> > https://github.com/docker/docker/issues/1034 > https://github.com/docker/docker/issues/2918 > https://github.com/docker/docker/issues/2919 > > resume: Docker daemon requires real root rights in the node for aufs > mount/dismount layers, iptables rules. unprivileged containers == user > namespaces, and this will not work with Docker (one reason why i prefer > lxc/lxd + Ansible than Docker) >
Yes, the docker daemon does fail when you try to use a layered FS for storage and their libcontainer driver. But when I switched to VFS for storage and LXC driver for exec, I did manage to get the docker daemon running. I think this is very recent, but after docker 1.2 I think when the removed a bunch of capabilities that docker would need. So I definitely can't run a privileged docker container inside LXC but should be able to run a docker container without any capabilities. I'm I missing something? The problem is what Serge mentions that the docker containers try to create devices and fail to do so because of the containers have no perms. Switching the app_armor profile also won't help if I understand correct?
_______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
