Docker run command arguments

To create containers for Domino, you use the the docker run command with the following arguments.

  • When you issue commands in the Docker command-line interface, by default, you're required to precede commands with sudo. To avoid the need to do this, system administrators can create a UNIX group called docker and add appropriate users to it. The steps in this documentation assume use of the docker group and exclude the sudo prefix in docker commands. For more information on creating a docker group, see Post installation steps for Linux in the Docker documentation.
  • As of Domino 12, Pod Manager tool (podman) is a supported containerization runtime. Follow the documentation for Domino on Docker, but on the command line replace docker with podman.
Table 1. docker run command arguments
Argument Description
<execution mode> (recommended) -d runs a container in "detached" mode in which Domino runs in the background. If you prefer you can access the server console through the Domino Administrator client or the "domino console" command from within a bash shell in the container.
--rm Tells Docker to remove the container after the container stops.
--name <container name> (required) Specifies a unique, friendly name to use to reference the container when issuing Docker commands.
-v <docker volume name> (required) Specifies the Docker volume to persistently store the Domino data directory.
Note: The volume is created if it doesn't exist already.
--hostname <hostname> (required) Specifies the host name that is mapped to the Domino container, typically the fully qualified internet host name of the host system on which Docker runs.
--stop-timeout=120 Timeout (in seconds) to stop a container. This gives Domino more time than the default of 10 seconds to shut down gracefully.
--cap-add=SYS_PTRACE (recommended) Enables settings to allow NSD to capture callstacks via the ptrace tool should a problem occur that requires a Support ticket.
--env secretpwfile=<container secrets file>
Sets a container variable, secretpwfile, that specifies the data directory path to a secrets file that stores the password for a Domino server ID. For example:
--env secretpwfile=/local/notesdata/secret/mysecret.sth
Required only when a server ID is password-protected and a container runs in detached mode. For more information, see Creating a secrets file for a password-protected server ID.
-p <HostPort:ContainerPort> Specifies which ports from the Domino container to publish to the host system. For proper Domino server function, the appropriate port for each desired Domino service must be listed. External hosts cannot reach services without published ports. For reference, here is a list of standard ports for common Domino services:
  • Remote server setup: 8585
  • NRPC: 1352
  • HTTP: 80
  • HTTP (SSL): 443
  • LDAP: 389
  • LDAP (SSL): 636
  • POP3: 110
  • POP3 (SSL): 995
  • IMAP: 143
  • IMAP (SSL): 993
  • SMTP: 25
  • SMTP (SSL): 465
  • DIIOP: 60148
  • DIIOP (SSL): 63149
  • Proton: 3003
  • Remote Debug Manager: 60000
  • Remote Debug Manager (SSL): 60001
Note: Server Controller and Java Console are not supported on a container-based Domino server.

To add or remove ports after initial Domino container creation, delete the container and create a new one that specifies all of the desired ports.

<image> (required) The name of the Docker image previously loaded to Docker from the tar archive file that is provided with the web kit download.
Use docker image ls to see a list of available Docker images on the system.

For a complete description of Docker commands, see Use the Docker command line in the Docker documentation. You can also type docker from your system's command prompt and press ENTER to see a description of each command.