Hi Jay, For running FreeIPA in a container you may want to check https://github.com/freeipa/freeipa-container
The setup for it to work is somewhat sensible and following their recommendations will prevent a lot of headaches. Rafael P.S.: Sorry for the top post. On Wed, Sep 20, 2023 at 10:10 AM Ulf Volmer via FreeIPA-users < freeipa-users@lists.fedorahosted.org> wrote: > On 20.09.23 09:05, Jay Smith via FreeIPA-users wrote: > > For a test setup I try to get running a FreeIPA server within a docker > container(DinD). > > But I get some errors and I don't know why. > > > > 1. Create docker in docker container > > => docker run --privileged -itd --name docker_swarm -v > /sys/fs/cgroup:/sys/fs/cgroup docker > > > > 2. Connect to docker container and run the FreeIPA server > > => docker exec -it docker_swarm \ > > sh -c "docker run --sysctl > net.ipv6.conf.all.disable_ipv6=0 --privileged=true --name ipa -ti -h > ipa.example.test --cgroupns=host \ > > -v /sys/fs/cgroup:/sys/fs/cgroup:rw -v > /tmp/freeipa-data:/data freeipa/freeipa-server:fedora-38-4.10.2 > --skip-mem-check --no-ntp" > > > > The error I get is: > > docker: Error response from daemon: failed to create task for container: > failed to create shim task: OCI runtime create failed: runc create failed: > unable to start container process: unable to apply cgroup configuration: > failed to write 670: write > /sys/fs/cgroup/docker/3c2cc48a075d3f62143d70718aefe4c55938e4332262894e67f31328eaa5a006/cgroup.procs: > no such file or directory: unknown. > > ERRO[0038] error waiting for container: > > From my knowledge: > > * We have cgroups v2 nowadays, please remove the volume /sys/fs/cgroup > (from both commands) > * you need cgroup nesting, please read the link below: > > https://github.com/containerd/containerd/issues/6659 > > Best regards > Ulf > > _______________________________________________ > FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org > To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue > -- Rafael Guterres Jeffman Senior Software Engineer FreeIPA - Red Hat
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
