'Re: [lxc-users] Docker in unprivileged LXC?'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       lxc-users
Subject:    Re: [lxc-users] Docker in unprivileged LXC?
From:       Tomasz Chmielewski <mangoo () wpkg ! org>
Date:       2019-11-20 10:57:00
Message-ID: c758e8001596393ca50c8253797d15a4 () wpkg ! org
[Download RAW message or body]

On 2019-11-20 19:52, Dirk Geschke wrote:
> Hi all,
> 
> is there a way to get docker up and running in an unprivileged
> LXC? It seems to have problems with cgroups:
> 
>    docker: Error response from daemon: OCI runtime create failed:
> container_linux.go:344: starting container process caused
> "process_linux.go:275: applying cgroup configuration for process
> caused \"mkdir /sys/fs/cgroup/cpuset/docker: permission denied\"":
> unknown.
> 
> Does someone know a way to get it working? I don't trust the
> docker containers, so my idea was to run them in an LXC. But
> up to now I have no clue how to do this...

You just need to set this:

   security.nesting: "true"


(in "lxc config edit container-name").


Tomasz Chmielewski
https://lxadm.com
_______________________________________________
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic