diff options
-rw-r--r-- | docker-vyos/Dockerfile | 5 | ||||
-rw-r--r-- | docker-vyos/README.md | 65 |
2 files changed, 46 insertions, 24 deletions
diff --git a/docker-vyos/Dockerfile b/docker-vyos/Dockerfile index cfe505ef..16dbb1aa 100644 --- a/docker-vyos/Dockerfile +++ b/docker-vyos/Dockerfile @@ -1,6 +1,6 @@ # syntax = docker/dockerfile:1 -# Copyright (C) 2020 VyOS maintainers and contributors +# Copyright (C) 2020-2023 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -17,10 +17,9 @@ # Define arguments for VyOS image ARG VYOS_VERSION ARG BUILD_DATE -ARG DEBIAN_VERSION # Use Debian as base layer -FROM debian:${DEBIAN_VERSION}-slim +FROM debian:bookworm-slim # Copy installer script and default build settings COPY [ "data/defaults.json", "data/live-build-config/archives/*", "docker-vyos/vyos_install_common.sh", "docker-vyos/vyos_install_stage_01.sh", "/tmp/" ] COPY [ "data/live-build-config/hooks/live/*", "/tmp/hooks/" ] diff --git a/docker-vyos/README.md b/docker-vyos/README.md index 7c1fb6a1..ad0c3881 100644 --- a/docker-vyos/README.md +++ b/docker-vyos/README.md @@ -2,58 +2,81 @@ VyOS can be run as a Docker container on a Linux host with a compatible kernel. +## Build Container -## Building Docker image +To build a Docker image you need to have the whole `vyos-build` repository, not +only a folder with Dockerfile, because some files from this repository are +required for building. -To build a Docker image you need to have the whole `vyos-build` repository, not only a folder with Dockerfile, because some files from this repository are required for building. Docker image with VyOS can be built on Linux host with the next command: -``` -docker build --compress -f Dockerfile -t vyos:version-`date -u +%Y%m%d%H%M%S` --build-arg BUILD_DATE="`date -u --rfc-3339=seconds`" --build-arg VYOS_VERSION=version --build-arg DEBIAN_VERSION=debian --progress plain .. +```console +docker build --compress --file Dockerfile \ + --tag vyos:version-`date -u +%Y%m%d%H%M%S` \ + --build-arg BUILD_DATE="`date -u --rfc-3339=seconds`" \ + --build-arg VYOS_VERSION=version \ + --build-arg DEBIAN_VERSION=debian \ + --progress plain .. ``` Or, if you want to rebuild completely from the scratch (without cache): -``` -docker build --no-cache --pull --compress -f Dockerfile -t vyos:version-`date -u +%Y%m%d%H%M%S` --build-arg BUILD_DATE="`date -u --rfc-3339=seconds`" --build-arg VYOS_VERSION=version --build-arg DEBIAN_VERSION=debian --progress plain .. +```console +docker build --no-cache --pull --compress --file Dockerfile \ + --tag vyos:version-`date -u +%Y%m%d%H%M%S` \ + --build-arg BUILD_DATE="`date -u --rfc-3339=seconds`" \ + --build-arg VYOS_VERSION=version \ + --build-arg DEBIAN_VERSION=debian \ + --progress plain .. ``` -> **NOTE:** You must use proper version value for `DEBIAN_VERSION` variable. It can be only `jessie` (for VyOS 1.2) or `buster` (for VyOS 1.3). +> **_NOTE:_** You must use proper version value for `DEBIAN_VERSION` variable. + It can be only `jessie` (for VyOS 1.2) or `buster` (for VyOS 1.3). -## Running Docker image +## Run Container Docker container with VyOS can be running with the next command: -``` -docker run -v /lib/modules:/lib/modules --privileged --name vyos_inside_docker -d vyos:version +```console +docker run --privileged --detach \ + --volume /lib/modules:/lib/modules \ + --name vyos_inside_docker vyos:version ``` -You need to use the `--privileged` flag because the system actively interacts with a host kernel to perform routing operations and tune networking options. - +You need to use the `--privileged` flag because the system actively interacts +with a host kernel to perform routing operations and tune networking options. **Experimantal:** You can limit access to some system resources with: -``` -docker run --tmpfs /tmp --tmpfs /run --tmpfs /run/lock -v /sys/fs/cgroup:/sys/fs/cgroup:ro -v /lib/modules:/lib/modules --privileged --name vyos_inside_docker -d vyos:version +```console +docker run --privileged --detach \ + --tmpfs /tmp \ + --tmpfs /run \ + --tmpfs /run/lock \ + --volume /lib/modules:/lib/modules:ro \ + --volume /sys/fs/cgroup:/sys/fs/cgroup:ro \ + --name vyos_inside_docker vyos:version ``` -## Logging into a VyOS container +### Log into container -To open VyOS CLI, you can use SSH connection to the Docker container or run on host: +To open VyOS CLI, you can use SSH connection to the Docker container or run +on host: -``` +```console docker exec -it vyos_inside_docker su vyos ``` - ## Troubleshooting -If in VyOS appears IPv6-related errors, for example, it cannot assign an IPv6 for an interface, it is necessary to enable IPv6 support in Docker. This can be done, by editing `/etc/docker/daemon.json`: +If in VyOS appears IPv6-related errors, for example, it cannot assign an IPv6 +address for an interface, it is necessary to enable IPv6 support in Docker. -``` +This can be done, by editing `/etc/docker/daemon.json`: + +```console { "ipv6": true, "fixed-cidr-v6": "fe80::/64" } - ``` |