Skip to content

Instantly share code, notes, and snippets.

@soiqualang

soiqualang/docker-on-android.md

Forked from arno01/docker-on-android.md
Created May 11, 2021 05:48
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save soiqualang/02aceeb50301e1a0b9aa6e30bb99f701 to your computer and use it in GitHub Desktop.
Save soiqualang/02aceeb50301e1a0b9aa6e30bb99f701 to your computer and use it in GitHub Desktop.
Download ZIP
Docker on Android
Raw
docker-on-android.md

WORK IN PROGRESS

Docker on Android

Setup:

Samsung Galaxy Tab S5e SM-T720
Android Pie on Linux 4.9.112 (not rooted)
Termux
golang 1.12

Client

This will install the docker client to your ~/go/bin/ directory.

go get github.com/docker/cli/cmd/docker

The client is working, you can export DOCKER_HOST value to work with the dockerd, for example:

# export DOCKER_HOST=unix://$HOME/docker.sock
export DOCKER_HOST=tcp://192.168.X.Y:2376
docker run hello-world

Server

go get -u -d github.com/docker/docker/cmd/dockerd

rm -vf ~/go/src/github.com/docker/docker/daemon/graphdriver/register/register_btrfs.go
rm -vf ~/go/src/github.com/docker/docker/daemon/graphdriver/register/register_devicemapper.go

cd ~/go/src/github.com/docker/docker/cmd/dockerd
go install

containerd

containerd is the container runtime used by dockerd.

go get -u -d github.com/containerd/containerd/cmd/containerd
rm -vf ~/go/src/github.com/containerd/containerd/cmd/containerd/builtins_btrfs_linux.go
cd ~/go/src/github.com/containerd/containerd/cmd/containerd
go install

rootless docker

  1. Install rootlesskit
source ~/go/src/github.com/docker/docker/hack/dockerfile/install/rootlesskit.installer
REFIX=$GOPATH/bin _install_rootlesskit
  1. Install slirp4netns
git clone -b v0.3.0 https://github.com/rootless-containers/slirp4netns.git
cd slirp4netns
./autogen.sh
./configure --prefix=$PREFIX
make
make install
  1. Run rootless dockerd
~/go/src/github.com/docker/docker/contrib/dockerd-rootless.sh --experimental

Issue:

Apparently non-rooted Android is not permitting using the namespaces, probably due to SELinux rules or any other means such as unprivileged_userns_clone set to 0.. please try this if you have rooted Android.

+ exec rootlesskit --net=slirp4netns --mtu=65520 --disable-host-loopback --port-driver=builtin --copy-up=/etc --copy-up=/run /data/data/com.termux/files/home/go/src/github.com/docker/docker/contrib/dockerd-rootless.sh --experimental
WARN[0000] "builtin" port driver is experimental
[rootlesskit:parent] error: failed to start the child: fork/exec /proc/self/exe: operation not permitted

$ strace rootlesskit --net=slirp4netns --mtu=65520 --disable-host-loopback --port-driver=builtin --copy-up=/etc --copy-up=/run bash |& grep CLONE_NEWUSER
clone(child_stack=NULL, flags=CLONE_NEWUSER|SIGCHLD) = -1 EPERM (Operation not permitted)

$ strace unshare -U id |& grep PERM
unshare(CLONE_NEWUSER)                  = -1 EPERM (Operation not permitted)

Refs

my go env

The defaults I have on my config:

$ go env
GOARCH="arm64"
GOBIN=""
GOCACHE="/data/data/com.termux/files/home/.cache/go-build"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="arm64"
GOHOSTOS="android"
GOOS="android"
GOPATH="/data/data/com.termux/files/home/go"
GOPROXY=""
GORACE=""
GOROOT="/data/data/com.termux/files/usr/lib/go"
GOTMPDIR=""
GOTOOLDIR="/data/data/com.termux/files/usr/lib/go/pkg/tool/android_arm64"
GCCGO="gccgo"
CC="aarch64-linux-android-clang"
CXX="aarch64-linux-android-clang++"
CGO_ENABLED="1"
GOMOD=""
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -pthread -fno-caret-diagnostics -Qunused-arguments -fmessage-length=0 -fdebug-prefix-map=/data/data/com.termux/files/usr/tmp/go-build067260183=/tmp/go-build -gno-record-gcc-switches"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment