Navigation Menu

Skip to content

Instantly share code, notes, and snippets.

@DuaneNielsen

DuaneNielsen/docker.sh

Last active April 26, 2019 01:17
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save DuaneNielsen/30e3fb21f9dc9d06979f18f01f9c3ac9 to your computer and use it in GitHub Desktop.
Save DuaneNielsen/30e3fb21f9dc9d06979f18f01f9c3ac9 to your computer and use it in GitHub Desktop.
Download ZIP
running Docker containers inside LXC containers
Raw
docker.sh
lxc launch ubuntu:bionic test
lxc exec test /bin/bash --
<install docker ce>
lxc stop test
lxc profile edit docker
lxc profile assign test docker
mount -o bind /var/lib/kubelet /var/lib/kubelet
mount --make shared /var/lib/kubelet
mount -o bind /var/lib/rancher /var/lib/rancher
mount --make shared /var/lib/rancher
Raw
profile.yaml
### This is a yaml representation of the profile.
### Any line starting with a '# will be ignored.
###
### A profile consists of a set of configuration items followed by a set of
### devices.
###
### An example would look like:
### name: onenic
### config:
### raw.lxc: lxc.aa_profile=unconfined
### devices:
### eth0:
### nictype: bridged
### parent: lxdbr0
### type: nic
###
### Note that the name is shown but cannot be changed
config:
linux.kernel_modules: bridge,br_netfilter,ip_tables,ip6_tables,ip_vs,netlink_diag,nf_nat,overlay,xt_conntrack
raw.lxc: |-
lxc.cgroup.devices.allow = a
lxc.cap.drop =
security.nesting: "true"
security.privileged: "true"
description: Default LXD profile
devices:
eth0:
name: eth0
nictype: bridged
parent: lxdbr0
type: nic
root:
path: /
pool: default
type: disk
name: docker
used_by:
- /1.0/containers/test
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment