1

I am trying to run docker in docker on a gce but to no avail. I have used similar setup on a host and it worked fine. However, when try it with --create-with-container I get:

Segmentation fault (core dumped)
Segmentation fault (core dumped)

I have docker installed in the image. It works fine when the image is run on a normal host. Here is how I am trying to do it:

gcloud compute instances \
  create-with-container docker-in-docker-on-cge \
  --container-restart-policy=never \
  --container-privileged \
  --container-mount-host-path=host-path=/var/run/docker.sock,mount-path=/var/run/docker.sock \
  --container-mount-host-path=host-path=/usr/bin/docker,mount-path=/usr/bin/docker \
  --container-image=$MYIMAGE

Do you think this is possible at all, and if yes, what should I do?

Thanks

deann
  • 756
  • 9
  • 24

1 Answers1

1

When you use a command gcloud compute instances create-with-container to create a GCE VM instance running a container image, a Container-Optimized OS (COS) is deployed. This is operating system optimized for running Docker containers. But it lacks many of components you had in a typical Linux distribution.

It has a number of limitations, for instance the COS kernel is locked down; you are unable to install third-party kernel modules or drivers. Containerized applications that depend on kernel modules, drivers and other additional packages that are not available in COS might not work. This is kind of a lockdown environment with a small attack surface, that runs your containers as safe as possible.

For more details please see Container-Optimized OS Overview

It's unlikely that Docker-in-Docker configuration in COS is supported by Google.

Apart from that there are good explanations of why running a nested Docker configuration is troublesome and what a workaround could be:

Is it ok to run docker from inside docker?

Docker in Docker?

Both listed above are based on the original article of the author of the Docker-in-Docker feature Jérôme Petazzoni: Using Docker-in-Docker for your CI or testing environment? Think twice.

mebius99
  • 2,495
  • 1
  • 5
  • 9