Difference between revisions of "Docker inside CT vz7"
m |
|||
| Line 6: | Line 6: | ||
* Kernel 3.10.0-327.18.2.vz7.14.7 or later version | * Kernel 3.10.0-327.18.2.vz7.14.7 or later version | ||
* Kernel modules '''veth''' and '''overlay''' loaded on host | * Kernel modules '''veth''' and '''overlay''' loaded on host | ||
| + | |||
| + | To enable '''veth''' and '''overlay''' modules please run: | ||
| + | modprobe veth | ||
| + | modprobe overlay | ||
'''Note:''' if you use kernel >= 3.10.0-327.18.2.vz7.14.25, you need to allow using "overlayfs" inside a Virtuozzo Container: | '''Note:''' if you use kernel >= 3.10.0-327.18.2.vz7.14.25, you need to allow using "overlayfs" inside a Virtuozzo Container: | ||
echo 1 > /proc/sys/fs/experimental_fs_enable | echo 1 > /proc/sys/fs/experimental_fs_enable | ||
This is a temporary step, it will be dropped once overlayfs is proved to be absolutely safe to run in any vz7 Container. | This is a temporary step, it will be dropped once overlayfs is proved to be absolutely safe to run in any vz7 Container. | ||
| + | |||
| + | == Limitations == | ||
| + | |||
| + | * Only '''overlay''' and '''vfs''' Docker graph drivers are currently supported. Recommended driver is '''overlay'''. To enable '''overlayfs''' Storage Driver for docker engine inside CT please read here https://docs.docker.com/engine/userguide/storagedriver/selectadriver/ | ||
| + | * [[Checkpointing and live migration]] of a container with Docker containers inside is not supported yet (to be done) | ||
== Container tuning == | == Container tuning == | ||
| − | * Turn on '''bridge''' feature to allow docker creating bridged network: | + | * Turn on '''bridge''' feature to allow docker creating bridged network inside container: |
| − | + | prlctl set $veid --features bridge:on | |
* Setup Container veth-based network (Container must be '''veth'''-based, not '''venet'''-based): | * Setup Container veth-based network (Container must be '''veth'''-based, not '''venet'''-based): | ||
| − | + | prlctl set $veid --device-add net --network Bridged --dhcp yes | |
* Allow all iptables modules to be used in containers: | * Allow all iptables modules to be used in containers: | ||
| − | + | prlctl set $veid --netfilter=full | |
| − | |||
| − | == | + | == Docker install == |
| − | + | To install docker inside container please use Docker Installation Guide for your OS | |
| − | + | https://docs.docker.com/v1.11/engine/installation/ | |
[[Category:HOWTO]] | [[Category:HOWTO]] | ||
[[Category: TRD]] | [[Category: TRD]] | ||
Revision as of 12:00, 22 July 2016
Since Virtuozzo 7 kernel 3.10.0-327.18.2.vz7.14.7 it is possible to run Docker inside containers. This article describes how.
This page is applicable for Virtuozzo 7 (for OpenVZ 6 see here).
Prerequisites
- Kernel 3.10.0-327.18.2.vz7.14.7 or later version
- Kernel modules veth and overlay loaded on host
To enable veth and overlay modules please run:
modprobe veth modprobe overlay
Note: if you use kernel >= 3.10.0-327.18.2.vz7.14.25, you need to allow using "overlayfs" inside a Virtuozzo Container:
echo 1 > /proc/sys/fs/experimental_fs_enable
This is a temporary step, it will be dropped once overlayfs is proved to be absolutely safe to run in any vz7 Container.
Limitations
- Only overlay and vfs Docker graph drivers are currently supported. Recommended driver is overlay. To enable overlayfs Storage Driver for docker engine inside CT please read here https://docs.docker.com/engine/userguide/storagedriver/selectadriver/
- Checkpointing and live migration of a container with Docker containers inside is not supported yet (to be done)
Container tuning
- Turn on bridge feature to allow docker creating bridged network inside container:
prlctl set $veid --features bridge:on
- Setup Container veth-based network (Container must be veth-based, not venet-based):
prlctl set $veid --device-add net --network Bridged --dhcp yes
- Allow all iptables modules to be used in containers:
prlctl set $veid --netfilter=full
Docker install
To install docker inside container please use Docker Installation Guide for your OS https://docs.docker.com/v1.11/engine/installation/
