Skip to content

Commit 7741c76

Browse files
milantracygvisor-bot
milantracy
authored and
gvisor-bot
committed
Add notes on docker in gVisor support in GKE.
PiperOrigin-RevId: 844543592
1 parent 6530fb6 commit 7741c76

File tree

3 files changed

+8
-3
lines changed

3 files changed

+8
-3
lines changed

g3doc/user_guide/tutorials/docker-in-gke-sandbox.md

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,8 @@ applications.
66
In gVisor, all basic docker commands should function as expected. The host
77
network driver and the bridge network driver are tested and supported.
88

9+
> gVisor supports Docker Engine up to version 27 in GKE.
10+
911
## How to run Docker in a GKE Sandbox
1012

1113
### GKE standard cluster
@@ -25,15 +27,15 @@ granted by the gVisor sandbox.
2527
An example command to start an GKE autopilot cluster will be:
2628

2729
```sh
28-
gcloud container clusters create-auto [CLUTER_NAME] --workload-policies=allow-net-admin --location=[LOCATION] --cluster-version=1.33.2-gke.4655000
30+
gcloud container clusters create-auto [CLUTER_NAME] --workload-policies=allow-net-admin --location=[LOCATION]
2931
```
3032

3133
### Get started
3234

3335
Prepare a container image with pre-installed Docker:
3436

3537
```shell
36-
$ docker build -t docker-in-gvisor images/basic/docker
38+
$ docker build -t docker-in-gvisor images/basic/docker/
3739
$ docker push {registry_url}/docker-in-gvisor:latest
3840
```
3941

g3doc/user_guide/tutorials/docker-in-gvisor.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,8 @@ applications.
66
In gVisor, all basic docker commands should function as expected. The host
77
network driver and the bridge network driver are tested and supported.
88

9+
> gVisor supports Docker Engine up to version 28.
10+
911
### NOTE on runsc setup
1012

1113
To run docker within gvisor, runsc must be enabled to allow raw sockets. This is

images/basic/docker/Dockerfile

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
FROM ubuntu:24.04
22

3+
ARG DOCKER_VERSION="5:27.5.1-1~ubuntu.24.04~noble"
34
ENV DEBIAN_FRONTEND="noninteractive"
45
RUN apt-get update && apt-get -y install ca-certificates curl
56
# TODO(gvisor.dev/issue/11883): use the latest docker version.
@@ -8,7 +9,7 @@ RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings
89
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
910
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" > /etc/apt/sources.list.d/docker.list && \
1011
apt-get update && \
11-
apt-get install -qqy docker-ce=5:28.5.2-1~ubuntu.24.04~noble docker-ce-cli=5:28.5.2-1~ubuntu.24.04~noble containerd.io docker-buildx-plugin docker-compose-plugin iproute2
12+
apt-get install -qqy docker-ce=${DOCKER_VERSION} docker-ce-cli=${DOCKER_VERSION} containerd.io docker-buildx-plugin docker-compose-plugin iproute2
1213

1314
COPY start-dockerd.sh .
1415
CMD /start-dockerd.sh

0 commit comments

Comments
 (0)