5

I've juste installed a custom kernel module to enable SCTP support on my Macbook

And I would like to load this kernel module inside my docker container.

I tried to start a container using the --cap-add SYS_MODULE flag and install the libsctp-dev lksctp-tools kmod packages in the container to enable sctp using "modprobe sctp"... but unsuccessfully:

modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.9.13-moby/modules.dep.bin' modprobe:
  FATAL: Module SCTP not found in directory /lib/modules/4.9.13-moby

On a linux host, some people advise do to do like that : Docker loading kernel modules but it's both uncompatible with macOS and "dirty"...

So my question is : Does anyone know how to use kernel module in a docker container using a macOs host ? Is that even possible ?

Community
  • 1
  • 1
Razaborg
  • 151
  • 1
  • 7
  • 2
    Your Mac is using a Darwin kernel, and Docker is using a Linux kernel. Not at all compatible. You might be able to do something like this, but you would have to go into the Linux VM that hosts Docker on your Mac and do it there. That is where the container kernels run - in Linux, not in macOS. – Dan Lowe Apr 19 '17 at 15:45
  • 3
    You can access the Linux VM like this BTW: `docker run --rm -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh` – Dan Lowe Apr 19 '17 at 15:48
  • @DanLowe post that as an answer, not a set of comments – Derick Bailey Apr 19 '17 at 15:58
  • @DerickBailey I intentionally didn't post it as an answer because it doesn't really answer the question "how can I add this kernel module to a container" - I don't know if you _can_ do that, much less _how_ to do it... – Dan Lowe Apr 19 '17 at 16:02

1 Answers1

8

I found out that docker for mac runs over an hyperkit VM with alpine to get the linux kernel.

As mentionned by @DanLowe in the comments, we can access this VM using the following command : docker run --rm -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh

The kernel sources used by this VM are available here : https://github.com/linuxkit/linuxkit

I edited the kernel/kernel_config file and set CONFIG_IP_SCTP=y to enable SCTP support in the kernel.

Then I recompiled the kernel and copied my newly compiled kernel file (bzImage) to the docker for mac /Applications/Docker.app/Contents/Resources/moby/vmlinuz64 kernel file.

Restarted docker for mac and...

host>docker run -it debian container>cat /proc/net/protocols protocol size sockets memory press maxhdr slab module cl co di ac io in de sh ss gs se re sp bi br ha uh gp em SCTPv6 1416 1 0 no 0 yes kernel y y y y y y y y y y y y n y y y y y y SCTP 1256 0 0 no 0 yes kernel y y y y y y y y y y y y n y y y y y y

Pull Request here.

Razaborg
  • 151
  • 1
  • 7
  • 1
    not works for newer Docker for OSX because it keeps all linux files including kernel in `/Applications/Docker.app/Contents/Resources/linuxkit/docker-for-mac.iso` – zed_0xff Oct 30 '17 at 14:55