Always install Docker with MTU 1450 configuration (#10007)

Co-authored-by: openhands <openhands@all-hands.dev>

microagents/docker.md

@@ -8,35 +8,11 @@ triggers:
 - container
 ---
 
-# Docker Installation and Usage Guide
-
-## Installation on Debian/Ubuntu Systems
-
-To install Docker on a Debian/Ubuntu system, follow these steps:
-
-```bash
-# Update package index
-sudo apt-get update
-
-# Install prerequisites
-sudo apt-get install -y apt-transport-https ca-certificates curl gnupg lsb-release
-
-# Add Docker's official GPG key
-curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
-
-# Set up the stable repository
-echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
-
-# Update package index again
-sudo apt-get update
-
-# Install Docker Engine
-sudo apt-get install -y docker-ce docker-ce-cli containerd.io
-```
+# Docker Usage Guide
 
 ## Starting Docker in Container Environments
 
-If you're in a container environment without systemd (like this workspace), start Docker with:
+Please check if docker is already installed. If so, to start Docker in a container environment:
 
 ```bash
 # Start Docker daemon in the background

openhands/runtime/utils/runtime_templates/Dockerfile.j2

@@ -23,16 +23,16 @@ RUN apt-get update && \
         {%- else %}
         libgl1-mesa-glx \
         {% endif -%}
-        libasound2-plugins libatomic1 && \
+        libasound2-plugins libatomic1 \
+        # Install Docker dependencies
+        apt-transport-https ca-certificates curl gnupg lsb-release && \
     curl -fsSL https://deb.nodesource.com/setup_22.x | bash - && \
     TZ=Etc/UTC DEBIAN_FRONTEND=noninteractive \
         {%- if ('mswebench' in base_image) -%}
-        apt-get install -y --no-install-recommends nodejs python3 python-is-python3 python3-pip python3-venv && \
+        apt-get install -y --no-install-recommends nodejs python3 python-is-python3 python3-pip python3-venv
         {%- else %}
-        apt-get install -y --no-install-recommends nodejs python3.12 python-is-python3 python3-pip python3.12-venv && \
+        apt-get install -y --no-install-recommends nodejs python3.12 python-is-python3 python3-pip python3.12-venv
         {% endif -%}
-    apt-get clean && \
-    rm -rf /var/lib/apt/lists/*
 {% endif %}
 
 {% if (('ubuntu' not in base_image) and ('mswebench' not in base_image)) %}
@@ -40,9 +40,9 @@ RUN apt-get update && \
     apt-get install -y --no-install-recommends \
         wget curl ca-certificates sudo apt-utils git jq tmux build-essential ripgrep ffmpeg \
         libgl1-mesa-glx \
-        libasound2-plugins libatomic1 && \
-    apt-get clean && \
-    rm -rf /var/lib/apt/lists/*
+        libasound2-plugins libatomic1 \
+        # Install Docker dependencies
+        apt-transport-https ca-certificates curl gnupg lsb-release
 {% endif %}
 
 {% if (('ubuntu' in base_image) or ('mswebench' in base_image)) %}
@@ -66,6 +66,51 @@ RUN mkdir -p /openhands && \
     mkdir -p /openhands/logs && \
     mkdir -p /openhands/poetry
 
+
+# ================================================================
+# Install Docker following official documentation
+# https://docs.docker.com/engine/install/ubuntu/
+# https://docs.docker.com/engine/install/debian/
+RUN \
+    # Determine OS type and install accordingly
+    if [[ "{{ base_image }}" == *"ubuntu"* ]] || [[ "{{ base_image }}" == *"mswebench"* ]]; then \
+        # Handle Ubuntu (following https://docs.docker.com/engine/install/ubuntu/)
+        # Add Docker's official GPG key
+        apt-get update && \
+        apt-get install -y ca-certificates curl && \
+        install -m 0755 -d /etc/apt/keyrings && \
+        curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc && \
+        chmod a+r /etc/apt/keyrings/docker.asc && \
+        # Add the repository to Apt sources
+        # For Ubuntu 24.04 (noble), use jammy repository as noble isn't supported yet
+        echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null; \
+    else \
+        # Handle Debian (following https://docs.docker.com/engine/install/debian/)
+        # Add Docker's official GPG key
+        apt-get update && \
+        apt-get install -y ca-certificates curl && \
+        install -m 0755 -d /etc/apt/keyrings && \
+        curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc && \
+        chmod a+r /etc/apt/keyrings/docker.asc && \
+        # Add the repository to Apt sources
+        # For Debian, if it's noble (testing/unstable), use bookworm (stable) repository
+        if [ "$(lsb_release -cs)" = "noble" ]; then \
+            echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian bookworm stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null; \
+        else \
+            echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null; \
+        fi; \
+    fi && \
+    # Install Docker Engine, containerd, and Docker Compose
+    apt-get update && \
+    apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/*
+
+# Configure Docker daemon with MTU 1450 to prevent packet fragmentation issues
+RUN mkdir -p /etc/docker && \
+    echo '{"mtu": 1450}' > /etc/docker/daemon.json
+# ================================================================
+
 {% endmacro %}
 
 {% macro setup_vscode_server() %}