docker可以在Linux容器中运行吗?

Koding is a collaborative programming environment, which creates a virtual machine for multiple user to colaborate on software development. They use Linux Containers to virtualize the machines. I'm not being able to install docker on it:

Koding是一个协作编程环境，它为多个用户创建一个虚拟机，以便在软件开发中实现协作。他们使用Linux容器来虚拟化机器。我无法在上面安装docker:

tiagoboldt@vm-2:~$ sudo docker build -t mongo .       
[sudo] password for tiagoboldt:          
Uploading context 645.1 kB
Uploading context 
Step 0 : FROM ubuntu:latest                                                                                                                                                                                      
Pulling repository ubuntu                                                                                                                                                                                        
9cd978db300e: Error pulling image (latest) from ubuntu, endpoint: https://cdn-registry-1.docker.io/v1/, Driver aufs failed to get image rootfs 6170bb7b0ad1003a827e4dc5253ba49f6719599eac485db51eaafd507c13c311: 
9cd978db300e: Error pulling image (latest) from ubuntu, Driver aufs failed to get image rootfs 6170bb7b0ad1003a827e4dc5253ba49f6719599eac485db51eaafd507c13c311: permission denied                               
6170bb7b0ad1: Error downloading dependent layers                                                                                                                                                                 

2014/02/28 03:32:55 build: pull: Could not find repository on any of the indexed registries.

Can anyone suggest a workaround for installing docker?

谁能提出安装docker的解决方案吗?

5 个解决方案

#1

Yes, it is possible. However, you can't have an aufs partition nested within aufs. You need to mount an other system or use a different storage backend.

是的,这是可能的。但是，您不能在aufs中嵌套一个aufs分区。您需要挂载其他系统或使用不同的存储后端。

You can take a look at the docker's makefile and hack/dind. You need the privileged mode in order to do so.

您可以查看docker的makefile和hack/dind。您需要特权模式才能这样做。

The easiest way to try is to do make shell and once in the container, you can start a new docker daemon :)

最简单的方法是创建shell，一旦进入容器，就可以启动一个新的docker守护进程:)

EDIT: I tried Koding and it indeed not possible. You are not privileged within their container so you can't start a new docker.

编辑:我尝试过Koding，但确实不可能。您在其容器中没有特权，因此无法启动新的docker。

#2

Yes, docker can run in a linux container.

是的，docker可以在linux容器中运行。

But docker will only run with the lxc execution driver and in a unconfined lxc.

但是docker将只在lxc执行驱动程序和无约束的lxc中运行。

So, here's how to get docker in LXC:

那么，如何让docker进入LXC:

Ensure you have lxc.aa_profile = lxc-container-default-with-nesting (if it doesn't work of you don't have this profile, try lxc.aa_profile = unconfined) in the config file of your LXC to ensure it will not be blocked by apparmor. For more information, visit (or modify) files in /etc/apparmor.d/lxc.

确保你有lxc。如果您没有这个配置文件，请尝试lxc。在您的LXC的配置文件中，以确保它不会被设备所阻塞。要了解更多信息，请访问/etc/ display .d/lxc中的(或修改)文件
You need to install lxc in your container. If you are under ubuntu for instance, run in the container apt-get install lxc.

您需要在容器中安装lxc。例如，如果您在ubuntu下，请在容器apt-get install lxc中运行。
Ensure that docker daemon is called with the --exec-driver=lxc parameter. You can test it before by issuing manualy docker -d --exec-driver=lxc. In ubuntu, to have the argument being used at startup, simply edit /etc/default/docker and ensure that you have the line: DOCKER_OPTS="--exec-driver"

确保调用docker守护进程与-exec-driver=lxc参数。您可以在发布manualy docker -d -执行者-driver=lxc之前对其进行测试。在ubuntu中，要在启动时使用参数，只需编辑/etc/default/docker，并确保您有行:DOCKER_OPTS="-执行者-驱动程序"

Follow this thread for updates: https://github.com/docker/docker/issues/6783

跟随这个线程进行更新:https://github.com/docker/docker/issues/6783

If you need to troubleshoot:

如果您需要进行故障排除:

keep an eye on apparmor logs in the kern logs of the host.
密切注意设备日志中主机的内核日志。
launch docker -d ... manualy to get outputs.
发射码头工人- d…manualy输出。

Note: You might not have hand on the host to modify the LXC apparmor script on Koding by judging others answers, anyway, this howto remains of interest if you are the LXC provider, and it answers the more general question you've asked in your question's title and that might attract people in more general scenarios (as I was).

注意:你可能没有手在主机上修改LXC apparmor对脚本Koding通过判断别人的答案,不管怎样,本篇仍然感兴趣的如果你是LXC提供者,它回答了更一般的问题你问问题的标题可能吸引人们在更一般的情况下(我)。

#3

And here is a full guide for anyone else in the same boat.

这是对同一条船上的其他人的完整指南。

Start a terminal and start typing..

启动终端，开始输入

docker run -i -t --privileged -v /var/lib/docker ubuntu bash
apt-get update && apt-get install -y docker.io
service docker.io start
ln -s /usr/bin/docker.io /usr/local/bin/docker
docker run -i -t ubuntu bash

Now you should be inside a container inside an other container.

现在，您应该位于另一个容器中的容器中。

Remarks:

备注:

The flag --privileged is needed on the outer container to accomplish that.
外部容器需要有特权才能实现这一点。
You MUST use -v /var/lib/docker to avoid the limitation mentioned by creack.
您必须使用-v /var/lib/docker来避免creack提到的限制。
ln -s /usr/bin/docker.io /usr/local/bin/docker is just creating a symbolic link so that we can type docker instead of docker.io
ln - s /usr/bin/docker.io /usr/local/bin/docker正在创建一个符号链接，以便我们可以输入docker而不是docker.io。

#4

Yes. See this blog post: http://blog.docker.io/tag/inception/

是的。查看这篇博文:http://blog.docker.io/tag/inception/

You have to start your container in privileged mode.

您必须以特权模式启动容器。

docker run -privileged -t -i jpetazzo/dind

#5

You can do this inside of Terminal.com.

你可以在Terminal.com里面做这个。

Just start a terminal and then run this: https://blog.terminal.com/docker-without-containers-pulldocker/.

只要启动一个终端，然后运行这个:https://blog.terminal.com/docker- withoutcontainers -pulldocker/。

Note: I work for Terminal.com. We use a non-LXC, non-libcontainer implementation of container technology (which doesn't have the limitations of AUFS, for example). We're trying to make containers that perform like full Linux machines, and I think we're there. Try it out.

注意:我在总站工作。我们使用非lxc、非libcontainer实现容器技术(例如，它没有AUFS的限制)。我们正在尝试制造能够像完整的Linux机器那样运行的容器，我认为我们已经做到了。试一下。

#1