Docker: update README for VyOS inside container

2025-10-01 20:28:40 +02:00 · 2023-11-26 13:53:25 +01:00 · 2023-11-26 13:53:25 +01:00 · a0d3d87813
commit a0d3d87813
parent 360f7e2e0d
2 changed files with 46 additions and 24 deletions
--- a/docker-vyos/Dockerfile
+++ b/docker-vyos/Dockerfile
@ -1,6 +1,6 @@
 # syntax = docker/dockerfile:1

-# Copyright (C) 2020 VyOS maintainers and contributors
+# Copyright (C) 2020-2023 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
@ -17,10 +17,9 @@
 # Define arguments for VyOS image
 ARG VYOS_VERSION
 ARG BUILD_DATE
-ARG DEBIAN_VERSION

 # Use Debian as base layer
-FROM debian:${DEBIAN_VERSION}-slim
+FROM debian:bookworm-slim
 # Copy installer script and default build settings
 COPY [ "data/defaults.json", "data/live-build-config/archives/*", "docker-vyos/vyos_install_common.sh", "docker-vyos/vyos_install_stage_01.sh", "/tmp/" ]
 COPY [ "data/live-build-config/hooks/live/*", "/tmp/hooks/" ]
--- a/docker-vyos/README.md
+++ b/docker-vyos/README.md
@ -2,58 +2,81 @@

 VyOS can be run as a Docker container on a Linux host with a compatible kernel.

+## Build Container

-## Building Docker image
+To build a Docker image you need to have the whole `vyos-build` repository, not
+only a folder with Dockerfile, because some files from this repository are
+required for building.

-To build a Docker image you need to have the whole `vyos-build` repository, not only a folder with Dockerfile, because some files from this repository are required for building.
 Docker image with VyOS can be built on Linux host with the next command:

-```
-docker build --compress -f Dockerfile -t vyos:version-`date -u +%Y%m%d%H%M%S` --build-arg BUILD_DATE="`date -u --rfc-3339=seconds`" --build-arg VYOS_VERSION=version --build-arg DEBIAN_VERSION=debian --progress plain ..
+```console
+docker build --compress --file Dockerfile \
+  --tag vyos:version-`date -u +%Y%m%d%H%M%S` \
+  --build-arg BUILD_DATE="`date -u --rfc-3339=seconds`" \
+  --build-arg VYOS_VERSION=version \
+  --build-arg DEBIAN_VERSION=debian \
+  --progress plain ..
 ```

 Or, if you want to rebuild completely from the scratch (without cache):

-```
-docker build --no-cache --pull --compress -f Dockerfile -t vyos:version-`date -u +%Y%m%d%H%M%S` --build-arg BUILD_DATE="`date -u --rfc-3339=seconds`" --build-arg VYOS_VERSION=version --build-arg DEBIAN_VERSION=debian --progress plain ..
+```console
+docker build --no-cache --pull --compress --file Dockerfile \
+  --tag vyos:version-`date -u +%Y%m%d%H%M%S` \
+  --build-arg BUILD_DATE="`date -u --rfc-3339=seconds`" \
+  --build-arg VYOS_VERSION=version \
+  --build-arg DEBIAN_VERSION=debian \
+  --progress plain ..
 ```

-> **NOTE:** You must use proper version value for `DEBIAN_VERSION` variable. It can be only `jessie` (for VyOS 1.2) or `buster` (for VyOS 1.3).
+> **_NOTE:_** You must use proper version value for `DEBIAN_VERSION` variable.
+  It can be only `jessie` (for VyOS 1.2) or `buster` (for VyOS 1.3).

-## Running Docker image
+## Run Container

 Docker container with VyOS can be running with the next command:

-```
-docker run -v /lib/modules:/lib/modules --privileged --name vyos_inside_docker -d vyos:version
+```console
+docker run --privileged --detach \
+  --volume /lib/modules:/lib/modules \
+  --name vyos_inside_docker vyos:version
 ```

-You need to use the `--privileged` flag because the system actively interacts with a host kernel to perform routing operations and tune networking options.
-
+You need to use the `--privileged` flag because the system actively interacts
+with a host kernel to perform routing operations and tune networking options.

 **Experimantal:** You can limit access to some system resources with:

-```
-docker run --tmpfs /tmp --tmpfs /run --tmpfs /run/lock -v /sys/fs/cgroup:/sys/fs/cgroup:ro -v /lib/modules:/lib/modules --privileged --name vyos_inside_docker -d vyos:version
+```console
+docker run --privileged --detach \
+   --tmpfs /tmp \
+   --tmpfs /run \
+   --tmpfs /run/lock \
+   --volume /lib/modules:/lib/modules:ro \
+   --volume /sys/fs/cgroup:/sys/fs/cgroup:ro \
+   --name vyos_inside_docker vyos:version
 ```

-## Logging into a VyOS container
+### Log into container

-To open VyOS CLI, you can use SSH connection to the Docker container or run on host:
+To open VyOS CLI, you can use SSH connection to the Docker container or run
+on host:

-```
+```console
 docker exec -it vyos_inside_docker su vyos
 ```

-
 ## Troubleshooting

-If in VyOS appears IPv6-related errors, for example, it cannot assign an IPv6 for an interface, it is necessary to enable IPv6 support in Docker. This can be done, by editing `/etc/docker/daemon.json`:
+If in VyOS appears IPv6-related errors, for example, it cannot assign an IPv6
+address for an interface, it is necessary to enable IPv6 support in Docker.

-```
+This can be done, by editing `/etc/docker/daemon.json`:
+
+```console
 {
    "ipv6": true,
    "fixed-cidr-v6": "fe80::/64"
 }
-
 ```