docker(role): document gVisor issue with user-def. br. and provide help
Document issue with containers on user-defined bridges and using the gVisor runsc runtime. Also provide a helper resolv.conf as a workaround.
This commit is contained in:
parent
d2ace350b0
commit
e83b6ff318
SSH key fingerprint:
SHA256:o9EAq4Y9N9K0pBQeBTqhSDrND5E7oB+60ZNx0U1yPe0
3 changed files with 21 additions and 0 deletions
|
|
@ -17,6 +17,8 @@ None.
|
|||
## Optional Arguments
|
||||
|
||||
- `docker__gvisor_setup`: Whether or not to set up [gVisor](https://gvisor.dev/) (`runsc` runtime).
|
||||
> Note: gVisor doesn't work with the embedded DNS server Docker forces for user-defined bridges (see the [relevant GitHub issue](https://github.com/google/gvisor/issues/7469)). A workaround would be to bind mount a `resolv.conf` not relying on localhost DNS (note however that this still doesn't provide local container name resolution). When enabling this option such a helper `resolv.conf` pointing to Quad9 gets deployed to `/etc/gvisor-helper-resolv.conf` for bind-mounting. See the file for usage instructions.
|
||||
|
||||
Defaults to `false`.
|
||||
|
||||
## Links & Resources
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue