Use direct-lvm with the Device Mapper Storage Driver
An XCCDF Rule
Description
To use Docker in production with the device mapper storage driver, the Docker daemon should be configured to use direct-lvm instead of loopback device as a storage. For setting up the LVM and configuring Docker, see the Docker Device Mapper Storage Documentation.
Rationale
For using Docker in production, the device mapper storage driver with loopback devices is discouraged. The suggested way of configuring device mapper storage driver is direct-lvm. Choosing the right storage driver and backing filesystem is crucial to stability and performance.
- ID
- xccdf_org.ssgproject.content_rule_docker_storage_configured
- Severity
- Low
- Updated