[
https://issues.apache.org/jira/browse/MESOS-5991?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15409645#comment-15409645
]
Qian Zhang commented on MESOS-5991:
-----------------------------------
Thanks [~kaalh], so it looks like "docker build" and "docker push" can work
normally when Docker daemon is running in a unified container.
[~jieyu], can you please elaborate what the specific issues are when running
Docker daemon in a unified container? I'd like to try to reproduce it in my
test env.
And I have tried to run Docker daemon in an LXD container, it seems not that
stable as we thought. I just followed the steps in this link
https://www.stgraber.org/2016/04/13/lxd-2-0-docker-in-lxd-712/ to launch an LXD
container and install Docker daemon in it, then I can run Docker containers in
it, everything was good. But after I configured the LXD container to a
privileged container and restarted it, then I found I can not run Docker
container in it anymore:
{code}
root@docker:~# docker run -it busybox /bin/sh
Unable to find image ‘busybox:latest’ locally
latest: Pulling from library/busybox
8ddc19f16526: Pull complete
Digest: sha256:a59906e33509d14c036c8678d687bd4eec81ed7c4b8ce907b888c607f6a1e0e6
Status: Downloaded newer image for busybox:latest
docker: Error response from daemon: Cannot start container
91de8306d177670453d0831b830807516b0863c13c8a6f5325a32fde6baa0835: [10] System
error: write
/sys/fs/cgroup/devices/docker/91de8306d177670453d0831b830807516b0863c13c8a6f5325a32fde6baa0835/devices.allow:
operation not permitted.
{code}
And when I changed the LXD container back to unprivileged and restarted it,
this time I found the Docker daemon even can not be started:
{code}
Aug 05 09:44:40 docker systemd[1]: Starting Docker Application Container Engine…
Aug 05 09:44:40 docker docker[327]: time=”2016-08-05T09:44:40.805938409Z”
level=error msg=”[graphdriver] prior storage driver “aufs” failed: driver not
supported”
Aug 05 09:44:40 docker docker[327]: time=”2016-08-05T09:44:40.806319580Z”
level=fatal msg=”Error starting daemon: error initializing graphdriver: driver
not supported”
Aug 05 09:44:40 docker systemd[1]: docker.service: Main process exited,
code=exited, status=1/FAILURE
Aug 05 09:44:40 docker systemd[1]: Failed to start Docker Application Container
Engine.
Aug 05 09:44:40 docker systemd[1]: docker.service: Unit entered failed state.
Aug 05 09:44:40 docker systemd[1]: docker.service: Failed with result
‘exit-code’.
{code}
> Support running docker daemon inside a container using unified containerizer.
> -----------------------------------------------------------------------------
>
> Key: MESOS-5991
> URL: https://issues.apache.org/jira/browse/MESOS-5991
> Project: Mesos
> Issue Type: Epic
> Reporter: Jie Yu
>
> The goal is to develop necessary pieces in unified containerizer so that
> framework can launch a full fledge docker daemon in a container.
> This will be useful for frameworks like jenkins. The jenkins job can still
> use docker cli to do build (e.g., `docker build`, `docker push`), but we
> don't have to install docker daemon on the host anymore.
> Looks like LXD already support that and is pretty stable for some users. We
> should do some investigation to see what features that's missing in unified
> containerizer to be able to match what lxd has. Will track all the
> dependencies in this ticket.
> https://www.stgraber.org/2016/04/13/lxd-2-0-docker-in-lxd-712/
> Cgroups and user namespaces support are definitely missing pieces.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
