how to install and tune Docker.

Dependencies

The following packages are for Arch Linux but should be similar for other operation systems. I can't use the x11docker wayland mode because of the NVIDIA proprietary driver, so I have to install some additional X11 packages. Please refer the x11docker documentation, different renderer and terminals are supported.

xpra xorg-xinit xorg-xprop xorg-xsetroot xdotool xorg-server xorg-server-xephyr xorg-xhost xorg-server-xvfb xorg-server-xwayland weston xorg-xrandr xorg-xauth xorg-xdpyinfo gnome-terminal

Enable NVIDIA GPU

To leverage a NVIDIA GPU in the container there exists a NVIDIA Docker container runtime. Please follow the install steps in their docs. As described in the x11docker docs, you have to ensure that the same version of closed NVIDIA drivers are used at host and in the Docker container. You will get also CUDA support. That's really handy. The NVIDIA runtime is actived via the Docker argument --runtime nvidia.

Docker images for desktop apps

Jess Frazelle has various desktop Dockerfiles but you should build your own like I have done. It's not complicated and you can optimize it for your needs and you can ensure same package version on host and Docker container. This is useful for GPU acceleration and audio.

Let's take a look how I start VLC with GPU acceleration and audio. Remember I've build my own VLC NVIDIA Docker image. Use the following simple bash script which starts VLC via x11docker. Some additional Docker options are used to limit the resources to 2 CPU and 4 GB RAM. The $@ at the end means that all arguments which are passed to the bash script are passed to the Docker container. You will see in the next chapter why it's useful. Create a bash script called vlc and ensure that it is executable and in your environment path.

You may want to replace the Docker image with your own.

#!/usr/bin/env bash
x11docker --stderr --stdout --hostdisplay --sharedir=$HOME/Videos --gpu --pulseaudio -- --cpus="2" --memory="4G" --runtime=nvidia sandrokeil/archlinux-nvidia:vlc $@

Desktop icon and file association

Do you know that you can create a desktop icon for your Docker application and associate it for specific file types? I use a simple bash script for each of my desktop Docker apps which contains the necessary arguments. The advantage is that you can change it without recreating the desktop item. And you will do it at some time. This makes it also very easy to create a desktop icon.

To associate your Docker app with a file type you will need a desktop icon. This is done with the command gnome-desktop-item-edit --create-new ~/.local/share/applications if you use GNOME desktop. If this command is not available, please install the package gnome-panel. Write vlc as the command you want to execute. This points to the bash script above.

Now you can find out the specific file type with xdg-mime query filetype [your file] and link it to the desktop entry via xdg-mime default [desktop entry name].desktop [mime type name]. For instance, to automatically start VLC for mp4 files you would run xdg-mime default vlc.desktop video/mp4.

Conclusion

All of my daily used applications like Thunderbird, PhpStorm, AWS CLI, GIT (yes, even GIT), Rambox, Postman and Chromium are dockerized and what should I say. It works quite well. Maybe it's a bit less comfortable depending on the setup. For instance if you share only some folders then you have to copy files around but this can be easily changed. I prefer minimal sharing of host files and share only folders that are needed for the current application.

x11docker makes dockerized desktop apps very easy and it works on Windows too. No more excuses. Start your dockerized desktop app journey today.