Compose: How to run containers in privileged mode

I changed this line to make it say privileged=True, but that did not make the Operation not permitted errors go away. Am I on a stray path?

This is all in service.py. You'll want to add it as a supported option and pass it through to container.start(...) in start_container.

Thanks for your help!

I'd love to send a PR for this, but I'm not up to speed with Python and currently stuck trying to run my fork like this:

$ python fig/cli/main.py
Traceback (most recent call last):
  File "fig/cli/main.py", line 10, in <module>
    from .. import __version__
ValueError: Attempted relative import in non-package

I'm obviously doin' it very wrong - but I can't find any Getting Started docs for developers. If they exist can you point me to those? Or otherwise some brief instructions how to set up a local development environment, then I'll be happy to write up a markdown/blogpost so other newcommers can easily dive into development too.

Best way to start is to clone the repo and run python setup.py develop. That'll install the dependencies and set up a symlink from your fig executable to the checkout of the repo.

Docs very welcome! Thanks for your help!

Created a PR this issue https://github.com/orchardup/fig/pull/132.
It fixes the problem for me so I'll close this issue.

If I have time I'll write up some docs for newcomers to python/fig wanting to help out and create a separate PR for that.

Thanks @kvz!

Not sure what I am doing wrong.

fig --version
fig 0.3.1

sudo fig up -d e2e
Unsupported config option for selenium service: 'privileged'

Hey @gregwebs, the merged PR was about the documentation. https://github.com/orchardup/fig/pull/132 needed some more research and is still pending.

Hi! As I'm having exactly the same problem, are there any news about when this PR will be merged :) ? Thanks!

This was merged already. To enable on your containers use:

my_service:
  privileged: true

I am using fig 1.0.1

If I try to set privileged to true it is like it is not executed.

In other words:

• my Dockerfile print a string to a file
• normally, it throws /bin/sh: 1: cannot create /sys/kernel/mm/transparent_hugepage/enabled: Read-only file system
• so I add privileged:true to fig.yml
• but then same error happens while building the container

I'm facing the same issue as @bitliner

docker-compose version: 1.4.1
Docker version 1.7.0, build 0baf609

The error:

Step 3 : RUN echo fs.inotify.max_user_watches=524288 | tee -a /etc/sysctl.conf && sysctl -p
 ---> Running in f45a1b3634fd
fs.inotify.max_user_watches=524288
sysctl: setting key "fs.inotify.max_user_watches": Read-only file system
Service 'frontend' failed to build: The command '/bin/sh -c echo fs.inotify.max_user_watches=524288 | tee -a /etc/sysctl.conf && sysctl -p' returned a non-zero code: 255

docker-compose.yml:

frontend:
  privileged: true
  build: ./frontend/
  ports:
   - "4200:4200"
  volumes:
   - ./frontend:/usr/src/app

privileged doesn't apply to the build phase. It's only applied to a running container. This is a restriction applied by docker, but it's not obvious from the docker-compose.yaml.

I am experiencing similar issue with docker-compose.yml. I am getting "Ignoring unsupported options: privileged" message. Any idea how to apply --privileged: true in docker-compose file??

@tenager same for me.
I'm on Docker version 17.12.1-ce, build 7390fc6

@tenager It might depend by your docker-compose.yml version. Since 3.3 it works and the option must be placed under the definition of the service you want to run in privileged mode.