File tree Expand file tree Collapse file tree 1 file changed +10
-0
lines changed
g3doc/user_guide/tutorials Expand file tree Collapse file tree 1 file changed +10
-0
lines changed Original file line number Diff line number Diff line change @@ -6,6 +6,16 @@ applications.
66In gVisor, all basic docker commands should function as expected. The host
77network driver and the bridge network driver are tested and supported.
88
9+ ### Limitations
10+
11+ - ` dockerd ` inside gVisor needs to be executed with flags
12+ ` --iptables=false --ip6tables=false ` and additional network setup is needed, check
13+ [ images/basic/docker/start-dockerd.sh] ( https://github.com/google/gvisor/blob/master/images/basic/docker/start-dockerd.sh )
14+ for the reference
15+ - because iptables disabled, ` docker run --expose= ` does not expose the port;
16+ if a nested container needs to expose ports, inside gVisor use ` docker run --network=host `
17+ - docker 28 may not work ([ #11883 ] ( https://github.com/google/gvisor/issues/11883 ) )
18+
919### NOTE on runsc setup
1020
1121To run docker within gvisor, runsc must be enabled to allow raw sockets. This is
You can’t perform that action at this time.
0 commit comments