Can docker run inside a Linux Container?
Yes, it is possible. However, you can't have an aufs partition nested within aufs. You need to mount an other system or use a different storage backend.
You can take a look at the docker's makefile and
hack/dind. You need the privileged mode in order to do so.
The easiest way to try is to do
make shell and once in the container, you can start a new docker daemon :)
EDIT: I tried Koding and it indeed not possible. You are not privileged within their container so you can't start a new docker.
Yes, docker can run in a linux container.
But docker will only run with the
lxc execution driver and in a unconfined lxc.
So, here's how to get docker in LXC:
Ensure you have
lxc.aa_profile = lxc-container-default-with-nesting(if it doesn't work or you don't have this profile, try
lxc.aa_profile = unconfined) in the
configfile of your LXC to ensure it will not be blocked by
apparmor. For more information, visit (or modify) files in
You need to install lxc in your container. If you are under ubuntu for instance, run in the container
apt-get install lxc.
Ensure that docker daemon is called with the
--exec-driver=lxcparameter. You can test it before by issuing manualy
docker -d --exec-driver=lxc. In ubuntu, to have the argument being used at startup, simply edit
/etc/default/dockerand ensure that you have the line:
Follow this thread for updates: https://github.com/docker/docker/issues/6783
If you need to troubleshoot:
- keep an eye on
apparmorlogs in the kern logs of the host.
docker -d ...manualy to get outputs.
Note: You might not have hand on the host to modify the LXC apparmor script on Koding by judging others answers, anyway, this howto remains of interest if you are the LXC provider, and it answers the more general question you've asked in your question's title and that might attract people in more general scenarios (as I was).
And here is a full guide for anyone else in the same boat.
Start a terminal and start typing..
docker run -i -t --privileged -v /var/lib/docker ubuntu bash apt-get update && apt-get install -y docker.io service docker.io start ln -s /usr/bin/docker.io /usr/local/bin/docker docker run -i -t ubuntu bash
Now you should be inside a container inside an other container.
- The flag
--privilegedis needed on the outer container to accomplish that.
- You MUST use
-v /var/lib/dockerto avoid the limitation mentioned by creack.
ln -s /usr/bin/docker.io /usr/local/bin/dockeris just creating a symbolic link so that we can type