Hello fellow LXDers (Lexies? Lexamaniacs?),
Very lazily I was going to ask for some help to define a basic configuration for LXCs which will run Docker and will also use ZFS block mode where required. It seems the documentation is scattered around a bit and I’m struggling a bit to know what to include. Ideally, I would like a profile which can be applied to LXC instances to set the proper parameters to allow Docker (privileged? unprivileged?) to run and to consume a ZFS block mode storage pool which has been created for it.
There’s some debate as to the profile, but I have :
config: cloud-init.user-data: | #cloud-config package_update: true packages: - curl - wget runcmd: - curl -fsSL https://get.docker.com -o get-docker.sh - sh get-docker.sh environment.TZ: Europe/London raw.lxc: | lxc.apparmor.profile=unconfined lxc.mount.auto=proc:rw sys:rw cgroup:rw lxc.cgroup.devices.allow=a lxc.cap.drop= security.nesting: "true" security.privileged: "true" security.syscalls.intercept.mknod: "true" security.syscalls.intercept.setxattr: "true" description: Default Docker LXD profile devices: eth0: maas.subnet.ipv4: 10.1.1.0/24 name: eth0 nictype: bridged parent: br0 type: nic root: path: / pool: store type: disk name: docker used_by: 
… as a very basic start, and I’m not even sure the convenience script is the best way to achieve this. And I don’t know how many of the config attributes are really trunly needed, since people use different ones. I would have thought apparmor.profile=unconfined and security.privileged: true achieve similar results?
Then I assume I want to create a new blockmode volume to add to the container, add it as a volume, and … profit?
I’m also assuming I should start the container with an IPv4 address at a minimum (since I want static IPs for these).