I currently have a working POC of Docker in LXC container on TrueNAS SCALE using only the tools/packages pre-installed. Not depending on systemd-container (which is a sub-dependency of a package installed on SCALE), but instead using virsh from the libvirt-daemon-system package (which is a direct dependency of SCALE and the API is responsible for the VM features in the GUI). The post is in the Openmediavault forum but it works on SCALE as well. I'm going to experiment with using crun or runc as well to create an isolated environment in which to run Docker on SCALE :)
-
Important Announcement for the TrueNAS Community.
The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums
Best way to run vanilla Docker?
- Thread starter victor-perez
- Start date
Well then here it is: ubernerd. POC of running nerdctl (which is mostly docker compatible and has some neat additional features) natively without modifying the host rootfs and without relying on the package manager. It may be able to replace docker, lxc, systemd-nspawn (jailmaker) in many cases. Tested on TrueNAS-SCALE-23.10-MASTER-20230816-040941.
Probably! Just make sure the jailmaker jail is shutdown (don't run multiple containers/jails off of the same rootfs simultaneously). And I'd advise to make a backup/copy/snapshot before you run the same rootfs with nerdctl. You may have to experiment a bit depending on your networking config.
You should be able to run them side by side.
- Joined
- Jan 1, 2016
- Messages
- 9,703
I can't begin to say how grateful I am to you for bringing this work forward...
I was able to install ubernerd in less than a minute... changed to the jailmaker/jails directory for one of my jails and ran the nerdctl command to start it... then realised I hadn't specified host networking and volume mounts, so had to stop it, remove it and run it again with those switches, then all was running exactly as it had been in jailmaker. It even got me to a solution I was looking for to expose the needed hardware for smartctl (running in privileged mode) to see the disks on the host (couldn't get there with jailmaker). (side note: doing that will kill the smartd service on the host, so make sure to account for that)
What a brilliant solution to this whole situation... seems more-or-less bulletproof and portable as a massive bonus to just about any Linux OS... maybe also some others.
@Jip-Hop you are a genius!
Last edited:
Glad to hear positive reactions! It's still very much a POC and not complete. Any help is welcome (search for TODO in the repo)! For now my home server will continue to run jailmaker but I think ubernerd has the potential to fulfill most container needs :D
Neat, the script works nice. Thanks for that one.
I suppose using host networking isn't problematic?
Bind mounting my ZFS dataset into the nerdctl container to bind mount it again into a docker container feels a bit Rube Goldberg, but I guess it is what it is.
I suppose using host networking isn't problematic?
Bind mounting my ZFS dataset into the nerdctl container to bind mount it again into a docker container feels a bit Rube Goldberg, but I guess it is what it is.
Stux
MVP
- Joined
- Jun 2, 2016
- Messages
- 4,419
Me too. Will be porting my mailcow installation to its own sandbox once Dragonfish releases... for now its happy running in a dedicated VM
And mailcow is the primary reason I did NOT switch to scale until a good compose solution was found.
