Run GUI apps with pulseaudio and GPU acceleration using x11docker

(X11docker) #1

There are several solutions in the web to run GUi apps from within docker images. Most of them base on sharing host X socket from display :0 or using X forwarding with SSH. This has two drawbacks: It breaks container isolation due to X security leaks, and it can have bad RAM access and rendering glitches due to missing shared memory.

A solution is to run a segregated X server with MIT-SHM/shared memory disabled, thus avoiding both drawbacks and preserving container isolation from host.

I’ve scripted a tool x11docker doing this work.
It also provides pulseaudio support and GPU hardware accelerated OpenGL/GLX.
Further options allow to create a container user similar to host user, and to share a folder on host as home folder in container to preserve individual settings and files.

As second X server can be chosen between xpra, Xephyr and core X. (Sharing host display :0 is possible, too, but not recommended due to isolation loss and RAM access problems as mentioned above).

x11docker is a bash script for use in terminal, but has a GUI, too.
x11docker can run any GUI applications in docker images, there are no dependencies inside of the images.

Some example images can be found on docker hub:

I hope this will be usefull for someone.