[lxc-users] Running docker inside unprivileged LXC containers
Serge Hallyn
serge.hallyn at ubuntu.com
Mon Jun 15 17:41:52 UTC 2015
Quoting Stewart Brodie (sbrodie at espial.com):
> Serge Hallyn <serge.hallyn at ubuntu.com> wrote:
>
> > Quoting Stewart Brodie (sbrodie at espial.com):
> > > However, another far neater way of doing this could be to use the
> > > freezer instead. Just give lxc-start a new command-line option to start
> > > the container *but* crucially, leave it frozen when lxc-start exits.
> > > The caller can then just do lxc-start, lxc-device, lxc-unfreeze.
>
> > > [can you run lxc-device on a frozen container?]
>
> For future reference, this does indeed work. I like the idea, because it
> would allow all sorts of fettling to go on with the new container from the
> host side before it really starts executing.
fwiw I'm not opposed to this if someone wants to code it up. Basically
right before exec(2)ing /sbin/init, the task would freeze itself.
More information about the lxc-users
mailing list