Editing Docker inside CT vz7
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone.
Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
− | Since Virtuozzo 7 kernel 3.10.0-327.18.2.vz7.14.7 it is possible to run Docker inside containers. | + | Since Virtuozzo 7 kernel 3.10.0-327.18.2.vz7.14.7 it is possible to run Docker inside containers. This article describes how. |
− | + | <br>'''This page is applicable for Virtuozzo 7''' (for OpenVZ 6 see [[Docker inside CT | '''here''']]). | |
− | |||
− | |||
− | '''This page is applicable for Virtuozzo 7''' (for | ||
== Prerequisites == | == Prerequisites == | ||
Line 14: | Line 11: | ||
modprobe overlay | modprobe overlay | ||
− | '''Note:''' if you use 3.10.0-327.18.2.vz7.14.25 | + | '''Note:''' if you use kernel >= 3.10.0-327.18.2.vz7.14.25, you need to allow using "overlayfs" inside a Virtuozzo Container: |
echo 1 > /proc/sys/fs/experimental_fs_enable | echo 1 > /proc/sys/fs/experimental_fs_enable | ||
− | This | + | This is a temporary step, it will be dropped once overlayfs is proved to be absolutely safe to run in any vz7 Container. |
== Limitations == | == Limitations == | ||
Line 25: | Line 22: | ||
== Container tuning == | == Container tuning == | ||
+ | * Turn on '''bridge''' feature to allow docker creating bridged network inside container: | ||
+ | prlctl set $veid --features bridge:on | ||
+ | * Setup Container veth-based network (Container must be '''veth'''-based, not '''venet'''-based): | ||
+ | prlctl set $veid --device-add net --network Bridged --dhcp yes | ||
* Allow all iptables modules to be used in containers: | * Allow all iptables modules to be used in containers: | ||
prlctl set $veid --netfilter=full | prlctl set $veid --netfilter=full |