I would like to run a container with --cap-add=IPC_LOCK.
According to the BlueData 3.7 release notes, IPC_LOCK is supported:
HAATHI-13547: Docker configuration now includes default IPC_LOCK capability for all deployed containers. IPC_LOCK is the feature otherwise known as memlock, required by certain customer applications. The permitted capabilities of Docker containers as expressed on the docker invocation command line when instantiating a container now includes this value explicitly.
How do I pass docker parameters such as --cap-add=XXX to my docker instances running in BlueData?
You need to modify
/opt/bluedata/common-install/bd_mgmt/releases/1/sys.config. Look forallowed_docker_capswhich already has a list of allowed capabilities. A block of comments above that tuple list all the capabilities allowed. You can choose from them. You have to change the file on all hosts and restart each bd_mgmt after updating the file.Note that all new clusters created after the change will inherit these settings.