Passing 'docker run' options to Waypoint

gsebast · March 23, 2022, 7:33pm

I would like to spin up a Hashicorp Vault instance using Waypoint with Docker. The official Vault image documentation on Docker Hub (Docker Hub) states that in order to run Vault in server mode the --cap-add option with value IPC_LOCK should be set as part of the docker run command. How is it possible to set docker run options in Waypoint?

shohei · March 24, 2022, 5:18am

I believe that’s not supported as of today.
Waypoint currently only takes a few host config as shown below:

github.com

hashicorp/waypoint/blob/v0.7.2/builtin/docker/platform.go#L470-L475

      
        
            	// Build our host configuration from the bindings, ports, and resources.
            	hostconfig := container.HostConfig{
            		Binds:        containerBinds,
            		PortBindings: portBindings,
            		Resources:    resources,
            	}

You can see all the supported HostConfig struct fields below:
https://pkg.go.dev/github.com/docker/docker@v20.10.7+incompatible/api/types/container#HostConfig

In order to support the --cap-add CLI option, CapAdd needs to be set selectively at least.
Could you submit a new issue on our GitHub repo? Issues · hashicorp/waypoint · GitHub

Thanks!

gsebast · March 31, 2022, 8:08am

Thank you for confirming what I had suspected. I will submit an issue on GitHub.

Just out of curiosity, is there a workaround for this using either Nomad, Kubernetes, or even just Traefik?