How to start Docker daemon inside a Docker container using supervisord?

Question

I'm user supervisord and Docker 1.5.0 inside a Docker container (using debian jessie) but I cannot run any containers from within the Docker container:

$ docker run busybox bash
Unable to find image 'busybox:latest' locally
511136ea3c5a: Pull complete
df7546f9f060: Pull complete
ea13149945cb: Pull complete
4986bf8c1536: Pull complete
busybox:latest: The image you are pulling has been verified. Important: image verification is a tech preview feature and should not be relied on to provide security.
Status: Downloaded newer image for busybox:latest
FATA[0006] Error response from daemon: Cannot start container df7d5f605f5c1b6750614c6a04889e34aa9b96a4de98dcfc91b8f38f9d445aad: failed to find the cgroup root

This could be a bug (but people seem to have found workarounds for it) but I suspect that I may need to start additional services before starting my docker daemon. One of the suggested workarounds is to install cgroup-lite and start it before the Docker daemon. However I cannot find the cgroup-lite package in Jessie. For this reason I've also tried basing my container on an Ubuntu image (14.04) instead (which has cgroup-lite) but nothing changes (I still get the same error). I'm starting to suspect that this is because upstart is not running when starting containers and that I have to start cgroup-bin or cgroup-lite from my supervisord config. My current supervisord config looks like this:

[supervisord]
user=root
nodaemon=true

[program:docker]
user=root
autostart=true
autorestart=true
command=/usr/bin/docker -d
redirect_stderr=true
stdout_logfile=/var/log/docker/%(program_name)s.log
stdout_logfile_maxbytes=10MB
stdout_logfile_backups=10

[program:jenkins]
user=jenkins
autostart=true
autorestart=true
command=/usr/local/bin/jenkins.sh
redirect_stderr=true
stdout_logfile=/var/log/jenkins/%(program_name)s.log
stdout_logfile_maxbytes=10MB
stdout_logfile_backups=10
environment = JENKINS_HOME="/var/jenkins_home",HOME="/var/jenkins_home",USER="jenkins"

And it's started from the Docker CMD as:

CMD sudo /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf

So my question is essentially, how do I start the Docker daemon using supervisord and make sure that all its dependencies are loaded before program:docker is started (if this is actually the problem)?

Answer 1

As Javier Cortejoso pointed out there's a project called DIND that contains a script called wrapdocker that you can use to properly start Docker inside Docker. It takes care of starting and mounting cgroups etc.

The solution was to simply download the wrapdocker script and include it in my Dockerfile:

# Install the magic wrapper.
ADD ./wrapdocker /usr/local/bin/wrapdocker
RUN chmod +x /usr/local/bin/wrapdocker

In my supervisor config I then changed the command in [program:docker] to point to the wrapdocker script instead of just /usr/bin/docker -d:

[supervisord]
user=root
nodaemon=true

[program:docker]
user=root
autostart=true
autorestart=true
command=/usr/local/bin/wrapdocker
redirect_stderr=true
stdout_logfile=/var/log/docker/%(program_name)s.log
stdout_logfile_maxbytes=10MB
stdout_logfile_backups=10

[program:jenkins]
user=jenkins
autostart=true
autorestart=true
command=/usr/local/bin/jenkins.sh
redirect_stderr=true
stdout_logfile=/var/log/jenkins/%(program_name)s.log
stdout_logfile_maxbytes=10MB
stdout_logfile_backups=10
environment = JENKINS_HOME="/var/jenkins_home",HOME="/var/jenkins_home",USER="jenkins"