Skip to content

Instantly share code, notes, and snippets.

@tobiashm

tobiashm/docker-userns.md

Last active January 5, 2017 15:21
Show Gist options
  • Save tobiashm/5feb2d461a367e200c6b353b27db2201 to your computer and use it in GitHub Desktop.
Save tobiashm/5feb2d461a367e200c6b353b27db2201 to your computer and use it in GitHub Desktop.
Download ZIP
Docker user namespace on RHEL7
Raw
docker-userns.md

Setup User Namespace on RHEL7 for use with Docker

Install Docker

Enable User Namespace on RHEL7:

# Notice: Use whatever is the lates version of `/boot/vmlinuz-xxx.el7.x86_64`
sudo grubby --args="user_namespace.enable=1" --update-kernel=/boot/vmlinuz-3.10.0-327.13.1.el7.x86_64
sudo reboot now

Add current user an group ids to subordinate mapping:

echo "$USER:$(id -u $USER):65536" | sudo tee /etc/subuid
echo "$USER:$(id -g $USER):65536" | sudo tee /etc/subgid

Configure Docker daemon to use remapping:

echo '{"userns-remap":"'$USER'"}' | sudo tee /etc/docker/daemon.json

Since docker images takes up a lot of space, we’ll usually move them to a folder on a mounted drive with more room. E.g. if /data is the storage drive:

mkdir /data/docker

Add an entry in /etc/docker/daemon.json:

"graph":"/data/docker"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment