I'm excited about the 8.1 release because it ships ZFS 2.2.
This should enable running Docker inside privileged LXCs. [1]
(Unprivileged LXC is a different beast, let's keep this thread focussed on the privileged LXC use case)
And indeed, it's super simple:
However, you'll observe that sometimes container build / create /destroy is slow.
The data path is fast, but, these "management" operations are slow.
My assessment is that this is due to a ZFS performance bug.
I filed an issue upstream: https://github.com/openzfs/zfs/issues/15581
I'll update this thread once there are significant developments.
If anyone from Proxmox is interested in enabling this use case, I think throwing person hours behind above issue is the way to go.
[1] NB: Pre OpenZFS 2.2, the only practical option for a CoW Docker graph driver on top of ZFS was their "ZFS Storage Driver" which built on top ZFS clones.
OpenZFS 2.2 (shipped in Proxmox 8.1) adds support for whiteouts at the filesystem level, and thus `overlayfs` can now be used efficiently.
This should enable running Docker inside privileged LXCs. [1]
(Unprivileged LXC is a different beast, let's keep this thread focussed on the privileged LXC use case)
And indeed, it's super simple:
- Create privileged LXC on a ZFS storage
- Enable
features: nesting=1
either via GUI or in the/etc/pve/lxc/$vmid.conf
- Inside the LXC
- Install Docker, e.g., using convenience script
- Ensure docker indeed uses
overlay2
driver:docker info | grep 'Storage Driver'
- Run a container: `docker run hello-world`
However, you'll observe that sometimes container build / create /destroy is slow.
The data path is fast, but, these "management" operations are slow.
My assessment is that this is due to a ZFS performance bug.
I filed an issue upstream: https://github.com/openzfs/zfs/issues/15581
I'll update this thread once there are significant developments.
If anyone from Proxmox is interested in enabling this use case, I think throwing person hours behind above issue is the way to go.
[1] NB: Pre OpenZFS 2.2, the only practical option for a CoW Docker graph driver on top of ZFS was their "ZFS Storage Driver" which built on top ZFS clones.
OpenZFS 2.2 (shipped in Proxmox 8.1) adds support for whiteouts at the filesystem level, and thus `overlayfs` can now be used efficiently.
Last edited: