I noticed this while running a Docker container in an LXD container:
root@lxdcontainer:~# grep -c processor /proc/cpuinfo 1 root@lxdcontainer:~# grep MemTotal /proc/meminfo MemTotal: 488280 kB root@lxdcontainer:~# docker run -it ubuntu bash root@fcd00479a2c1:/# grep -c processor /proc/cpuinfo 56 root@fcd00479a2c1:/# grep MemTotal /proc/meminfo MemTotal: 263758600 kB
I have been trying to figure out why Docker has access to the host machine’s
/proc/meminfo files, but haven’t been able to tell much from
Is this an artifact of setting
security.nesting=true for the LXD container in order to run Docker containers?
My goal is to get the Docker container to only see resources that have been allocated to the LXD container and nothing else. Please let me know how I can do so.