Running in Docker Container
Docker is an open-source project for deploying applications as standardized units called containers. Deploying VyOS in a container provides a simple and lightweight mechanism for both testing and packet routing for container workloads.
IPv6 Support for docker
VyOS requires an IPv6-enabled docker network. Currently linux distributions do not enable docker IPv6 support by default. You can enable IPv6 support in two ways.
Method 1: Create a docker network with IPv6 support
Here is a example using the macvlan driver.
docker network create --ipv6 -d macvlan -o parent=eth0 --subnet 2001:db8::/64 --subnet 192.0.2.0/24 mynet
Method 2: Add IPv6 support to the docker daemon
Edit /etc/docker/daemon.json to set the ipv6 key to true and to specify
the fixed-cidr-v6 to your desired IPv6 subnet.
{
"ipv6": true,
"fixed-cidr-v6": "2001:db8::/64"
}
Reload the docker configuration.
$ sudo systemctl reload docker
Deploy container from ISO
Download the ISO on which you want to base the container. In this example,
the name of the ISO is vyos-1.4-rolling-202308240020-amd64.iso. If you
created a custom IPv6-enabled network, the docker run command below
will require that this network be included as the --net parameter to
docker run.
$ mkdir vyos && cd vyos
$ curl -o vyos-1.4-rolling-202308240020-amd64.iso https://github.com/vyos/vyos-rolling-nightly-builds/releases/download/1.4-rolling-202308240020/vyos-1.4-rolling-202308240020-amd64.iso
$ mkdir rootfs
$ sudo mount -o loop vyos-1.4-rolling-202308240020-amd64.iso rootfs
$ sudo apt-get install -y squashfs-tools
$ mkdir unsquashfs
$ sudo unsquashfs -f -d unsquashfs/ rootfs/live/filesystem.squashfs
$ sudo tar -C unsquashfs -c . | docker import - vyos:1.4-rolling-202111281249
$ sudo umount rootfs
$ cd ..
$ sudo rm -rf vyos
$ docker run -d --rm --name vyos --privileged -v /lib/modules:/lib/modules \
> vyos:1.4-rolling-202111281249 /sbin/init
$ docker exec -ti vyos su - vyos
You can execute docker stop vyos when you are finished with the container.