OpenCPU on Docker

This directory contains dockerfiles based on various platforms. Containers are automatically published at dockerhub.

How to use

Docker version 1.0 or higher is required on the host. The containers expose 3 ports: either 80 or 8004 can be used for HTTP, and port 443 can be used for HTTPS. Depending on which ports are mapped (via the -p flag), you can access:


The examples below assume that we use the opencpu/base container. To start as the server as an executable

docker run -t -p 80:80 -p 8004:8004 opencpu/base

To start in background as a daemon add the -d flag.

OpenCPU and RStudio

The opencpu/rstudio container runs an installation with both opencpu-server and rstudio-server. For example:

docker run -t -p 80:80 -p 8004:8004 opencpu/rstudio

Apache is automatically setup to proxy the /rstudio/ path to the rstudio server:


Now login to rstudio with username opencpu and passwd: opencpu.

Get a root shell

To connect to a running container (e.g. for installing system libraries) use docker exec to get a root shell:

# Get the Container ID of your machine
docker ps 

# Starts a root shell
docker exec -i -t [container-id] /bin/bash

If you name (tag) your container you can simply use it's name instead of container id:

# This starts a new container on port 80
docker run --name mybox -t -p 80:80 opencpu/rstudio

# In another window, start a root bash
docker exec -i -t mybox /bin/bash


Each -p from:to command maps a port from the container to the host. Not all ports are required. For example if you only want to use port 8004 (because the host has something else running on port 80) simply use:

docker run -t -p 8004:8004 opencpu/base

Note that http does not support cross-port redirects. I.e. mapping -p 1234:8004 won't work. It might look like it works because it connects, but the http headers (e.g. Location) will contain an incorrect server address. This has nothing to do with docker or opencpu, it is how http works. To proxy http to another host or port you need to use a reverse proxy server that rewrites the headers such as nginx.


Docker has its own security model and disables other Linux based security modules such as AppArmor or SELinux. So be aware that the execution environment of the OpenCPU API within the container is entirely unrestricted.

Help and Feedback

Problems and suggestions on the mailing list or twitter.