A few days ago I attempted to build a Ubuntu LXC container to run Docker on a Gentoo host. It ended up being a failure. I was getting “devices.deny: permission denied” errors. However, not willing to give up, I kept looking at the issue and finally solved it!
As mentioned in my previous post, docker was running correctly on the Gentoo LXC. I noticed that there were some differences between the /sys/fs/cgroup of both containers. The Gentoo one was more abbreviated while the Ubuntu one was a exact copy of the host. I discovered that before installing docker, the Ubuntu cgroup matched that of Gentoo’s. This meant that after docker was installed, something was screwing up the cgroup. I found code in the init scripts that tries to mount the cgroup. After numerous trial and error, I got it to stop kludging up cgroups. Here’s what to do after installing docker:
Remove the cgroup-lite package.
[code]# sudo initctl stop cgroup-lite
# sudo apt-get remove cgroup-lite[/code]
Open /etc/init/docker.conf, under pre-start script add the line
[code]exit 0[/code]
This skips all the cgroup initialisation which is probably catering for non-LXC docker hosts.
As a side note, I couldn’t get docker 1.4.1 working because of the “cpuset.cpus: no such file or directory” issue mentioned in my previous blog post. 1.3.3 worked perfectly though. You can install docker 1.3.3 by running
[code] # sudo apt-get install lxc-docker-1.3.3[/code]
Update: Workaround to the cpuset.cpus issue – Use the LXC execution driver
Now I can run dokku.