sysctl behavior for docker-io
Josh Poimboeuf
jpoimboe at redhat.com
Fri Oct 4 20:34:43 UTC 2013
On Fri, Oct 04, 2013 at 03:21:07PM -0500, Lokesh Mandvekar wrote:
> On Fri, Oct 04, 2013 at 04:04:19PM -0400, Matthew Miller wrote:
> > On Fri, Oct 04, 2013 at 02:15:07PM -0500, Lokesh Mandvekar wrote:
> > > So, IP forwarding seems to be disabled by default in Fedora. docker-io
> > > requires IP forwarding enabled
> > >
> > > With respect to packaging, we'd like to have docker-io installation set
> > > sysctl values to enable IPv4 and IPv6 forwarding:
> > > https://bugzilla.redhat.com/show_bug.cgi?id=1011680
> > >
> > > I was told on #fedora-devel that changing sysctl values during installation
> > > would spell trouble from a sysadmin's POV, so my plan was to install
> > > 80-docker.conf into /usr/lib/sysctl.d but not have the IP forwarding sysctl
> > > values take effect at install time. Would this be the right approach?
> >
> > I agree that they shouldn't be changed at RPM install time. However, I'm
> > also not sure that we should drop something into sysctl.d, because
> >
> > a) that doesn't take effect with the case of "yum install docker-io;
> > systemctl start docker", so that's confusing for users
> >
> > b) having docker _installed_ isn't really hte case where we need this --
> > it's when docker is running.
> >
> > So, my first suggestion is to put the configuration into the systemd service
> > file.
> >
> > But, I have a question: What does libvirt do? Both as an example, and as a
> > possible solution -- will this problem go away when we convert to using
> > that, because libvirt will just take care of that?
>
> Josh (cc'd) said libvirtd would enable it, but we still need to take care of
> this for docker+lxc.
I agree with Matthew that the unit file is a good place to do it.
Another option would be to enable it from the docker daemon itself.
That way all the other distros wouldn't have to hit this same issue when
packaging docker.
Josh
More information about the devel
mailing list