Something is cooking in OpenWrt master, I’m wondering if any of this is already available for testing in hbd branch.
https://github.com/openwrt/packages/commits/master/utils/docker-ce

FYI it’s not just Docker that can run containers, there is also (command compatible) Podman which could have different requirements.
Podman is installed in Fedora but last time I checked there was no LXC image for Fedora.

I would very much prefer to see Podman instead of Docker supported. But once again, this is a question of requirement. I am not even sure Podman is supported outside of systemd.

I have docker running in an LXC container with no issues for months now.

I run Hass.io at the LXC container level, which creates it’s own containers, as well as a couple other containers thrown in there (pi-hole, mumble server)

These were my notes from setting it up…

(edit, add lxc network config in case anyone needs it)

Install Docker

1. Install needed opkg packages on the Turris Omnia host

opkg install kmod-veth
opkg install kmod-ipt-extra
opkg install iptables-mod-extra

2. Install a new container (I created an arch linux container)
3. Open up the /srv/lxc/containername/config file for editing
4. Uncomment the line that enables nesting

# Uncomment the following line to support nesting containers:
lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)

5. Configure network to bridge to lan
   (not shown: either set ip static on lxc container OS, or use DHCP)

# Network configuration
lxc.net.0.type = veth
lxc.net.0.link = br-lan
lxc.net.0.flags = up
lxc.net.0.name = eth0
lxc.net.0.hwaddr = 22:11:85:de:f9:fb

6. Add the following lines to open up access to the host, allowing docker to successfully start

raw.lxc: |-
lxc.mount.auto = cgroup:rw:force
lxc.cgroup.devices.allow = a
security.nesting: "true"
security.privileged: "true"
lxc.cap.drop =

7. Save and exit the config file

8. Start the lxc container

lxc-start -n <container_name>

9. Attach to the console of the lxc container

lxc-attach -n <container_name>

10. Install docker (arch, so pacman)

pacman -Syu
pacman -S docker
pacman -S lxc

11. Enable Docker

systemctl enable docker
systemctl start docker

I could turn this into wiki article but I am not sure all of my steps are considered good practices for people to follow. Those LXC configuration changes come with risk.

very nice guide! been running docker inside lxc since turrisos v4.0. rock solid.
mostly using alpine as docker-host, but be warned that not all armhf containers will run nicely on alpine (jenkins does not).

also @huibuh seems to keep his docker build scripts updated. see here: https://github.com/selwtf

@bernstein You got a bit ahead of me there.

The stuff in this repo is still WIP and experimental. Use at your own risk.
When it’s stable and ready for use by most, I will write a new post with more detailed explanations.

In the meantime, feel free to poke around, test, break stuff and give me feedback (or even better PR’s). Just don’t be sad if you have to factory reset afterwards.

Full repo link: https://github.com/selwtf/turris

Is there any chance, that your docker build will work on MOX?
I understand, that the modified kernel obviously won’t, but I have no clue, whether there is any reason why those other stuff should or shouldn’t work.

Hi all.
Trying to achieve something similiar, but having issues at the first hurdle installing LXC in OpenWRT.

Followed the only tutorial I could find on this (http://www.gnuton.org/blog/2016/02/lxc-on-openwrt/) but no luck.

lxc-checkconfig cannot seems to find the kernel config.

Any tips or tricks on how you managed to get LXC onto OpenWRT much appreciated, thanks.

LXC nowadays works on the Turris right out of the box (after configuring external storage via foris).

So I can’t be of any help, sorry.
But I can highly recommend getting a Turris Omnia for the purpose of running LXCs on it (even though I had my fare share of problems in the past).

Docker will be available with TurrisOS 6.

Is it official info?

looks as if a kernel with support for containers in vanilla openwrt is only coming in 21.02.0.