[lxc-users] docker in lxc
Tamas Papp
tompos at martos.bme.hu
Mon Feb 22 08:09:24 UTC 2016
On 02/17/2016 11:30 PM, Serge Hallyn wrote:
> Quoting Tamas Papp (tompos at martos.bme.hu):
>>
>> On 01/11/2016 06:22 PM, Serge Hallyn wrote:
>>> Quoting Tamas Papp (tompos at martos.bme.hu):
>>>> On 01/07/2016 07:28 PM, Serge Hallyn wrote:
>>>>> I've been playing with docker in lxd containers under cgroup namespaces.
>>>>> There are still a few things to tweak, but it mostly works.
>>>> What settings or steps does it require?
>>> I've got a few patches to runc/docker to take care of most of it. When those
>>> are merged, you'll need
>>>
>>> 1. a cgroup-namespace kernel (and the ubuntu unprivileged overlay kernel)
>>> I should probably put these in a ppa.
>>> 2. the overlay docker driver
>>> 3. hide apparmor (echo 0 > aa; mount --bind aa /sys/module/apparmor/paramaters/enabled)
>>> 4. probably rm $base_image/dev/shm because of a kernel bug which i'm hoping we fix
>>> soon
>>>
>>>> # docker daemon --storage-driver=aufs
>>>> FATA[0000] Error starting daemon: error initializing graphdriver:
>>>> driver not supported
>>> Yeah use overlay. btrfs may work.
>> hi Serge,
>>
>>
>> docker 1.10 is out. Have those patches been merged, can we test it?
>>
>> I'm quite exciting.
> Hi,
>
> A set of patches is at github.com/hallyn/docker #v1.10.0.serge.2 . Some
> of those are accepted into github.com/opencontainers/runc. For the
> docker specific ones I have to wait until docker is able to merge the newer
> libcontainer with my patches.
>
> You also need a kernel with cgroup namespaces; you can use linux-next, or
> hopefully soon the xenial kernel will have them.
>
> With that, I can get 'docker pull ubuntu' to work, and running a container
> almost works, except I'm getting a weird (new) cgroup failure, which I
> didn't get a few weeks ago. (The container is trying to stat something
> like /sys/fs/user.slice/user-1000.slice/session-c6.scope/init.scope which
> obviously is invalid. I'll get back to trying to track that down soon.)
>
> Oh, the above is using docker's overlayfs backing store.
>
hi Serge,
My understanding is that Xenial will support docker in lxc, right?
Thanks,
tama
More information about the lxc-users
mailing list