The Funtoo Linux project has transitioned to "Hobby Mode" and this wiki is now read-only.
LXD/Docker in LXD
If you have followed our notes about LXD in LXD then there is not much you need to do to be able to run Docker inside your container.
The container has to be setup similarly as for LXD in LXD (security.nesting needs to be enabled) so let us know if you want this turned on for your container at bugs.funtoo.org
Let's start a simple Hello world docker container inside our LXD container.
Install and start docker
As simple as:
root # emerge -v app-emulation/docker root # /etc/init.d/docker start
Starting your first docker microcontainer
root # docker run --detach --name app carinamarina/hello-world-app root # docker run --detach --name web --link app:helloapp -p 80:5000 carinamarina/hello-world-web
Go to your containers ip address and if you were not running anything on port 80 you should get:
The linked container said... "Hello World!"
Building a Funtoo Docker Container
To build a docker container you will need a Dockerfile with the description how to build an image and internet connection and docker of course.
# This Dockerfile creates a funtoo stage3 container image. By default it
# creates a stage3 generic 64bit image. It utilizes a multi-stage build and requires
# docker-17.05.0 or later. It fetches a daily snapshot from the official
# sources and verifies its checksum as well as its gpg signature.
# As gpg keyservers sometimes are unreliable, we use multiple gpg server pools
# to fetch the signing key.
# we are going to use alpine as our bootstrap container
ARG BOOTSTRAP
FROM ${BOOTSTRAP:-alpine:3.7} as builder
WORKDIR /funtoo
# here are all the arguments about arch/subarch ... defined
ARG ARCH=x86-64bit
ARG SUBARCH=generic_64
ARG DIST="https://build.funtoo.org/funtoo-current"
ARG FILENAME="stage3-latest.tar.xz"
ARG BDFL_KEY="E986E8EE"
ARG BDFL_FP="E8EE"
ARG SIGNING_KEYS="11FD00FD 683A2F8A BEA87CD2 EEE54A43 62DD6D47 6B365A89"
RUN echo "Building Funtoo Container image for ${ARCH} ${SUFFIX} fetching from ${DIST}" \
&& sleep 3 \
&& apk --no-cache add gnupg tar wget xz \
&& STAGE3="${DIST}/${ARCH}/${SUBARCH}/${FILENAME}" \
&& wget -nv "${STAGE3}" "${STAGE3}.gpg" "${STAGE3}.hash.txt" \
&& gpg --list-keys \
&& echo "standard-resolver" >> ~/.gnupg/dirmngr.conf \
&& echo "honor-http-proxy" >> ~/.gnupg/dirmngr.conf \
&& echo "disable-ipv6" >> ~/.gnupg/dirmngr.conf \
&& gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys ${BDFL_KEY} ${SIGNING_KEYS} \
&& gpg --list-keys --fingerprint
And this is how we use it. Create a directory my_funtoo_img and put the Docker file in there. And then run this:
root # mkdir my_funtoo_img root # cd my_funtoo_img root # touch Dockerfile
Paste the contents inside Dockerfile and continue with:
root # docker build -t funtoo . Sending build context to Docker daemon 4.096kB Step 1/16 : ARG BOOTSTRAP Step 2/16 : FROM ${BOOTSTRAP:-alpine:3.7} as builder ---> 791c3e2ebfcb Step 3/16 : WORKDIR /funtoo ---> Using cache ---> 55f68b42e50c Step 4/16 : ARG ARCH=x86-64bit ---> Using cache ---> 756b8f4d4229 Step 5/16 : ARG SUBARCH=generic_64 ---> Using cache ---> be81f9929e20 Step 6/16 : ARG SUFFIX ---> Using cache ---> 5eaf818944d2 Step 7/16 : ARG DIST="https://build.funtoo.org/funtoo-current" ---> Using cache ---> ac85a6ef2c5d Step 8/16 : ARG FILENAME="stage3-latest.tar.xz" ---> Using cache ---> 980145cd90ab Step 9/16 : ARG BDFL_KEY="E986E8EE" ---> Using cache ---> e4a24bfc1232 Step 10/16 : ARG BDFL_FP="E8EE" ---> Using cache ---> 6e53c1d550bf Step 11/16 : ARG SIGNING_KEYS="11FD00FD 683A2F8A BEA87CD2 EEE54A43 62DD6D47 6B365A89" ---> Using cache ---> 9576df27fa15 Step 12/16 : RUN echo "Building Funtoo Container image for ${ARCH} ${SUFFIX} fetching from ${DIST}" && sleep 3 && apk --no-cache add gnupg tar wget xz && STAGE3="${DIST}/${ARCH}/${SUBARCH}/${FILENAME}" && ec ho "STAGE3:" $STAGE3 && wget -nv "${STAGE3}" "${STAGE3}.gpg" "${STAGE3}.hash.txt" && gpg --list-keys && echo "standard-resolver" >> ~/.gnupg/dirmngr.conf && echo "honor-http-proxy" >> ~/.gnupg/dirmngr.conf && echo "disable-ipv6" >> ~/.gnupg/dirmngr.conf && gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys ${BDFL_KEY} ${SIGNING_KEYS} && gpg --list-keys --fingerprint | grep ${BDFL_FP} | tr -d '[:space:]' | awk 'BEGIN { FS = "=" } ; { print $1 ":6:" }' | gpg --import-ownertrust && gpg --verify ${FILENAME}.gpg ${FILENAME} && echo "Hash value from hash file:" && cat ${FILENAME}.hash.txt && echo "Hash value compu ted:" && sha256sum ${FILENAME} && awk '{print $2 " stage3-latest.tar.xz"}' ${FILENAME}.hash.txt | sha256sum -c - && tar xpf ${FILENAME} --xattrs --numeric-owner && sed -i -e 's/#rc_sys=""/rc_sys="docker"/g' etc/rc.conf && echo 'UTC' > etc/timezone && rm stage3-latest.tar.xz* && rm -rf usr/src/linux-debian-sources-4.14.12 && rm -rf lib64/modules/4.14.12-2 && rm -rf boot/*-4.14.12-2 ---> Running in 6df725ddcdb1 Building Funtoo Container image for x86-64bit fetching from https://build.funtoo.org/funtoo-current fetch http://dl-cdn.alpinelinux.org/alpine/v3.7/main/x86_64/APKINDEX.tar.gz fetch http://dl-cdn.alpinelinux.org/alpine/v3.7/community/x86_64/APKINDEX.tar.gz (1/26) Installing libgpg-error (1.27-r1) (2/26) Installing libassuan (2.4.4-r0) (3/26) Installing libcap (2.25-r1) (4/26) Installing ncurses-terminfo-base (6.0_p20171125-r1) (5/26) Installing ncurses-terminfo (6.0_p20171125-r1) (6/26) Installing ncurses-libs (6.0_p20171125-r1) (7/26) Installing pinentry (1.0.0-r0) Executing pinentry-1.0.0-r0.post-install (8/26) Installing libbz2 (1.0.6-r6) (9/26) Installing libgcrypt (1.8.3-r0) (10/26) Installing gmp (6.1.2-r1) (11/26) Installing nettle (3.3-r0) (12/26) Installing libffi (3.2.1-r4) (13/26) Installing libtasn1 (4.12-r3) (14/26) Installing p11-kit (0.23.2-r2) (15/26) Installing libunistring (0.9.7-r0) (16/26) Installing gnutls (3.6.1-r0) (17/26) Installing libksba (1.3.5-r0) (18/26) Installing db (5.3.28-r0) (19/26) Installing libsasl (2.1.26-r11) (20/26) Installing libldap (2.4.45-r3) (21/26) Installing npth (1.5-r1) (22/26) Installing gnupg (2.2.3-r1) (23/26) Installing tar (1.29-r1) (24/26) Installing wget (1.19.5-r0) (25/26) Installing xz-libs (5.2.3-r1) (26/26) Installing xz (5.2.3-r1) Executing busybox-1.27.2-r11.trigger OK: 25 MiB in 39 packages STAGE3: https://build.funtoo.org/funtoo-current/x86-64bit/generic_64/stage3-latest.tar.xz 2018-09-06 00:08:23 URL:https://1570734985.rsc.cdn77.org/funtoo-current/x86-64bit/generic_64/2018-08-27/stage3-generic_64-funtoo-current-2018-08-27.tar.xz [374824936/374824936] -> "stage3-latest.tar.xz" [1] 2018-09-06 00:08:23 URL:https://build.funtoo.org/funtoo-current/x86-64bit/generic_64/stage3-latest.tar.xz.gpg [566/566] -> "stage3-latest.tar.xz.gpg" [1] 2018-09-06 00:08:23 URL:https://build.funtoo.org/funtoo-current/x86-64bit/generic_64/stage3-latest.tar.xz.hash.txt [72/72] -> "stage3-latest.tar.xz.hash.txt" [1] FINISHED --2018-09-06 00:08:23-- Total wall clock time: 1m 18s Downloaded: 3 files, 357M in 1m 15s (4.78 MB/s) gpg: directory '/root/.gnupg' created gpg: keybox '/root/.gnupg/pubring.kbx' created gpg: /root/.gnupg/trustdb.gpg: trustdb created gpg: key 28CE446E6B365A89: 1 signature not checked due to a missing key gpg: key 28CE446E6B365A89: public key "Daniel Robbins (metro:ryzen) <drobbins@funtoo.org>" imported gpg: key 4BE69BAE62DD6D47: 1 signature not checked due to a missing key gpg: key 4BE69BAE62DD6D47: public key "Daniel Robbins (metro:odroid-c2) <drobbins@funtoo.org>" imported gpg: key 2A7B0B2EEEE54A43: 1 signature not checked due to a missing key gpg: key 2A7B0B2EEEE54A43: public key "Daniel Robbins (metro:odroid-xu4) <drobbins@funtoo.org>" imported gpg: key A9021CE4BEA87CD2: 1 signature not checked due to a missing key gpg: key A9021CE4BEA87CD2: public key "Daniel Robbins (metro:jaguar) <drobbins@funtoo.org>" imported gpg: key 3AA5CA5E683A2F8A: 1 signature not checked due to a missing key gpg: key 3AA5CA5E683A2F8A: public key "Daniel Robbins (metro:excavator) <drobbins@funtoo.org>" imported gpg: key 9266C4FA11FD00FD: 1 signature not checked due to a missing key gpg: key 9266C4FA11FD00FD: public key "Daniel Robbins (metro:node) <drobbins@funtoo.org>" imported gpg: key 9A658306E986E8EE: public key "Daniel Robbins (BDFL) <drobbins@funtoo.org>" imported gpg: no ultimately trusted keys found gpg: Total number processed: 7 gpg: imported: 7 gpg: inserting ownertrust of 6 gpg: Signature made Mon Aug 27 08:06:40 2018 UTC gpg: using RSA key 30737D12308C9D0C882FC34B57CB0A121BAECB2E gpg: checking the trustdb gpg: marginals needed: 3 completes needed: 1 trust model: pgp gpg: depth: 0 valid: 1 signed: 6 trust: 0-, 0q, 0n, 0m, 0f, 1u gpg: depth: 1 valid: 6 signed: 0 trust: 6-, 0q, 0n, 0m, 0f, 0u gpg: Good signature from "Daniel Robbins (metro:node) <drobbins@funtoo.org>" [full] Hash value from hash file: sha256 dad9f3f8a58eb8a20f5697a57b30ab140cdce11a1624fde7d409070ba1052e60 Hash value computed: dad9f3f8a58eb8a20f5697a57b30ab140cdce11a1624fde7d409070ba1052e60 stage3-latest.tar.xz stage3-latest.tar.xz: OK Removing intermediate container 6df725ddcdb1 ---> 3e47b26959ff Step 13/16 : FROM scratch ---> Step 14/16 : WORKDIR / ---> Using cache ---> 4bb5c1565f15 Step 15/16 : COPY --from=builder /funtoo/ / ---> Using cache ---> 6759ad727278 Step 16/16 : CMD ["/bin/bash"] ---> Using cache ---> c869e0c35b0c Successfully built c869e0c35b0c Successfully tagged funtoo:latest root # docker image list REPOSITORY TAG IMAGE ID CREATED SIZE funtoo latest c869e0c35b0c 42 hours ago 897MB