Running Docker inside LXC allows us to reap all the benefits of running it in a separate environment from the host without having to deal with the complexity and overhead associated with running it in a full virtual machine.

All inquiries, no matter how trivial, are answered by Bobcares as part of our Docker Hosting Support.

Let’s examine the specifics of Setting up Docker to run in a privileged LXC container in more detail.

Running Docker Inside LXC

For running applications, Docker is a great containerization technology. It completely isolates various applications from one another and only permits connections under our explicit instructions.

A technology called LXC (Linux Containers) sits in between virtual machines and Docker containers. Although it is still a container technology, with a shared kernel and everything, it is intended to run a complete persistent OS rather than a temporary environment for an application. Thus, LXC is a fantastic technology for many uses.

Create A Privileged Container.

Create Container

Firstly, let’s give the container the name docker_bobcares.

$ sudo lxc-create -t download -n docker_bobcares

Install SSH In The Server

Then, run the commands listed below while on the host.

$ sudo lxc-start -n docker_bobcares
$ sudo lxc-attach -n docker_bobcares
$ sudo apt update
$ sudo apt install openssh-server

From the output of the command sudo lxc-ls --fancy, note the internal IP of this container, docker_bobcares.

Edit The Container’s Configuration File.

Basically, the configuration file for this privileged container is located in /var/lib/lxc/docker_bobcares/config. Then, add the subsequent lines:

# For docker
lxc.apparmor.profile = unconfined
lxc.cgroup.devices.allow = a
lxc.cap.drop =

Additionally, we added lines for GPU passthrough, but this is separate from Docker.

Restart The Container

Use the following commands on the host:

$ sudo lxc-stop -n docker_bobcares
$ sudo lxc-start -n docker_bobcares -d

Then, SSH into the container
ssh supportteam@IP_address

Configure Docker Inside The Container

Then, execute these commands inside of docker bobcares.

$ sudo apt-get update
$ sudo apt-get install \ apt-transport-https \ ca-certificates \ curl \ software-properties-common
$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
Now run the command
$ sudo apt-key fingerprint 0FDEDC98
$ sudo add-apt-repository \ "deb [arch=amd64] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) \ stable"
 Then run the command's 
$ sudo apt-get update
$ sudo apt install docker-ce=18.06.1~ce~3-0~ubuntu

Test Docker Inside The Container

After installing docker-ce while still inside the container run the command:

$ sudo docker run hello-world
[sudo] password for supportteam:

Hello from Docker!

This message indicates that the installation seems to be operating as intended.

Docker performs the actions listed below to produce this message:

1. Firstly, the Docker daemon was contacted by the Docker client.
2. Then, the “hello-world” image was downloaded by the Docker daemon from the Docker Hub.
3. Then, this image was used to create a new container by the Docker daemon, which then executed the executable to generate the output we are seeing right now.
4. Finally, stream the output from the Docker daemon to the Docker client, which then sent it to the terminal.

With the following command, we can launch an Ubuntu container to try something more daring:

 $ docker run -it ubuntu bash

[Looking for a solution to another query? We are just a click away.]

Conclusion

In conclusion, running Docker inside LXC enables us to enjoy all the advantages of running it in a different environment from the host without the complexity. Our Support team reviewed the specifics of running Docker inside LXC.