问题
Is there a way how to run LXD inside Docker? eg.
On the host with ubuntu 16.04:
docker run --rm -it --net host --privileged ubuntu bash
In the container:
apt update && apt install -y lxd iproute2 btrfs-tools screen bash-completion curl wget apt-transport-https lxcfs lxd-tools lxd-client vim overlayroot libkmod2 libkmod-dev cgroup-tools cgroupfs-mount cgroup-bin
screen -S lxd
# in screen
lxd --debug --group lxd
lxd init
lxc list
lxc launch ubuntu:16.04 test
LXD daemon works but I can't start LXD container due to errors with cgroups.
error: Error calling 'lxd forkstart test /var/lib/lxd/containers /var/log/lxd/test/lxc.conf': err='exit status 1'
lxc 20170502151757.409 ERROR lxc_apparmor - lsm/apparmor.c:apparmor_process_label_set:220 - If you really want to start this container, set
lxc 20170502151757.409 ERROR lxc_apparmor - lsm/apparmor.c:apparmor_process_label_set:221 - lxc.aa_allow_incomplete = 1
lxc 20170502151757.409 ERROR lxc_apparmor - lsm/apparmor.c:apparmor_process_label_set:222 - in your container configuration file
lxc 20170502151757.409 ERROR lxc_sync - sync.c:__sync_wait:57 - An error occurred in another process (expected sequence number 5)
lxc 20170502151757.409 ERROR lxc_start - start.c:__lxc_start:1346 - Failed to spawn container "test".
lxc 20170502151757.954 ERROR lxc_conf - conf.c:run_buffer:405 - Script exited with status 1.
lxc 20170502151757.954 ERROR lxc_start - start.c:lxc_fini:546 - Failed to run lxc.hook.post-stop for container "test".
I also tried:
--cap-add=ALL
--volume /dev:/dev
--pid=host
--volume /sys/fs/cgroup:/sys/fs/cgroup
回答1:
It is possible to run lxc inside docker, so it should also be possible to run lxd. The error indicates that you need to add the line
lxc.aa_allow_incomplete = 1
to your container config.
I did a proof of concept that shows how an lxc container can easily be run within a docker container: https://github.com/micw/docker-lxc-demo
回答2:
No.
LXD/LXC provide a full-stack Linux environment. Docker is an engine that allows you wrap up application and dependencies.
Docker provides a constrained environment that deliberately disables certain OS features relating to networking and storage persistence.
You can run Docker inside LXD/LXC containers (in fact Docker used to use LXC as its underlying technology - may still do), but you would not run LXC containers inside a Docker container.
来源:https://stackoverflow.com/questions/43741660/is-there-a-way-how-to-run-lxd-inside-docker